last executing test programs: 30.267635788s ago: executing program 2 (id=5359): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r0, 0x65, 0x2, 0x0, 0x4) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) r4 = socket(0x2, 0x801, 0x6) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) setsockopt$auto(r4, 0x1, 0x12, 0x0, 0xa4) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r3, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @ipv4={'\x00', '\xff\xff', @multicast1}}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @mcast2}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x9b}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) ioctl$auto_VHOST_NET_SET_BACKEND(r1, 0x4008af30, 0x0) 29.62038808s ago: executing program 2 (id=5364): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x400, 0x1, 0x0, 0x1, 0x4) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xc99, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_ovs_vport(0xfffffffffffffffe, 0xffffffffffffffff) io_setup$auto(0x2002, 0x0) mlockall$auto(0x7) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) fcntl$getown(r0, 0x9) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) pidfd_send_signal$auto_PIDFD_SIGNAL_PROCESS_GROUP(r2, 0x10000, &(0x7f0000000280)={@siginfo_0_0={0x1, 0x0, 0x8001, @_sigsys={&(0x7f0000000300)="49b320276d344bb0009f2a0c9548962b7436e26edd8e2922a8c0c6988dc2fadafe88b27dd4f266e3dd04f95be2f03b6b5fa459fd85839686fd4a35f6393f8aa5136c8edd0b5119c04e4ead528684996ed4c51977b65be3c983b011ca39b09a6dc76d8abeb04647772690b437da834aee6368d9ae2876cc2474c6f6b3b3879cc7c5f6b38497c3d021afe238eb6154ec9653a8677ef1", 0xa, 0x3}}}, 0x4) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0) read$auto(0x3, 0x0, 0x80) r3 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x3d, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x3, &(0x7f0000000000)='Q**\x00', &(0x7f0000000040)='+$', 0x0) sysfs$auto(0x2, 0x4b, 0x0) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x3, &(0x7f0000000000)='Q**\x00', &(0x7f0000000040)='+', 0x0) write$auto(r3, 0x0, 0xc70) 20.528013969s ago: executing program 2 (id=5385): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x40, 0x0) pread64$auto(r1, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/allop_area/format\x00\x00\x00\x00\x00\x00\x0f:\xe23j\xb2\x93\x99\r\x02\xd0f\x87Wz\x1b\xc7\x9f\x0f7\xe8\x94\xac(,\x03\x03\xff\xc4*o\xcbf\xe4\x8a\x10\xf3\x7fA\x02:Y\xcf\x1b\x8e\x91%\x00\xf9\xff6\xa6\\\x80\x0f\xfa\xd4\xec\xa6\x0e\x1c,\'\\Aq\xae\x8e\x9c_ \x0f\v\xd3\xcb\xe4\"\xf2\x95\x8e\xc0q\x03;\x16\x84apq\xb4\x88o\xe2\x8c\xb2\xbf\x18z\xee\x8f\x05\x84\xdb\xcbP\xfa\xcec\xa4\xec\xd3\xa9[\x91xV\xd5g\xdf)\xfbJ\xaeNI\x13o\xb8\x98\xc9\x06yP>N\xe7\xf4e\xc2\x97\x02_\xeaV\xc9Vk\xaff\v\xc7\x7f\xdc\xd4\xca\xcf\x94\xb6\x1dK\xc0\xdd\x83w\xe0\x8dx\f\x17>\xa1\riQ\xb7\x03=1\xb7\xed\x1e&t\xffHx>\xc9\xac\x17/\x16\x92y\x87\xc6\x90\x8c\xcb\x86H5\n\xa2\xe8\x03\x92\xc3\xa9\xfb\x9eh\xec\xa9\x8d\xb80\x86\xa6\xa5\xd4I\xfe\xc6]F\xbe\xa0\xda\xa2\x13\xc6\xfb\xe6\xee\xf4Z,\x10\x10C0\x8b\xfd\xfb\xee\x93\x125\xfe\xc4z\"\xc6=Z\xacM\x14\x8f?w\x88S;eNL\xcd.(\xccT\xfaI\a\x1c\xb5\x8d\xf8\xccd\x1f\x1b\xb48\xb1\xbc\xfb\x13f\xa5\xd2\xfb\x17\xff\xe8\xd9\b3\x95\xa7\x85\xb1\x98\xd0\xcf\xbf=\xf7\xd0q1\b\xd2|\xc1B\xcc#5', 0x100000001, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004080}, 0x20040894) r2 = eventfd$auto(0x3007c) readv$auto(r2, &(0x7f0000000380)={0x0, 0x8}, 0x8) read$auto(r2, 0x0, 0xcc9c) write$auto(r2, 0x0, 0x8) ioctl$auto_USBDEVFS_GETDRIVER(r2, 0x41045508, &(0x7f0000000000)={0x0, "4ed84a38acaefa5d493feec994d2f40569ee2e235ad58b1a51d0282371cd680135fbab77fdf4b09e9b444038d841de12ce428ad580f91618b8327701a4fecb6acc5642bc69e0c68d771cd84505cfdb98825859e8aa518ab95aadf1ad80cfa33068dd7a029ab811d4f1689a03f6b8d473ee8ed4de8c22e128320ad211b203c8027111c46a233b88ec2f1bf2c05840d51e75db543b589d7d5d0a43033f06019d994716943ec47e583cac8b55ff04128df825a636d278469ffbbb94ae873051359fc0ff2a5b92e365c4f2bfe5af8b75cb28fe0054104d92aae7eba3147f9b9b76bea96d9ce0d91b6812e669c6c950377e488d23a262a5933a686ead34c29fd23eb8"}) madvise$auto(0x0, 0xffffffffffff0005, 0x2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vivid.0/cec11/power/control\x00', 0x182b42, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8000, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs1\x00', 0x1c8942, 0x0) io_uring_setup$auto(0x6, 0x0) r4 = socket(0x2, 0x801, 0x106) setsockopt$auto(r4, 0x6, 0x19, 0x0, 0x9) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000b00), 0x40042, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) select$auto(0x9, 0x0, 0x0, &(0x7f00000001c0)={[0x1aa57c94, 0x95, 0x5, 0x100000003, 0x8475, 0x2, 0x1, 0x9, 0x7c5f4bbc, 0x2, 0x8, 0x6, 0x200, 0x7]}, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) 18.896244489s ago: executing program 2 (id=5390): socket$nl_generic(0x10, 0x3, 0x10) r0 = io_uring_setup$auto(0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r1) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c006d0200000000000000445bdcb9e54e1747c0ea75961096463a5dce1ae12c3a67dca3c081562a1acb44805310cdfcdf04f488918ad171ef91bb4deedba3d4810910c894620a", @ANYRES16=r2, @ANYBLOB="010028bd7000fbdbdf2527000000180001801400020076657468315f766972745f7769666900"], 0x2c}, 0x1, 0x0, 0x0, 0x885}, 0x8008040) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/gspca_m5602/parameters/dump_bridge\x00', 0x100, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) fcntl$auto(r5, 0x400, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x4) ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x8200) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/user/max_fanotify_groups\x00', 0x202, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC1D0p\x00', 0x6100, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r6, 0x20000004, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) 18.119986395s ago: executing program 2 (id=5393): r0 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/trace\x00', 0x82000, 0x0) read$auto_tracing_fops_trace(r0, &(0x7f0000000580)=""/4096, 0x1000) r1 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1000, 0x0) ioctl$auto_VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f00000000c0)={0xfd, r1}) mmap$auto(0xfffffffffffffffd, 0x9, 0xf3fc, 0x13, r2, 0xfffffffffffbfd28) socket(0x2, 0x80002, 0x73) set_mempolicy$auto(0x6, 0x0, 0x21) set_mempolicy$auto(0x9, &(0x7f0000000180)=0x5, 0x7) socket(0xa, 0x5, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, 0x0, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x109401, 0x0) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) mmap$auto(0x8, 0x2020009, 0x100000000000003, 0xeb2, 0xfffffffffffffffb, 0x100000001) sysfs$auto(0x2, 0x2, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 16.344096794s ago: executing program 2 (id=5398): write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x88, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x10000052, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000003c0)='/proc/self/net/Oev_snmpf\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev3\x00', 0x16ba00, 0x0) r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r4, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) read$auto(r0, &(0x7f0000000000)='\x00', 0x91e2) close_range$auto(0x2, 0x8, 0x0) 6.298834083s ago: executing program 0 (id=5420): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendto$auto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) sendmsg$auto_NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="01c62952230f7945d8775db9f471fa248204780a7eaeafd68919b6f06dcdfb73396b26f58dbe77c868809b291ff4597e1dc870ecbd249ed381200d72f0063733642206c2be3fcf9b4e2800f0de38da055665615862df0eb02260a6b9844370819e4f22600b90f2782ca3976dcf99049d4719c6b83174fe8c7fba45abcf2a8540ff3462ef4cee08b4b9d1bd5559e117eb4ef0bfdcd891494502ff1e234cb4a892a2f2851f07fb93eb7d606a30a32e48a3eeed4f10f32517ccaf913e55714b24915d08893596d783949384e8684af843308fdecb63711271f6c1a02ff68e14647b637dbc245690a74586000000000000", @ANYRES16=0x0, @ANYBLOB="040028bd7000fedbdf255400000008009e0003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x2c810) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r1, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x80143, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(r1, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(r2, 0x1, 0xffffffffffffffff) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev3\x00', 0x16ba00, 0x0) ioctl$auto(r3, 0x80885659, r3) r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r4, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) read$auto(r0, &(0x7f0000000000)='\x00', 0x91e2) close_range$auto(0x2, 0x8, 0x0) 5.75026654s ago: executing program 3 (id=5422): mmap$auto(0x800000, 0x17b7, 0xfffffffffffffffa, 0x15, 0xfffffffffffffffa, 0x405476c520) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x24040, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x40081271, 0x38) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(0xffffffffffffffff, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x18) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) shmctl$auto_IPC_SET(0xc, 0x1, &(0x7f0000000300)={{0xffffffff, 0xffffffffffffffff, 0xee01, 0x1000, 0xae, 0x9, 0x6}, 0x1, 0x7, 0x2, 0x280, @raw, @raw=0x5, 0x3, 0x0, &(0x7f0000000140)="4666def67af41b4f051e39fd6511fd6cfab11faa93fdd757f3a42ab52c0db46c7c57737a54cb9ad1fccd9f47e3400debebecee8c4b3ab4b0ecd15cb89799d7a8a423d738e2914ff98f43b494873650cfa841ca9b379cdbceb067f222f9852e4e248e519e6e2d25bc83b3fb9ec16cbc5fe503b9662d19861c9bb377749418140efde7024c7215d323a6c79c5be94bc04ed0d9afbb9c9574ff829522a54b91ef7bcef85e226564639c87b944203a6814a00eea8134d42bc137511ab276827b7ee17d85c2722c34b6d9cd3c095bd1094df859fd44defb05f086d48e42b8cfe4f20b057126cfb78738004716a5e21149cc372c89149624db4102", &(0x7f0000000240)="41b431f15aa64d11716c2908cc9f948827ddb702f4ae4ad578a4d9e2fa81507ca870d066e25696b0b2ac35abb53a8fc6e9df9fdbbc11fe705ab85e88111e5684e28f8599bc486b93eea020ee76a340a548c82e805e2d182d741e51d53c799f7bb722a591e8ac4c48f3317ac8926b8bfb8d1f"}) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nullb0/queue/virt_boundary_mask\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000003c0)=""/251, 0xfb) socket(0xb, 0xa, 0xd9) close_range$auto(0x2, 0x8, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x2183, 0x0) socket(0x2, 0x80002, 0x73) r4 = socket(0xa, 0x1, 0x84) bind$auto(r4, &(0x7f0000000100)=@in={0x2, 0x3, @local}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) epoll_ctl$auto_EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000000c0)={0x4, 0x3}) write$auto(0x3, 0x0, 0xfdef) 5.145946487s ago: executing program 1 (id=5423): socket$nl_generic(0x10, 0x3, 0x10) r0 = io_uring_setup$auto(0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r1) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c006d0200000000000000445bdcb9e54e1747c0ea75961096463a5dce1ae12c3a67dca3c081562a1acb44805310cdfcdf04f488918ad171ef91bb4deedba3d4810910c894620a", @ANYRES16=r2, @ANYBLOB="010028bd7000fbdbdf2527000000180001801400020076657468315f766972745f7769666900"], 0x2c}, 0x1, 0x0, 0x0, 0x885}, 0x8008040) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/gspca_m5602/parameters/dump_bridge\x00', 0x100, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) fcntl$auto(r5, 0x400, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x4) ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x8200) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/user/max_fanotify_groups\x00', 0x202, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC1D0p\x00', 0x6100, 0x0) fsopen$auto(0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) 5.064123378s ago: executing program 0 (id=5424): sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) socket(0x2c, 0x3, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/038/001\x00', 0x40001, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000040)={0xa0, 0x6, 0x5, 0xd102, 0x5, 0x80000, 0x0}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x203, 0x4, 0x6, @_rt={0xffffffffffffffff, 0x0, @sival_ptr=0x0}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0xf3}, {0x2, 0x4}, 0x8000000000000000, 0xa, 0x8, 0x9, 0xb871, 0x6, 0xa000, 0xffffffffffffffff, 0x3, 0xf8c5, 0x1000, 0x81, 0x9, 0xd}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x2000e, 0x9, 0x4, 0x100000006, 0x1000000001ff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x3480a0, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram0\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) connect$auto(0x3, &(0x7f0000000040)=@vsock={0x28, 0x0, 0x2710, @local}, 0x55) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 4.411065285s ago: executing program 3 (id=5425): ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) setfsuid$auto(0x0) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) process_madvise$auto_MADV_GUARD_REMOVE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x6}, 0x3, 0x67, 0x9) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) r2 = getpid() r3 = gettid() rt_tgsigqueueinfo$auto(r2, r3, 0x21, 0x0) getpriority$auto_PRIO_PGRP(0x1, r3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x1e, 0x4, 0x0) r5 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14) ioctl$auto(r4, 0x2, 0x4) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) close_range$auto(r1, 0x8, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/usbmon8\x00', 0x121200, 0x0) r6 = openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0xc8882, 0x0) pread64$auto(r6, &(0x7f0000000000)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x80000001, 0x8) 4.366778681s ago: executing program 1 (id=5426): sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) socket(0x3, 0x2, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/038/001\x00', 0x40001, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000040)={0xa0, 0x6, 0x5, 0xd102, 0x5, 0x80000, 0x0}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@_si_pad}, 0x4, &(0x7f0000000300)={{0xda0000000000200, 0x10}, {0x2, 0x3}, 0x8000000000000000, 0x9, 0x8, 0x9, 0xb871, 0x6, 0xa000, 0xffffffffffffffff, 0x0, 0x2, 0x1000, 0x81, 0x9, 0xd}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x2000e, 0x9, 0x4, 0x100000006, 0x1000000001ff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r2 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1c\x00', 0x40001, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_REWIND2(r2, 0x40084146, &(0x7f0000000040)=0x80000001) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x3480a0, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram0\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) 4.127921536s ago: executing program 3 (id=5427): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x1, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x10002}, 0x1) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0xa, 0x801, 0x106) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28adc1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(0xffffffffffffffff, 0x0, 0x40) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) fcntl$auto(0x8000000000000001, 0x26, 0x8) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) fcntl$auto(0x8000000000000001, 0x26, 0x8) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket(0x2, 0x2, 0x1) sendto$auto(0x3, 0x0, 0x8, 0xf950, 0x0, 0x1e) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/irq/2/smp_affinity_list\x00', 0x749842, 0x0) 3.504686662s ago: executing program 3 (id=5428): socket(0x2, 0x2, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd10\x00', 0x480, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x34, 0x400000000065f, 0x1ffde, 0x40007, 0x40000000007f, 0x20000005, 0x9, 0x3, 0x6, 0x400000004, 0xb4, 0x4, 0x6, 0x2, 0x1, 0xfff, 0xfffffff7, 0x7, 0x1fff, 0x203, 0x838b, 0x84, 0x2, 0x0, 0x5, 0x0, 0x10, [0x0, 0x0, 0x0, 0x40000000000, 0x1, 0x40, 0x0, 0x0, 0x400, 0x0, 0x0, 0x401, 0xffffffffffffffff, 0x0, 0x7, 0x0, 0x81, 0x9e, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x251, 0x3, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffff7cc, 0x0, 0x400000000000002, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8, 0xfffffffffffff96b]}, 0x1fe, 0x8) personality$auto(0xfffff032) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x80, 0x4, 0xe4b8, 0x19, 0x4, 0x18) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8e40, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0) socket(0x1d, 0x1, 0x7fff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) r4 = socket(0x18, 0x5, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r5, 0x5403, 0x0) connect$auto(r4, 0x0, 0x3a) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r4, 0x0, 0x30004850) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtdblock0\x00', 0x20200, 0x0) 3.359906464s ago: executing program 1 (id=5429): r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x7, 0x3, 0xeb1, 0x400, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mtd/mtd0/subpagesize\x00', 0xa080, 0x0) read$auto(r3, 0x0, 0xe8) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2062, 0x0) ioctl$auto(r2, 0x4b52, 0x1) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYRESOCT=r4, @ANYRESOCT=r1, @ANYRES32, @ANYRESHEX=0x0, @ANYRESOCT=r0, @ANYRES32=r3, @ANYRES32=r2, @ANYRES8], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x4004040) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0xd}, 0x2}, 0x3, 0x0) socket(0x2, 0x3, 0x1) r5 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x3, 0x1) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x7, 0x12, r5, 0x80e) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r6 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8300, 0x0) ioctl$auto_RTC_PIE_ON(r6, 0x7005, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r7 = socket(0x10, 0x2, 0x0) recvmmsg$auto(r7, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/ati_remote2/parameters/mode_mask\x00', 0x80401, 0x0) write$auto(r8, 0x0, 0x800f) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2, 0x1, 0x106) bind$auto(0x3, 0x0, 0x6a) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 3.339616779s ago: executing program 0 (id=5430): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x402000b, 0x800000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) (async) read$auto(r0, 0x0, 0x20) r1 = mq_open$auto(0x0, 0x83, 0x2b, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) getpid() (async) r3 = getpid() getsid$auto(r3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) open(0x0, 0x1e7d43, 0xa6) (async) r6 = open(0x0, 0x1e7d43, 0xa6) r7 = socket(0xa, 0x2, 0x88) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'dummy0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r9, r8, 0x4, 0x202, r7, @relative_fd=r6, 0xe5fd}, 0xf) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'pimreg0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00'}) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'syzkaller0\x00', 0x0}) socket(0x29, 0x5, 0x88) (async) socket(0x29, 0x5, 0x88) r13 = socket$nl_generic(0x10, 0x3, 0x10) r14 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bpf$auto(0x5, &(0x7f00000000c0)=@prog_bind_map={r14, r6, 0x7f}, 0x8) (async) bpf$auto(0x5, &(0x7f00000000c0)=@prog_bind_map={r14, r6, 0x7f}, 0x8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'vlan0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_NAPI_GET2(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="040026bd7000fedbdf250b00000008000100", @ANYRES8=0x0, @ANYRES64=r7, @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=r10, @ANYBLOB="08000100", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r12, @ANYBLOB="8000", @ANYRES32=r15, @ANYBLOB="08000100", @ANYRES32=r16, @ANYBLOB], 0x4c}}, 0xc010) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) 3.038830174s ago: executing program 0 (id=5431): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) r1 = socket(0x25, 0x1, 0x0) sendto$auto(r1, 0x0, 0x0, 0x0, 0x0, 0x3) r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) sendmsg$auto_NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="01c62952230f7945d8775db9f471fa248204780a7eaeafd68919b6f06dcdfb73396b26f58dbe77c868809b291ff4597e1dc870ecbd249ed381200d72f0063733642206c2be3fcf9b4e2800f0de38da055665615862df0eb02260a6b9844370819e4f22600b90f2782ca3976dcf99049d4719c6b83174fe8c7fba45abcf2a8540ff3462ef4cee08b4b9d1bd5559e117eb4ef0bfdcd891494502ff1e234cb4a892a2f2851f07fb93eb7d606a30a32e48a3eeed4f10f32517ccaf913e55714b24915d08893596d783949384e8684af843308fdecb63711271f6c1a02ff68e14647b637dbc245690a74586000000000000", @ANYRES16=0x0, @ANYBLOB="040028bd7000fedbdf255400000008009e0003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x2c810) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r2, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x80143, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(r2, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0xffffffffffffffff, 0x80885659, 0xffffffffffffffff) r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r4, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) read$auto(r0, &(0x7f0000000000)='\x00', 0x91e2) close_range$auto(0x2, 0x8, 0x0) 2.114834993s