last executing test programs: 14.337725954s ago: executing program 2 (id=4374): r0 = socket(0x1d, 0x2, 0x6) flistxattr$auto(r0, 0x0, 0x95) mmap$auto(0x0, 0x400008, 0xdf, 0x410, r0, 0x301) r1 = socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x2b, 0x1, 0x0) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e22, @multicast2}, 0x5) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) setsockopt$auto(0x3, 0x10f, 0x9f06, 0x0, 0x17) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = pipe2$auto(0x0, 0x80) ioctl$auto(r3, 0x5761, 0x4) ioctl$auto_BINDER_SET_MAX_THREADS(r3, 0x40046205, &(0x7f0000000080)="d7a13be3c14e950bc86ac4250954b7f9b37dd9020413b9c0e0437b1770f1e60e3016321fb32f747b55a5dc9aa9c22b1dce04ad94fac29031234d3619f36b2b2872d09c5d4c1cfb73312afd29d4257a5df2dd59a775625a1e196dab0cb2e1b2d6541cf92b53ca962bcdda378470c44ab0a64c4b64c9b43e54f87ea6b5832db97dcf93a6d4b9b9dc59bd74fc71a5359a31c4f31c95a12fe985109d1d4f81144690b512f4214444131cedbd0214a12d") r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x14000000000df, 0x40eb2, r4, 0x300000000000) semtimedop$auto(0x40, 0x0, 0x6, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(0x200000003, 0x2) getsockopt$auto(r1, 0x0, 0x33, 0xfffffffffffffffe, 0x0) 13.124252092s ago: executing program 2 (id=4379): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000000)={0x3, 0x3fd, 0x6, 0x1, 0x2, 0xa, 0xffffffffffffffff, [], {0x8, 0x1, 0xffffffff, 0x8998d5d, 0x8000100, 0x581, 0x101, 0x1000006, 0x2}, {0x9, 0x1, 0x52, 0x4, 0x3, 0x3b, 0x8, 0x7, 0x1}}) recvmmsg$auto(r0, 0x0, 0x6, 0x700, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x541c, r2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffb, 0xd, 0x3000, 0x6, 0x7, 0x4006, 0xffffffffffffffff, [], {0xfbc, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0xfffffffe}}) statmount$auto(0x0, &(0x7f0000000400)={0x8, 0x1, 0x3, 0x3, 0xb, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x3, 0x4, 0xb0, 0x7, 0x6, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x1fe, 0x81) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r3 = socket(0xa, 0x3, 0x9) capset$auto(0x0, 0x0) mmap$auto(0x5, 0x3, 0x4000000000df, 0xeb1, r3, 0x8000) io_uring_setup$auto(0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = set_tid_address$auto(0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r4) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)={0x1, 0x0, 0x1}, 0x18) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r5, 0x8000) madvise$auto(0x0, 0x2000040080040008, 0xe) 12.61711379s ago: executing program 1 (id=4381): r0 = syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/fs/ext4/sda1/extent_max_zeroout_kb\x00', 0x4929c1, 0x0) sendmsg$auto_NL80211_CMD_ABORT_SCAN(0xffffffffffffffff, 0x0, 0x20000004) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vbi30\x00', 0x4002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r3) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006400)={0x2e20, r4, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x2e07}]}, 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r5, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f00000009c0)={0x38, r6, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x20, 0x1, 0x0, 0x1, [@nested={0x1c, 0xcd, 0x0, 0x1, [@typed={0x14, 0x42, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x4, 0xf7}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40c4}, 0x4000) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_NEW(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0xfffffffffffffeee, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x80) r8 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r0, 0x100, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40800}, 0x40000) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) close_range$auto(r2, r1, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r9 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r10 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r10, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r10) ioctl$auto_KVM_GET_MSRS(r9, 0x4008ae89, &(0x7f00000000c0)={0x2, 0x0, [{0x258, 0xfffffe05, 0x21}]}) r11 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) kcmp$auto(0x1, 0x1, 0x0, r11, r11) getsockopt$auto(r8, 0x6, 0x1f, 0x0, 0x0) 9.301190571s ago: executing program 1 (id=4393): mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) writev$auto(0xffffffffffffffff, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae80, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) unshare$auto(0x40000080) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x200000000002d57, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x40, 0x0) ioctl$auto_SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3, &(0x7f0000000300)="860e3548430d88c29c12fa6845a3258d77fc9fa0237991dda246c2edd14f641bdcde35dfd2333e20f68b15eca36d9786c3687dd1461f8b45510f042acd309d388d7dd9bbd7a7f71fe8f05831976420daa5b52de2c98758fdb801065887ea28564601e98b6c42eb59f3b7f7de10a793c7cbb99ded846b75989815e88923efe6a2a3f4162a45d92ca7f53d33ac70a460dc7191257365a251a09e5d1332f3e798824933e4a78b96c229fbd62d818261abee980a3a596558a990f037107a4326725c289e8887aa796898f253b7709ddf16d2acc8889947707985ee2d297f038ee47aff715eb5e2dfdb89dd") mknod$auto(&(0x7f0000000080)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1081, 0x8) io_uring_setup$auto(0x1, 0x0) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='Y\x00\x00\x00', @ANYBLOB="01002d"], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xfffffffffffffffb, 0x8) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0x6, 0x2}, 0x8000, 0x0, 0x6) pkey_free$auto(0xfffffffd) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000012"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) uname$auto(0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/loop3/queue/discard_granularity\x00', 0x149820, 0x0) write$auto(r2, 0x0, 0x3) 7.948873912s ago: executing program 3 (id=4396): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) modify_ldt$auto(0x1, &(0x7f00000001c0), 0x10) madvise$auto(0xffff, 0x9, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) epoll_ctl$auto(0x5, 0x1, r0, 0x0) ioctl$auto_FITRIM3(r0, 0xc0185879, &(0x7f0000000000)={0xfffffffffffffffd, 0x9, 0x3}) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) timer_create$auto(0x1, 0x0, 0x0) timer_gettime$auto(0x0, 0x0) clone$auto(0x1000, 0x9, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x5) 7.756674669s ago: executing program 2 (id=4397): mmap$auto(0x7, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/tty12\x00', 0x101840, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyq5\x00', 0x2a40, 0x0) mlockall$auto(0x7) ioctl$auto(r0, 0x4b67, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x18, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000040)='/dev/binderfs/binder1\x00', 0x189560, 0x0) ioctl$auto_BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r2, 0x40046210, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) io_setup$auto(0x2, &(0x7f00000000c0)=0x5) mmap$auto(0x100000000000, 0x400008, 0xdf, 0x9b75, 0x2, 0x8000) madvise$auto(0x0, 0x200008, 0x19) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) write$auto(r3, 0x0, 0x0) pwrite64$auto(r3, &(0x7f0000002500)=']\x00', 0x3, 0xd) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000000)="b2", 0x1) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev\x00', 0x0, 0x0) pread64$auto(r5, 0x0, 0x7, 0xffff) unshare$auto(0x40000080) 7.459674168s ago: executing program 3 (id=4399): ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x60, 0x100000000000, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x0, 0xe8, 0x0, 0x2, 0x0, 0x2}) (async) r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0xe1, 0x100000eb1, 0x40000000000a1, 0x8000) (async) r1 = socket(0xa, 0x80000, 0x0) (async) socket(0xa, 0x3, 0xff) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x3, 0x100) (async) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) socket(0xa, 0x2, 0x73) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x3, 0x2f) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027b4839f3015398d3b61", @ANYRES32, @ANYRES32=r2, @ANYRES64], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) (async, rerun: 32) r3 = socket(0x10, 0x2, 0x0) (rerun: 32) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) (async) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00', 0x0, 0x0) pread64$auto(r4, &(0x7f0000000040)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\x8d\xa8\xcfM9\\\xd6\xcfUq\x05#\xed\x1c\xd1G\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xbasG\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1', 0x3ff, 0x9) (async, rerun: 64) close_range$auto(r1, r4, 0xffff) (async, rerun: 64) io_uring_setup$auto(0x6, 0x0) r5 = socket(0x2, 0x5, 0x0) (async, rerun: 32) shutdown$auto(0x200000003, 0x2) (async, rerun: 32) r6 = getpid() process_vm_readv$auto(r6, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) setsockopt$auto(r0, 0x10000000084, 0x9, 0x0, 0x9c) (async) connect$auto(r5, &(0x7f0000000080)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x54) 6.685206929s ago: executing program 3 (id=4400): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x14be03, 0x0) ioctl$auto_IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0) mmap$auto(0x4, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8003) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0xffffffffffffffff, 0x1000004b4a) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) r0 = socket(0x2, 0x80002, 0x73) r1 = io_uring_setup$auto(0xa, 0x0) r2 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000040), r1) sendmsg$auto_SMC_PNETID_ADD(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYRES16=r2, @ANYRESDEC=r0], 0x38}, 0x1, 0x0, 0x0, 0x240400d5}, 0x8c1) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="02002dbd7000fbdbdf250200007e2b736b0005000100000000000500040003000000180002006c700068854ddfdc838aa7e45d552801093d1e0005000200000000000f0002002f6465762f6c6f6f70320000050016000900000005000400"], 0x64}, 0x1, 0x0, 0x0, 0x24048084}, 0x20048004) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) mmap$auto(0x0, 0x400009, 0x2, 0x9b72, 0x8000000000000003, 0x8000) setsockopt$auto(r3, 0x6, 0xc, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) 6.339990678s ago: executing program 2 (id=4402): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7ffd) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x3, 0xff) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x0, 0x400008, 0x4, 0xa910, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0xa0681, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyxf\x00', 0x109401, 0x0) ioctl$auto(r3, 0x540a, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) 5.414714941s ago: executing program 1 (id=4403): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948f, 0x803, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) r2 = waitid$auto_P_ALL(0x0, 0x1, &(0x7f0000000440)={@siginfo_0_0={0x3, 0x7, 0x0, @_timer={0x0, 0x81, @sival_int, 0x9}}}, 0x5, &(0x7f00000005c0)={{0xfffffffffffff001, 0x8}, {0x5, 0x7}, 0x7fffffffffffffff, 0x10000, 0x5, 0x2, 0xc00000000, 0x3, 0xb9, 0x9, 0x6, 0xc, 0x0, 0x6, 0xf4, 0x3}) move_pages$auto(r2, 0xab6, &(0x7f0000000680)=&(0x7f0000000500)="12695940bf3c626839ef841ee8b23bd6328ec1f44d0e7dbd1af5fc1b46d4ead32487c5e3b069ecf19ebe3b216400d3a55c783c13942101a366afe742a68adc370cc5ed04ed96e11d8e2e1bea6d96ed39a2ad189a650f927b6d61eca01710abc718fa", &(0x7f00000006c0)=0x8000, &(0x7f0000000700)=0x8001, 0x7fffffff) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xa4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY\xad\xd6\xc5\xab`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4[\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000004440)) ioctl$auto_VHOST_SET_LOG_FD2(r1, 0x4004af07, &(0x7f00000001c0)=r3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r5, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r5, 0x8000) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r7, @ANYBLOB="010025bd7000fedbdf257e000000000066004e210000000026800000020004000000000a0200000000000000010009000000000001000400000000000200070000000000980006000000000014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1cb162ef14fb7ab2ee731fdc7f0fc553a3c07226a2160d350ed7f30000360103e17d2b53cce133a6674f5b8600a49a8403c6bdfd3e0c464ed8a2fe254a5939fb09cb1dc350c9230c189febda65557207893e11deb595e622008d945c914692afa24b99bf04b003881b9fc35a628e8a1f7dd36490920c7ce2dbffcf61124f39b5329db3d8f56f48af0b3b31b588771b14d045e0ea69404cf54596db22abd3d35b4f3d484faa4ac1eca1bbbe82ed861aee4715f465c010e98899929b521dea88b03c97f8d005000000987004d3b262d91b7e4b6d005ebb201517953c89225c186080b4836ccb358d624f4b134a11c7ec39e49d80d2c40312c250508a0e8c0969f1fe6830e50c3f2623b31882a5409300737b3fe096e8da90fa050194db696c605c6f82e18f9fc334aa232483df49ed13478a9bd48a"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) sendmsg$auto_NL80211_CMD_GET_KEY(r5, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRESDEC=r4, @ANYRESOCT=r6], 0x1c}, 0x1, 0x0, 0x0, 0x21}, 0x51) read$auto(r6, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 5.389803467s ago: executing program 3 (id=4404): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) r1 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000180)={@_si_pad}, 0xedd8, &(0x7f00000002c0)={{0x3, 0x1e}, {0x80000001, 0x1a2e5150}, 0x5, 0x6, 0x1, 0x6, 0x6, 0x4, 0x10000, 0xc, 0x2, 0x2, 0x6, 0x7, 0x10001, 0x8001}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000580)={{@inferred, 0xf0ee, 0x20009, 0x7fff, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @inferred=r1, @enumerated={0x8001, 0x1, "71c50495875fda8c62df9c4ab3f3008e01480fea07617a177302693a82a9c321a2721a69f938599440e0511333b8446367f732b02f3c559db123b30ed62f6042", 0x9, 0x18}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1ff, 0x0) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dri/renderD128\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x178ab487) pread64$auto(0xffffffffffffffff, 0x0, 0x101fb, 0x8800000005) mmap$auto(0x0, 0x2, 0x16, 0x40eb2, 0x401, 0x300000000000) r3 = ioctl$auto_TUNSETNOCSUM(0xffffffffffffffff, 0x400454c8, &(0x7f0000001000)=0x4) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000001080), 0xffffffffffffffff) mkdir$auto(&(0x7f00000002c0)='./file0\x00', 