ago: executing program 1 (id=5432): mmap$auto(0xfffffffffffffbc3, 0x6, 0xdb, 0xcf1, 0xffffffffffffffff, 0x8000) r0 = socket(0x9, 0x5, 0x1) r1 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000080), r0) sendmsg$auto_IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000200)={0x68, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@IEEE802154_ATTR_COORD_REALIGN={0x5, 0x1b, 0x4}, @IEEE802154_ATTR_DEST_PAN_ID={0x6, 0x10, 0xffff}, @IEEE802154_ATTR_COORD_PAN_ID={0x6}, @IEEE802154_ATTR_PAN_COORD={0x5, 0x19, 0x3}, @IEEE802154_ATTR_BCN_ORD={0x5, 0x17, 0x23}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0x8}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xa8}, @IEEE802154_ATTR_DURATION={0x5, 0x15, 0xe6}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "871f0c3290d28ecd5561b5c07cd8b5f7"}]}, 0x68}, 0x1, 0x0, 0x0, 0x4}, 0x1) prctl$auto(0x41, 0x0, 0x0, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x20) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x80000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) semtimedop$auto(0x0, 0x0, 0x1f4, 0x0) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0x36ec}, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) 1.64784265s ago: executing program 1 (id=5433): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) r1 = socket(0x25, 0x1, 0x0) sendto$auto(r1, 0x0, 0x0, 0x0, 0x0, 0x3) r2 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) sendmsg$auto_NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="01c62952230f7945d8775db9f471fa248204780a7eaeafd68919b6f06dcdfb73396b26f58dbe77c868809b291ff4597e1dc870ecbd249ed381200d72f0063733642206c2be3fcf9b4e2800f0de38da055665615862df0eb02260a6b9844370819e4f22600b90f2782ca3976dcf99049d4719c6b83174fe8c7fba45abcf2a8540ff3462ef4cee08b4b9d1bd5559e117eb4ef0bfdcd891494502ff1e234cb4a892a2f2851f07fb93eb7d606a30a32e48a3eeed4f10f32517ccaf913e55714b24915d08893596d783949384e8684af843308fdecb63711271f6c1a02ff68e14647b637dbc245690a74586000000000000", @ANYRES16=0x0, @ANYBLOB="040028bd7000fedbdf255400000008009e0003000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x2c810) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r2, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x80143, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(r2, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev3\x00', 0x16ba00, 0x0) ioctl$auto(r4, 0x80885659, r4) r5 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r5, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) read$auto(r0, &(0x7f0000000000)='\x00', 0x91e2) close_range$auto(0x2, 0x8, 0x0) 1.587075483s ago: executing program 0 (id=5434): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 32) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) (rerun: 32) read$auto(r1, 0x0, 0x7) (async, rerun: 32) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (rerun: 32) writev$auto(r2, &(0x7f0000000200)={0x0, 0x9}, 0x5) (async) mincore$auto(0x1ff, 0x2, 0x0) r3 = socket(0x10, 0x2, 0xc) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r5) sendmsg$auto_NL80211_CMD_GET_WIPHY(r5, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r6, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) sendmsg$auto_NL80211_CMD_SET_HW_TIMESTAMP(r0, &(0x7f00000006c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000680)={&(0x7f0000000d00)={0x938, r6, 0x102, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_VHT_CAPABILITY={0xcc, 0x9d, "998cf552439ac2becce77bf1537c99f03ebea9519b0163b226cc3cd0467a35ad431c6ac9e862b7e4cd9060df2b6888f03f5817f365e0e967d612c4c8b0690050093b711610bb859eeca0b9b2ead9308e1441cbb5b8d2f217e816665bda0c42ce05ed1d4b80b7d37a24abd5d789f690876e9531c9d10c8b70d3f09b92d468ac5efc37f7cce91980bcf20cda23f599651699de9ad7ebb48c7c67979d96f11c197d07df5d7742163cc10d6df7c6460cc7a7173de85e07a4e838731a46da23928cf670608dddf73104e0"}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x4e21}, @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x8}, @NL80211_ATTR_SCHED_SCAN_MATCH={0xc, 0x84, 0x0, 0x1, [@typed={0x8, 0xc9, 0x0, 0x0, @fd=r1}]}, @NL80211_ATTR_WIPHY_NAME={0xa, 0x2, 'wlan0\x00'}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_IE_PROBE_RESP={0x829, 0x7f, "5510407248c222c1821b8ab0dd22dc4c77f356186cdd0cbb17e1e2a7ae187a2f6f641be2e4357e0aceed309edc5841930e49f80e91b7a76583318cc69c7984d3c8c76110f3d70eab1913098a3663d39392829dad078090a9fb42a547925bcd0242db7173c0ae9c551c88f5b2c6a1abee267842d4378fb9ce0ed5d92e0a1696cc9fc3fc06a6b3d24c48f17e0311d99530b44a33780d1b38c4c70cd63446e5ab7a4dcb8108807a10465496259a95ebab90cf70f37841b8a78f6e6f0e257aa6cb8dbaed1b2b2d0d3296ba0547045d1422b46279b2443c8fed92054f1528f4c7e9f983b12d2f4b2900df858a7710b151409c4c25e648f3e212f17b370102c67d2b5757aee61c7bfaf7a28b215487419bdbd7213af5ab14dbaf86e11a5f7fa1e94aec8b5e4090db31d3b5d8ca37a41939fb7c7b1273d5a2628ca614c17be32a470b566d46bc67f2b4b9f9d9f6002ef25eb0a0a2ee7a64b695c5327232dca2162cb6172d54406a958372e3259433e4053cad6804a58e973ffc7ee2cf523639cf306a9451dd5d0f64976fe53697c618872209fcad882bd3196b7c82b54842873e82efa6eb3ae92018c7ce239ef79aea76129a634c40e26a1fe7d5ea5397652b87b2362c47a2ea1824178f3186fef77cbaab709d99465eee1cc89f06ff6763433c54e10ccde336a55117b3e32c6b65ae078f9ed5ae0f2e95c7e9bff2fc9f087ef00ec882b289e7f3b5eaa859fd43de1840aedb32fb3fe75936c2d51a341817c4e8cf78d208261bce68168c60f416c2018c0a10d5f7a64588b0263cfcc67e7ee9eff5495db106ed05de051fc1ed115e71bef431bcd0ed3792803c7a9bbd9510d72019da05b0e260c227d957484efce2bac4f3792e0b836cad48a23f89c4073be1fd7f6b1dcc1f8872cdbd074dd0fff0139111c479dd49ebefc60cfcf217c25e62920bf5d1c40e991eaa27169696bed379eb1116812989e8f0a1a970c966443e2d464415dd3fbeb3a319bb3cf27348492bcc33a15da48a7721a7dee59e065f2d019251780f60964c04a2ee14e8f87d6a751dd1859556005b44c08adc7aef029fab93b209eca03017ae0fd82f1489213a9e6a9b9e98f2a60229ab5d7a17c90c6859bf0b3c9520176a1567695890207c1d75d90b83db4cbb6b575e56a991af093eb7c97604938724d591b2b106c2873e8e2f3a2f919682984fe0e7f1f69bf8ee1424eee94c886ab609b38c77df05bd111c5173fbf1fc40a68e749ed6603962ad7c83a40fdf058c4c1447de1b571754fcac551bf8fce72f40f42bd45a641b0f4be31a5a9d6732c099b0dea37f06d6e918f150c142ac98bf3e7350b4705a89c87361eaa6a22943d56af47d74138c965e99294469f3ac1982cd56f39f989d0b44aa81185c37c7f23b0299dcb916c41b36cd78b4239c4d25988c6966701f71ca313a05a8f80c7870d04021740c8fae7a728aed16be2e16562c839a3696e5c382abee4cc151a0c8e63bdcbe26403b8e0016c08923042fa8d5db7f0686de076f57f784c059c9ba1750bf8360bd6e113ad5fd14b84646684bb3a2b5ba9d7a71a3026290bd7f3e03b2441f6a8c05cb904af4dfd70755d3c91c48c7521040756192141ed5d50421eccefa235b75f68a2b37544f25ae098eb4e4d6abd1d5c46d1a181e95d2e59b4a6556aded1d45d330f41c512d6dbca20f8b59381ff82c311b1e1ac36bf9f0126a9c485d7a1f019b2a0cb8a886aa2d26dd1fd035c741173c20b39d519d9a7b26c3d51179390b4023b1a7e56d0b34bd132a20b1a53b27f15fe8b609dbde94300ac0196d123332ab148d86b5088904b3f0ba0e8ea1fab830c21d7d5914bfb0b7335ad30b5614e026b3f2d2d836cbf51919f4f2fe6c70b2fd660525da955f43c11c747c3f096c2884a975f3ef67d561f9dd2b4e506e511bc721474a8b2ad79cc04cf94f54ece3ba64c975a9852c249c2e271bdd9ca4ea2193386245a714014830c6600f5f3d5f326777a9cef2b3913b4aae0fa4c71ab58fb3d34d33bce65e8ddd787f92476bfb8162877574dd9f5c240220cbdcfbd9463dfd2dc4278f14404292ab8c5c14c4ee28abb9a9fa23d7d4884b630e5b99880309939f728a451b55022ed135bd255d81dc89f55778caf24d49ef961fc0bc41ba2d36157d15c2f4b9ef4f18b19152713fec0595dfee8cf2f3d0e4f14c6cb12d50a7825f84e80f7d7ceaee5993e452630bee36a4d5aa13b7aee8f5212707ec8e236bd3c64b8fde1ce14d0e7550bce4396f0a8eb77dc9411062d8f8e5b8c2a2d896d58ef4c8e7be20a2da0af2eaa3bf20ae728fd3b1f5c5fdb4c5b37e7a0fa681707df1faaf382c311b715e7fc8e3c3d781a948d374f145bdd48b6b35f609e53bbc66b9467e1926e9375194136927f5879d164c22e48709bafb16d423e0cb46ea21b51edcf819763f2f19a440247d201b43d242c9bd0f1c6eec47976574a8a4db17fe69211b3b0f42acaa8d6c4fdc55bce478001ecaa9df9441040cbc861a94d02e57a0f710709660c533e53afb756daa5e000167099966f06276915fa30bca71696b1e21b3fab1f8ece3e34f8e95ca2c4c5142ac6b3d909528aa11cc79641919a5222b565873fbb052290eb9f639812599648f846d31fdea519f61389502612061606a776d86a520a593e2b9ff26d4d60a41ea1c7a7ef0472556cbc5007844b9d8df34ad500a0a84ae6cf90e528666bb619730e3cc876ff827348a5272c650348a7f0f4ef94e87a50196a7dfb235135164410f2f396d81fb4b312fbf62b99647a26538936d70b1e157bb62cd7335b729a4857f93867e469adc5d40bf1dc0220b3dd60aa50e65231db71d0ef875d4e6040e7f7612f00defa07df7599d1017f70b4c974b4d52878f3d221e7c8c4fcd85905291de166bee0ff384c753b116f74eb3e75c2dc68e99aea632f4211dbbb8d0b89a1524c71b"}]}, 0x938}, 0x1, 0x0, 0x0, 0x880}, 0x4000000) (async) r7 = getpid() process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0x1002}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x401}, 0x6, 0x0) (async) r8 = socket$nl_generic(0x10, 0x3, 0x10) (async) r9 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000700), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_CONFIG(r8, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x1c, r9, 0x1, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffff7fff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000000}, 0x20040804) r10 = prctl$auto_PR_SCHED_CORE_SHARE_TO(0x7, 0x2, r7, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dvmrp0\x00', 0x0}) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'veth1_to_bond\x00', 0x0}) (async) r13 = socket$nl_generic(0x10, 0x3, 0x10) r14 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r13, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r14, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}]}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5, 0x19, 0x1}, @ETHTOOL_A_COALESCE_TX_USECS={0x8, 0x6, 0x9}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x800) (async, rerun: 32) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wg1\x00', 0x0}) (rerun: 32) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000240)={0x24c, r4, 0x2, 0x70bd2b, 0x25dfdbfb, {}, [@ETHTOOL_A_WOL_MODES={0x151, 0x2, 0x0, 0x1, [@typed={0x8, 0xe3, 0x0, 0x0, @str=',[\\\x00'}, @nested={0x8, 0x5f, 0x0, 0x1, [@typed={0x4, 0x8b}]}, @typed={0x8, 0xb2, 0x0, 0x0, @pid=r7}, @generic="4d567aca7d396d4115b0c631b468986b10c748261c9b18f1bfdf2694de10416b3e94f3d69d6fb9e6c3b08b622a290b9de5f216d4dd40a95c463029453c754cf159c696aa39f8e35c0b97cc37193e53329921b14dcf953fbaab646e8559b9e5182ac1c4ca1ae610415718e658031c53166c083eb4d986bb4a1e5ec974191f2e0206c521ea3c25d9c5fa4b5f7b6b15022bd79aa112d3429553dc5ee41313c27ed0fd7ae5362bdc313092568dc1f23915ee8da4", @generic="84f218538aad3f3bc6f2b67a586bff9f58ca11ef3934982e3e192fee730ec0bbbcb6fefa3f7b313fe6e328de735e51d25ff22ca9d1c9f945a28c07ff76c79b1d264a68bcb022372cdf5a2ad7b373dd1908dcf7097494f80ecf8de16c0faca30cbf842347f6a1277fc02c05743702568390866e98d8635f29499abc3c2e8695e8835bc0"]}, @ETHTOOL_A_WOL_SOPASS={0x8, 0x3, "ebfa3730"}, @ETHTOOL_A_WOL_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}]}, @ETHTOOL_A_WOL_HEADER={0x90, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1ff}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r16}]}]}, 0x24c}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000) (async) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) (async) ioctl$auto_USBDEVFS_SUBMITURB(r10, 0x8038550a, &(0x7f00000005c0)={0xfa, 0x2, 0x3, 0x7fffffff, &(0x7f0000000540)="1636726c5d1722fea2d638006a419880403028f1a87ca2d9673d9aa02f6b30d3e064839ba1a23e06531052539e5a48b1e951", 0x228, 0x63, 0x1, @number_of_packets=0x3, 0x5, 0x7fff, &(0x7f0000000580)="5f4862b384f237997213061394d8d891f0d8ccc7989a3788180fffb44bb82a00471f723462eb201c0958e8bfe3ced2ae", [{0x9, 0x1, 0x81}, {0x2, 0xc, 0x8}, {0x8000, 0x7, 0x8}]}) 1.489316847s ago: executing program 3 (id=5435): write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x88, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x10000052, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x9, 0x4, 'nfsd\x00'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x30}}, 0x4000) timer_create$auto(0x0, 0x0, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) mmap$auto(0x6, 0x4, 0x4000000000dd, 0x40eb1, r2, 0x300000000000) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000020c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MM_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010328bd7000ffdbdf252a010000"], 0x14}, 0x1, 0x0, 0x0, 0x44808}, 0x2004c894) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ppoll$auto(&(0x7f0000000000)={r5, 0x40}, 0x2, 0x0, 0x0, 0x8) read$auto_nsim_dev_trap_fa_cookie_fops_dev(r6, &(0x7f0000000200)=""/238, 0xee) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x80a02, 0x0) readv$auto(0x3, 0x0, 0x1) write$auto(0xffffffffffffffff, 0x0, 0x881) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mlock$auto(0xfbea, 0x7fffffffffffffff) 1.204130125s ago: executing program 32 (id=5398): write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x88, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x10000052, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000003c0)='/proc/self/net/Oev_snmp0xffffffffffffffff, 0x0, @sival_ptr=0x0}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0xf3}, {0x2, 0x4}, 0x8000000000000000, 0xa, 0x8, 0x9, 0xb871, 0x6, 0xa000, 0xffffffffffffffff, 0x3, 0xf8c5, 0x1000, 0x81, 0x9, 0xd}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x2000e, 0x5, r2, 0x100000005, 0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_TDLS_MGMT(r1, &(0x7f0000000480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, r4, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_HIDDEN_SSID={0x8, 0x7e, 0x9}, @NL80211_ATTR_SUPPORTED_SELECTORS={0x38, 0x14e, "9fdad3b78aefc63a00ec872049fa9711024a9b1d8ea4b12c62ea0086805900076bd5a0ae8c6de856b450f969273dac6cb40307ec"}, @NL80211_ATTR_TIMEOUT={0x8, 0x110, 0x10000}]}, 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) r7 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)={0x34, r7, 0x1, 0x70bd2c, 0x25dfdbfa, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_BLA_CRC={0x6, 0x22, 0x9}]}, 0x34}, 0x1, 0x0, 0x0, 0x4004014}, 0x140000e4) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x3480a0, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram0\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 0s ago: executing program 0 (id=5438): mmap$auto(0x0, 0x6, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000000, 0x0, 0x1, 0x0, 0x10000000000000, 0x2}, 0x895}, 0x3, 0x0) sendmsg$auto_L2TP_CMD_SESSION_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1018}, 0x1, 0x0, 0x0, 0xefb7e034ab6a1498}, 0x24000084) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x10ffffffff}, 0x6, 0x0) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000180), 0x8c00, 0x0) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x7, 0x6, 0x1f2, 0x9, 0xe8, 0x400000000ff, 0xa, 0x4, 0xaab, 0x5, 0x7]}, 0x0, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) get_robust_list$auto(r0, &(0x7f00000003c0)=&(0x7f0000000380)={{&(0x7f0000000200)={&(0x7f0000000180)}}, 0x7, &(0x7f0000000340)={&(0x7f0000000300)={&(0x7f0000000240)}}}, &(0x7f0000000400)=0x3) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000080), 0x6b) listen$auto(0x3, 0x81) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000980), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'xfrm0\x00', 0x0}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) socket(0xf, 0x3, 0x2) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/snd/midiC2D0\x00', 0x10002, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000026d00)='/dev/dri/card0\x00', 0x2000, 0x0) select$auto(0x6, 0x0, 0x0, 0x0, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0x11, 0x80003, 0x300) select$auto(0xf, 0x0, 0x0, &(0x7f0000000100)={[0x100, 0x7, 0x7fff, 0x1, 0x80000948b, 0x5, 0x8, 0x400000006, 0x100000000003, 0xc, 0x9, 0xfffffffffffffffd, 0x6, 0x400005, 0x5]}, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000440)=ANY=[@ANYBLOB="200000005e2c5edf5b8127f26987a0abeaef0bf09d106d78addbfc0d4eb678b205a03b3dda74e74b86cb4e795abdf9665b95a8ef3936898c45d9dbd260c1c58b961a22124f5efcd4bd44774b481bf3", @ANYRES16=r2, @ANYBLOB="01002dbd7000fbdbdf251a0000000c00018008000100", @ANYRES32=r3, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x40000) kernel console output (not intermixed with test programs): 5/0x6e0 [ 1803.583044][T29851] ? __kernfs_new_node+0xd2/0x8e0 [ 1803.583093][T29851] ? __kernfs_new_node+0xd2/0x8e0 [ 1803.583135][T29851] __kernfs_new_node+0xd2/0x8e0 [ 1803.583183][T29851] ? __pfx___kernfs_new_node+0x10/0x10 [ 1803.583236][T29851] ? find_held_lock+0x2b/0x80 [ 1803.583273][T29851] ? kernfs_root+0xee/0x2a0 [ 1803.583324][T29851] kernfs_new_node+0x13c/0x1e0 [ 1803.583379][T29851] kernfs_create_dir_ns+0x4c/0x1a0 [ 1803.583454][T29851] sysfs_create_dir_ns+0x13a/0x2b0 [ 1803.583508][T29851] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1803.583551][T29851] ? find_held_lock+0x2b/0x80 [ 1803.583593][T29851] ? class_dir_child_ns_type+0xd/0x60 [ 1803.583648][T29851] kobject_add_internal+0x2c4/0x9b0 [ 1803.583702][T29851] kobject_add+0x16e/0x240 [ 1803.583746][T29851] ? __pfx_kobject_add+0x10/0x10 [ 1803.583796][T29851] ? get_device_parent+0x1c5/0x4e0 [ 1803.583844][T29851] ? kobject_put+0xab/0x5a0 [ 1803.583898][T29851] device_add+0x288/0x1aa0 [ 1803.583949][T29851] ? __pfx_dev_set_name+0x10/0x10 [ 1803.583983][T29851] ? __pfx_device_add+0x10/0x10 [ 1803.584029][T29851] ? __pfx___might_resched+0x10/0x10 [ 1803.584061][T29851] ? lockdep_hardirqs_on+0x7c/0x110 [ 1803.584116][T29851] __add_disk+0x457/0xf00 [ 1803.584166][T29851] add_disk_fwnode+0x13f/0x5d0 [ 1803.584216][T29851] loop_add+0x903/0xb70 [ 1803.584252][T29851] ? __pfx_loop_add+0x10/0x10 [ 1803.584317][T29851] ? find_held_lock+0x2b/0x80 [ 1803.584357][T29851] loop_control_ioctl+0x13e/0x630 [ 1803.584395][T29851] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1803.584437][T29851] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1803.584475][T29851] __x64_sys_ioctl+0x18e/0x210 [ 1803.584538][T29851] do_syscall_64+0xcd/0xfa0 [ 1803.584585][T29851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1803.584617][T29851] RIP: 0033:0x7f9f27d8f7c9 [ 1803.584645][T29851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1803.584678][T29851] RSP: 002b:00007f9f28c82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1803.584709][T29851] RAX: ffffffffffffffda RBX: 00007f9f27fe5fa0 RCX: 00007f9f27d8f7c9 [ 1803.584730][T29851] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 1803.584751][T29851] RBP: 00007f9f27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1803.584771][T29851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1803.584790][T29851] R13: 00007f9f27fe6038 R14: 00007f9f27fe5fa0 R15: 00007ffc648927b8 [ 1803.584835][T29851] [ 1803.584873][T29851] kobject: kobject_add_internal failed for loop32 (error: -12 parent: block) [ 1805.829908][T29879] FAULT_INJECTION: forcing a failure. [ 1805.829908][T29879] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1805.866870][T29879] CPU: 0 UID: 0 PID: 29879 Comm: syz.3.5103 Not tainted syzkaller #0 PREEMPT(full) [ 1805.866913][T29879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1805.866934][T29879] Call Trace: [ 1805.866945][T29879] [ 1805.866959][T29879] dump_stack_lvl+0x16c/0x1f0 [ 1805.867002][T29879] should_fail_ex+0x512/0x640 [ 1805.867054][T29879] should_fail_futex+0x4c/0x60 [ 1805.867096][T29879] __x64_sys_futex+0x25e/0x4c0 [ 1805.867141][T29879] ? __x64_sys_timerfd_gettime+0xee/0x170 [ 1805.867188][T29879] ? __pfx___x64_sys_futex+0x10/0x10 [ 1805.867232][T29879] ? xfd_validate_state+0x61/0x180 [ 1805.867293][T29879] do_syscall_64+0xcd/0xfa0 [ 1805.867336][T29879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1805.867371][T29879] RIP: 0033:0x7f9f27d8f7c9 [ 1805.867397][T29879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1805.867431][T29879] RSP: 002b:00007f9f28c82038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1805.867461][T29879] RAX: ffffffffffffffda RBX: 00007f9f27fe5fa0 RCX: 00007f9f27d8f7c9 [ 1805.867484][T29879] RDX: 0000000000000004 RSI: 000000000000000d RDI: 0000000000000000 [ 1805.867513][T29879] RBP: 00007f9f27e13f91 R08: 0000000000000000 R09: 0000000000000008 [ 1805.867534][T29879] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1805.867556][T29879] R13: 00007f9f27fe6038 R14: 00007f9f27fe5fa0 R15: 00007ffc648927b8 [ 1805.867600][T29879] [ 1806.023555][ C0] vkms_vblank_simulate: vblank timer overrun [ 1806.381145][T29888] nvme_fcloop: unknown parameter or missing value 'Ù›ª' [ 1806.393573][T29892] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1807.815051][T29907] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 1807.850717][T29907] CPU: 0 UID: 0 PID: 29907 Comm: syz.3.5112 Not tainted syzkaller #0 PREEMPT(full) [ 1807.850765][T29907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1807.850783][T29907] Call Trace: [ 1807.850793][T29907] [ 1807.850817][T29907] dump_stack_lvl+0x16c/0x1f0 [ 1807.850858][T29907] sysfs_warn_dup+0x7f/0xa0 [ 1807.850894][T29907] sysfs_do_create_link_sd+0x124/0x140 [ 1807.850933][T29907] sysfs_create_link+0x61/0xc0 [ 1807.850968][T29907] device_add+0x62c/0x1aa0 [ 1807.851016][T29907] ? __pfx_device_add+0x10/0x10 [ 1807.851057][T29907] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1807.851106][T29907] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 1807.851146][T29907] wiphy_register+0x1eb0/0x2b20 [ 1807.851185][T29907] ? netdev_run_todo+0x864/0x1320 [ 1807.851225][T29907] ? __pfx_wiphy_register+0x10/0x10 [ 1807.851281][T29907] ieee80211_register_hw+0x253d/0x4120 [ 1807.851343][T29907] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1807.851384][T29907] ? __pfx___debug_object_init+0x10/0x10 [ 1807.851446][T29907] ? find_held_lock+0x2b/0x80 [ 1807.851477][T29907] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1807.851525][T29907] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1807.851565][T29907] ? __hrtimer_setup+0x176/0x280 [ 1807.851612][T29907] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 1807.851664][T29907] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1807.851706][T29907] hwsim_new_radio_nl+0xba2/0x1330 [ 1807.851741][T29907] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1807.851782][T29907] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1807.851821][T29907] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1807.851867][T29907] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1807.851906][T29907] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1807.851955][T29907] ? bpf_lsm_capable+0x9/0x10 [ 1807.851994][T29907] ? security_capable+0x7e/0x260 [ 1807.852035][T29907] ? ns_capable+0xd7/0x110 [ 1807.852070][T29907] genl_rcv_msg+0x55c/0x800 [ 1807.852110][T29907] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1807.852146][T29907] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1807.852188][T29907] netlink_rcv_skb+0x158/0x420 [ 1807.852219][T29907] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1807.852256][T29907] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1807.852307][T29907] ? netlink_deliver_tap+0x1ae/0xd30 [ 1807.852340][T29907] genl_rcv+0x28/0x40 [ 1807.852371][T29907] netlink_unicast+0x5aa/0x870 [ 1807.852407][T29907] ? __pfx_netlink_unicast+0x10/0x10 [ 1807.852438][T29907] ? __pfx___might_resched+0x10/0x10 [ 1807.852479][T29907] netlink_sendmsg+0x8c8/0xdd0 [ 1807.852517][T29907] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1807.852553][T29907] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1807.852601][T29907] ____sys_sendmsg+0xa98/0xc70 [ 1807.852640][T29907] ? copy_msghdr_from_user+0x10a/0x160 [ 1807.852674][T29907] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1807.852720][T29907] ? __pfx_futex_wake_mark+0x10/0x10 [ 1807.852772][T29907] ___sys_sendmsg+0x134/0x1d0 [ 1807.852797][T29907] ? find_held_lock+0x2b/0x80 [ 1807.852828][T29907] ? __pfx____sys_sendmsg+0x10/0x10 [ 1807.852855][T29907] ? __lock_acquire+0x622/0x1c90 [ 1807.852936][T29907] __sys_sendmsg+0x16d/0x220 [ 1807.852965][T29907] ? __pfx___sys_sendmsg+0x10/0x10 [ 1807.852993][T29907] ? __x64_sys_futex+0x1e0/0x4c0 [ 1807.853053][T29907] do_syscall_64+0xcd/0xfa0 [ 1807.853092][T29907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1807.853121][T29907] RIP: 0033:0x7f9f27d8f7c9 [ 1807.853146][T29907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1807.853173][T29907] RSP: 002b:00007f9f28c82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1807.853200][T29907] RAX: ffffffffffffffda RBX: 00007f9f27fe5fa0 RCX: 00007f9f27d8f7c9 [ 1807.853220][T29907] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1807.853238][T29907] RBP: 00007f9f27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1807.853256][T29907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1807.853273][T29907] R13: 00007f9f27fe6038 R14: 00007f9f27fe5fa0 R15: 00007ffc648927b8 [ 1807.853317][T29907] [ 1808.257380][ C0] vkms_vblank_simulate: vblank timer overrun [ 1809.402544][T29942] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1810.295400][T29955] random: crng reseeded on system resumption [ 1812.707370][T29991] zswap: compressor not available [ 1814.074397][T30028] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 1814.123097][T30028] CPU: 1 UID: 0 PID: 30028 Comm: syz.2.5137 Not tainted syzkaller #0 PREEMPT(full) [ 1814.123140][T30028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1814.123162][T30028] Call Trace: [ 1814.123174][T30028] [ 1814.123188][T30028] dump_stack_lvl+0x16c/0x1f0 [ 1814.123237][T30028] sysfs_warn_dup+0x7f/0xa0 [ 1814.123281][T30028] sysfs_do_create_link_sd+0x124/0x140 [ 1814.123327][T30028] sysfs_create_link+0x61/0xc0 [ 1814.123372][T30028] device_add+0x62c/0x1aa0 [ 1814.123431][T30028] ? __pfx_device_add+0x10/0x10 [ 1814.123482][T30028] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1814.123539][T30028] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 1814.123593][T30028] wiphy_register+0x1eb0/0x2b20 [ 1814.123639][T30028] ? netdev_run_todo+0x864/0x1320 [ 1814.123690][T30028] ? __pfx_wiphy_register+0x10/0x10 [ 1814.123774][T30028] ieee80211_register_hw+0x253d/0x4120 [ 1814.123843][T30028] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1814.123890][T30028] ? __pfx___debug_object_init+0x10/0x10 [ 1814.123943][T30028] ? find_held_lock+0x2b/0x80 [ 1814.123981][T30028] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1814.124040][T30028] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1814.124086][T30028] ? __hrtimer_setup+0x176/0x280 [ 1814.124143][T30028] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 1814.124206][T30028] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1814.124260][T30028] hwsim_new_radio_nl+0xba2/0x1330 [ 1814.124310][T30028] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1814.124363][T30028] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1814.124411][T30028] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1814.124466][T30028] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1814.124515][T30028] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1814.124573][T30028] ? bpf_lsm_capable+0x9/0x10 [ 1814.124618][T30028] ? security_capable+0x7e/0x260 [ 1814.124664][T30028] ? ns_capable+0xd7/0x110 [ 1814.124701][T30028] genl_rcv_msg+0x55c/0x800 [ 1814.124761][T30028] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1814.124807][T30028] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1814.124862][T30028] netlink_rcv_skb+0x158/0x420 [ 1814.124905][T30028] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1814.124948][T30028] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1814.125005][T30028] ? netlink_deliver_tap+0x1ae/0xd30 [ 1814.125047][T30028] genl_rcv+0x28/0x40 [ 1814.125083][T30028] netlink_unicast+0x5aa/0x870 [ 1814.125124][T30028] ? __pfx_netlink_unicast+0x10/0x10 [ 1814.125159][T30028] ? __pfx___might_resched+0x10/0x10 [ 1814.125208][T30028] netlink_sendmsg+0x8c8/0xdd0 [ 1814.125251][T30028] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1814.125291][T30028] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1814.125348][T30028] ____sys_sendmsg+0xa98/0xc70 [ 1814.125392][T30028] ? copy_msghdr_from_user+0x10a/0x160 [ 1814.125424][T30028] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1814.125476][T30028] ? __pfx_futex_wake_mark+0x10/0x10 [ 1814.125538][T30028] ___sys_sendmsg+0x134/0x1d0 [ 1814.125566][T30028] ? find_held_lock+0x2b/0x80 [ 1814.125604][T30028] ? __pfx____sys_sendmsg+0x10/0x10 [ 1814.125635][T30028] ? __lock_acquire+0x622/0x1c90 [ 1814.125733][T30028] __sys_sendmsg+0x16d/0x220 [ 1814.125778][T30028] ? __pfx___sys_sendmsg+0x10/0x10 [ 1814.125810][T30028] ? __x64_sys_futex+0x1e0/0x4c0 [ 1814.125884][T30028] do_syscall_64+0xcd/0xfa0 [ 1814.125927][T30028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1814.125960][T30028] RIP: 0033:0x7fdc6998f7c9 [ 1814.125987][T30028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1814.126019][T30028] RSP: 002b:00007fdc6a90b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1814.126051][T30028] RAX: ffffffffffffffda RBX: 00007fdc69be5fa0 RCX: 00007fdc6998f7c9 [ 1814.126074][T30028] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1814.126095][T30028] RBP: 00007fdc69a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1814.126116][T30028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1814.126137][T30028] R13: 00007fdc69be6038 R14: 00007fdc69be5fa0 R15: 00007fff2a60aa78 [ 1814.126184][T30028] [ 1814.770767][T30054] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1817.389205][T30097] ima: policy update failed [ 1817.397551][ T30] audit: type=1802 audit(1843106746.606:17): pid=30097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.5153" res=0 errno=0 [ 1817.423023][T30095] FAULT_INJECTION: forcing a failure. [ 1817.423023][T30095] name failslab, interval 1, probability 0, space 0, times 0 [ 1817.473916][T30095] CPU: 0 UID: 0 PID: 30095 Comm: syz.1.5154 Not tainted syzkaller #0 PREEMPT(full) [ 1817.473961][T30095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1817.473983][T30095] Call Trace: [ 1817.473995][T30095] [ 1817.474009][T30095] dump_stack_lvl+0x16c/0x1f0 [ 1817.474056][T30095] should_fail_ex+0x512/0x640 [ 1817.474106][T30095] ? fs_reclaim_acquire+0xae/0x150 [ 1817.474156][T30095] should_failslab+0xc2/0x120 [ 1817.474201][T30095] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1817.474237][T30095] ? __kernfs_new_node+0xd2/0x8e0 [ 1817.474289][T30095] ? __kernfs_new_node+0xd2/0x8e0 [ 1817.474330][T30095] __kernfs_new_node+0xd2/0x8e0 [ 1817.474378][T30095] ? __pfx___kernfs_new_node+0x10/0x10 [ 1817.474433][T30095] ? find_held_lock+0x2b/0x80 [ 1817.474481][T30095] ? kernfs_root+0xee/0x2a0 [ 1817.474530][T30095] kernfs_new_node+0x13c/0x1e0 [ 1817.474586][T30095] __kernfs_create_file+0x53/0x350 [ 1817.474626][T30095] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1817.474677][T30095] internal_create_group+0x578/0xf30 [ 1817.474732][T30095] ? __pfx_internal_create_group+0x10/0x10 [ 1817.474784][T30095] ? kernfs_create_link+0x1bd/0x240 [ 1817.474825][T30095] internal_create_groups+0x9d/0x150 [ 1817.474874][T30095] device_add+0x731/0x1aa0 [ 1817.474937][T30095] ? __pfx_device_add+0x10/0x10 [ 1817.474984][T30095] ? __pfx___might_resched+0x10/0x10 [ 1817.475016][T30095] ? lockdep_hardirqs_on+0x7c/0x110 [ 1817.475074][T30095] __add_disk+0x457/0xf00 [ 1817.475126][T30095] add_disk_fwnode+0x13f/0x5d0 [ 1817.475172][T30095] loop_add+0x903/0xb70 [ 1817.475209][T30095] ? __pfx_loop_add+0x10/0x10 [ 1817.475269][T30095] ? find_held_lock+0x2b/0x80 [ 1817.475308][T30095] loop_control_ioctl+0x13e/0x630 [ 1817.475345][T30095] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1817.475389][T30095] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1817.475428][T30095] __x64_sys_ioctl+0x18e/0x210 [ 1817.475491][T30095] do_syscall_64+0xcd/0xfa0 [ 1817.475536][T30095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1817.475568][T30095] RIP: 0033:0x7f4a8c98f7c9 [ 1817.475596][T30095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1817.475628][T30095] RSP: 002b:00007f4a8d8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1817.475659][T30095] RAX: ffffffffffffffda RBX: 00007f4a8cbe5fa0 RCX: 00007f4a8c98f7c9 [ 1817.475681][T30095] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 1817.475702][T30095] RBP: 00007f4a8ca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1817.475721][T30095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1817.475741][T30095] R13: 00007f4a8cbe6038 R14: 00007f4a8cbe5fa0 R15: 00007ffcdf69d878 [ 1817.475785][T30095] [ 1817.861511][T30102] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1817.908076][T30104] random: crng reseeded on system resumption [ 1819.746505][T30140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5167'. [ 1820.186894][T30145] mtrr: base(0x400000000000000000) is not aligned on a size(0x0000) boundary [ 1820.271997][T13553] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 1820.273038][T26134] Bluetooth: hci4: command 0x1003 tx timeout [ 1820.608713][T30161] random: crng reseeded on system resumption [ 1821.518127][T30176] svc: failed to register nfsdv3 RPC service (errno 111). [ 1821.565188][T30176] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1821.908568][T30183] random: crng reseeded on system resumption [ 1823.578084][T30179] syz.2.5174 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=2, oom_score_adj=1000 [ 1823.590095][T30179] CPU: 1 UID: 0 PID: 30179 Comm: syz.2.5174 Not tainted syzkaller #0 PREEMPT(full) [ 1823.590135][T30179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1823.590154][T30179] Call Trace: [ 1823.590165][T30179] [ 1823.590177][T30179] dump_stack_lvl+0x16c/0x1f0 [ 1823.590223][T30179] dump_header+0x101/0x930 [ 1823.590261][T30179] oom_kill_process+0x272/0xa40 [ 1823.590299][T30179] out_of_memory+0x350/0x1700 [ 1823.590342][T30179] ? __pfx_out_of_memory+0x10/0x10 [ 1823.590389][T30179] mem_cgroup_out_of_memory+0x118/0x130 [ 1823.590439][T30179] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1823.590493][T30179] ? do_raw_spin_unlock+0x172/0x230 [ 1823.590525][T30179] try_charge_memcg+0x695/0xd30 [ 1823.590568][T30179] ? __pfx_try_charge_memcg+0x10/0x10 [ 1823.590604][T30179] ? find_held_lock+0x2b/0x80 [ 1823.590635][T30179] ? rcu_read_unlock+0x17/0x60 [ 1823.590682][T30179] obj_cgroup_charge_account+0x292/0x500 [ 1823.590726][T30179] __memcg_slab_post_alloc_hook+0x2ea/0x940 [ 1823.590780][T30179] ? kasan_unpoison+0x27/0x60 [ 1823.590815][T30179] __kmalloc_node_track_caller_noprof+0x698/0x8a0 [ 1823.590854][T30179] ? register_net_sysctl_sz+0x228/0x3e0 [ 1823.590895][T30179] ? __addrconf_sysctl_register+0xbb/0x360 [ 1823.590938][T30179] ? kmemdup_noprof+0x29/0x60 [ 1823.590967][T30179] kmemdup_noprof+0x29/0x60 [ 1823.590998][T30179] __addrconf_sysctl_register+0xbb/0x360 [ 1823.591037][T30179] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 1823.591077][T30179] ? lockdep_init_map_type+0x5c/0x280 [ 1823.591122][T30179] ? mld_in_v1_mode+0x2b2/0x3a0 [ 1823.591169][T30179] addrconf_sysctl_register+0x15f/0x1f0 [ 1823.591207][T30179] ipv6_add_dev+0xb31/0x15f0 [ 1823.591246][T30179] addrconf_notify+0x53e/0x19e0 [ 1823.591288][T30179] ? ip6mr_device_event+0x1bc/0x230 [ 1823.591320][T30179] notifier_call_chain+0xbc/0x410 [ 1823.591358][T30179] ? __pfx_addrconf_notify+0x10/0x10 [ 1823.591407][T30179] call_netdevice_notifiers_info+0xbe/0x140 [ 1823.591448][T30179] register_netdevice+0x182e/0x2270 [ 1823.591486][T30179] ? __pfx_register_netdevice+0x10/0x10 [ 1823.591520][T30179] ? alloc_netdev_mqs+0xe17/0x1550 [ 1823.591553][T30179] register_netdev+0x34/0x50 [ 1823.591584][T30179] ip6gre_init_net+0x2bd/0x440 [ 1823.591627][T30179] ? __pfx_ip6gre_init_net+0x10/0x10 [ 1823.591668][T30179] ops_init+0x1e2/0x5f0 [ 1823.591701][T30179] setup_net+0x100/0x390 [ 1823.591731][T30179] ? __pfx_setup_net+0x10/0x10 [ 1823.591767][T30179] ? debug_mutex_init+0x37/0x70 [ 1823.591800][T30179] copy_net_ns+0x2f8/0x690 [ 1823.591836][T30179] create_new_namespaces+0x3ea/0xa90 [ 1823.591877][T30179] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1823.591913][T30179] ksys_unshare+0x45b/0xa40 [ 1823.591952][T30179] ? __pfx_ksys_unshare+0x10/0x10 [ 1823.591990][T30179] ? xfd_validate_state+0x61/0x180 [ 1823.592043][T30179] __x64_sys_unshare+0x31/0x40 [ 1823.592080][T30179] do_syscall_64+0xcd/0xfa0 [ 1823.592117][T30179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1823.592145][T30179] RIP: 0033:0x7fdc6998f7c9 [ 1823.592167][T30179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1823.592193][T30179] RSP: 002b:00007fdc6a8c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1823.592220][T30179] RAX: ffffffffffffffda RBX: 00007fdc69be6180 RCX: 00007fdc6998f7c9 [ 1823.592238][T30179] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1823.592256][T30179] RBP: 00007fdc69a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1823.592272][T30179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1823.592290][T30179] R13: 00007fdc69be6218 R14: 00007fdc69be6180 R15: 00007fff2a60aa78 [ 1823.592328][T30179] [ 1823.592444][T30179] memory: usage 3068kB, limit 3072kB, failcnt 9774 [ 1823.962614][T30179] memory+swap: usage 5576kB, limit 9007199254740988kB, failcnt 0 [ 1823.971946][T30179] kmem: usage 3032kB, limit 9007199254740988kB, failcnt 0 [ 1824.059986][T30179] Memory cgroup stats for /syz2: [ 1824.063041][T30179] cache 0 [ 1824.094496][T30179] rss 4096 [ 1824.097596][T30179] rss_huge 0 [ 1824.100823][T30179] shmem 0 [ 1824.103953][T30179] mapped_file 0 [ 1824.107444][T30179] dirty 0 [ 1824.110408][T30179] writeback 0 [ 1824.113838][T30179] workingset_refault_anon 7490 [ 1824.118628][T30179] workingset_refault_file 8703 [ 1824.123465][T30179] swap 2564096 [ 1824.126853][T30179] swapcached 36864 [ 1824.130583][T30179] pgpgin 1132595 [ 1824.134383][T30179] pgpgout 1138739 [ 1824.138032][T30179] pgfault 2115881 [ 1824.141737][T30179] pgmajfault 2066 [ 1824.145383][T30179] inactive_anon 40960 [ 1824.149377][T30179] active_anon 0 [ 1824.152908][T30179] inactive_file 0 [ 1824.156557][T30179] active_file 0 [ 1824.160023][T30179] unevictable 0 [ 1824.163656][T30179] hierarchical_memory_limit 3145728 [ 1824.168873][T30179] hierarchical_memsw_limit 9223372036854771712 [ 1824.270646][T30179] total_cache 0 [ 1824.331506][T30179] total_rss 4096 [ 1824.335234][T30179] total_rss_huge 0 [ 1824.339256][T30179] total_shmem 0 [ 1824.345543][T30179] total_mapped_file 0 [ 1824.359482][T30179] total_dirty 0 [ 1824.374191][T30179] total_writeback 0 [ 1824.394044][T30179] total_workingset_refault_anon 7490 [ 1824.400358][T30179] total_workingset_refault_file 8703 [ 1824.406125][T30179] total_swap 2564096 [ 1824.410191][T30179] total_swapcached 36864 [ 1824.414861][T30179] total_pgpgin 1132595 [ 1824.421632][T30179] total_pgpgout 1138739 [ 1824.425868][T30179] total_pgfault 2115881 [ 1824.430136][T30179] total_pgmajfault 2066 [ 1824.434338][T30179] total_inactive_anon 40960 [ 1824.439135][T30179] total_active_anon 0 [ 1824.443229][T30179] total_inactive_file 0 [ 1824.447448][T30179] total_active_file 0 [ 1824.482974][T30179] total_unevictable 0 [ 1824.502526][T30179] anon_cost 0 [ 1824.518240][T30179] file_cost 0 [ 1824.531906][T30179] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5174,pid=30175,uid=0 [ 1824.561077][T30179] Memory cgroup out of memory: Killed process 30175 (syz.2.5174) total-vm:141408kB, anon-rss:1116kB, file-rss:26728kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1824.732932][T30196] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 1824.768470][T30196] CPU: 1 UID: 0 PID: 30196 Comm: syz.0.5178 Not tainted syzkaller #0 PREEMPT(full) [ 1824.768511][T30196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1824.768526][T30196] Call Trace: [ 1824.768534][T30196] [ 1824.768544][T30196] dump_stack_lvl+0x16c/0x1f0 [ 1824.768581][T30196] sysfs_warn_dup+0x7f/0xa0 [ 1824.768612][T30196] sysfs_do_create_link_sd+0x124/0x140 [ 1824.768647][T30196] sysfs_create_link+0x61/0xc0 [ 1824.768679][T30196] device_add+0x62c/0x1aa0 [ 1824.768723][T30196] ? __pfx_device_add+0x10/0x10 [ 1824.768761][T30196] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1824.768812][T30196] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 1824.768849][T30196] wiphy_register+0x1eb0/0x2b20 [ 1824.768886][T30196] ? netdev_run_todo+0x864/0x1320 [ 1824.768925][T30196] ? __pfx_wiphy_register+0x10/0x10 [ 1824.768977][T30196] ieee80211_register_hw+0x253d/0x4120 [ 1824.769026][T30196] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1824.769063][T30196] ? __pfx___debug_object_init+0x10/0x10 [ 1824.769100][T30196] ? find_held_lock+0x2b/0x80 [ 1824.769127][T30196] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1824.769170][T30196] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1824.769204][T30196] ? __hrtimer_setup+0x176/0x280 [ 1824.769252][T30196] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 1824.769297][T30196] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1824.769335][T30196] hwsim_new_radio_nl+0xba2/0x1330 [ 1824.769366][T30196] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1824.769404][T30196] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1824.769441][T30196] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1824.769481][T30196] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1824.769516][T30196] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1824.769561][T30196] ? bpf_lsm_capable+0x9/0x10 [ 1824.769595][T30196] ? security_capable+0x7e/0x260 [ 1824.769631][T30196] ? ns_capable+0xd7/0x110 [ 1824.769661][T30196] genl_rcv_msg+0x55c/0x800 [ 1824.769695][T30196] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1824.769728][T30196] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1824.769758][T30196] ? irqentry_exit+0x3b/0x90 [ 1824.769795][T30196] netlink_rcv_skb+0x158/0x420 [ 1824.769827][T30196] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1824.769860][T30196] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1824.769908][T30196] genl_rcv+0x28/0x40 [ 1824.769934][T30196] netlink_unicast+0x5aa/0x870 [ 1824.769966][T30196] ? __pfx_netlink_unicast+0x10/0x10 [ 1824.770005][T30196] netlink_sendmsg+0x8c8/0xdd0 [ 1824.770038][T30196] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1824.770068][T30196] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1824.770102][T30196] ____sys_sendmsg+0xa98/0xc70 [ 1824.770135][T30196] ? copy_msghdr_from_user+0x10a/0x160 [ 1824.770160][T30196] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1824.770197][T30196] ? lock_acquire+0x179/0x350 [ 1824.770233][T30196] ? find_held_lock+0x2b/0x80 [ 1824.770263][T30196] ___sys_sendmsg+0x134/0x1d0 [ 1824.770290][T30196] ? __pfx____sys_sendmsg+0x10/0x10 [ 1824.770312][T30196] ? __lock_acquire+0x622/0x1c90 [ 1824.770383][T30196] __sys_sendmsg+0x16d/0x220 [ 1824.770408][T30196] ? __pfx___sys_sendmsg+0x10/0x10 [ 1824.770432][T30196] ? rcu_is_watching+0x12/0xc0 [ 1824.770471][T30196] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 1824.770503][T30196] do_syscall_64+0xcd/0xfa0 [ 1824.770535][T30196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1824.770563][T30196] RIP: 0033:0x7f3ab0d8f7c9 [ 1824.770584][T30196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1824.770609][T30196] RSP: 002b:00007f3ab1c94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1824.770633][T30196] RAX: ffffffffffffffda RBX: 00007f3ab0fe5fa0 RCX: 00007f3ab0d8f7c9 [ 1824.770651][T30196] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1824.770666][T30196] RBP: 00007f3ab0e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1824.770683][T30196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1824.770697][T30196] R13: 00007f3ab0fe6038 R14: 00007f3ab0fe5fa0 R15: 00007ffe0d3b8e68 [ 1824.770731][T30196] [ 1825.994160][T30238] random: crng reseeded on system resumption [ 1827.161631][T30241] can0: slcan on ptm0. [ 1827.475042][T30240] can0 (unregistered): slcan off ptm0. [ 1827.785170][T30262] random: crng reseeded on system resumption [ 1829.518694][T13553] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 1829.652247][T30298] FAULT_INJECTION: forcing a failure. [ 1829.652247][T30298] name failslab, interval 1, probability 0, space 0, times 0 [ 1829.703956][T30298] CPU: 1 UID: 0 PID: 30298 Comm: syz.3.5193 Not tainted syzkaller #0 PREEMPT(full) [ 1829.703998][T30298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1829.704016][T30298] Call Trace: [ 1829.704026][T30298] [ 1829.704037][T30298] dump_stack_lvl+0x16c/0x1f0 [ 1829.704078][T30298] should_fail_ex+0x512/0x640 [ 1829.704121][T30298] ? fs_reclaim_acquire+0xae/0x150 [ 1829.704172][T30298] should_failslab+0xc2/0x120 [ 1829.704214][T30298] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1829.704245][T30298] ? __kernfs_new_node+0xd2/0x8e0 [ 1829.704288][T30298] ? __kernfs_new_node+0xd2/0x8e0 [ 1829.704322][T30298] __kernfs_new_node+0xd2/0x8e0 [ 1829.704364][T30298] ? __pfx___kernfs_new_node+0x10/0x10 [ 1829.704412][T30298] ? find_held_lock+0x2b/0x80 [ 1829.704449][T30298] ? kernfs_root+0xee/0x2a0 [ 1829.704499][T30298] kernfs_new_node+0x13c/0x1e0 [ 1829.704554][T30298] __kernfs_create_file+0x53/0x350 [ 1829.704595][T30298] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1829.704648][T30298] internal_create_group+0x578/0xf30 [ 1829.704703][T30298] ? __pfx_internal_create_group+0x10/0x10 [ 1829.704755][T30298] ? kernfs_create_link+0x1bd/0x240 [ 1829.704797][T30298] internal_create_groups+0x9d/0x150 [ 1829.704844][T30298] device_add+0x731/0x1aa0 [ 1829.704901][T30298] ? __pfx_device_add+0x10/0x10 [ 1829.704948][T30298] ? __pfx___might_resched+0x10/0x10 [ 1829.704981][T30298] ? lockdep_hardirqs_on+0x7c/0x110 [ 1829.705035][T30298] __add_disk+0x457/0xf00 [ 1829.705094][T30298] add_disk_fwnode+0x13f/0x5d0 [ 1829.705142][T30298] loop_add+0x903/0xb70 [ 1829.705181][T30298] ? __pfx_loop_add+0x10/0x10 [ 1829.705237][T30298] ? find_held_lock+0x2b/0x80 [ 1829.705272][T30298] loop_control_ioctl+0x13e/0x630 [ 1829.705305][T30298] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1829.705342][T30298] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1829.705375][T30298] __x64_sys_ioctl+0x18e/0x210 [ 1829.705424][T30298] do_syscall_64+0xcd/0xfa0 [ 1829.705468][T30298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1829.705503][T30298] RIP: 0033:0x7f9f27d8f7c9 [ 1829.705529][T30298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1829.705563][T30298] RSP: 002b:00007f9f28c82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1829.705596][T30298] RAX: ffffffffffffffda RBX: 00007f9f27fe5fa0 RCX: 00007f9f27d8f7c9 [ 1829.705619][T30298] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 1829.705640][T30298] RBP: 00007f9f27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1829.705660][T30298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1829.705679][T30298] R13: 00007f9f27fe6038 R14: 00007f9f27fe5fa0 R15: 00007ffc648927b8 [ 1829.705721][T30298] [ 1832.170908][T30334] random: crng reseeded on system resumption [ 1832.899576][T30338] svc: failed to register nfsdv3 RPC service (errno 111). [ 1832.946652][T30338] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1833.854542][T30365] __vm_enough_memory: pid: 30365, comm: syz.3.5206, bytes: 4398046511104 not enough memory for the allocation [ 1834.850405][T30379] random: crng reseeded on system resumption [ 1835.075999][T30384] bond0: invalid ARP target specified [ 1835.547088][T30386] svc: failed to register nfsdv3 RPC service (errno 111). [ 1835.562375][T30386] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1836.240406][T30403] FAULT_INJECTION: forcing a failure. [ 1836.240406][T30403] name failslab, interval 1, probability 0, space 0, times 0 [ 1836.269681][T30403] CPU: 0 UID: 0 PID: 30403 Comm: syz.1.5214 Not tainted syzkaller #0 PREEMPT(full) [ 1836.269715][T30403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1836.269731][T30403] Call Trace: [ 1836.269740][T30403] [ 1836.269750][T30403] dump_stack_lvl+0x16c/0x1f0 [ 1836.269785][T30403] should_fail_ex+0x512/0x640 [ 1836.269831][T30403] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1836.269868][T30403] should_failslab+0xc2/0x120 [ 1836.269902][T30403] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1836.269935][T30403] ? sctp_sysctl_net_register+0x30/0x200 [ 1836.269965][T30403] ? proc_create_reg+0xe3/0x180 [ 1836.270006][T30403] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1836.270037][T30403] ? kmemdup_noprof+0x29/0x60 [ 1836.270063][T30403] ? __pfx_proc_create_net_data+0x10/0x10 [ 1836.270100][T30403] kmemdup_noprof+0x29/0x60 [ 1836.270128][T30403] sctp_sysctl_net_register+0x30/0x200 [ 1836.270161][T30403] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1836.270191][T30403] sctp_defaults_init+0x6d2/0xd90 [ 1836.270222][T30403] ? __pfx_sctp_defaults_init+0x10/0x10 [ 1836.270253][T30403] ops_init+0x1e2/0x5f0 [ 1836.270282][T30403] setup_net+0x100/0x390 [ 1836.270308][T30403] ? __pfx_setup_net+0x10/0x10 [ 1836.270335][T30403] ? debug_mutex_init+0x37/0x70 [ 1836.270365][T30403] copy_net_ns+0x2f8/0x690 [ 1836.270397][T30403] create_new_namespaces+0x3ea/0xa90 [ 1836.270433][T30403] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1836.270465][T30403] ksys_unshare+0x45b/0xa40 [ 1836.270499][T30403] ? __pfx_ksys_unshare+0x10/0x10 [ 1836.270533][T30403] ? xfd_validate_state+0x61/0x180 [ 1836.270578][T30403] __x64_sys_unshare+0x31/0x40 [ 1836.270610][T30403] do_syscall_64+0xcd/0xfa0 [ 1836.270643][T30403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1836.270669][T30403] RIP: 0033:0x7f4a8c98f7c9 [ 1836.270688][T30403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1836.270718][T30403] RSP: 002b:00007f4a8d8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1836.270741][T30403] RAX: ffffffffffffffda RBX: 00007f4a8cbe5fa0 RCX: 00007f4a8c98f7c9 [ 1836.270757][T30403] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1836.270773][T30403] RBP: 00007f4a8ca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1836.270788][T30403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1836.270809][T30403] R13: 00007f4a8cbe6038 R14: 00007f4a8cbe5fa0 R15: 00007ffcdf69d878 [ 1836.270841][T30403] [ 1837.166451][T30412] svc: failed to register nfsdv3 RPC service (errno 111). [ 1837.184694][T30418] random: crng reseeded on system resumption [ 1837.226054][T30412] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1837.930456][T30414] svc: failed to register nfsdv3 RPC service (errno 111). [ 1837.958946][T30414] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1839.180558][T30446] netlink: 342 bytes leftover after parsing attributes in process `syz.0.5222'. [ 1839.716652][T30449] svc: failed to register nfsdv3 RPC service (errno 111). [ 1839.802832][T30449] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1839.920175][T30458] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 1839.944400][T30457] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1840.757090][T30460] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 1841.616234][T30483] FAULT_INJECTION: forcing a failure. [ 1841.616234][T30483] name failslab, interval 1, probability 0, space 0, times 0 [ 1841.630720][T30483] CPU: 0 UID: 0 PID: 30483 Comm: syz.1.5229 Not tainted syzkaller #0 PREEMPT(full) [ 1841.630766][T30483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1841.630787][T30483] Call Trace: [ 1841.630799][T30483] [ 1841.630813][T30483] dump_stack_lvl+0x16c/0x1f0 [ 1841.630861][T30483] should_fail_ex+0x512/0x640 [ 1841.630914][T30483] ? __kmalloc_cache_node_noprof+0x62/0x7a0 [ 1841.630962][T30483] should_failslab+0xc2/0x120 [ 1841.631010][T30483] __kmalloc_cache_node_noprof+0x75/0x7a0 [ 1841.631052][T30483] ? blkg_alloc+0xb7/0xb60 [ 1841.631092][T30483] ? blkg_alloc+0xb7/0xb60 [ 1841.631119][T30483] blkg_alloc+0xb7/0xb60 [ 1841.631149][T30483] ? find_held_lock+0x2b/0x80 [ 1841.631191][T30483] blkcg_init_disk+0x51/0x160 [ 1841.631228][T30483] __alloc_disk_node+0x299/0x640 [ 1841.631274][T30483] __blk_mq_alloc_disk+0x89/0x120 [ 1841.631316][T30483] loop_add+0x490/0xb70 [ 1841.631354][T30483] ? __pfx_loop_add+0x10/0x10 [ 1841.631426][T30483] ? find_held_lock+0x2b/0x80 [ 1841.631469][T30483] loop_control_ioctl+0x13e/0x630 [ 1841.631505][T30483] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1841.631548][T30483] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1841.631586][T30483] __x64_sys_ioctl+0x18e/0x210 [ 1841.631640][T30483] do_syscall_64+0xcd/0xfa0 [ 1841.631684][T30483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1841.631716][T30483] RIP: 0033:0x7f4a8c98f7c9 [ 1841.631741][T30483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1841.631773][T30483] RSP: 002b:00007f4a8d8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1841.631804][T30483] RAX: ffffffffffffffda RBX: 00007f4a8cbe5fa0 RCX: 00007f4a8c98f7c9 [ 1841.631825][T30483] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 1841.631845][T30483] RBP: 00007f4a8ca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1841.631865][T30483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1841.631884][T30483] R13: 00007f4a8cbe6038 R14: 00007f4a8cbe5fa0 R15: 00007ffcdf69d878 [ 1841.631928][T30483] [ 1846.090559][T30517] syz.2.5235 invoked oom-killer: gfp_mask=0x408d40(GFP_NOFS|__GFP_ZERO|__GFP_NOFAIL|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 1846.105816][T30517] CPU: 0 UID: 0 PID: 30517 Comm: syz.2.5235 Not tainted syzkaller #0 PREEMPT(full) [ 1846.105859][T30517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1846.105880][T30517] Call Trace: [ 1846.105892][T30517] [ 1846.105905][T30517] dump_stack_lvl+0x16c/0x1f0 [ 1846.105959][T30517] dump_header+0x101/0x930 [ 1846.105998][T30517] oom_kill_process+0x272/0xa40 [ 1846.106038][T30517] out_of_memory+0x350/0x1700 [ 1846.106084][T30517] ? __pfx_out_of_memory+0x10/0x10 [ 1846.106131][T30517] mem_cgroup_out_of_memory+0x118/0x130 [ 1846.106183][T30517] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1846.106246][T30517] ? do_raw_spin_unlock+0x172/0x230 [ 1846.106285][T30517] try_charge_memcg+0x695/0xd30 [ 1846.106336][T30517] ? __pfx_try_charge_memcg+0x10/0x10 [ 1846.106379][T30517] ? find_held_lock+0x2b/0x80 [ 1846.106414][T30517] ? rcu_read_unlock+0x17/0x60 [ 1846.106469][T30517] obj_cgroup_charge_account+0x292/0x500 [ 1846.106524][T30517] __memcg_slab_post_alloc_hook+0x2ea/0x940 [ 1846.106580][T30517] ? kasan_save_track+0x14/0x30 [ 1846.106624][T30517] kmem_cache_alloc_noprof+0x550/0x6e0 [ 1846.106659][T30517] ? __lock_acquire+0xb8a/0x1c90 [ 1846.106700][T30517] ? alloc_buffer_head+0x21/0x160 [ 1846.106749][T30517] ? alloc_buffer_head+0x21/0x160 [ 1846.106787][T30517] alloc_buffer_head+0x21/0x160 [ 1846.106829][T30517] folio_alloc_buffers+0x2b5/0x6c0 [ 1846.106880][T30517] create_empty_buffers+0x36/0x480 [ 1846.106930][T30517] folio_create_buffers+0x109/0x150 [ 1846.106984][T30517] block_read_full_folio+0x14c/0x850 [ 1846.107033][T30517] ? __pfx_lru_add+0x10/0x10 [ 1846.107067][T30517] ? __pfx_blkdev_get_block+0x10/0x10 [ 1846.107102][T30517] ? const_folio_flags+0x5b/0x100 [ 1846.107140][T30517] ? __pfx_blkdev_read_folio+0x10/0x10 [ 1846.107175][T30517] filemap_read_folio+0xc8/0x2a0 [ 1846.107207][T30517] ? __pfx_filemap_read_folio+0x10/0x10 [ 1846.107245][T30517] ? page_cache_sync_ra+0x66b/0xbf0 [ 1846.107286][T30517] filemap_get_pages+0xae9/0x1d30 [ 1846.107336][T30517] ? __pfx_filemap_get_pages+0x10/0x10 [ 1846.107377][T30517] ? __pfx___might_resched+0x10/0x10 [ 1846.107422][T30517] filemap_splice_read+0x5cb/0xd60 [ 1846.107477][T30517] ? __pfx_filemap_splice_read+0x10/0x10 [ 1846.107522][T30517] ? __pfx___schedule+0x10/0x10 [ 1846.107597][T30517] ? __pfx_splice_to_socket+0x10/0x10 [ 1846.107643][T30517] ? __pfx_filemap_splice_read+0x10/0x10 [ 1846.107682][T30517] do_splice_read+0x285/0x370 [ 1846.107719][T30517] splice_direct_to_actor+0x2a1/0xa30 [ 1846.107757][T30517] ? __pfx_direct_splice_actor+0x10/0x10 [ 1846.107800][T30517] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1846.107839][T30517] ? rcu_is_watching+0x12/0xc0 [ 1846.107881][T30517] do_splice_direct+0x174/0x240 [ 1846.107916][T30517] ? __pfx_do_splice_direct+0x10/0x10 [ 1846.107958][T30517] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1846.108015][T30517] ? bpf_lsm_file_permission+0x9/0x10 [ 1846.108056][T30517] ? security_file_permission+0x71/0x210 [ 1846.108094][T30517] ? rw_verify_area+0xcf/0x6c0 [ 1846.108130][T30517] do_sendfile+0xb06/0xe50 [ 1846.108174][T30517] ? __pfx_do_sendfile+0x10/0x10 [ 1846.108215][T30517] ? __x64_sys_futex+0x1e0/0x4c0 [ 1846.108259][T30517] ? __x64_sys_futex+0x1e9/0x4c0 [ 1846.108310][T30517] __x64_sys_sendfile64+0x1d8/0x220 [ 1846.108355][T30517] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1846.108412][T30517] do_syscall_64+0xcd/0xfa0 [ 1846.108455][T30517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1846.108489][T30517] RIP: 0033:0x7fdc6998f7c9 [ 1846.108515][T30517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1846.108548][T30517] RSP: 002b:00007fdc6a8c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1846.108578][T30517] RAX: ffffffffffffffda RBX: 00007fdc69be6180 RCX: 00007fdc6998f7c9 [ 1846.108601][T30517] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 1846.108622][T30517] RBP: 00007fdc69a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1846.108643][T30517] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000000 [ 1846.108664][T30517] R13: 00007fdc69be6218 R14: 00007fdc69be6180 R15: 00007fff2a60aa78 [ 1846.108711][T30517] [ 1846.635849][T30517] memory: usage 3072kB, limit 3072kB, failcnt 15442 [ 1846.642817][T30517] memory+swap: usage 3384kB, limit 9007199254740988kB, failcnt 0 [ 1846.651049][T30517] kmem: usage 1328kB, limit 9007199254740988kB, failcnt 0 [ 1846.925080][T30517] Memory cgroup stats for /syz2: [ 1846.925324][T30517] cache 1708032 [ 1846.953149][T30517] rss 0 [ 1846.955982][T30517] rss_huge 0 [ 1846.959208][T30517] shmem 0 [ 1846.962189][T30517] mapped_file 0 [ 1846.972993][T30517] dirty 0 [ 1846.982880][T30517] writeback 0 [ 1846.992417][T30517] workingset_refault_anon 9032 [ 1847.002777][T30517] workingset_refault_file 10669 [ 1847.007711][T30517] swap 319488 [ 1847.011023][T30517] swapcached 77824 [ 1847.042518][T30517] pgpgin 1141546 [ 1847.046280][T30517] pgpgout 1147520 [ 1847.050043][T30517] pgfault 2131296 [ 1847.054880][T30517] pgmajfault 2509 [ 1847.062106][T30517] inactive_anon 77824 [ 1847.066758][T30517] active_anon 0 [ 1847.078582][T30517] inactive_file 53248 [ 1847.159925][T30517] active_file 1654784 [ 1847.178951][T30517] unevictable 0 [ 1847.191830][T30517] hierarchical_memory_limit 3145728 [ 1847.254082][T30517] hierarchical_memsw_limit 9223372036854771712 [ 1847.267764][T30517] total_cache 1708032 [ 1847.291258][T30517] total_rss 0 [ 1847.308998][T30517] total_rss_huge 0 [ 1847.351022][T30517] total_shmem 0 [ 1847.357807][T30517] total_mapped_file 0 [ 1847.380772][T30517] total_dirty 0 [ 1847.384295][T30517] total_writeback 0 [ 1847.388110][T30517] total_workingset_refault_anon 9032 [ 1847.432418][T30517] total_workingset_refault_file 10669 [ 1847.470346][T30517] total_swap 319488 [ 1847.518401][T30517] total_swapcached 77824 [ 1847.525784][T30517] total_pgpgin 1141546 [ 1847.551252][T30517] total_pgpgout 1147520 [ 1847.562129][T30517] total_pgfault 2131296 [ 1847.578773][T30517] total_pgmajfault 2509 [ 1847.585329][T30517] total_inactive_anon 77824 [ 1847.595456][T30517] total_active_anon 0 [ 1847.609946][T30517] total_inactive_file 53248 [ 1847.636076][T30517] total_active_file 1654784 [ 1847.655195][T30517] total_unevictable 0 [ 1847.665306][T30517] anon_cost 0 [ 1847.685608][T30517] file_cost 0 [ 1847.689565][T30517] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5235,pid=30507,uid=0 [ 1847.718181][T30517] Memory cgroup out of memory: Killed process 30507 (syz.2.5235) total-vm:141408kB, anon-rss:1140kB, file-rss:27152kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1847.977223][T30537] mtrr: base(0x0000) is not aligned on a size(0x4000100000) boundary [ 1849.167744][T30549] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5241'. [ 1849.177834][T30549] netlink: 'syz.3.5241': attribute type 1 has an invalid length. [ 1849.186016][T30549] netlink: 5 bytes leftover after parsing attributes in process `syz.3.5241'. [ 1850.055363][ T32] oom_reaper: reaped process 30507 (syz.2.5235), now anon-rss:0kB, file-rss:26080kB, shmem-rss:0kB [ 1853.097891][T30611] net_ratelimit: 23 callbacks suppressed [ 1853.097920][T30611] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1854.806664][T30622] random: crng reseeded on system resumption [ 1855.187395][T30633] svc: failed to register nfsdv3 RPC service (errno 111). [ 1855.199396][T30630] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1855.261004][T30633] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1856.076076][T30644] netlink: 334 bytes leftover after parsing attributes in process `syz.2.5264'. [ 1856.288125][T30644] vhci_hcd: not connected 4 [ 1856.495407][T30654] FAULT_INJECTION: forcing a failure. [ 1856.495407][T30654] name failslab, interval 1, probability 0, space 0, times 0 [ 1856.586182][T30654] CPU: 0 UID: 0 PID: 30654 Comm: syz.1.5266 Not tainted syzkaller #0 PREEMPT(full) [ 1856.586224][T30654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1856.586243][T30654] Call Trace: [ 1856.586251][T30654] [ 1856.586260][T30654] dump_stack_lvl+0x16c/0x1f0 [ 1856.586295][T30654] should_fail_ex+0x512/0x640 [ 1856.586331][T30654] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1856.586364][T30654] should_failslab+0xc2/0x120 [ 1856.586398][T30654] __kvmalloc_node_noprof+0x141/0x9c0 [ 1856.586431][T30654] ? traverse.part.0.constprop.0+0x397/0x650 [ 1856.586478][T30654] ? traverse.part.0.constprop.0+0x397/0x650 [ 1856.586517][T30654] traverse.part.0.constprop.0+0x397/0x650 [ 1856.586558][T30654] ? aa_file_perm+0x28f/0x12e0 [ 1856.586594][T30654] seq_read_iter+0x93c/0x12d0 [ 1856.586638][T30654] ? __pfx_aa_file_perm+0x10/0x10 [ 1856.586673][T30654] seq_read+0x3a3/0x570 [ 1856.586711][T30654] ? __pfx_seq_read+0x10/0x10 [ 1856.586750][T30654] ? get_pid_task+0xfc/0x250 [ 1856.586797][T30654] ? rw_verify_area+0xcf/0x6c0 [ 1856.586826][T30654] ? __pfx_seq_read+0x10/0x10 [ 1856.586864][T30654] vfs_read+0x1e4/0xcf0 [ 1856.586897][T30654] ? __pfx_vfs_read+0x10/0x10 [ 1856.586920][T30654] ? find_held_lock+0x2b/0x80 [ 1856.586946][T30654] ? __fget_files+0x204/0x3c0 [ 1856.586976][T30654] ? __fget_files+0x20e/0x3c0 [ 1856.586998][T30654] ? __fget_files+0x1d0/0x3c0 [ 1856.587031][T30654] __x64_sys_pread64+0x1eb/0x250 [ 1856.587062][T30654] ? __pfx___x64_sys_pread64+0x10/0x10 [ 1856.587100][T30654] do_syscall_64+0xcd/0xfa0 [ 1856.587132][T30654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1856.587157][T30654] RIP: 0033:0x7f4a8c98f7c9 [ 1856.587177][T30654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1856.587200][T30654] RSP: 002b:00007f4a8d8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 1856.587222][T30654] RAX: ffffffffffffffda RBX: 00007f4a8cbe5fa0 RCX: 00007f4a8c98f7c9 [ 1856.587239][T30654] RDX: 0000000080000001 RSI: 0000200000000000 RDI: 0000000000000004 [ 1856.587254][T30654] RBP: 00007f4a8d8a5090 R08: 0000000000000000 R09: 0000000000000000 [ 1856.587271][T30654] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 1856.587291][T30654] R13: 00007f4a8cbe6038 R14: 00007f4a8cbe5fa0 R15: 00007ffcdf69d878 [ 1856.587334][T30654] [ 1857.942530][T30690] random: crng reseeded on system resumption [ 1857.956700][T30681] svc: failed to register nfsdv3 RPC