0x3) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='./file0/file0\x00') sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r3, &(0x7f0000001100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004040}, 0x40) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xc0180, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) sysfs$auto(0x2, 0x1f, 0x0) r6 = socket(0x2, 0x801, 0x106) r7 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), r5) sendmsg$auto_OVS_DP_CMD_NEW(r6, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002dbd7000000800020000000000fa0000dfffffffffffffff00", @ANYRES32=0x0, @ANYBLOB="0d0001002f6465762f6b766d00000000"], 0x3c}, 0x1, 0x0, 0x0, 0x40800}, 0x8010) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto(r6, 0x11c, 0x2, 0x0, 0x0) unshare$auto(0x40000080) seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0x9, &(0x7f0000000000)) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0x4010ae42, 0x38) mmap$auto(0xe6b9, 0x0, 0xffffffffffffff16, 0x400eb1, 0x401, 0x8000) 5.00505905s ago: executing program 0 (id=4405): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) (async) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB="5de1523353782950330a"], 0x1ac}}, 0x40000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027", @ANYBLOB="5de1523353782950330a"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x7, 0x0) openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim3/take_snapshot\x00', 0x602900, 0x0) (async) openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim3/take_snapshot\x00', 0x602900, 0x0) readv$auto(r0, &(0x7f0000000040)={0x0, 0x10000}, 0x6) readv$auto(0x3, &(0x7f0000000000)={0x0, 0x80000000}, 0x9) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) writev$auto(0x8000, &(0x7f0000000040)={0x0, 0x2}, 0x1000002bf) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) 4.333191312s ago: executing program 0 (id=4406): socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x100000000000027, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x2, 0x0) (async) io_uring_setup$auto(0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyz3\x00', 0x101e81, 0x0) (async) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyz3\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) capget$auto(&(0x7f00000000c0)={0x20071026, 0xffffffffffffffff}, 0x0) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video61\x00', 0x321440, 0x0) (async) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video61\x00', 0x321440, 0x0) mmap$auto_v4l2_fops_v4l2_dev(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000000, 0x30, r2, 0x9) (async) mmap$auto_v4l2_fops_v4l2_dev(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000000, 0x30, r2, 0x9) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 4.279219616s ago: executing program 1 (id=4407): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video59\x00', 0xa200, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) getpgrp(0x0) (async) r5 = getpgrp(0x0) sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, &(0x7f0000000100)={&(0x7f0000000200)={0x154, r4, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_PID={0x8, 0x52, r5}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x5}, @NL80211_ATTR_CNTDWN_OFFS_BEACON={0xc2, 0xba, "9ee005d805d525e3cb7804842b895a6e57312ec6f4f76f0bd5f617aa72426e62ae844f5c0e7d316d3a1c9489955d3da2f571e626c4376bc34087ba737f8c7be82258e5ef8c06c95b4c2af143ba63c072a387c14c9d7b62e71393ac5903a6732eee649c12e57d1a680c5856e52f7f5188fda37ea25c475407fa9b793d9a9ff7abaddb8c2d9949e66b61db63ec418625d917a8aef6d127507750ab65b00bd8be015eff689c279231fb2edf36cfe737b56a71e5b318da8d82facb3b5eff2a81"}, @NL80211_ATTR_CRIT_PROT_ID={0x6, 0xb3, 0x9c}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x53, 0xcd, "098efd974859b3149bac9bfb3e38a7a3a9eb733def428e2b832170d01a95155a9c0c99c567ae2d2b8c6674f3120b586c902d0bbd2dc7687e39228b0467251086d022a6d1c5b6348956dae8c04984f8"}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x4e24}]}, 0x154}, 0x1, 0x0, 0x0, 0x80}, 0x8804) ioctl$auto(0x3, 0xae41, r3) (async) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x2, 0x0, [{0x253, 0xfffffe05}]}) (async) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x2, 0x0, [{0x253, 0xfffffe05}]}) ioctl$auto(r1, 0xc0585611, r1) 4.036088646s ago: executing program 1 (id=4408): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usb10/version\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r2, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) unshare$auto(0x40000080) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) alarm$auto(0x3) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(r0, 0x0, 0x400fffd, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0xfffffff5, 0x800000000007, 0x100000) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_CREATE_VM(r3, 0xc048aeca, 0x0) sendmmsg$auto(r5, 0x0, 0x1, 0x739a) 3.564476739s ago: executing program 0 (id=4409): mmap$auto(0x0, 0x20009, 0x8, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r0, 0x110, 0x7, 0x0, 0x4) r1 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy7/queues\x00', 0x20000, 0x0) mmap$auto(0xffffffffffffefff, 0x500008, 0x1000000000db, 0x210, 0x2, 0x1b63) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_stats_fops_2(0xffffffffffffff9c, &(0x7f000000b000), 0x80, 0x0) pread64$auto(r3, &(0x7f000000b040)='\x00', 0x7, 0x6) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(r7, r7, 0x0, 0x3) write$auto(r4, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/sockstat\x00', 0x22000, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x20, 0x0, 0x1, 0x70bd2e, 0x25dfdbfa, {}, [@HWSIM_ATTR_REG_STRICT_REG={0x4}, @HWSIM_ATTR_RADIO_NAME={0x8, 0x11, '\xc7\xae\x88\b'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000014}, 0x4044820) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[@ANYRES16=r8, @ANYRES16=r1, @ANYBLOB="af696381af443e60df622d7e622f427a5c8422cc7cf3e75802e66bbb25498f912a1b52413e63c4bcf7a4be42cf4ad6e5e67df4d727ef27bf240871ea89c2a164e6580c7ec4c9ef95b717178dec13b0f911e58ef909912becd8c082505bf7ce20162b2cdd819b798b22f9b4b1cfa13b0b6ec4e070d4c3fbed272c56f8b9b72417e94b6e46f7fd13c369d483d170fa8674b538aa79236fb0d17d2bf8b2c5a80154da30"], 0x40}, 0x1, 0x0, 0x0, 0x200448d0}, 0x4048040) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x442101, 0x0) read$auto(0x3, 0x0, 0x1f40) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0) r9 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/fs/cifs/DebugData\x00', 0x2000, 0x0) pread64$auto(r9, &(0x7f0000000040)='/proc/scsi/sg/devices\x00', 0x10001, 0x3) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) 3.393397885s ago: executing program 2 (id=4410): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/usbip-vudc.0/udc/usbip-vudc.0/is_a_peripheral\x00', 0x100580, 0x0) read$auto(r2, &(0x7f00000000c0)='/\x91\xecsys/dfices/platfm/vhci_hcd.7/usb\fQ3{\x04\x7f23/23-0:1.0/ep_81/int\x00\x0fS\xe6x\x13\xbaCSJUkZ7\xcf\x9b-\xd7%\xae\x15\xf2\xd4\x93G\xf4\x9e.\xb52\xdd\x8e\x16>\x86Nl\x16\xeb', 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x4017a276a667d7d4, 0x0) write$auto(r3, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r3, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r4) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) r6 = socket(0xa, 0x2, 0x88) bpf$auto(0x4, &(0x7f0000000000)=@link_update={r6, @new_map_fd=r3, 0x4, @old_map_fd=r5}, 0xa3) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, r6, 0x8003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x200000, 0x0) madvise$auto(0xffffffffffffffff, 0x100009, 0x13) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, r0, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x50, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r7, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) 1.876320809s ago: executing program 0 (id=4411): mremap$auto(0x0, 0x2, 0x8, 0x3, 0x7effffffb000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x400, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r0, 0x0, 0x3f1) close_range$auto(0x2, 0xa, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder1\x00', 0x80001, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/v4l-subdev6\x00', 0xc0400, 0x0) ioctl$auto(0x3, 0x4020565a, 0x38) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/capabilities/msc\x00', 0x80000, 0x0) io_uring_setup$auto(0x2, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x22200, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub6/xrun_injection\x00', 0x284c00, 0x0) socket(0x2, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) 1.714604459s ago: executing program 2 (id=4412): mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) writev$auto(0xffffffffffffffff, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae80, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) unshare$auto(0x40000080) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x200000000002d57, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x40, 0x0) ioctl$auto_SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3, &(0x7f0000000300)="860e3548430d88c29c12fa6845a3258d77fc9fa0237991dda246c2edd14f641bdcde35dfd2333e20f68b15eca36d9786c3687dd1461f8b45510f042acd309d388d7dd9bbd7a7f71fe8f05831976420daa5b52de2c98758fdb801065887ea28564601e98b6c42eb59f3b7f7de10a793c7cbb99ded846b75989815e88923efe6a2a3f4162a45d92ca7f53d33ac70a460dc7191257365a251a09e5d1332f3e798824933e4a78b96c229fbd62d818261abee980a3a596558a990f037107a4326725c289e8887aa796898f253b7709ddf16d2acc8889947707985ee2d297f038ee47aff715eb5e2dfdb89dd") mknod$auto(&(0x7f0000000080)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1081, 0x8) io_uring_setup$auto(0x1, 0x0) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='Y\x00\x00\x00', @ANYBLOB="01002d"], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xfffffffffffffffb, 0x8) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0x6, 0x2}, 0x8000, 0x0, 0x6) pkey_free$auto(0xfffffffd) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000012"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) uname$auto(0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/loop3/queue/discard_granularity\x00', 0x149820, 0x0) write$auto(r2, 0x0, 0x3) 1.633047239s ago: executing program 3 (id=4413): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x2, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8842, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r2, 0x0, 0x20) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) writev$auto(r1, 0x0, 0x3) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000240)='/dev/bus/usb/002/001\x00', 0x40101, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) sysfs$auto(0x2, 0x5, 0x0) fsconfig$auto(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) sendmsg$auto_NL802154_CMD_NEW_SEC_DEV(r0, 0x0, 0x44) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0xff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 1.496025898s ago: executing program 0 (id=4414): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) (async) r2 = socket(0xa, 0x5, 0x0) ioctl$auto(r2, 0x8903, 0x8) waitid$auto_P_ALL(0x0, 0x1, 0x0, 0x5, &(0x7f00000005c0)={{0xfffffffffffff001, 0x8}, {0x5, 0x7}, 0x7fffffffffffffff, 0x10000, 0x5, 0x2, 0xc00000000, 0x3, 0xb9, 0x9, 0x6, 0xc, 0x0, 0x6, 0xf4, 0x3}) (async) sendmsg$auto_NFC_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000480), 0xc, &(0x7f0000000780)={&(0x7f0000000500)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000829bd7000fedbdf250100000005000a00030000000600110040000000060000000800150004000000"], 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x84) (async) sendmsg$auto_NFC_CMD_FW_DOWNLOAD(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x180b008}, 0xc, &(0x7f0000000380)={&(0x7f0000000800)=ANY=[@ANYBLOB="90000000", @ANYRES16=0x0, @ANYBLOB="000425bd7000fbdbdf6918000000740019003d68f56930dfec1e0c9ee2d4ec5cdec5a6617f08331f1e41250fe48416dd92cea0221dc8da3d9efe89fd9d72adf19e0e892f0903c80088663c1275a54ef729132cb800080000000000000019246d6980acf58c00249b11409d9c12c63d7f8f32c7aef96670418e95dd66e8912e6a6af108000e0000000000b57ad402596fc7f59467d7e40866b765bddaba00c455e195079e234a64b8477dd1dd288640d62ae75629e7b914657b8a80a645489231a9b49bab123e88888651b667e64895dc2e7c6267b6f918aa9f80d814b61274d56c0a58c7dadc637bd5337d14dcce8566eb7f885858298d0562608b4172765efeb594e3ccc25a26e6de449a6d14682e0742857e8204df5d1c57697f848912153bd9e4eacf5363bdf00f69513ac45212b039c77df3d081bf1942a4aeb61421274e629413bed41df07daaed8d0b06c784fcde22"], 0x90}, 0x1, 0x0, 0x0, 0x1}, 0x41001) (async) r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000004440)) (async) inotify_init1$auto(0x4) (async) r5 = openat$auto_ftrace_event_id_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/id\x00', 0xa2000, 0x0) read$auto_ftrace_event_id_fops_trace_events(r5, 0x0, 0x0) ioctl$auto_VHOST_SET_LOG_FD2(r1, 0x4004af07, &(0x7f00000001c0)=r3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r6, 0x8000) r7 = open_by_handle_at$auto(r1, &(0x7f00000002c0)={0x1a, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b"}, 0x7d) setsockopt$auto(r7, 0x1, 0x1021, 0x0, 0xd) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r6, 0x8000) r8 = pipe$auto(&(0x7f0000000080)=r4) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b75, r8, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[], 0x120}, 0x1, 0x68, 0x0, 0x40}, 0x140) (async) sendmsg$auto_NL80211_CMD_GET_KEY(r6, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x21}, 0x51) (async) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001280)=""/4124, 0x101c) 984.913725ms ago: executing program 3 (id=4415): r0 = socket(0xa, 0x1, 0x100) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/conf/dummy0/forwarding\x00', 0x202, 0x0) sendfile$auto(r4, r3, 0x0, 0x48) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x3fdafc9, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r5, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) r6 = socket(0x18, 0x5, 0x1) pselect6$auto(0x200, &(0x7f0000000440)={[0x5, 0xd9c, 0x81, 0x6, 0xff00000000000, 0x9, 0x9, 0x5661, 0x4, 0x3, 0x6, 0x35e, 0xfffffffffffffffd, 0xc1, 0xfffffffffffffffc, 0xc]}, &(0x7f00000004c0)={[0x3ef, 0x3, 0xfffffffffffffffa, 0x9, 0x5, 0x997, 0xe593, 0x7fff, 0x5, 0x6, 0x81, 0x0, 0x8, 0x7c97, 0x4b53, 0x4]}, &(0x7f0000000540)={[0x3, 0x9, 0x40, 0x633, 0x9, 0xfffffffffffffffa, 0x3, 0x80000000001, 0x958, 0x0, 0x6, 0xf, 0xc4, 0x7, 0xfffffffffffffbff, 0x3]}, &(0x7f00000003c0)={0x1, 