service (errno 111). [ 1858.007162][T30681] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1858.497098][T30701] vhci_hcd: invalid port number 16 [ 1859.661980][T30719] svc: failed to register nfsdv3 RPC service (errno 111). [ 1859.701660][T30719] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1859.801297][T30723] FAULT_INJECTION: forcing a failure. [ 1859.801297][T30723] name failslab, interval 1, probability 0, space 0, times 0 [ 1859.875400][T30723] CPU: 1 UID: 0 PID: 30723 Comm: syz.1.5279 Not tainted syzkaller #0 PREEMPT(full) [ 1859.875459][T30723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1859.875479][T30723] Call Trace: [ 1859.875491][T30723] [ 1859.875505][T30723] dump_stack_lvl+0x16c/0x1f0 [ 1859.875553][T30723] should_fail_ex+0x512/0x640 [ 1859.875601][T30723] ? fs_reclaim_acquire+0xae/0x150 [ 1859.875650][T30723] should_failslab+0xc2/0x120 [ 1859.875692][T30723] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1859.875735][T30723] ? kstrdup_const+0x63/0x80 [ 1859.875786][T30723] ? kstrdup+0x53/0x100 [ 1859.875817][T30723] kstrdup+0x53/0x100 [ 1859.875855][T30723] kstrdup_const+0x63/0x80 [ 1859.875890][T30723] __kernfs_new_node+0x9b/0x8e0 [ 1859.875936][T30723] ? __pfx___kernfs_new_node+0x10/0x10 [ 1859.875985][T30723] ? find_held_lock+0x2b/0x80 [ 1859.876021][T30723] ? kernfs_root+0xee/0x2a0 [ 1859.876070][T30723] kernfs_new_node+0x13c/0x1e0 [ 1859.876145][T30723] kernfs_create_dir_ns+0x4c/0x1a0 [ 1859.876199][T30723] sysfs_create_dir_ns+0x13a/0x2b0 [ 1859.876243][T30723] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 1859.876284][T30723] ? find_held_lock+0x2b/0x80 [ 1859.876327][T30723] ? class_dir_child_ns_type+0xd/0x60 [ 1859.876382][T30723] kobject_add_internal+0x2c4/0x9b0 [ 1859.876436][T30723] kobject_add+0x16e/0x240 [ 1859.876480][T30723] ? __pfx_kobject_add+0x10/0x10 [ 1859.876527][T30723] ? get_device_parent+0x1c5/0x4e0 [ 1859.876576][T30723] ? kobject_put+0xab/0x5a0 [ 1859.876631][T30723] device_add+0x288/0x1aa0 [ 1859.876682][T30723] ? __pfx_dev_set_name+0x10/0x10 [ 1859.876716][T30723] ? __pfx_device_add+0x10/0x10 [ 1859.876762][T30723] ? __pfx___might_resched+0x10/0x10 [ 1859.876803][T30723] ? lockdep_hardirqs_on+0x7c/0x110 [ 1859.876861][T30723] __add_disk+0x457/0xf00 [ 1859.876915][T30723] add_disk_fwnode+0x13f/0x5d0 [ 1859.876965][T30723] loop_add+0x903/0xb70 [ 1859.877001][T30723] ? __pfx_loop_add+0x10/0x10 [ 1859.877066][T30723] ? find_held_lock+0x2b/0x80 [ 1859.877106][T30723] loop_control_ioctl+0x13e/0x630 [ 1859.877144][T30723] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1859.877188][T30723] ? __pfx_loop_control_ioctl+0x10/0x10 [ 1859.877226][T30723] __x64_sys_ioctl+0x18e/0x210 [ 1859.877281][T30723] do_syscall_64+0xcd/0xfa0 [ 1859.877324][T30723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1859.877359][T30723] RIP: 0033:0x7f4a8c98f7c9 [ 1859.877385][T30723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1859.877419][T30723] RSP: 002b:00007f4a8d8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1859.877450][T30723] RAX: ffffffffffffffda RBX: 00007f4a8cbe5fa0 RCX: 00007f4a8c98f7c9 [ 1859.877472][T30723] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 1859.877492][T30723] RBP: 00007f4a8ca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1859.877511][T30723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1859.877531][T30723] R13: 00007f4a8cbe6038 R14: 00007f4a8cbe5fa0 R15: 00007ffcdf69d878 [ 1859.877576][T30723] [ 1860.393814][T30723] kobject: kobject_add_internal failed for loop33 (error: -12 parent: block) [ 1862.465145][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 1862.478436][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 1862.553700][T30779] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5290'. [ 1862.822506][T30785] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1864.206005][T30803] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1865.087587][T30817] svc: failed to register nfsdv3 RPC service (errno 111). [ 1865.106817][T30817] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1865.625579][T30828] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5301'. [ 1867.055478][T30850] warning: `syz.1.5306' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1867.205633][T30850] ptrace attach of "./syz-executor exec"[28130] was attempted by "./syz-executor exec"[30850] [ 1867.218069][T30851] ptrace attach of "./syz-executor exec"[28130] was attempted by "./syz-executor exec"[30851] [ 1867.343932][T30853] FAULT_INJECTION: forcing a failure. [ 1867.343932][T30853] name failslab, interval 1, probability 0, space 0, times 0 [ 1867.420781][T30853] CPU: 0 UID: 0 PID: 30853 Comm: syz.2.5307 Not tainted syzkaller #0 PREEMPT(full) [ 1867.420828][T30853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1867.420849][T30853] Call Trace: [ 1867.420860][T30853] [ 1867.420884][T30853] dump_stack_lvl+0x16c/0x1f0 [ 1867.420933][T30853] should_fail_ex+0x512/0x640 [ 1867.420983][T30853] ? __kmalloc_noprof+0xca/0x880 [ 1867.421020][T30853] should_failslab+0xc2/0x120 [ 1867.421064][T30853] __kmalloc_noprof+0xdd/0x880 [ 1867.421096][T30853] ? snd_midi_event_new+0xa1/0x210 [ 1867.421143][T30853] ? snd_midi_event_new+0xa1/0x210 [ 1867.421179][T30853] snd_midi_event_new+0xa1/0x210 [ 1867.421222][T30853] snd_virmidi_output_open+0x106/0x670 [ 1867.421272][T30853] open_substream+0x480/0x990 [ 1867.421331][T30853] rawmidi_open_priv+0x543/0x6e0 [ 1867.421388][T30853] snd_rawmidi_open+0x4cb/0xbf0 [ 1867.421449][T30853] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1867.421502][T30853] ? __pfx_default_wake_function+0x10/0x10 [ 1867.421542][T30853] ? kobject_get_unless_zero+0x156/0x1e0 [ 1867.421591][T30853] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1867.421643][T30853] snd_open+0x22d/0x4c0 [ 1867.421684][T30853] ? __pfx_snd_open+0x10/0x10 [ 1867.421725][T30853] chrdev_open+0x234/0x6a0 [ 1867.421765][T30853] ? __pfx_apparmor_file_open+0x10/0x10 [ 1867.421816][T30853] ? __pfx_chrdev_open+0x10/0x10 [ 1867.421867][T30853] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1867.421915][T30853] do_dentry_open+0x982/0x1530 [ 1867.421957][T30853] ? __pfx_chrdev_open+0x10/0x10 [ 1867.422007][T30853] vfs_open+0x82/0x3f0 [ 1867.422060][T30853] path_openat+0x1de4/0x2cb0 [ 1867.422112][T30853] ? __pfx_path_openat+0x10/0x10 [ 1867.422153][T30853] ? __lock_acquire+0xb8a/0x1c90 [ 1867.422202][T30853] do_filp_open+0x20b/0x470 [ 1867.422239][T30853] ? __pfx_do_filp_open+0x10/0x10 [ 1867.422308][T30853] ? alloc_fd+0x471/0x7d0 [ 1867.422354][T30853] do_sys_openat2+0x11b/0x1d0 [ 1867.422403][T30853] ? __pfx_do_sys_openat2+0x10/0x10 [ 1867.422472][T30853] __x64_sys_openat+0x174/0x210 [ 1867.422521][T30853] ? __pfx___x64_sys_openat+0x10/0x10 [ 1867.422591][T30853] do_syscall_64+0xcd/0xfa0 [ 1867.422633][T30853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1867.422665][T30853] RIP: 0033:0x7fdc6998f7c9 [ 1867.422690][T30853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1867.422723][T30853] RSP: 002b:00007fdc6a90b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1867.422756][T30853] RAX: ffffffffffffffda RBX: 00007fdc69be5fa0 RCX: 00007fdc6998f7c9 [ 1867.422778][T30853] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1867.422799][T30853] RBP: 00007fdc69a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1867.422819][T30853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1867.422838][T30853] R13: 00007fdc69be6038 R14: 00007fdc69be5fa0 R15: 00007fff2a60aa78 [ 1867.422892][T30853] [ 1867.711617][ C0] vkms_vblank_simulate: vblank timer overrun [ 1867.786921][T30859] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5309'. [ 1867.864822][T30861] svc: failed to register nfsdv3 RPC service (errno 111). [ 1867.873588][T30861] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1868.414562][T30877] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1869.959015][T30889] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5315'. [ 1870.356273][T30893] FAULT_INJECTION: forcing a failure. [ 1870.356273][T30893] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1870.374156][T30893] CPU: 0 UID: 0 PID: 30893 Comm: syz.3.5316 Not tainted syzkaller #0 PREEMPT(full) [ 1870.374191][T30893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1870.374207][T30893] Call Trace: [ 1870.374216][T30893] [ 1870.374226][T30893] dump_stack_lvl+0x16c/0x1f0 [ 1870.374261][T30893] should_fail_ex+0x512/0x640 [ 1870.374304][T30893] get_futex_key+0x1d0/0x1560 [ 1870.374341][T30893] ? __pfx_get_futex_key+0x10/0x10 [ 1870.374372][T30893] ? find_held_lock+0x2b/0x80 [ 1870.374406][T30893] futex_wake+0xea/0x530 [ 1870.374445][T30893] ? __lock_acquire+0xb8a/0x1c90 [ 1870.374477][T30893] ? __pfx_futex_wake+0x10/0x10 [ 1870.374518][T30893] ? find_held_lock+0x2b/0x80 [ 1870.374553][T30893] do_futex+0x1e3/0x350 [ 1870.374588][T30893] ? __pfx_do_futex+0x10/0x10 [ 1870.374625][T30893] ? do_raw_spin_unlock+0x172/0x230 [ 1870.374651][T30893] __x64_sys_futex+0x1e0/0x4c0 [ 1870.374690][T30893] ? __pfx___x64_sys_futex+0x10/0x10 [ 1870.374725][T30893] ? xfd_validate_state+0x61/0x180 [ 1870.374761][T30893] ? __pfx_do_writev+0x10/0x10 [ 1870.374804][T30893] do_syscall_64+0xcd/0xfa0 [ 1870.374838][T30893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1870.374864][T30893] RIP: 0033:0x7f9f27d8f7c9 [ 1870.374883][T30893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1870.374908][T30893] RSP: 002b:00007f9f28c820e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1870.374932][T30893] RAX: ffffffffffffffda RBX: 00007f9f27fe5fa8 RCX: 00007f9f27d8f7c9 [ 1870.374949][T30893] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9f27fe5fac [ 1870.374965][T30893] RBP: 00007f9f27fe5fa0 R08: 00007f9f28c83000 R09: 0000000000000000 [ 1870.374980][T30893] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1870.374996][T30893] R13: 00007f9f27fe6038 R14: 00007ffc648926d0 R15: 00007ffc648927b8 [ 1870.375028][T30893] [ 1870.378920][T13553] Bluetooth: hci2: unexpected event 0x3e length: 920 > 260 [ 1870.578588][T13553] Bluetooth: hci2: unexpected subevent 0x1d length: 919 > 260 [ 1870.600039][T13553] Bluetooth: hci2: Unable to find connection for big 0xd2 [ 1870.854780][T30901] mkiss: ax0: crc mode is auto. [ 1871.060747][T30904] ptp ptp0: new virtual clock ptp1 [ 1871.154441][T30904] ptp ptp0: new virtual clock ptp2 [ 1871.186121][T30904] ptp ptp0: new virtual clock ptp3 [ 1871.191657][T30904] ptp ptp0: guarantee physical clock free running [ 1871.509889][T30913] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1871.787788][T30915] svc: failed to register nfsdv3 RPC service (errno 111). [ 1871.889671][T30915] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1872.177152][T30931] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5322'. [ 1872.883195][T30918] svc: failed to register nfsdv3 RPC service (errno 111). [ 1872.940552][T30918] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1873.751596][T30918] syz.2.5321 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 1873.781868][T30918] CPU: 0 UID: 0 PID: 30918 Comm: syz.2.5321 Not tainted syzkaller #0 PREEMPT(full) [ 1873.781912][T30918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1873.781930][T30918] Call Trace: [ 1873.781940][T30918] [ 1873.781953][T30918] dump_stack_lvl+0x16c/0x1f0 [ 1873.781999][T30918] dump_header+0x101/0x930 [ 1873.782037][T30918] oom_kill_process+0x272/0xa40 [ 1873.782076][T30918] out_of_memory+0x350/0x1700 [ 1873.782119][T30918] ? __pfx_out_of_memory+0x10/0x10 [ 1873.782165][T30918] mem_cgroup_out_of_memory+0x118/0x130 [ 1873.782221][T30918] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1873.782300][T30918] ? do_raw_spin_unlock+0x172/0x230 [ 1873.782337][T30918] try_charge_memcg+0x695/0xd30 [ 1873.782389][T30918] ? __pfx_try_charge_memcg+0x10/0x10 [ 1873.782441][T30918] ? find_held_lock+0x2b/0x80 [ 1873.782482][T30918] charge_memcg+0x8a/0x230 [ 1873.782530][T30918] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 1873.782585][T30918] __read_swap_cache_async+0x397/0x500 [ 1873.782627][T30918] ? __pfx___read_swap_cache_async+0x10/0x10 [ 1873.782664][T30918] ? mlock_drain_local+0x140/0x4f0 [ 1873.782713][T30918] swap_cluster_readahead+0x432/0x770 [ 1873.782760][T30918] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 1873.782821][T30918] ? lock_acquire+0x179/0x350 [ 1873.782865][T30918] ? get_vma_policy+0x242/0x3c0 [ 1873.782918][T30918] swapin_readahead+0x160/0x1180 [ 1873.782967][T30918] ? __pfx_swapin_readahead+0x10/0x10 [ 1873.783003][T30918] ? find_held_lock+0x2b/0x80 [ 1873.783036][T30918] ? swap_cache_get_folio+0x267/0x8e0 [ 1873.783069][T30918] ? swap_cache_get_folio+0x267/0x8e0 [ 1873.783099][T30918] ? swap_cache_get_folio+0x267/0x8e0 [ 1873.783135][T30918] ? swap_cache_get_folio+0x267/0x8e0 [ 1873.783167][T30918] ? swap_cache_get_folio+0x1f/0x8e0 [ 1873.783197][T30918] ? swap_cache_get_folio+0x293/0x8e0 [ 1873.783232][T30918] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 1873.783273][T30918] ? __pfx_get_swap_device+0x10/0x10 [ 1873.783316][T30918] ? do_swap_page+0x125/0x6340 [ 1873.783365][T30918] ? do_swap_page+0x86c/0x6340 [ 1873.783405][T30918] do_swap_page+0x86c/0x6340 [ 1873.783470][T30918] ? __pfx_do_swap_page+0x10/0x10 [ 1873.783518][T30918] ? __pfx_default_wake_function+0x10/0x10 [ 1873.783554][T30918] ? __lock_acquire+0x622/0x1c90 [ 1873.783601][T30918] ? rcu_is_watching+0x12/0xc0 [ 1873.783636][T30918] ? ___pte_offset_map+0x2ad/0x4f0 [ 1873.783686][T30918] __handle_mm_fault+0x17d1/0x2aa0 [ 1873.783752][T30918] ? __pfx___handle_mm_fault+0x10/0x10 [ 1873.783811][T30918] ? lock_vma_under_rcu+0x176/0x580 [ 1873.783878][T30918] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1873.783945][T30918] handle_mm_fault+0x589/0xd10 [ 1873.783997][T30918] ? __pkru_allows_pkey+0x21/0xb0 [ 1873.784049][T30918] do_user_addr_fault+0x60c/0x1370 [ 1873.784086][T30918] ? rcu_is_watching+0x12/0xc0 [ 1873.784122][T30918] exc_page_fault+0x64/0xc0 [ 1873.784155][T30918] asm_exc_page_fault+0x26/0x30 [ 1873.784180][T30918] RIP: 0033:0x7fdc6985eeeb [ 1873.784200][T30918] Code: d7 82 de 1b 43 48 89 d0 48 f7 64 24 58 48 8d 3d b3 64 1b 00 31 c0 41 8b 36 48 c1 ea 12 48 01 ca 48 89 e9 48 2b 15 fd 67 eb 00 80 f0 fe ff 49 83 be 88 00 00 00 ff 0f 84 a2 01 00 00 80 3d e0 [ 1873.784225][T30918] RSP: 002b:00007fdc6a90b060 EFLAGS: 00010216 [ 1873.784245][T30918] RAX: 0000000000000000 RBX: 0000000000000030 RCX: 00007fdc69a0c828 [ 1873.784269][T30918] RDX: 000000000002387b RSI: 0000000000000000 RDI: 00007fdc69a15388 [ 1873.784285][T30918] RBP: 00007fdc69a0c828 R08: 0000000000000030 R09: 00007fdc6a90c000 [ 1873.784301][T30918] R10: 0000000000000001 R11: 001f5f318048651f R12: 0000000000000000 [ 1873.784317][T30918] R13: 00007fdc69be6038 R14: 00007fdc69be5fa0 R15: 00007fff2a60aa78 [ 1873.784350][T30918] [ 1874.223282][T30918] memory: usage 3072kB, limit 3072kB, failcnt 23447 [ 1874.229965][T30918] memory+swap: usage 5492kB, limit 9007199254740988kB, failcnt 0 [ 1874.238751][T30918] kmem: usage 2996kB, limit 9007199254740988kB, failcnt 0 [ 1874.284329][T30918] Memory cgroup stats for /syz2: [ 1874.284704][T30918] cache 0 [ 1874.295625][T30918] rss 0 [ 1874.298512][T30918] rss_huge 0 [ 1874.320913][T30918] shmem 0 [ 1874.325933][T30918] mapped_file 0 [ 1874.329507][T30918] dirty 0 [ 1874.335339][T30918] writeback 0 [ 1874.338796][T30918] workingset_refault_anon 10449 [ 1874.344176][T30918] workingset_refault_file 10669 [ 1874.350819][T30918] swap 2478080 [ 1874.354260][T30918] swapcached 77824 [ 1874.358222][T30918] pgpgin 1155935 [ 1874.362001][T30918] pgpgout 1162070 [ 1874.365673][T30918] pgfault 2148152 [ 1874.369322][T30918] pgmajfault 3328 [ 1874.373150][T30918] inactive_anon 77824 [ 1874.377182][T30918] active_anon 0 [ 1874.380703][T30918] inactive_file 0 syzkaller[ 1874.386090][T30918] active_file 0 syzkaller log[ 1874.390137][T30918] unevictable 0 in: [ 1874.396173][T30918] hierarchical_memory_limit 3145728 [ 1874.401984][T30918] hierarchical_memsw_limit 9223372036854771712 [ 1874.408284][T30918] total_cache 0 [ 1874.411880][T30918] total_rss 0 [ 1874.416012][T30918] total_rss_huge 0 [ 1874.419868][T30918] total_shmem 0 [ 1874.423551][T30918] total_mapped_file 0 [ 1874.427545][T30918] total_dirty 0 [ 1874.433171][T30918] total_writeback 0 [ 1874.437013][T30918] total_workingset_refault_anon 10449 [ 1874.442533][T30918] total_workingset_refault_file 10669 [ 1874.447932][T30918] total_swap 2478080 [ 1874.451865][T30918] total_swapcached 77824 [ 1874.456230][T30918] total_pgpgin 1155935 [ 1874.460496][T30918] total_pgpgout 1162070 [ 1874.464669][T30918] total_pgfault 2148152 [ 1874.468943][T30918] total_pgmajfault 3328 [ 1874.473175][T30918] total_inactive_anon 77824 [ 1874.477689][T30918] total_active_anon 0 [ 1874.481813][T30918] total_inactive_file 0 [ 1874.486005][T30918] total_active_file 0 [ 1874.490036][T30918] total_unevictable 0 [ 1874.494132][T30918] anon_cost 0 [ 1874.498342][T30918] file_cost 0 [ 1874.501727][T30918] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5321,pid=30917,uid=0 [ 1874.516894][T30918] Memory cgroup out of memory: Killed process 30917 (syz.2.5321) total-vm:141408kB, anon-rss:1140kB, file-rss:26584kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1875.257539][T30954] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1876.961001][T30973] random: crng reseeded on system resumption [ 1877.480958][T30986] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 1877.553621][T30980] svc: failed to register nfsdv3 RPC service (errno 111). [ 1877.571067][T30986] CPU: 0 UID: 0 PID: 30986 Comm: syz.0.5336 Not tainted syzkaller #0 PREEMPT(full) [ 1877.571109][T30986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1877.571125][T30986] Call Trace: [ 1877.571134][T30986] [ 1877.571144][T30986] dump_stack_lvl+0x16c/0x1f0 [ 1877.571179][T30986] sysfs_warn_dup+0x7f/0xa0 [ 1877.571211][T30986] sysfs_do_create_link_sd+0x124/0x140 [ 1877.571246][T30986] sysfs_create_link+0x61/0xc0 [ 1877.571280][T30986] device_add+0x62c/0x1aa0 [ 1877.571322][T30986] ? __pfx_device_add+0x10/0x10 [ 1877.571358][T30986] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1877.571401][T30986] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 1877.571436][T30986] wiphy_register+0x1eb0/0x2b20 [ 1877.571469][T30986] ? netdev_run_todo+0x864/0x1320 [ 1877.571504][T30986] ? __pfx_wiphy_register+0x10/0x10 [ 1877.571554][T30986] ieee80211_register_hw+0x253d/0x4120 [ 1877.571600][T30986] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1877.571635][T30986] ? __pfx___debug_object_init+0x10/0x10 [ 1877.571671][T30986] ? find_held_lock+0x2b/0x80 [ 1877.571696][T30986] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1877.571737][T30986] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1877.571770][T30986] ? __hrtimer_setup+0x176/0x280 [ 1877.571811][T30986] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 1877.571855][T30986] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1877.571891][T30986] hwsim_new_radio_nl+0xba2/0x1330 [ 1877.571920][T30986] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1877.571956][T30986] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1877.571989][T30986] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1877.572037][T30986] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1877.572078][T30986] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1877.572119][T30986] ? bpf_lsm_capable+0x9/0x10 [ 1877.572151][T30986] ? security_capable+0x7e/0x260 [ 1877.572186][T30986] ? ns_capable+0xd7/0x110 [ 1877.572214][T30986] genl_rcv_msg+0x55c/0x800 [ 1877.572248][T30986] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1877.572281][T30986] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1877.572320][T30986] netlink_rcv_skb+0x158/0x420 [ 1877.572347][T30986] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1877.572379][T30986] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1877.572422][T30986] ? netlink_deliver_tap+0x1ae/0xd30 [ 1877.572451][T30986] genl_rcv+0x28/0x40 [ 1877.572479][T30986] netlink_unicast+0x5aa/0x870 [ 1877.572510][T30986] ? __pfx_netlink_unicast+0x10/0x10 [ 1877.572537][T30986] ? __pfx___might_resched+0x10/0x10 [ 1877.572573][T30986] netlink_sendmsg+0x8c8/0xdd0 [ 1877.572606][T30986] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1877.572636][T30986] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1877.572679][T30986] ____sys_sendmsg+0xa98/0xc70 [ 1877.572713][T30986] ? copy_msghdr_from_user+0x10a/0x160 [ 1877.572738][T30986] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1877.572768][T30986] ? preempt_schedule_thunk+0x16/0x30 [ 1877.572814][T30986] ? try_to_wake_up+0xa67/0x1870 [ 1877.572844][T30986] ___sys_sendmsg+0x134/0x1d0 [ 1877.572867][T30986] ? find_held_lock+0x2b/0x80 [ 1877.572894][T30986] ? __pfx____sys_sendmsg+0x10/0x10 [ 1877.572916][T30986] ? __lock_acquire+0x622/0x1c90 [ 1877.572987][T30986] __sys_sendmsg+0x16d/0x220 [ 1877.573019][T30986] ? __pfx___sys_sendmsg+0x10/0x10 [ 1877.573044][T30986] ? __x64_sys_futex+0x1e0/0x4c0 [ 1877.573098][T30986] do_syscall_64+0xcd/0xfa0 [ 