0x29}, &(0x7f00000005c0)="ceb5e0ab69d18d815e33f7774f9f0043c0126baa808909de2df68fc203ffa31e13d9970e1f79172539a28fb2e91c57a2d5c73a2c2c682dd90caf002d5404bda662a7e3d307fead4338542817893bff1e1867ec37d9566977336fb42ccfa059292cad71cd0793f0582bf8003a947af8713aad3f985522ea9c0ffa8e355a10964f47dc656c756a910d5c069b7f8aa810c8cb9c8864946da96eb21492139e864378d3b35ca875d129ba6cdc45a6e8aebe8593716459af87014044e2eb5209881b548621f93ecdf388aa4ea50c24a1f5ca6cb443e26414c2de02d2873347d0237d0067018786") connect$auto(r6, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) r7 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), r0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000006c0), 0x2202, 0x0) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r6, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)={0x14, r7, 0x100, 0x70bd25, 0x25dfdbfc, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x30004850) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r8, 0x5425, 0x0) ioctl$auto_userfaultfd_dev_fops_userfaultfd(r2, 0x0, &(0x7f0000000180)="dc100debc7fd2c4fa89d950e1933e53f8a7a4ce5ce731ee4a3e31a7b62979e93c11e0853962e1f52fca001d62735f7a14fa942a74a70f490f73180a5b476885471f52edabde6ea5d51ad5c1e7a750984447a64bb9ff1d3a7") openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000700)='/sys/devices/virtual/tty/ptyv0/power/runtime_active_time\x00', 0x0, 0x0) r9 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/net\x00') ioctl$auto(r8, 0x6, r9) 329.122492ms ago: executing program 0 (id=4416): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948f, 0x803, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) r2 = waitid$auto_P_ALL(0x0, 0x1, &(0x7f0000000440)={@siginfo_0_0={0x3, 0x7, 0x0, @_timer={0x0, 0x81, @sival_int, 0x9}}}, 0x5, &(0x7f00000005c0)={{0xfffffffffffff001, 0x8}, {0x5, 0x7}, 0x7fffffffffffffff, 0x10000, 0x5, 0x2, 0xc00000000, 0x3, 0xb9, 0x9, 0x6, 0xc, 0x0, 0x6, 0xf4, 0x3}) move_pages$auto(r2, 0xab6, &(0x7f0000000680)=&(0x7f0000000500)="12695940bf3c626839ef841ee8b23bd6328ec1f44d0e7dbd1af5fc1b46d4ead32487c5e3b069ecf19ebe3b216400d3a55c783c13942101a366afe742a68adc370cc5ed04ed96e11d8e2e1bea6d96ed39a2ad189a650f927b6d61eca01710abc718fa", &(0x7f00000006c0)=0x8000, &(0x7f0000000700)=0x8001, 0x7fffffff) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xa4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY\xad\xd6\xc5\xab`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4[\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000004440)) ioctl$auto_VHOST_SET_LOG_FD2(r1, 0x4004af07, &(0x7f00000001c0)=r3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r5, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r5, 0x8000) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r7, @ANYBLOB="010025bd7000fedbdf257e000000000066004e210000000026800000020004000000000b0200000000000000010009000000000001000400000000000200070000000000980006000000000014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1cb162ef14fb7ab2ee731fdc7f0fc553a3c07226a2160d350ed7f30000360103e17d2b53cce133a6674f5b8600a49a8403c6bdfd3e0c464ed8a2fe254a5939fb09cb1dc350c9230c189febda65557207893e11deb595e622008d945c914692afa24b99bf04b003881b9fc35a628e8a1f7dd36490920c7ce2dbffcf61124f39b5329db3d8f56f48af0b3b31b588771b14d045e0ea69404cf54596db22abd3d35b4f3d484faa4ac1eca1bbbe82ed861aee4715f465c010e98899929b521dea88b03c97f8d005000000987004d3b262d91b7e4b6d005ebb201517953c89225c186080b4836ccb358d624f4b134a11c7ec39e49d80d2c40312c250508a0e8c0969f1fe6830e50c3f2623b31882a5409300737b3fe096e8da90fa050194db696c605c6f82e18f9fc334aa232483df49ed13478a9bd48a"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) sendmsg$auto_NL80211_CMD_GET_KEY(r5, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRESDEC=r4, @ANYRESOCT=r6], 0x1c}, 0x1, 0x0, 0x0, 0x21}, 0x51) read$auto(r6, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 0s ago: executing program 1 (id=4417): r0 = epoll_create$auto(0x2) epoll_pwait2$auto(r0, 0x0, 0x8, &(0x7f0000002780)={0x10000000000, 0x5}, 0x0, 0x8) r1 = epoll_create$auto(0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000200)={0x40004200, 0x0, 0x0, 0x0, {0x2f}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$auto_SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000240)="ff1c77e3e0c75de3e4b5b406551a5767a5356c9bd9de5c773f2e75e6819101f051269dc09510f21d26b8a47ea44ff3011466be44ee87e992ae7b381f46f7e8880f1e4e52a3aa37892fbbcee374327f019f5d1866ce7ce150a42b0a07517071aa68e5997c2bc1062a9b033ba7bfba2572aaa306a2725c16886e383a0973673e3ea024667ff4d2d10e01fd145039fbc221dcd97c590000000000000000005b0d5646bec3cc3e72e128b447ddfe9f9109d94bbbeeb889959201af3ee76e59ecacbc6cd4db93f60abb9223cbd86cb4ea79e84ec9c9bc05390d61c270dd5ea2a3334fd5db6942929d02c50bc254ecb9989258c9e074a6917a36f0") ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x48e, 0x0, 0x9}]}) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/vxcan1/forwarding\x00', 0x82002, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/virt_wifi0/ra_defrtr_metric\x00', 0x0, 0x0) sendfile$auto(r2, r3, 0x0, 0x1) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) modify_ldt$auto(0x1, &(0x7f00000001c0), 0x10) clone$auto(0x1000, 0x9, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x5) kernel console output (not intermixed with test programs): 0000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1343.916122][T24167] R13: 00007f0c805e6038 R14: 00007f0c805e5fa0 R15: 00007ffdab8b4a08 [ 1343.916168][T24167] [ 1344.713034][T24167] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1345.392800][T24186] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 1346.249834][T24199] Invalid ELF header magic: != ELF [ 1348.111136][T24232] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3570'. [ 1348.122528][T24232] netlink: 13 bytes leftover after parsing attributes in process `syz.3.3570'. [ 1350.306394][T24255] netlink: 268 bytes leftover after parsing attributes in process `syz.1.3575'. [ 1351.696974][T24302] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3582'. [ 1351.769606][T24302] netlink: 13 bytes leftover after parsing attributes in process `syz.2.3582'. [ 1352.059188][T24314] netlink: 'syz.3.3587': attribute type 1 has an invalid length. [ 1352.894864][T24320] netlink: 268 bytes leftover after parsing attributes in process `syz.1.3588'. [ 1353.412518][T24337] netlink: 206 bytes leftover after parsing attributes in process `syz.2.3593'. [ 1354.571406][T24365] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1355.203181][T24381] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1355.695933][T24381] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3603'. [ 1356.336474][T24391] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1356.997034][T24429] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1357.104152][T24431] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3610'. [ 1357.283990][T24433] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1357.562289][T24439] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3613'. [ 1357.685734][T24439] bridge_slave_1: left allmulticast mode [ 1357.691654][T24439] bridge_slave_1: left promiscuous mode [ 1357.716141][T24439] bridge0: port 2(bridge_slave_1) entered disabled state [ 1357.771852][T24439] bridge_slave_0: left allmulticast mode [ 1357.802906][T24439] bridge_slave_0: left promiscuous mode [ 1357.808924][T24439] bridge0: port 1(bridge_slave_0) entered disabled state [ 1359.506033][T24481] netlink: 268 bytes leftover after parsing attributes in process `syz.1.3622'. [ 1362.360159][T24529] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3632'. [ 1362.489037][T24514] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1363.571485][T11315] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1 [ 1364.127139][T24561] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1365.172761][T24577] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3645'. [ 1365.776205][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1365.782593][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1365.845713][T24585] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3646'. [ 1366.329414][T24582] Process accounting resumed [ 1366.611322][T24612] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1367.887869][T24611] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3659'. [ 1370.691927][T24679] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3668'. [ 1370.713639][T24683] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1370.742597][T24680] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3668'. [ 1370.949730][T24658] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3663'. [ 1371.649741][T24694] FAULT_INJECTION: forcing a failure. [ 1371.649741][T24694] name failslab, interval 1, probability 0, space 0, times 0 [ 1371.721949][T24694] CPU: 1 UID: 0 PID: 24694 Comm: syz.0.3670 Not tainted syzkaller #0 PREEMPT(full) [ 1371.721997][T24694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1371.722018][T24694] Call Trace: [ 1371.722029][T24694] [ 1371.722043][T24694] dump_stack_lvl+0x16c/0x1f0 [ 1371.722092][T24694] should_fail_ex+0x512/0x640 [ 1371.722142][T24694] ? fs_reclaim_acquire+0xae/0x150 [ 1371.722195][T24694] should_failslab+0xc2/0x120 [ 1371.722243][T24694] __kmalloc_noprof+0xdd/0x880 [ 1371.722278][T24694] ? usb_alloc_urb+0x66/0xa0 [ 1371.722337][T24694] ? usb_alloc_urb+0x66/0xa0 [ 1371.722386][T24694] usb_alloc_urb+0x66/0xa0 [ 1371.722437][T24694] usb_control_msg+0x1d3/0x4a0 [ 1371.722474][T24694] ? __pfx_usb_control_msg+0x10/0x10 [ 1371.722514][T24694] ? __lock_acquire+0xb97/0x1ce0 [ 1371.722572][T24694] hub_ext_port_status+0x14e/0x670 [ 1371.722643][T24694] hub_activate+0x6e5/0x1d60 [ 1371.722690][T24694] ? __pfx_hub_activate+0x10/0x10 [ 1371.722722][T24694] ? find_held_lock+0x2b/0x80 [ 1371.722763][T24694] ? async_getcompleted+0x100/0x1b0 [ 1371.722825][T24694] hub_resume+0xa8/0x3f0 [ 1371.722868][T24694] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1371.722953][T24694] ? __pfx_hub_resume+0x10/0x10 [ 1371.722989][T24694] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1371.723055][T24694] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1371.723111][T24694] usb_resume_both+0x237/0x960 [ 1371.723160][T24694] ? __pfx_usb_resume_both+0x10/0x10 [ 1371.723208][T24694] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1371.723262][T24694] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1371.723314][T24694] __rpm_callback+0xc8/0x610 [ 1371.723351][T24694] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1371.723403][T24694] rpm_callback+0x1b7/0x200 [ 1371.723435][T24694] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1371.723485][T24694] rpm_resume+0xd0a/0x1310 [ 1371.723528][T24694] ? __pfx_rpm_resume+0x10/0x10 [ 1371.723559][T24694] ? do_raw_spin_lock+0x12c/0x2b0 [ 1371.723596][T24694] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1371.723649][T24694] __pm_runtime_resume+0xb6/0x170 [ 1371.723688][T24694] usb_autoresume_device+0x23/0xe0 [ 1371.723741][T24694] usbdev_open+0x228/0x8b0 [ 1371.723792][T24694] ? kobject_get_unless_zero+0x156/0x1e0 [ 1371.723840][T24694] ? __pfx_usbdev_open+0x10/0x10 [ 1371.723902][T24694] ? chrdev_open+0x10b/0x6a0 [ 1371.723951][T24694] ? __pfx_usbdev_open+0x10/0x10 [ 1371.724003][T24694] chrdev_open+0x234/0x6a0 [ 1371.724044][T24694] ? __pfx_apparmor_file_open+0x10/0x10 [ 1371.724110][T24694] ? __pfx_chrdev_open+0x10/0x10 [ 1371.724157][T24694] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1371.724204][T24694] do_dentry_open+0x982/0x1530 [ 1371.724247][T24694] ? __pfx_chrdev_open+0x10/0x10 [ 1371.724298][T24694] vfs_open+0x82/0x3f0 [ 1371.724352][T24694] path_openat+0x1de4/0x2cb0 [ 1371.724407][T24694] ? __pfx_path_openat+0x10/0x10 [ 1371.724460][T24694] do_filp_open+0x20b/0x470 [ 1371.724501][T24694] ? __pfx_do_filp_open+0x10/0x10 [ 1371.724574][T24694] ? alloc_fd+0x471/0x7d0 [ 1371.724624][T24694] do_sys_openat2+0x11b/0x1d0 [ 1371.724675][T24694] ? __pfx_do_sys_openat2+0x10/0x10 [ 1371.724747][T24694] __x64_sys_openat+0x174/0x210 [ 1371.724801][T24694] ? __pfx___x64_sys_openat+0x10/0x10 [ 1371.724881][T24694] do_syscall_64+0xcd/0x4b0 [ 1371.724929][T24694] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1371.724964][T24694] RIP: 0033:0x7fd83e98eec9 [ 1371.724991][T24694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1371.725024][T24694] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1371.725056][T24694] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1371.725077][T24694] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1371.725098][T24694] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1371.725120][T24694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1371.725141][T24694] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1371.725185][T24694] [ 1372.128846][T24694] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1374.054655][ T30] audit: type=1806 audit(4294967333.057:39): xattr="" res=-22 [ 1374.735207][T24739] FAULT_INJECTION: forcing a failure. [ 1374.735207][T24739] name failslab, interval 1, probability 0, space 0, times 0 [ 1374.847495][T24739] CPU: 1 UID: 0 PID: 24739 Comm: syz.2.3677 Not tainted syzkaller #0 PREEMPT(full) [ 1374.847541][T24739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1374.847561][T24739] Call Trace: [ 1374.847572][T24739] [ 1374.847586][T24739] dump_stack_lvl+0x16c/0x1f0 [ 1374.847634][T24739] should_fail_ex+0x512/0x640 [ 1374.847683][T24739] ? fs_reclaim_acquire+0xae/0x150 [ 1374.847743][T24739] should_failslab+0xc2/0x120 [ 1374.847790][T24739] __kmalloc_noprof+0xdd/0x880 [ 1374.847823][T24739] ? ima_alloc_init_template+0xb5/0x720 [ 1374.847884][T24739] ? ima_alloc_init_template+0xb5/0x720 [ 1374.847935][T24739] ima_alloc_init_template+0xb5/0x720 [ 1374.847992][T24739] ? take_dentry_name_snapshot+0x319/0x7d0 [ 1374.848046][T24739] ima_store_measurement+0x1eb/0x5c0 [ 1374.848106][T24739] ? __pfx_ima_store_measurement+0x10/0x10 [ 1374.848161][T24739] ? vfs_getxattr_alloc+0xec/0x350 [ 1374.848210][T24739] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1374.848265][T24739] process_measurement+0x1ddb/0x23e0 [ 1374.848329][T24739] ? __pfx_process_measurement+0x10/0x10 [ 1374.848378][T24739] ? __kasan_slab_alloc+0x89/0x90 [ 1374.848423][T24739] ? security_file_alloc+0x34/0x2b0 [ 1374.848457][T24739] ? alloc_empty_file+0x73/0x1e0 [ 1374.848503][T24739] ? alloc_file_pseudo+0x13a/0x230 [ 