1877.573132][T30986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1877.573157][T30986] RIP: 0033:0x7f3ab0d8f7c9 [ 1877.573177][T30986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1877.573201][T30986] RSP: 002b:00007f3ab1c94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1877.573225][T30986] RAX: ffffffffffffffda RBX: 00007f3ab0fe5fa0 RCX: 00007f3ab0d8f7c9 [ 1877.573242][T30986] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1877.573258][T30986] RBP: 00007f3ab0e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1877.573273][T30986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1877.573289][T30986] R13: 00007f3ab0fe6038 R14: 00007f3ab0fe5fa0 R15: 00007ffe0d3b8e68 [ 1877.573322][T30986] [ 1878.151015][T30980] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1878.970822][T31007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5337'. [ 1880.621354][T31016] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5340'. [ 1880.942454][T31012] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1881.208183][T31040] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1881.772199][T31045] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1882.976787][T31055] random: crng reseeded on system resumption [ 1887.366383][T31108] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 1887.455721][ T30] audit: type=1800 audit(1843106817.042:18): pid=31108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5363" name="lu_gp_id" dev="configfs" ino=119952 res=0 errno=0 [ 1887.483962][T31108] kstrtoul() returned -22 for lu_gp_id [ 1888.946762][T31140] random: crng reseeded on system resumption [ 1889.683059][T31153] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1889.951173][T28914] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1890.288808][T28914] CPU: 1 UID: 0 PID: 28914 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1890.288853][T28914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1890.288868][T28914] Call Trace: [ 1890.288877][T28914] [ 1890.288886][T28914] dump_stack_lvl+0x16c/0x1f0 [ 1890.288921][T28914] dump_header+0x101/0x930 [ 1890.288948][T28914] oom_kill_process+0x272/0xa40 [ 1890.288977][T28914] out_of_memory+0x350/0x1700 [ 1890.289008][T28914] ? __pfx_out_of_memory+0x10/0x10 [ 1890.289041][T28914] mem_cgroup_out_of_memory+0x118/0x130 [ 1890.289087][T28914] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1890.289133][T28914] ? do_raw_spin_unlock+0x172/0x230 [ 1890.289161][T28914] try_charge_memcg+0x695/0xd30 [ 1890.289199][T28914] ? __pfx_try_charge_memcg+0x10/0x10 [ 1890.289237][T28914] ? find_held_lock+0x2b/0x80 [ 1890.289267][T28914] charge_memcg+0x8a/0x230 [ 1890.289299][T28914] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 1890.289342][T28914] __read_swap_cache_async+0x397/0x500 [ 1890.289373][T28914] ? __pfx___read_swap_cache_async+0x10/0x10 [ 1890.289400][T28914] ? __lock_acquire+0xb8a/0x1c90 [ 1890.289436][T28914] ? __xa_erase+0xee/0x150 [ 1890.289483][T28914] swap_cluster_readahead+0x432/0x770 [ 1890.289516][T28914] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 1890.289550][T28914] ? css_rstat_updated+0x1c2/0x510 [ 1890.289588][T28914] ? get_vma_policy+0x242/0x3c0 [ 1890.289626][T28914] swapin_readahead+0x160/0x1180 [ 1890.289662][T28914] ? __pfx_swapin_readahead+0x10/0x10 [ 1890.289688][T28914] ? find_held_lock+0x2b/0x80 [ 1890.289712][T28914] ? swap_cache_get_folio+0x267/0x8e0 [ 1890.289734][T28914] ? swap_cache_get_folio+0x267/0x8e0 [ 1890.289756][T28914] ? swap_cache_get_folio+0x267/0x8e0 [ 1890.289782][T28914] ? swap_cache_get_folio+0x267/0x8e0 [ 1890.289805][T28914] ? swap_cache_get_folio+0x1f/0x8e0 [ 1890.289832][T28914] ? swap_cache_get_folio+0x293/0x8e0 [ 1890.289857][T28914] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 1890.289880][T28914] ? __pfx_get_swap_device+0x10/0x10 [ 1890.289914][T28914] ? do_swap_page+0x125/0x6340 [ 1890.289951][T28914] ? do_swap_page+0x86c/0x6340 [ 1890.289982][T28914] do_swap_page+0x86c/0x6340 [ 1890.290029][T28914] ? __pfx_do_swap_page+0x10/0x10 [ 1890.290065][T28914] ? __pfx_default_wake_function+0x10/0x10 [ 1890.290097][T28914] ? __lock_acquire+0x622/0x1c90 [ 1890.290133][T28914] ? rcu_is_watching+0x12/0xc0 [ 1890.290160][T28914] ? ___pte_offset_map+0x2ad/0x4f0 [ 1890.290196][T28914] __handle_mm_fault+0x17d1/0x2aa0 [ 1890.290244][T28914] ? __pfx___handle_mm_fault+0x10/0x10 [ 1890.290288][T28914] ? lock_vma_under_rcu+0x176/0x580 [ 1890.290336][T28914] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1890.290374][T28914] ? get_timespec64+0x136/0x1b0 [ 1890.290413][T28914] handle_mm_fault+0x589/0xd10 [ 1890.290453][T28914] ? __pkru_allows_pkey+0x21/0xb0 [ 1890.290493][T28914] do_user_addr_fault+0x60c/0x1370 [ 1890.290520][T28914] ? rcu_is_watching+0x12/0xc0 [ 1890.290549][T28914] exc_page_fault+0x64/0xc0 [ 1890.290579][T28914] asm_exc_page_fault+0x26/0x30 [ 1890.290603][T28914] RIP: 0033:0x7fdc699c2088 [ 1890.290623][T28914] Code: 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f [ 1890.290647][T28914] RSP: 002b:00007fff2a60ad90 EFLAGS: 00010293 [ 1890.290666][T28914] RAX: 0000000000000000 RBX: 0000000000000165 RCX: 00007fdc699c2085 [ 1890.290682][T28914] RDX: 00007fff2a60add0 RSI: 0000000000000000 RDI: 0000000000000000 [ 1890.290697][T28914] RBP: 00007fff2a60ae3c R08: 0000000000000000 R09: 0000000000000000 [ 1890.290712][T28914] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388 [ 1890.290727][T28914] R13: 00000000000927c0 R14: 00000000001cd56a R15: 00007fff2a60ae90 [ 1890.290758][T28914] [ 1890.752394][T28914] memory: usage 3072kB, limit 3072kB, failcnt 27952 [ 1890.759192][T28914] memory+swap: usage 3548kB, limit 9007199254740988kB, failcnt 0 [ 1890.768170][T28914] kmem: usage 2280kB, limit 9007199254740988kB, failcnt 0 [ 1890.777295][T28914] Memory cgroup stats for /syz2: [ 1890.777498][T28914] cache 532480 [ 1890.786851][T28914] rss 204800 [ 1890.790061][T28914] rss_huge 0 [ 1890.793261][T28914] shmem 4096 [ 1890.797467][T28914] mapped_file 4096 [ 1890.801967][T28914] dirty 0 [ 1890.804986][T28914] writeback 0 [ 1890.808277][T28914] workingset_refault_anon 11014 [ 1890.813126][T28914] workingset_refault_file 10836 [ 1890.818033][T28914] swap 487424 [ 1890.821319][T28914] swapcached 73728 [ 1890.825060][T28914] pgpgin 1164152 [ 1890.828603][T28914] pgpgout 1170108 [ 1890.832233][T28914] pgfault 2162570 [ 1890.835922][T28914] pgmajfault 3616 [ 1890.839561][T28914] inactive_anon 73728 [ 1890.843540][T28914] active_anon 0 [ 1890.847060][T28914] inactive_file 81920 [ 1890.851045][T28914] active_file 184320 [ 1890.855001][T28914] unevictable 208896 [ 1890.858904][T28914] hierarchical_memory_limit 3145728 [ 1890.864101][T28914] hierarchical_memsw_limit 9223372036854771712 [ 1890.870538][T28914] total_cache 532480 [ 1890.874559][T28914] total_rss 204800 [ 1890.878313][T28914] total_rss_huge 0 [ 1890.882038][T28914] total_shmem 4096 [ 1890.885802][T28914] total_mapped_file 4096 [ 1890.890050][T28914] total_dirty 0 [ 1890.893534][T28914] total_writeback 0 [ 1890.898409][T28914] total_workingset_refault_anon 11014 [ 1890.903797][T28914] total_workingset_refault_file 10836 [ 1890.909211][T28914] total_swap 487424 [ 1890.913030][T28914] total_swapcached 73728 [ 1890.917371][T28914] total_pgpgin 1164152 [ 1890.921450][T28914] total_pgpgout 1170108 [ 1890.925659][T28914] total_pgfault 2162570 [ 1890.929877][T28914] total_pgmajfault 3616 [ 1890.934042][T28914] total_inactive_anon 73728 [ 1890.938635][T28914] total_active_anon 0 [ 1890.942632][T28914] total_inactive_file 81920 [ 1890.947201][T28914] total_active_file 184320 [ 1890.951630][T28914] total_unevictable 208896 [ 1890.956093][T28914] anon_cost 0 [ 1890.959387][T28914] file_cost 0 [ 1890.962673][T28914] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5364,pid=31114,uid=0 [ 1890.977698][T28914] Memory cgroup out of memory: Killed process 31114 (syz.2.5364) total-vm:146028kB, anon-rss:1268kB, file-rss:26848kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1891.723085][T31180] zero sized request [ 1891.737418][T31180] mtrr: base(0x400000) is not aligned on a size(0x0000) boundary [ 1891.759053][T31182] random: crng reseeded on system resumption [ 1892.616108][T31200] random: crng reseeded on system resumption [ 1893.029338][ T32] oom_reaper: reaped process 31114 (syz.2.5364), now anon-rss:96kB, file-rss:25728kB, shmem-rss:0kB [ 1893.090722][T31207] ubi0: attaching mtd0 [ 1893.106755][T31207] ubi0: scanning is finished [ 1893.115713][T31207] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1893.312952][T31207] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1893.808333][T31212] MTRR 0 not used [ 1893.823308][T31119] syz.2.5364 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=1, oom_score_adj=1000 [ 1893.879748][T31119] CPU: 1 UID: 0 PID: 31119 Comm: syz.2.5364 Not tainted syzkaller #0 PREEMPT(full) [ 1893.879796][T31119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1893.879816][T31119] Call Trace: [ 1893.879830][T31119] [ 1893.879843][T31119] dump_stack_lvl+0x16c/0x1f0 [ 1893.879893][T31119] dump_header+0x101/0x930 [ 1893.879935][T31119] oom_kill_process+0x272/0xa40 [ 1893.879974][T31119] out_of_memory+0x350/0x1700 [ 1893.880021][T31119] ? __pfx_out_of_memory+0x10/0x10 [ 1893.880070][T31119] mem_cgroup_out_of_memory+0x118/0x130 [ 1893.880128][T31119] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1893.880194][T31119] ? do_raw_spin_unlock+0x172/0x230 [ 1893.880234][T31119] try_charge_memcg+0x695/0xd30 [ 1893.880288][T31119] ? __pfx_try_charge_memcg+0x10/0x10 [ 1893.880334][T31119] ? find_held_lock+0x2b/0x80 [ 1893.880371][T31119] ? rcu_read_unlock+0x17/0x60 [ 1893.880431][T31119] obj_cgroup_charge_account+0x292/0x500 [ 1893.880486][T31119] __memcg_slab_post_alloc_hook+0x2ea/0x940 [ 1893.880542][T31119] ? kasan_unpoison+0x27/0x60 [ 1893.880586][T31119] __kmalloc_node_track_caller_noprof+0x698/0x8a0 [ 1893.880633][T31119] ? __pfx___register_sysctl_table+0x10/0x10 [ 1893.880686][T31119] ? __devinet_sysctl_register+0xbc/0x360 [ 1893.880752][T31119] ? kmemdup_noprof+0x29/0x60 [ 1893.880791][T31119] kmemdup_noprof+0x29/0x60 [ 1893.880829][T31119] __devinet_sysctl_register+0xbc/0x360 [ 1893.880879][T31119] ? __pfx_neigh_sysctl_register+0x10/0x10 [ 1893.880912][T31119] ? inetdev_init+0x245/0x5a0 [ 1893.880955][T31119] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 1893.881005][T31119] ? copy_net_ns+0x2f8/0x690 [ 1893.881041][T31119] ? create_new_namespaces+0x3ea/0xa90 [ 1893.881078][T31119] ? unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1893.881118][T31119] ? ksys_unshare+0x45b/0xa40 [ 1893.881162][T31119] ? __x64_sys_unshare+0x31/0x40 [ 1893.881207][T31119] ? do_syscall_64+0xcd/0xfa0 [ 1893.881248][T31119] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1893.881289][T31119] devinet_sysctl_register+0x17b/0x200 [ 1893.881340][T31119] inetdev_init+0x2b8/0x5a0 [ 1893.881388][T31119] inetdev_event+0xc5f/0x18a0 [ 1893.881437][T31119] ? ib_netdevice_event+0xfc/0x330 [ 1893.881473][T31119] ? __pfx_inetdev_event+0x10/0x10 [ 1893.881521][T31119] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1893.881587][T31119] notifier_call_chain+0xbc/0x410 [ 1893.881632][T31119] ? __pfx_inetdev_event+0x10/0x10 [ 1893.881687][T31119] call_netdevice_notifiers_info+0xbe/0x140 [ 1893.881744][T31119] register_netdevice+0x182e/0x2270 [ 1893.881794][T31119] ? __pfx_register_netdevice+0x10/0x10 [ 1893.881849][T31119] __ip_tunnel_create+0x540/0x6e0 [ 1893.881896][T31119] ? __pfx___ip_tunnel_create+0x10/0x10 [ 1893.881954][T31119] ip_tunnel_init_net+0x22f/0x7d0 [ 1893.882006][T31119] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 1893.882063][T31119] ? ops_init+0x77/0x5f0 [ 1893.882101][T31119] ? __pfx_ipip_init_net+0x10/0x10 [ 1893.882149][T31119] ops_init+0x1e2/0x5f0 [ 1893.882190][T31119] setup_net+0x100/0x390 [ 1893.882227][T31119] ? __pfx_setup_net+0x10/0x10 [ 1893.882267][T31119] ? debug_mutex_init+0x37/0x70 [ 1893.882308][T31119] copy_net_ns+0x2f8/0x690 [ 1893.882353][T31119] create_new_namespaces+0x3ea/0xa90 [ 1893.882404][T31119] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1893.882455][T31119] ksys_unshare+0x45b/0xa40 [ 1893.882499][T31119] ? __pfx_ksys_unshare+0x10/0x10 [ 1893.882541][T31119] ? xfd_validate_state+0x61/0x180 [ 1893.882602][T31119] __x64_sys_unshare+0x31/0x40 [ 1893.882647][T31119] do_syscall_64+0xcd/0xfa0 [ 1893.882692][T31119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1893.882728][T31119] RIP: 0033:0x7fdc6998f7c9 [ 1893.882771][T31119] Code: Unable to access opcode bytes at 0x7fdc6998f79f. [ 1893.882787][T31119] RSP: 002b:00007fdc6a8c9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1893.882820][T31119] RAX: ffffffffffffffda RBX: 00007fdc69be6180 RCX: 00007fdc6998f7c9 [ 1893.882842][T31119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1893.882859][T31119] RBP: 00007fdc69a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1893.882880][T31119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1893.882899][T31119] R13: 00007fdc69be6218 R14: 00007fdc69be6180 R15: 00007fff2a60aa78 [ 1893.882948][T31119] [ 1893.883221][T31119] memory: usage 3068kB, limit 3072kB, failcnt 28190 [ 1894.379742][T31119] memory+swap: usage 3576kB, limit 9007199254740988kB, failcnt 0 [ 1894.399892][T31119] kmem: usage 2476kB, limit 9007199254740988kB, failcnt 0 [ 1894.426323][T31119] Memory cgroup stats for /syz2: [ 1894.426602][T31119] cache 532480 [ 1894.450803][T31119] rss 0 [ 1894.460482][T31119] rss_huge 0 [ 1894.474305][T31119] shmem 4096 [ 1894.489676][T31119] mapped_file 4096 [ 1894.493473][T31119] dirty 0 [ 1894.512966][T31119] writeback 0 [ 1894.521354][T31119] workingset_refault_anon 11034 [ 1894.545536][T31119] workingset_refault_file 10836 [ 1894.550472][T31119] swap 520192 [ 1894.553844][T31119] swapcached 73728 [ 1894.567763][T31119] pgpgin 1164172 [ 1894.571379][T31119] pgpgout 1170178 [ 1894.575055][T31119] pgfault 2162591 [ 1894.605167][T31119] pgmajfault 3635 [ 1894.608884][T31119] inactive_anon 73728 [ 1894.612907][T31119] active_anon 0 [ 1894.618586][T31119] inactive_file 528384 [ 1894.623168][T31119] active_file 0 [ 1894.627223][T31119] unevictable 4096 [ 1894.630994][T31119] hierarchical_memory_limit 3145728 [ 1894.644937][T31119] hierarchical_memsw_limit 9223372036854771712 [ 1894.651249][T31119] total_cache 532480 [ 1894.664896][T31119] total_rss 0 [ 1894.675048][T31119] total_rss_huge 0 [ 1894.678847][T31119] total_shmem 4096 [ 1894.685150][T31119] total_mapped_file 4096 [ 1894.709200][T31119] total_dirty 0 [ 1894.712751][T31119] total_writeback 0 [ 1894.724568][T31119] total_workingset_refault_anon 11034 [ 1894.730097][T31119] total_workingset_refault_file 10836 [ 1894.744448][T31119] total_swap 520192 [ 1894.748336][T31119] total_swapcached 73728 [ 1894.752607][T31119] total_pgpgin 1164172 [ 1894.774286][T31119] total_pgpgout 1170178 [ 1894.778524][T31119] total_pgfault 2162591 [ 1894.782725][T31119] total_pgmajfault 3635 [ 1894.794156][T31119] total_inactive_anon 73728 [ 1894.798742][T31119] total_active_anon 0 [ 1894.802760][T31119] total_inactive_file 528384 [ 1894.863890][T31119] total_active_file 0 [ 1894.868048][T31119] total_unevictable 4096 [ 1894.907129][T31119] anon_cost 0 [ 1894.910597][T31119] file_cost 0 [ 1894.917118][T31119] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5349,pid=31050,uid=0 [ 1894.938401][T31119] Memory cgroup out of memory: Killed process 31050 (syz.2.5349) total-vm:101964kB, anon-rss:1168kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:100kB oom_score_adj:1000 [ 1895.879747][T31231] svc: failed to register nfsdv3 RPC service (errno 111). [ 1895.905711][T31231] svc: failed to register nfsaclv3 RPC service (errno 111). [ 1896.675568][T31243] random: crng reseeded on system resumption [ 1898.277299][T31260] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1898.317658][T31260] FAULT_INJECTION: forcing a failure. [ 1898.317658][T31260] name failslab, interval 1, probability 0, space 0, times 0 [ 1898.357138][T31260] CPU: 1 UID: 0 PID: 31260 Comm: syz.2.5390 Not tainted syzkaller #0 PREEMPT(full) [ 1898.357194][T31260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1898.357214][T31260] Call Trace: [ 1898.357225][T31260] [ 1898.357239][T31260] dump_stack_lvl+0x16c/0x1f0 [ 1898.357283][T31260] should_fail_ex+0x512/0x640 [ 1898.357331][T31260] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1898.357368][T31260] should_failslab+0xc2/0x120 [ 1898.357412][T31260] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1898.357445][T31260] ? ptlock_alloc+0x1f/0x70 [ 1898.357501][T31260] ? ptlock_alloc+0x1f/0x70 [ 1898.357545][T31260] ptlock_alloc+0x1f/0x70 [ 1898.357593][T31260] pte_alloc_one+0x84/0x350 [ 1898.357628][T31260] __pte_alloc+0x6d/0x380 [ 1898.357667][T31260] ? __pfx___pte_alloc+0x10/0x10 [ 1898.357706][T31260] ? walk_pgd_range+0x13b4/0x1f50 [ 1898.357747][T31260] walk_pgd_range+0xb84/0x1f50 [ 1898.357785][T31260] ? __pfx_guard_install_set_pte+0x10/0x10 [ 1898.357825][T31260] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 1898.357869][T31260] ? __pfx_guard_install_set_pte+0x10/0x10 [ 1898.357915][T31260] ? __pfx_guard_install_set_pte+0x10/0x10 [ 1898.357958][T31260] ? __pfx_guard_install_set_pte+0x10/0x10 [ 1898.358000][T31260] ? __pfx_walk_pgd_range+0x10/0x10 [ 1898.358037][T31260] ? __lock_acquire+0xb8a/0x1c90 [ 1898.358084][T31260] __walk_page_range+0x163/0x820 [ 1898.358121][T31260] ? find_vma+0xbf/0x140 [ 1898.358165][T31260] ? __pfx_find_vma+0x10/0x10 [ 1898.358208][T31260] ? walk_page_test+0x9b/0x180 [ 1898.358244][T31260] walk_page_range_mm+0x461/0xb40 [ 1898.358286][T31260] ? __pfx_walk_page_range_mm+0x10/0x10 [ 1898.358332][T31260] ? __anon_vma_prepare+0x2e2/0x5e0 [ 1898.358388][T31260] madvise_vma_behavior+0xa54/0x2d50 [ 1898.358440][T31260] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 1898.358480][T31260] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1898.358528][T31260] ? mas_prev+0x9b/0xf0 [ 1898.358567][T31260] ? __pfx_mas_prev+0x10/0x10 [ 1898.358618][T31260] ? find_vma_prev+0xd3/0x150 [ 1898.358660][T31260] ? __pfx_find_vma_prev+0x10/0x10 [ 1898.358713][T31260] ? preempt_schedule_common+0x44/0xc0 [ 1898.358757][T31260] madvise_walk_vmas+0x31f/0x9c0 [ 1898.358809][T31260] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1898.358868][T31260] madvise_do_behavior+0x1e2/0x530 [ 1898.358913][T31260] ? futex_private_hash_put+0xd5/0x190 [ 1898.358955][T31260] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1898.359004][T31260] ? down_read+0x13d/0x480 [ 1898.359053][T31260] ? rcu_is_watching+0x12/0xc0 [ 1898.359099][T31260] do_madvise+0x176/0x240 [ 1898.359145][T31260] ? __pfx_do_madvise+0x10/0x10 [ 1898.359197][T31260] ? do_futex+0x122/0x350 [ 1898.359250][T31260] ? __pfx___might_resched+0x10/0x10 [ 1898.359300][T31260] ? xfd_validate_state+0x61/0x180 [ 1898.359354][T31260] __x64_sys_madvise+0xa9/0x110 [ 1898.359399][T31260] ? lockdep_hardirqs_on+0x7c/0x110 [ 1898.359439][T31260] do_syscall_64+0xcd/0xfa0 [ 1898.359481][T31260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1898.359514][T31260] RIP: 0033:0x7fdc6998f7c9 [ 1898.359540][T31260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1898.359571][T31260] RSP: 002b:00007fdc6a90b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1898.359602][T31260] RAX: ffffffffffffffda RBX: 00007fdc69be5fa0 RCX: 00007fdc6998f7c9 [ 1898.359625][T31260] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 1898.359646][T31260] RBP: 00007fdc69a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1898.359666][T31260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1898.359686][T31260] R13: 00007fdc69be6038 R14: 00007fdc69be5fa0 R15: 00007fff2a60aa78 [ 1898.359731][T31260] [ 1899.535711][T31277] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 1899.607569][T31277] CPU: 1 UID: 0 PID: 31277 Comm: syz.0.5395 Not tainted syzkaller #0 PREEMPT(full) [ 1899.607615][T31277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1899.607636][T31277] Call Trace: [ 1899.607648][T31277] [ 1899.607662][T31277] dump_stack_lvl+0x16c/0x1f0 [ 1899.607709][T31277] sysfs_warn_dup+0x7f/0xa0 [ 1899.607750][T31277] sysfs_do_create_link_sd+0x124/0x140 [ 1899.607794][T31277] sysfs_create_link+0x61/0xc0 [ 1899.607838][T31277] device_add+0x62c/0x1aa0 [ 1899.607894][T31277] ? __pfx_device_add+0x10/0x10 [ 1899.607956][T31277] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1899.608018][T31277] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 1899.608068][T31277] wiphy_register+0x1eb0/0x2b20 [ 1899.608114][T31277] ? netdev_run_todo+0x864/0x1320 [ 1899.608164][T31277] ? __pfx_wiphy_register+0x10/0x10 [ 1899.608234][T31277] ieee80211_register_hw+0x253d/0x4120 [ 1899.608299][T31277] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1899.608354][T31277] ? __pfx___debug_object_init+0x10/0x10 [ 1899.608407][T31277] ? find_held_lock+0x2b/0x80 [ 1899.608444][T31277] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1899.608499][T31277] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1899.608544][T31277] ? __hrtimer_setup+0x176/0x280 [ 