1374.848564][T24739] ? find_held_lock+0x2b/0x80 [ 1374.848655][T24739] ima_file_mmap+0x1b1/0x1d0 [ 1374.848711][T24739] ? __pfx_ima_file_mmap+0x10/0x10 [ 1374.848772][T24739] security_mmap_file+0x88c/0x990 [ 1374.848808][T24739] vm_mmap_pgoff+0xec/0x470 [ 1374.848861][T24739] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1374.848904][T24739] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1374.848957][T24739] ? hugetlbfs_get_inode+0x31f/0x730 [ 1374.849011][T24739] ksys_mmap_pgoff+0x1c8/0x5c0 [ 1374.849064][T24739] __x64_sys_mmap+0x125/0x190 [ 1374.849102][T24739] do_syscall_64+0xcd/0x4b0 [ 1374.849151][T24739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1374.849185][T24739] RIP: 0033:0x7f0c8038eec9 [ 1374.849212][T24739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1374.849245][T24739] RSP: 002b:00007f0c7e5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1374.849278][T24739] RAX: ffffffffffffffda RBX: 00007f0c805e6180 RCX: 00007f0c8038eec9 [ 1374.849299][T24739] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 1374.849319][T24739] RBP: 00007f0c80411f91 R08: 0000000000000401 R09: 0000300000000000 [ 1374.849340][T24739] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1374.849360][T24739] R13: 00007f0c805e6218 R14: 00007f0c805e6180 R15: 00007ffdab8b4a08 [ 1374.849403][T24739] [ 1375.114308][ T30] audit: type=1804 audit(4294967333.861:40): pid=24739 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.3677" name="anon_hugepage" dev="hugetlbfs" ino=79804 res=0 errno=0 [ 1375.534513][T24757] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3684'. [ 1376.294621][ T30] audit: type=1804 audit(4294967335.308:41): pid=24763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3687" name="file0" dev="tmpfs" ino=2927 res=1 errno=0 [ 1376.458235][T24779] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 1377.518842][T24793] cougar: G6 mapped to space [ 1377.549820][T24793] cougar: G6 mapped to space [ 1377.554517][T24793] cougar: G6 mapped to space [ 1377.559171][T24793] cougar: G6 mapped to space [ 1377.709862][T24793] cougar: G6 mapped to space [ 1377.714568][T24793] cougar: G6 mapped to space [ 1377.749174][T24793] cougar: G6 mapped to space [ 1377.822727][T24793] cougar: G6 mapped to space [ 1377.860018][T24793] cougar: G6 mapped to space [ 1377.897520][T24793] cougar: G6 mapped to space [ 1377.919026][T24793] cougar: G6 mapped to space [ 1378.002187][T24793] cougar: G6 mapped to space [ 1378.220282][T24788] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3692'. [ 1378.433664][T24820] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1379.100442][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1379.123207][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1379.148387][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1379.314673][ T24] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1379.327092][ T24] rtc rtc0: __rtc_set_alarm: err=-22 [ 1379.803447][T24841] FAULT_INJECTION: forcing a failure. [ 1379.803447][T24841] name failslab, interval 1, probability 0, space 0, times 0 [ 1379.817495][T24841] CPU: 0 UID: 0 PID: 24841 Comm: syz.0.3702 Not tainted syzkaller #0 PREEMPT(full) [ 1379.817541][T24841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1379.817562][T24841] Call Trace: [ 1379.817574][T24841] [ 1379.817587][T24841] dump_stack_lvl+0x16c/0x1f0 [ 1379.817635][T24841] should_fail_ex+0x512/0x640 [ 1379.817683][T24841] ? fs_reclaim_acquire+0xae/0x150 [ 1379.817740][T24841] should_failslab+0xc2/0x120 [ 1379.817787][T24841] __kmalloc_cache_noprof+0x72/0x780 [ 1379.817823][T24841] ? usb_control_msg+0xbc/0x4a0 [ 1379.817862][T24841] ? usb_control_msg+0xbc/0x4a0 [ 1379.817892][T24841] usb_control_msg+0xbc/0x4a0 [ 1379.817927][T24841] ? __pfx_usb_control_msg+0x10/0x10 [ 1379.817966][T24841] ? __lock_acquire+0xb97/0x1ce0 [ 1379.818019][T24841] hub_ext_port_status+0x14e/0x670 [ 1379.818085][T24841] hub_activate+0x6e5/0x1d60 [ 1379.818130][T24841] ? __pfx_hub_activate+0x10/0x10 [ 1379.818160][T24841] ? find_held_lock+0x2b/0x80 [ 1379.818200][T24841] ? async_getcompleted+0x100/0x1b0 [ 1379.818274][T24841] hub_resume+0xa8/0x3f0 [ 1379.818315][T24841] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1379.818361][T24841] ? __pfx_hub_resume+0x10/0x10 [ 1379.818399][T24841] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1379.818461][T24841] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1379.818520][T24841] usb_resume_both+0x237/0x960 [ 1379.818569][T24841] ? __pfx_usb_resume_both+0x10/0x10 [ 1379.818620][T24841] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1379.818678][T24841] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1379.818729][T24841] __rpm_callback+0xc8/0x610 [ 1379.818768][T24841] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1379.818824][T24841] rpm_callback+0x1b7/0x200 [ 1379.818855][T24841] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1379.818911][T24841] rpm_resume+0xd0a/0x1310 [ 1379.818955][T24841] ? __pfx_rpm_resume+0x10/0x10 [ 1379.818989][T24841] ? do_raw_spin_lock+0x12c/0x2b0 [ 1379.819026][T24841] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1379.819084][T24841] __pm_runtime_resume+0xb6/0x170 [ 1379.819123][T24841] usb_autoresume_device+0x23/0xe0 [ 1379.819180][T24841] usbdev_open+0x228/0x8b0 [ 1379.819237][T24841] ? kobject_get_unless_zero+0x156/0x1e0 [ 1379.819292][T24841] ? __pfx_usbdev_open+0x10/0x10 [ 1379.819350][T24841] ? chrdev_open+0x10b/0x6a0 [ 1379.819404][T24841] ? __pfx_usbdev_open+0x10/0x10 [ 1379.819457][T24841] chrdev_open+0x234/0x6a0 [ 1379.819503][T24841] ? __pfx_apparmor_file_open+0x10/0x10 [ 1379.819565][T24841] ? __pfx_chrdev_open+0x10/0x10 [ 1379.819622][T24841] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1379.819674][T24841] do_dentry_open+0x982/0x1530 [ 1379.819722][T24841] ? __pfx_chrdev_open+0x10/0x10 [ 1379.819776][T24841] vfs_open+0x82/0x3f0 [ 1379.819836][T24841] path_openat+0x1de4/0x2cb0 [ 1379.819897][T24841] ? __pfx_path_openat+0x10/0x10 [ 1379.819951][T24841] do_filp_open+0x20b/0x470 [ 1379.819996][T24841] ? __pfx_do_filp_open+0x10/0x10 [ 1379.820071][T24841] ? alloc_fd+0x471/0x7d0 [ 1379.820132][T24841] do_sys_openat2+0x11b/0x1d0 [ 1379.820189][T24841] ? __pfx_do_sys_openat2+0x10/0x10 [ 1379.820272][T24841] __x64_sys_openat+0x174/0x210 [ 1379.820333][T24841] ? __pfx___x64_sys_openat+0x10/0x10 [ 1379.820406][T24841] do_syscall_64+0xcd/0x4b0 [ 1379.820451][T24841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1379.820481][T24841] RIP: 0033:0x7fd83e98eec9 [ 1379.820503][T24841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1379.820535][T24841] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1379.820561][T24841] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1379.820577][T24841] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1379.820593][T24841] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1379.820608][T24841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1379.820623][T24841] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1379.820654][T24841] [ 1380.241300][T24841] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1383.666417][T24888] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3712'. [ 