1899.608601][T31277] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 1899.608664][T31277] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1899.608725][T31277] hwsim_new_radio_nl+0xba2/0x1330 [ 1899.608769][T31277] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1899.608827][T31277] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1899.608876][T31277] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1899.608933][T31277] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1899.608993][T31277] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1899.609053][T31277] ? bpf_lsm_capable+0x9/0x10 [ 1899.609097][T31277] ? security_capable+0x7e/0x260 [ 1899.609147][T31277] ? ns_capable+0xd7/0x110 [ 1899.609188][T31277] genl_rcv_msg+0x55c/0x800 [ 1899.609234][T31277] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1899.609277][T31277] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1899.609330][T31277] netlink_rcv_skb+0x158/0x420 [ 1899.609366][T31277] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1899.609411][T31277] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1899.609466][T31277] ? netlink_deliver_tap+0x1ae/0xd30 [ 1899.609509][T31277] genl_rcv+0x28/0x40 [ 1899.609545][T31277] netlink_unicast+0x5aa/0x870 [ 1899.609589][T31277] ? __pfx_netlink_unicast+0x10/0x10 [ 1899.609625][T31277] ? __pfx___might_resched+0x10/0x10 [ 1899.609676][T31277] netlink_sendmsg+0x8c8/0xdd0 [ 1899.609721][T31277] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1899.609766][T31277] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1899.609824][T31277] ____sys_sendmsg+0xa98/0xc70 [ 1899.609868][T31277] ? copy_msghdr_from_user+0x10a/0x160 [ 1899.609900][T31277] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1899.609965][T31277] ? __pfx_futex_wake_mark+0x10/0x10 [ 1899.610024][T31277] ___sys_sendmsg+0x134/0x1d0 [ 1899.610063][T31277] ? __pfx____sys_sendmsg+0x10/0x10 [ 1899.610093][T31277] ? __lock_acquire+0x622/0x1c90 [ 1899.610191][T31277] __sys_sendmsg+0x16d/0x220 [ 1899.610226][T31277] ? __pfx___sys_sendmsg+0x10/0x10 [ 1899.610260][T31277] ? __x64_sys_futex+0x1e0/0x4c0 [ 1899.610335][T31277] do_syscall_64+0xcd/0xfa0 [ 1899.610380][T31277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1899.610416][T31277] RIP: 0033:0x7f3ab0d8f7c9 [ 1899.610443][T31277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1899.610476][T31277] RSP: 002b:00007f3ab1c94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1899.610510][T31277] RAX: ffffffffffffffda RBX: 00007f3ab0fe5fa0 RCX: 00007f3ab0d8f7c9 [ 1899.610533][T31277] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1899.610555][T31277] RBP: 00007f3ab0e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1899.610585][T31277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1899.610606][T31277] R13: 00007f3ab0fe6038 R14: 00007f3ab0fe5fa0 R15: 00007ffe0d3b8e68 [ 1899.610653][T31277] [ 1900.917775][T31258] kexec: Could not allocate control_code_buffer [ 1900.967387][T31291] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1901.242283][T31291] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1901.760429][T28914] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1901.867520][T28914] CPU: 1 UID: 0 PID: 28914 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1901.867562][T28914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1901.867581][T28914] Call Trace: [ 1901.867593][T28914] [ 1901.867606][T28914] dump_stack_lvl+0x16c/0x1f0 [ 1901.867650][T28914] dump_header+0x101/0x930 [ 1901.867688][T28914] oom_kill_process+0x272/0xa40 [ 1901.867726][T28914] out_of_memory+0x350/0x1700 [ 1901.867768][T28914] ? __pfx_out_of_memory+0x10/0x10 [ 1901.867813][T28914] mem_cgroup_out_of_memory+0x118/0x130 [ 1901.867866][T28914] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1901.867946][T28914] ? do_raw_spin_unlock+0x172/0x230 [ 1901.867987][T28914] try_charge_memcg+0x695/0xd30 [ 1901.868038][T28914] ? __pfx_try_charge_memcg+0x10/0x10 [ 1901.868101][T28914] ? find_held_lock+0x2b/0x80 [ 1901.868143][T28914] charge_memcg+0x8a/0x230 [ 1901.868187][T28914] mem_cgroup_swapin_charge_folio+0xbb/0x440 [ 1901.868240][T28914] __read_swap_cache_async+0x397/0x500 [ 1901.868281][T28914] ? __pfx___read_swap_cache_async+0x10/0x10 [ 1901.868320][T28914] ? rcu_is_watching+0x12/0xc0 [ 1901.868357][T28914] ? trace_sched_exit_tp+0xd1/0x120 [ 1901.868409][T28914] ? __schedule+0x11a3/0x5de0 [ 1901.868451][T28914] swap_cluster_readahead+0x432/0x770 [ 1901.868496][T28914] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 1901.868537][T28914] ? rcu_is_watching+0x12/0xc0 [ 1901.868572][T28914] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 1901.868621][T28914] ? get_vma_policy+0x242/0x3c0 [ 1901.868671][T28914] swapin_readahead+0x160/0x1180 [ 1901.868720][T28914] ? __pfx_swapin_readahead+0x10/0x10 [ 1901.868756][T28914] ? find_held_lock+0x2b/0x80 [ 1901.868788][T28914] ? swap_cache_get_folio+0x267/0x8e0 [ 1901.868820][T28914] ? swap_cache_get_folio+0x267/0x8e0 [ 1901.868849][T28914] ? swap_cache_get_folio+0x267/0x8e0 [ 1901.868884][T28914] ? swap_cache_get_folio+0x267/0x8e0 [ 1901.868916][T28914] ? swap_cache_get_folio+0x1f/0x8e0 [ 1901.868945][T28914] ? swap_cache_get_folio+0x293/0x8e0 [ 1901.868979][T28914] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 1901.869010][T28914] ? __pfx_get_swap_device+0x10/0x10 [ 1901.869053][T28914] ? do_swap_page+0x125/0x6340 [ 1901.869109][T28914] ? do_swap_page+0x86c/0x6340 [ 1901.869149][T28914] do_swap_page+0x86c/0x6340 [ 1901.869215][T28914] ? __pfx_do_swap_page+0x10/0x10 [ 1901.869262][T28914] ? __pfx_default_wake_function+0x10/0x10 [ 1901.869299][T28914] ? __lock_acquire+0x622/0x1c90 [ 1901.869349][T28914] ? rcu_is_watching+0x12/0xc0 [ 1901.869384][T28914] ? ___pte_offset_map+0x2ad/0x4f0 [ 1901.869433][T28914] __handle_mm_fault+0x17d1/0x2aa0 [ 1901.869497][T28914] ? __pfx___handle_mm_fault+0x10/0x10 [ 1901.869555][T28914] ? lock_vma_under_rcu+0x176/0x580 [ 1901.869619][T28914] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1901.869666][T28914] ? get_timespec64+0x136/0x1b0 [ 1901.869720][T28914] handle_mm_fault+0x589/0xd10 [ 1901.869771][T28914] ? __pkru_allows_pkey+0x21/0xb0 [ 1901.869824][T28914] do_user_addr_fault+0x60c/0x1370 [ 1901.869859][T28914] ? rcu_is_watching+0x12/0xc0 [ 1901.869900][T28914] exc_page_fault+0x64/0xc0 [ 1901.869939][T28914] asm_exc_page_fault+0x26/0x30 [ 1901.869970][T28914] RIP: 0033:0x7fdc699c2088 [ 1901.869997][T28914] Code: 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 44 89 c7 <48> 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 c3 0f 1f [ 1901.870030][T28914] RSP: 002b:00007fff2a60ad90 EFLAGS: 00010293 [ 1901.870065][T28914] RAX: 0000000000000000 RBX: 0000000000000173 RCX: 00007fdc699c2085 [ 1901.870086][T28914] RDX: 00007fff2a60add0 RSI: 0000000000000000 RDI: 0000000000000000 [ 1901.870106][T28914] RBP: 00007fff2a60ae3c R08: 0000000000000000 R09: 0000000000000000 [ 1901.870124][T28914] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388 [ 1901.870143][T28914] R13: 00000000000927c0 R14: 00000000001d0849 R15: 00007fff2a60ae90 [ 1901.870187][T28914] [ 1901.870200][T28914] memory: usage 3072kB, limit 3072kB, failcnt 29546 [ 1902.359711][T28914] memory+swap: usage 3572kB, limit 9007199254740988kB, failcnt 0 [ 1902.394800][T28914] kmem: usage 2988kB, limit 9007199254740988kB, failcnt 0 [ 1902.443585][T28914] Memory cgroup stats for /syz2: [ 1902.443799][T28914] cache 0 [ 1902.484379][T28914] rss 0 [ 1902.487228][T28914] rss_huge 0 [ 1902.490458][T28914] shmem 0 [ 1902.493433][T28914] mapped_file 0 [ 1902.534115][T28914] dirty 0 [ 1902.537132][T28914] writeback 0 [ 1902.540455][T28914] workingset_refault_anon 11245 [ 1902.563844][T28914] workingset_refault_file 10836 [ 1902.574064][T28914] swap 512000 [ 1902.577418][T28914] swapcached 86016 [ 1902.596132][T28914] pgpgin 1166595 [ 1902.599753][T28914] pgpgout 1172728 [ 1902.627549][T28914] pgfault 2169150 [ 1902.653278][T28914] pgmajfault 3754 [ 1902.657089][T28914] inactive_anon 12288 [ 1902.661107][T28914] active_anon 73728 [ 1902.687239][T28914] inactive_file 0 [ 1902.690949][T28914] active_file 0 [ 1902.721974][T28914] unevictable 0 [ 1902.727909][T28914] hierarchical_memory_limit 3145728 [ 1902.740839][T28914] hierarchical_memsw_limit 9223372036854771712 [ 1902.757343][T28914] total_cache 0 [ 1902.760877][T28914] total_rss 0 [ 1902.782667][T28914] total_rss_huge 0 [ 1902.786465][T28914] total_shmem 0 [ 1902.820531][T28914] total_mapped_file 0 [ 1902.830967][T28914] total_dirty 0 [ 1902.841219][T28914] total_writeback 0 [ 1902.851024][T28914] total_workingset_refault_anon 11245 [ 1902.884442][T28914] total_workingset_refault_file 10836 [ 1902.889869][T28914] total_swap 512000 [ 1902.906327][T28914] total_swapcached 86016 [ 1902.921891][T28914] total_pgpgin 1166595 [ 1902.926039][T28914] total_pgpgout 1172728 [ 1902.932543][T28914] total_pgfault 2169150 [ 1902.936778][T28914] total_pgmajfault 3754 [ 1902.954080][T28914] total_inactive_anon 12288 [ 1902.958666][T28914] total_active_anon 73728 [ 1902.971732][T28914] total_inactive_file 0 [ 1902.981610][T28914] total_active_file 0 [ 1902.986163][T28914] total_unevictable 0 [ 1902.990183][T28914] anon_cost 0 [ 1903.011434][T28914] file_cost 0 [ 1903.014797][T28914] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.5398,pid=31285,uid=0 [ 1903.051305][T28914] Memory cgroup out of memory: Killed process 31285 (syz.2.5398) total-vm:135124kB, anon-rss:1268kB, file-rss:22860kB, shmem-rss:0kB, UID:0 pgtables:136kB oom_score_adj:1000 [ 1903.342725][T31305] random: crng reseeded on system resumption [ 1904.550206][T31316] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1905.218784][ T32] oom_reaper: reaped process 31285 (syz.2.5398), now anon-rss:12kB, file-rss:21768kB, shmem-rss:0kB [ 1906.271700][T31342] FAULT_INJECTION: forcing a failure. [ 1906.271700][T31342] name failslab, interval 1, probability 0, space 0, times 0 [ 1906.286049][T31342] CPU: 0 UID: 0 PID: 31342 Comm: syz.3.5409 Not tainted syzkaller #0 PREEMPT(full) [ 1906.286089][T31342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1906.286105][T31342] Call Trace: [ 1906.286114][T31342] [ 1906.286124][T31342] dump_stack_lvl+0x16c/0x1f0 [ 1906.286159][T31342] should_fail_ex+0x512/0x640 [ 1906.286197][T31342] ? __kmalloc_noprof+0xca/0x880 [ 1906.286224][T31342] should_failslab+0xc2/0x120 [ 1906.286259][T31342] __kmalloc_noprof+0xdd/0x880 [ 1906.286282][T31342] ? snd_midi_event_new+0xa1/0x210 [ 1906.286317][T31342] ? snd_midi_event_new+0xa1/0x210 [ 1906.286344][T31342] snd_midi_event_new+0xa1/0x210 [ 1906.286375][T31342] snd_virmidi_output_open+0x106/0x670 [ 1906.286411][T31342] open_substream+0x480/0x990 [ 1906.286455][T31342] rawmidi_open_priv+0x543/0x6e0 [ 1906.286500][T31342] snd_rawmidi_open+0x4cb/0xbf0 [ 1906.286545][T31342] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1906.286586][T31342] ? __pfx_default_wake_function+0x10/0x10 [ 1906.286616][T31342] ? kobject_get_unless_zero+0x156/0x1e0 [ 1906.286654][T31342] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1906.286700][T31342] snd_open+0x22d/0x4c0 [ 1906.286732][T31342] ? __pfx_snd_open+0x10/0x10 [ 1906.286762][T31342] chrdev_open+0x234/0x6a0 [ 1906.286792][T31342] ? __pfx_apparmor_file_open+0x10/0x10 [ 1906.286831][T31342] ? __pfx_chrdev_open+0x10/0x10 [ 1906.286864][T31342] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1906.286904][T31342] do_dentry_open+0x982/0x1530 [ 1906.286934][T31342] ? __pfx_chrdev_open+0x10/0x10 [ 1906.286971][T31342] vfs_open+0x82/0x3f0 [ 1906.287011][T31342] path_openat+0x1de4/0x2cb0 [ 1906.287049][T31342] ? __pfx_path_openat+0x10/0x10 [ 1906.287079][T31342] ? __lock_acquire+0xb8a/0x1c90 [ 1906.287117][T31342] do_filp_open+0x20b/0x470 [ 1906.287145][T31342] ? __pfx_do_filp_open+0x10/0x10 [ 1906.287195][T31342] ? alloc_fd+0x471/0x7d0 [ 1906.287228][T31342] do_sys_openat2+0x11b/0x1d0 [ 1906.287265][T31342] ? __pfx_do_sys_openat2+0x10/0x10 [ 1906.287306][T31342] ? __pfx___schedule+0x10/0x10 [ 1906.287341][T31342] __x64_sys_openat+0x174/0x210 [ 1906.287379][T31342] ? __pfx___x64_sys_openat+0x10/0x10 [ 1906.287432][T31342] do_syscall_64+0xcd/0xfa0 [ 1906.287465][T31342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1906.287490][T31342] RIP: 0033:0x7f9f27d8f7c9 [ 1906.287510][T31342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1906.287536][T31342] RSP: 002b:00007f9f28c82038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1906.287559][T31342] RAX: ffffffffffffffda RBX: 00007f9f27fe5fa0 RCX: 00007f9f27d8f7c9 [ 1906.287575][T31342] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1906.287591][T31342] RBP: 00007f9f27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1906.287606][T31342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1906.287622][T31342] R13: 00007f9f27fe6038 R14: 00007f9f27fe5fa0 R15: 00007ffc648927b8 [ 1906.287655][T31342] [ 1907.619980][T31358] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5413'. [ 1908.554373][T31376] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1909.129826][T31384] random: crng reseeded on system resumption [ 1910.197706][T31393] FAULT_INJECTION: forcing a failure. [ 1910.197706][T31393] name failslab, interval 1, probability 0, space 0, times 0 [ 1910.210520][T31393] CPU: 0 UID: 0 PID: 31393 Comm: syz.1.5419 Not tainted syzkaller #0 PREEMPT(full) [ 1910.210554][T31393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1910.210570][T31393] Call Trace: [ 1910.210580][T31393] [ 1910.210590][T31393] dump_stack_lvl+0x16c/0x1f0 [ 1910.210626][T31393] should_fail_ex+0x512/0x640 [ 1910.210664][T31393] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1910.210692][T31393] should_failslab+0xc2/0x120 [ 1910.210727][T31393] __kmalloc_cache_noprof+0x72/0x780 [ 1910.210751][T31393] ? trace_kmalloc+0x2b/0xd0 [ 1910.210782][T31393] ? snd_virmidi_output_open+0xc4/0x670 [ 1910.210820][T31393] ? snd_virmidi_output_open+0xc4/0x670 [ 1910.210852][T31393] snd_virmidi_output_open+0xc4/0x670 [ 1910.210889][T31393] open_substream+0x480/0x990 [ 1910.210931][T31393] rawmidi_open_priv+0x543/0x6e0 [ 1910.210975][T31393] snd_rawmidi_open+0x4cb/0xbf0 [ 1910.211021][T31393] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1910.211063][T31393] ? __pfx_default_wake_function+0x10/0x10 [ 1910.211093][T31393] ? kobject_get_unless_zero+0x156/0x1e0 [ 1910.211131][T31393] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1910.211170][T31393] snd_open+0x22d/0x4c0 [ 1910.211202][T31393] ? __pfx_snd_open+0x10/0x10 [ 1910.211232][T31393] chrdev_open+0x234/0x6a0 [ 1910.211262][T31393] ? __pfx_apparmor_file_open+0x10/0x10 [ 1910.211301][T31393] ? __pfx_chrdev_open+0x10/0x10 [ 1910.211341][T31393] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1910.211376][T31393] do_dentry_open+0x982/0x1530 [ 1910.211407][T31393] ? __pfx_chrdev_open+0x10/0x10 [ 1910.211444][T31393] vfs_open+0x82/0x3f0 [ 1910.211483][T31393] path_openat+0x1de4/0x2cb0 [ 1910.211521][T31393] ? __pfx_path_openat+0x10/0x10 [ 1910.211551][T31393] ? __lock_acquire+0xb8a/0x1c90 [ 1910.211589][T31393] do_filp_open+0x20b/0x470 [ 1910.211618][T31393] ? __pfx_do_filp_open+0x10/0x10 [ 1910.211667][T31393] ? alloc_fd+0x471/0x7d0 [ 1910.211700][T31393] do_sys_openat2+0x11b/0x1d0 [ 1910.211738][T31393] ? __pfx_do_sys_openat2+0x10/0x10 [ 1910.211777][T31393] ? find_held_lock+0x2b/0x80 [ 1910.211810][T31393] __x64_sys_openat+0x174/0x210 [ 1910.211849][T31393] ? __pfx___x64_sys_openat+0x10/0x10 [ 1910.211899][T31393] do_syscall_64+0xcd/0xfa0 [ 1910.211932][T31393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1910.211958][T31393] RIP: 0033:0x7f4a8c98f7c9 [ 1910.211978][T31393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1910.212002][T31393] RSP: 002b:00007f4a8d8a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1910.212026][T31393] RAX: ffffffffffffffda RBX: 00007f4a8cbe5fa0 RCX: 00007f4a8c98f7c9 [ 1910.212043][T31393] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1910.212059][T31393] RBP: 00007f4a8ca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1910.212075][T31393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1910.212090][T31393] R13: 00007f4a8cbe6038 R14: 00007f4a8cbe5fa0 R15: 00007ffcdf69d878 [ 1910.212122][T31393] [ 1910.746312][T31395] random: crng reseeded on system resumption [ 1911.401574][T31402] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5421'. [ 1911.973875][ T30] audit: type=1800 audit(4294967303.955:19): pid=31407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.5422" name="lu_gp_id" dev="configfs" ino=119715 res=0 errno=0 [ 1911.977092][T31409] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1912.060474][T31409] FAULT_INJECTION: forcing a failure. [ 1912.060474][T31409] name failslab, interval 1, probability 0, space 0, times 0 [ 1912.077294][T31409] CPU: 0 UID: 0 PID: 31409 Comm: syz.1.5423 Not tainted syzkaller #0 PREEMPT(full) [ 1912.077339][T31409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1912.077360][T31409] Call Trace: [ 1912.077370][T31409] [ 1912.077384][T31409] dump_stack_lvl+0x16c/0x1f0 [ 1912.077433][T31409] should_fail_ex+0x512/0x640 [ 1912.077486][T31409] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1912.077527][T31409] should_failslab+0xc2/0x120 [ 1912.077571][T31409] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1912.077607][T31409] ? ptlock_alloc+0x1f/0x70 [ 1912.077664][T31409] ? ptlock_alloc+0x1f/0x70 [ 1912.077708][T31409] ptlock_alloc+0x1f/0x70 [ 1912.077756][T31409] pte_alloc_one+0x84/0x350 [ 1912.077795][T31409] __pte_alloc+0x6d/0x380 [ 1912.077836][T31409] ? __pfx___pte_alloc+0x10/0x10 [ 1912.077875][T31409] ? walk_pgd_range+0x13b4/0x1f50 [ 1912.077918][T31409] walk_pgd_range+0xb84/0x1f50 [ 1912.077962][T31409] ? __pfx_guard_install_set_pte+0x10/0x10 [ 1912.078008][T31409] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 1912.078057][T31409] ? __pfx_guard_install_set_pte+0x10/0x10 [ 1912.078112][T31409] ? __pfx_guard_install_set_pte+0x10/0x10 [ 1912.078189][T31409] ? __pfx_guard_install_set_pte+0x10/0x10 [ 1912.078238][T31409] ? __pfx_walk_pgd_range+0x10/0x10 [ 1912.078285][T31409] ? __lock_acquire+0xb8a/0x1c90 [ 1912.078337][T31409] __walk_page_range+0x163/0x820 [ 1912.078378][T31409] ? find_vma+0xbf/0x140 [ 1912.078418][T31409] ? __pfx_find_vma+0x10/0x10 [ 1912.078462][T31409] ? walk_page_test+0x9b/0x180 [ 1912.078500][T31409] walk_page_range_mm+0x461/0xb40 [ 1912.078545][T31409] ? __pfx_walk_page_range_mm+0x10/0x10 [ 1912.078596][T31409] ? __anon_vma_prepare+0x2e2/0x5e0 [ 1912.078658][T31409] madvise_vma_behavior+0xa54/0x2d50 [ 1912.078713][T31409] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 1912.078758][T31409] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1912.078808][T31409] ? mas_prev+0x9b/0xf0 [ 1912.078852][T31409] ? __pfx_mas_prev+0x10/0x10 [ 1912.078906][T31409] ? find_vma_prev+0xd3/0x150 [ 1912.078951][T31409] ? __pfx_find_vma_prev+0x10/0x10 [ 1912.079009][T31409] ? preempt_schedule_common+0x44/0xc0 [ 1912.079058][T31409] madvise_walk_vmas+0x31f/0x9c0 [ 1912.079115][T31409] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1912.079184][T31409] madvise_do_behavior+0x1e2/0x530 [ 1912.079234][T31409] ? futex_private_hash_put+0xd5/0x190 [ 1912.079283][T31409] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1912.079337][T31409] ? down_read+0x13d/0x480 [ 1912.079405][T31409] do_madvise+0x176/0x240 [ 1912.079454][T31409] ? __pfx_do_madvise+0x10/0x10 [ 1912.079501][T31409] ? do_futex+0x122/0x350 [ 1912.079556][T31409] ? __pfx___might_resched+0x10/0x10 [ 1912.079611][T31409] ? xfd_validate_state+0x61/0x180 [ 1912.079668][T31409] __x64_sys_madvise+0xa9/0x110 [ 1912.079716][T31409] ? lockdep_hardirqs_on+0x7c/0x110 [ 1912.079760][T31409] do_syscall_64+0xcd/0xfa0 [ 1912.079805][T31409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1912.079839][T31409] RIP: 0033:0x7f4a8c98f7c9 [ 1912.079868][T31409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1912.079901][T31409] RSP: 002b:00007f4a8d8a5038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1912.079933][T31409] RAX: ffffffffffffffda RBX: 00007f4a8cbe5fa0 RCX: 00007f4a8c98f7c9 [ 1912.079955][T31409] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 1912.079976][T31409] RBP: 00007f4a8ca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1912.079996][T31409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1912.080015][T31409] R13: 00007f4a8cbe6038 R14: 00007f4a8cbe5fa0 R15: 00007ffcdf69d878 [ 1912.080061][T31409] [ 1912.657700][T31414] tipc: Publication distribution failure [ 1912.712486][T31416] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1912.778953][T31417] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1913.995734][T31439] random: crng reseeded on system resumption [ 1915.465521][T31455] random: crng reseeded on system resumption [ 1916.736956][T31479] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 1916.848249][T31483] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1916.862025][T31483] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1916.871526][T31483] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1916.890816][T31483] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1916.898725][T31483] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1917.435028][T31481] chnl_net:caif_netlink_parms(): no params data found [ 1917.770018][T31481] bridge0: port 1(bridge_slave_0) entered blocking state [ 1917.777399][T31481] bridge0: port 1(bridge_slave_0) entered disabled state [ 1917.785200][T31481] bridge_slave_0: entered allmulticast mode [ 1917.798767][T31481] bridge_slave_0: entered promiscuous mode [ 1917.811803][T31497] random: crng reseeded on system resumption [ 1917.868637][T31481] bridge0: port 2(bridge_slave_1) entered blocking state [ 1917.876073][T31481] bridge0: port 2(bridge_slave_1) entered disabled state [ 1917.899949][T31481] bridge_slave_1: entered allmulticast mode [ 1917.922467][T31481] bridge_slave_1: entered promiscuous mode [ 1918.113189][T31481] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1918.184246][T31481] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1918.786676][T31511] random: crng reseeded on system resumption [ 1918.861274][T31509] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 1918.875888][T31509] CPU: 0 UID: 0 PID: 31509 Comm: syz.0.5442 Not tainted syzkaller #0 PREEMPT(full) [ 1918.875932][T31509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1918.875953][T31509] Call Trace: [ 1918.875965][T31509] [ 1918.875979][T31509] dump_stack_lvl+0x16c/0x1f0 [ 1918.876026][T31509] sysfs_warn_dup+0x7f/0xa0 [ 1918.876069][T31509] sysfs_do_create_link_sd+0x124/0x140 [ 1918.876116][T31509] sysfs_create_link+0x61/0xc0 [ 1918.876160][T31509] device_add+0x62c/0x1aa0 [ 1918.876219][T31509] ? __pfx_device_add+0x10/0x10 [ 1918.876268][T31509] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1918.876327][T31509] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 1918.876377][T31509] wiphy_register+0x1eb0/0x2b20 [ 1918.876426][T31509] ? netdev_run_todo+0x864/0x1320 [ 1918.876477][T31509] ? __pfx_wiphy_register+0x10/0x10 [ 1918.876548][T31509] ieee80211_register_hw+0x253d/0x4120 [ 1918.876624][T31509] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1918.876688][T31509] ? __pfx___debug_object_init+0x10/0x10 [ 1918.876737][T31509] ? find_held_lock+0x2b/0x80 [ 1918.876773][T31509] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1918.876830][T31509] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1918.876874][T31509] ? __hrtimer_setup+0x176/0x280 [ 1918.876929][T31509] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 1918.876989][T31509] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1918.877040][T31509] hwsim_new_radio_nl+0xba2/0x1330 [ 1918.877080][T31509] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1918.877130][T31509] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1918.877175][T31509] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1918.877228][T31509] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1918.877274][T31509] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1918.877331][T31509] ? bpf_lsm_capable+0x9/0x10 [ 1918.877392][T31509] ? security_capable+0x7e/0x260 [ 1918.877441][T31509] ? ns_capable+0xd7/0x110 [ 1918.877483][T31509] genl_rcv_msg+0x55c/0x800 [ 1918.877531][T31509] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1918.877584][T31509] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1918.877639][T31509] netlink_rcv_skb+0x158/0x420 [ 1918.877677][T31509] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1918.877722][T31509] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1918.877778][T31509] ? netlink_deliver_tap+0x1ae/0xd30 [ 1918.877821][T31509] genl_rcv+0x28/0x40 [ 1918.877858][T31509] netlink_unicast+0x5aa/0x870 [ 1918.877901][T31509] ? __pfx_netlink_unicast+0x10/0x10 [ 1918.877936][T31509] ? __pfx___might_resched+0x10/0x10 [ 1918.877987][T31509] netlink_sendmsg+0x8c8/0xdd0 [ 1918.878033][T31509] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1918.878076][T31509] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1918.878136][T31509] ____sys_sendmsg+0xa98/0xc70 [ 1918.878180][T31509] ? copy_msghdr_from_user+0x10a/0x160 [ 1918.878214][T31509] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1918.878270][T31509] ? __pfx_futex_wake_mark+0x10/0x10 [ 1918.878329][T31509] ___sys_sendmsg+0x134/0x1d0 [ 1918.878361][T31509] ? find_held_lock+0x2b/0x80 [ 1918.878397][T31509] ? __pfx____sys_sendmsg+0x10/0x10 [ 1918.878428][T31509] ? __lock_acquire+0x622/0x1c90 [ 1918.878528][T31509] __sys_sendmsg+0x16d/0x220 [ 1918.878569][T31509] ? __pfx___sys_sendmsg+0x10/0x10 [ 1918.878603][T31509] ? __x64_sys_futex+0x1e0/0x4c0 [ 1918.878689][T31509] do_syscall_64+0xcd/0xfa0 [ 1918.878735][T31509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1918.878770][T31509] RIP: 0033:0x7f3ab0d8f7c9 [ 1918.878796][T31509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1918.878830][T31509] RSP: 002b:00007f3ab1c94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1918.878859][T31509] RAX: ffffffffffffffda RBX: 00007f3ab0fe5fa0 RCX: 00007f3ab0d8f7c9 [ 1918.878880][T31509] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1918.878898][T31509] RBP: 00007f3ab0e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1918.878915][T31509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1918.878934][T31509] R13: 00007f3ab0fe6038 R14: 00007f3ab0fe5fa0 R15: 00007ffe0d3b8e68 [ 1918.878978][T31509] [ 1919.273896][T13553] Bluetooth: hci4: command tx timeout [ 1919.502780][T31481] team0: Port device team_slave_0 added [ 1919.512362][T31481] team0: Port device team_slave_1 added [ 1919.995351][T31481] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1920.002762][T31481] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1920.046166][T31481] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1920.306007][T31481] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1920.317255][T31481] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1920.353511][T31481] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1920.761656][T31481] hsr_slave_0: entered promiscuous mode [ 1920.800383][T31481] hsr_slave_1: entered promiscuous mode [ 1920.831421][T31481] debugfs: 'hsr0' already exists in 'hsr' [ 1920.837251][T31481] Cannot create hsr debugfs directory [ 1921.224858][T31521] sysfs: cannot create duplicate filename '/class/ieee80211/!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' [ 1921.248174][T31521] CPU: 1 UID: 0 PID: 31521 Comm: syz.0.5444 Not tainted syzkaller #0 PREEMPT(full) [ 1921.248221][T31521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1921.248243][T31521] Call Trace: [ 1921.248255][T31521] [ 1921.248269][T31521] dump_stack_lvl+0x16c/0x1f0 [ 1921.248326][T31521] sysfs_warn_dup+0x7f/0xa0 [ 1921.248372][T31521] sysfs_do_create_link_sd+0x124/0x140 [ 1921.248419][T31521] sysfs_create_link+0x61/0xc0 [ 1921.248463][T31521] device_add+0x62c/0x1aa0 [ 1921.248522][T31521] ? __pfx_device_add+0x10/0x10 [ 1921.248573][T31521] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1921.248633][T31521] ? ieee80211_set_bitrate_flags+0x243/0x6b0 [ 1921.248682][T31521] wiphy_register+0x1eb0/0x2b20 [ 1921.248730][T31521] ? netdev_run_todo+0x864/0x1320 [ 1921.248781][T31521] ? __pfx_wiphy_register+0x10/0x10 [ 1921.248853][T31521] ieee80211_register_hw+0x253d/0x4120 [ 1921.248917][T31521] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1921.248965][T31521] ? __pfx___debug_object_init+0x10/0x10 [ 1921.249018][T31521] ? find_held_lock+0x2b/0x80 [ 1921.249054][T31521] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1921.249113][T31521] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1921.249158][T31521] ? __hrtimer_setup+0x176/0x280 [ 1921.249212][T31521] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 1921.249276][T31521] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1921.249332][T31521] hwsim_new_radio_nl+0xba2/0x1330 [ 1921.249376][T31521] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1921.249428][T31521] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1921.249472][T31521] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1921.249528][T31521] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1921.249573][T31521] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1921.249632][T31521] ? bpf_lsm_capable+0x9/0x10 [ 1921.249676][T31521] ? security_capable+0x7e/0x260 [ 1921.249724][T31521] ? ns_capable+0xd7/0x110 [ 1921.249762][T31521] genl_rcv_msg+0x55c/0x800 [ 1921.249805][T31521] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1921.249846][T31521] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1921.249893][T31521] netlink_rcv_skb+0x158/0x420 [ 1921.249926][T31521] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1921.249966][T31521] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1921.250021][T31521] ? netlink_deliver_tap+0x1ae/0xd30 [ 1921.250064][T31521] genl_rcv+0x28/0x40 [ 1921.250099][T31521] netlink_unicast+0x5aa/0x870 [ 1921.250140][T31521] ? __pfx_netlink_unicast+0x10/0x10 [ 1921.250174][T31521] ? __pfx___might_resched+0x10/0x10 [ 1921.250220][T31521] netlink_sendmsg+0x8c8/0xdd0 [ 1921.250264][T31521] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1921.250312][T31521] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1921.250372][T31521] ____sys_sendmsg+0xa98/0xc70 [ 1921.250417][T31521] ? copy_msghdr_from_user+0x10a/0x160 [ 1921.250451][T31521] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1921.250506][T31521] ? __pfx_futex_wake_mark+0x10/0x10 [ 1921.250568][T31521] ___sys_sendmsg+0x134/0x1d0 [ 1921.250599][T31521] ? find_held_lock+0x2b/0x80 [ 1921.250636][T31521] ? __pfx____sys_sendmsg+0x10/0x10 [ 1921.250667][T31521] ? __lock_acquire+0x622/0x1c90 [ 1921.250766][T31521] __sys_sendmsg+0x16d/0x220 [ 1921.250803][T31521] ? __pfx___sys_sendmsg+0x10/0x10 [ 1921.250836][T31521] ? __x64_sys_futex+0x1e0/0x4c0 [ 1921.250908][T31521] do_syscall_64+0xcd/0xfa0 [ 1921.250955][T31521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1921.250989][T31521] RIP: 0033:0x7f3ab0d8f7c9 [ 1921.251021][T31521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1921.251058][T31521] RSP: 002b:00007f3ab1c94038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1921.251093][T31521] RAX: ffffffffffffffda RBX: 00007f3ab0fe5fa0 RCX: 00007f3ab0d8f7c9 [ 1921.251116][T31521] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000003 [ 1921.251139][T31521] RBP: 00007f3ab0e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1921.251160][T31521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1921.251180][T31521] R13: 00007f3ab0fe6038 R14: 00007f3ab0fe5fa0 R15: 00007ffe0d3b8e68 [ 1921.251228][T31521] [ 1921.751789][T13553] Bluetooth: hci4: command tx timeout [ 1921.957508][T31527] blk-mq: reduced tag depth (128 -> 64) [ 1922.271648][T31481] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1922.332069][T31481] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1922.370900][T31481] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1922.564604][T31481] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1922.777629][T31481] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1922.825246][T31481] 8021q: adding VLAN 0 to HW filter on device team0 [ 1922.905518][T27066] bridge0: port 1(bridge_slave_0) entered blocking state [ 1922.912799][T27066] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1922.949140][T27066] bridge0: port 2(bridge_slave_1) entered blocking state [ 1922.956327][T27066] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1923.337412][T31481] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1923.580609][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 1923.592219][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 1923.823697][T13553] Bluetooth: hci4: command tx timeout [ 1923.890402][T31481] veth0_vlan: entered promiscuous mode [ 1923.915661][T31481] veth1_vlan: entered promiscuous mode [ 1923.979040][T31481] veth0_macvtap: entered promiscuous mode [ 1923.991919][T31481] veth1_macvtap: entered promiscuous mode [ 1924.027079][T31481] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1924.047476][T31481] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1924.071710][T29163] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1924.095401][T29163] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1924.110288][T29163] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1924.120151][T29163] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1924.253890][T11355] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1924.264690][T11355] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1924.334546][T29163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1924.343273][T29163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1925.883126][T13553] Bluetooth: hci4: command tx timeout [ 1984.702774][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 1984.710882][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 2042.795177][T31483] Bluetooth: hci4: command 0x0406 tx timeout [ 2045.823916][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 2045.831635][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 2082.747133][ T31] INFO: task syz.3.5435:31459 blocked for more than 143 seconds. [ 2082.754956][ T31] Not tainted syzkaller #0 [ 2082.762979][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2082.772493][ T31] task:syz.3.5435 state:D stack:27528 pid:31459 tgid:31458 ppid:28613 task_flags:0x400140 flags:0x00080006 [ 2082.784614][ T31] Call Trace: [ 2082.788029][ T31] [ 2082.791019][ T31] __schedule+0x1190/0x5de0 [ 2082.795764][ T31] ? stack_trace_save+0x8e/0xc0 [ 2082.800733][ T31] ? __lock_acquire+0x622/0x1c90 [ 2082.805745][ T31] ? __pfx___schedule+0x10/0x10 [ 2082.810723][ T31] ? find_held_lock+0x2b/0x80 [ 2082.815463][ T31] ? schedule+0x2d7/0x3a0 [ 2082.819916][ T31] ? nfsd_nl_threads_set_doit+0x687/0xbc0 [ 2082.827183][ T31] schedule+0xe7/0x3a0 [ 2082.831597][ T31] schedule_preempt_disabled+0x13/0x30 [ 2082.837458][ T31] __mutex_lock+0x818/0x1060 [ 2082.842123][ T31] ? __lock_acquire+0x622/0x1c90 [ 2082.847168][ T31] ? nfsd_nl_threads_set_doit+0x687/0xbc0 [ 2082.852958][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 2082.858217][ T31] ? net_generic+0xea/0x2a0 [ 2082.862811][ T31] ? nfsd_nl_threads_set_doit+0x687/0xbc0 [ 2082.870255][ T31] nfsd_nl_threads_set_doit+0x687/0xbc0 [ 2082.875883][ T31] genl_family_rcv_msg_doit+0x209/0x2f0 [ 2082.881605][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 2082.888840][ T31] ? rcu_is_watching+0x12/0xc0 [ 2082.893691][ T31] ? bpf_lsm_capable+0x9/0x10 [ 2082.899524][ T31] ? security_capable+0x7e/0x260 [ 2082.904555][ T31] genl_rcv_msg+0x55c/0x800 [ 2082.913916][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2082.920137][ T31] ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10 [ 2082.928470][ T31] netlink_rcv_skb+0x158/0x420 [ 2082.933743][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 2082.939145][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 2082.944510][ T31] ? netlink_deliver_tap+0x1ae/0xd30 [ 2082.949880][ T31] genl_rcv+0x28/0x40 [ 2082.953892][ T31] netlink_unicast+0x5aa/0x870 [ 2082.958891][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 2082.964239][ T31] netlink_sendmsg+0x8c8/0xdd0 [ 2082.969111][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 2082.974449][ T31] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 2082.980727][ T31] ____sys_sendmsg+0xa98/0xc70 [ 2082.985699][ T31] ? copy_msghdr_from_user+0x10a/0x160 [ 2082.991239][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2082.996735][ T31] ? __pfx_futex_wake_mark+0x10/0x10 [ 2083.002553][ T31] ___sys_sendmsg+0x134/0x1d0 [ 2083.007440][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 2083.012692][ T31] ? __lock_acquire+0x622/0x1c90 [ 2083.017800][ T31] __sys_sendmsg+0x16d/0x220 [ 2083.022442][ T31] ? __pfx___sys_sendmsg+0x10/0x10 [ 2083.028725][ T31] ? __x64_sys_futex+0x1e0/0x4c0 [ 2083.033797][ T31] do_syscall_64+0xcd/0xfa0 [ 2083.038439][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2083.044380][ T31] RIP: 0033:0x7f9f27d8f7c9 [ 2083.048873][ T31] RSP: 002b:00007f9f28c82038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2083.057380][ T31] RAX: ffffffffffffffda RBX: 00007f9f27fe5fa0 RCX: 00007f9f27d8f7c9 [ 2083.065939][ T31] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000004 [ 2083.073968][ T31] RBP: 00007f9f27e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2083.082075][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2083.090132][ T31] R13: 00007f9f27fe6038 R14: 00007f9f27fe5fa0 R15: 00007ffc648927b8 [ 2083.098288][ T31] [ 2083.101351][ T31] [ 2083.101351][ T31] Showing all locks held in the system: [ 2083.109184][ T31] 1 lock held by khungtaskd/31: [ 2083.114072][ T31] #0: ffffffff8e3c45e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 2083.124121][ T31] 1 lock held by klogd/5188: [ 2083.129836][ T31] 2 locks held by kworker/u8:2/26792: [ 2083.135325][ T31] #0: ffff88801d7d5948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 2083.146758][ T31] #1: ffffc9000b69fd00 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 2083.158675][ T31] 2 locks held by getty/30942: [ 2083.163499][ T31] #0: ffff88814d4ca0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 2083.173354][ T31] #1: ffffc900037a32f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 2083.183598][ T31] 2 locks held by syz.2.5398/31287: [ 2083.188877][ T31] #0: ffffffff9018f490 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 2083.197205][ T31] #1: ffffffff8e7ed348 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 2083.207396][ T31] 2 locks held by syz.3.5435/31459: [ 2083.212624][ T31] #0: ffffffff9018f490 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 2083.220956][ T31] #1: ffffffff8e7ed348 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 2083.231995][ T31] [ 2083.234440][ T31] ============================================= [ 2083.234440][ T31] [ 2083.242903][ T31] NMI backtrace for cpu 1 [ 2083.242927][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 2083.242961][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2083.242979][ T31] Call Trace: [ 2083.242991][ T31] [ 2083.243002][ T31] dump_stack_lvl+0x116/0x1f0 [ 2083.243049][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 2083.243101][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 2083.243146][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 2083.243196][ T31] watchdog+0xf3f/0x1170 [ 2083.243233][ T31] ? rcu_is_watching+0x12/0xc0 [ 2083.243268][ T31] ? __pfx_watchdog+0x10/0x10 [ 2083.243294][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 2083.243336][ T31] ? __kthread_parkme+0x19e/0x250 [ 2083.243378][ T31] ? __pfx_watchdog+0x10/0x10 [ 2083.243409][ T31] kthread+0x3c5/0x780 [ 2083.243457][ T31] ? __pfx_kthread+0x10/0x10 [ 2083.243508][ T31] ? rcu_is_watching+0x12/0xc0 [ 2083.243542][ T31] ? __pfx_kthread+0x10/0x10 [ 2083.243592][ T31] ret_from_fork+0x675/0x7d0 [ 2083.243638][ T31] ? __pfx_kthread+0x10/0x10 [ 2083.243685][ T31] ret_from_fork_asm+0x1a/0x30 [ 2083.243751][ T31] [ 2083.243772][ T31] Sending NMI from CPU 1 to CPUs 0: [ 2083.365823][ C0] NMI backtrace for cpu 0 [ 2083.365845][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) [ 2083.365875][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2083.365890][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 2083.365928][ C0] Code: 47 6f 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 23 54 2c 00 fb f4 3c 0a 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 2083.365954][ C0] RSP: 0018:ffffffff8e007df8 EFLAGS: 000002c6 [ 2083.365975][ C0] RAX: 0000000001d12011 RBX: 0000000000000000 RCX: ffffffff8b5dd2a9 [ 2083.365999][ C0] RDX: 0000000000000000 RSI: ffffffff8da29682 RDI: ffffffff8bf07940 [ 2083.366017][ C0] RBP: fffffbfff1c12f40 R08: 0000000000000001 R09: ffffed1017086655 [ 2083.366034][ C0] R10: ffff8880b84332ab R11: 0000000000000001 R12: 0000000000000000 [ 2083.366051][ C0] R13: ffffffff8e097a00 R14: ffffffff908253d0 R15: 0000000000000000 [ 2083.366069][ C0] FS: 0000000000000000(0000) GS:ffff888124a0d000(0000) knlGS:0000000000000000 [ 2083.366093][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2083.366111][ C0] CR2: 000055a20dbe1168 CR3: 000000000e182000 CR4: 00000000003526f0 [ 2083.366128][ C0] Call Trace: [ 2083.366136][ C0] [ 2083.366145][ C0] default_idle+0x13/0x20 [ 2083.366181][ C0] default_idle_call+0x6c/0xb0 [ 2083.366219][ C0] do_idle+0x38d/0x500 [ 2083.366247][ C0] ? __pfx_do_idle+0x10/0x10 [ 2083.366273][ C0] ? trace_sched_exit_tp+0x2f/0x120 [ 2083.366318][ C0] cpu_startup_entry+0x4f/0x60 [ 2083.366344][ C0] rest_init+0x16b/0x2b0 [ 2083.366382][ C0] ? acpi_subsystem_init+0x133/0x180 [ 2083.366514][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 2083.366584][ C0] start_kernel+0x3f6/0x4e0 [ 2083.366632][ C0] x86_64_start_reservations+0x18/0x30 [ 2083.366658][ C0] x86_64_start_kernel+0x130/0x190 [ 2083.366683][ C0] common_startup_64+0x13e/0x148 [ 2083.366720][ C0] [ 2086.595118][T31287] svc: failed to register nfsdv3 RPC service (errno 512). [ 2086.602686][T31287] svc: failed to register nfsaclv3 RPC service (errno 512).