1384.395113][T24894] netlink: 268 bytes leftover after parsing attributes in process `syz.1.3714'. [ 1384.708688][T24905] Console: switching to colour VGA+ 80x25 [ 1385.657114][T24924] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3720'. [ 1386.733756][T24942] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1386.897176][T24940] CIFS mount error: No usable UNC path provided in device string! [ 1386.897176][T24940] [ 1386.907464][T24940] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1387.664836][T24949] FAULT_INJECTION: forcing a failure. [ 1387.664836][T24949] name failslab, interval 1, probability 0, space 0, times 0 [ 1387.680874][T24951] Invalid ELF header magic: != ELF [ 1387.706767][T24949] CPU: 1 UID: 0 PID: 24949 Comm: syz.0.3726 Not tainted syzkaller #0 PREEMPT(full) [ 1387.706831][T24949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1387.706862][T24949] Call Trace: [ 1387.706883][T24949] [ 1387.706898][T24949] dump_stack_lvl+0x16c/0x1f0 [ 1387.706951][T24949] should_fail_ex+0x512/0x640 [ 1387.707000][T24949] ? fs_reclaim_acquire+0xae/0x150 [ 1387.707053][T24949] should_failslab+0xc2/0x120 [ 1387.707103][T24949] __kmalloc_cache_noprof+0x72/0x780 [ 1387.707141][T24949] ? usb_control_msg+0xbc/0x4a0 [ 1387.707182][T24949] ? usb_control_msg+0xbc/0x4a0 [ 1387.707215][T24949] usb_control_msg+0xbc/0x4a0 [ 1387.707252][T24949] ? __pfx_usb_control_msg+0x10/0x10 [ 1387.707291][T24949] ? __lock_acquire+0xb97/0x1ce0 [ 1387.707349][T24949] hub_ext_port_status+0x14e/0x670 [ 1387.707424][T24949] hub_activate+0x6e5/0x1d60 [ 1387.707473][T24949] ? __pfx_hub_activate+0x10/0x10 [ 1387.707506][T24949] ? find_held_lock+0x2b/0x80 [ 1387.707548][T24949] ? async_getcompleted+0x100/0x1b0 [ 1387.707612][T24949] hub_resume+0xa8/0x3f0 [ 1387.707648][T24949] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1387.707694][T24949] ? __pfx_hub_resume+0x10/0x10 [ 1387.707729][T24949] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1387.707789][T24949] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1387.707844][T24949] usb_resume_both+0x237/0x960 [ 1387.707902][T24949] ? __pfx_usb_resume_both+0x10/0x10 [ 1387.707952][T24949] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1387.708006][T24949] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1387.708057][T24949] __rpm_callback+0xc8/0x610 [ 1387.708094][T24949] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1387.708146][T24949] rpm_callback+0x1b7/0x200 [ 1387.708177][T24949] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1387.708229][T24949] rpm_resume+0xd0a/0x1310 [ 1387.708272][T24949] ? __pfx_rpm_resume+0x10/0x10 [ 1387.708303][T24949] ? do_raw_spin_lock+0x12c/0x2b0 [ 1387.708341][T24949] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1387.708395][T24949] __pm_runtime_resume+0xb6/0x170 [ 1387.708433][T24949] usb_autoresume_device+0x23/0xe0 [ 1387.708487][T24949] usbdev_open+0x228/0x8b0 [ 1387.708539][T24949] ? kobject_get_unless_zero+0x156/0x1e0 [ 1387.708585][T24949] ? __pfx_usbdev_open+0x10/0x10 [ 1387.708636][T24949] ? chrdev_open+0x10b/0x6a0 [ 1387.708686][T24949] ? __pfx_usbdev_open+0x10/0x10 [ 1387.708735][T24949] chrdev_open+0x234/0x6a0 [ 1387.708776][T24949] ? __pfx_apparmor_file_open+0x10/0x10 [ 1387.708826][T24949] ? __pfx_chrdev_open+0x10/0x10 [ 1387.708872][T24949] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1387.708930][T24949] do_dentry_open+0x982/0x1530 [ 1387.708975][T24949] ? __pfx_chrdev_open+0x10/0x10 [ 1387.709033][T24949] vfs_open+0x82/0x3f0 [ 1387.709090][T24949] path_openat+0x1de4/0x2cb0 [ 1387.709144][T24949] ? __pfx_path_openat+0x10/0x10 [ 1387.709194][T24949] do_filp_open+0x20b/0x470 [ 1387.709235][T24949] ? __pfx_do_filp_open+0x10/0x10 [ 1387.709308][T24949] ? alloc_fd+0x471/0x7d0 [ 1387.709357][T24949] do_sys_openat2+0x11b/0x1d0 [ 1387.709410][T24949] ? __pfx_do_sys_openat2+0x10/0x10 [ 1387.709482][T24949] __x64_sys_openat+0x174/0x210 [ 1387.709536][T24949] ? __pfx___x64_sys_openat+0x10/0x10 [ 1387.709609][T24949] do_syscall_64+0xcd/0x4b0 [ 1387.709654][T24949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1387.709690][T24949] RIP: 0033:0x7fd83e98eec9 [ 1387.709717][T24949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1387.709753][T24949] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1387.709786][T24949] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1387.709810][T24949] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1387.709833][T24949] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1387.709854][T24949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1387.709883][T24949] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1387.709929][T24949] [ 1387.714591][T24949] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1388.163599][T24963] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3729'. [ 1388.782518][T24978] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3733'. [ 1389.021409][T24982] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1389.510927][T24985] random: crng reseeded on system resumption [ 1390.766497][T25026] random: crng reseeded on system resumption [ 1390.945824][T25031] FAULT_INJECTION: forcing a failure. [ 1390.945824][T25031] name failslab, interval 1, probability 0, space 0, times 0 [ 1390.965948][T25031] CPU: 1 UID: 0 PID: 25031 Comm: syz.2.3743 Not tainted syzkaller #0 PREEMPT(full) [ 1390.965996][T25031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1390.966019][T25031] Call Trace: [ 1390.966031][T25031] [ 1390.966046][T25031] dump_stack_lvl+0x16c/0x1f0 [ 1390.966087][T25031] should_fail_ex+0x512/0x640 [ 1390.966128][T25031] ? fs_reclaim_acquire+0xae/0x150 [ 1390.966173][T25031] should_failslab+0xc2/0x120 [ 1390.966214][T25031] __kmalloc_cache_noprof+0x72/0x780 [ 1390.966244][T25031] ? usb_control_msg+0xbc/0x4a0 [ 1390.966278][T25031] ? usb_control_msg+0xbc/0x4a0 [ 1390.966304][T25031] usb_control_msg+0xbc/0x4a0 [ 1390.966333][T25031] ? __pfx_usb_control_msg+0x10/0x10 [ 1390.966367][T25031] ? __lock_acquire+0xb97/0x1ce0 [ 1390.966415][T25031] hub_ext_port_status+0x14e/0x670 [ 1390.966472][T25031] hub_activate+0x6e5/0x1d60 [ 1390.966511][T25031] ? __pfx_hub_activate+0x10/0x10 [ 1390.966537][T25031] ? find_held_lock+0x2b/0x80 [ 1390.966571][T25031] ? async_getcompleted+0x100/0x1b0 [ 1390.966632][T25031] hub_resume+0xa8/0x3f0 [ 1390.966662][T25031] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1390.966701][T25031] ? __pfx_hub_resume+0x10/0x10 [ 1390.966731][T25031] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1390.966782][T25031] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1390.966828][T25031] usb_resume_both+0x237/0x960 [ 1390.966868][T25031] ? __pfx_usb_resume_both+0x10/0x10 [ 1390.966907][T25031] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1390.966956][T25031] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1390.966998][T25031] __rpm_callback+0xc8/0x610 [ 1390.967030][T25031] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1390.967074][T25031] rpm_callback+0x1b7/0x200 [ 1390.967100][T25031] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1390.967143][T25031] rpm_resume+0xd0a/0x1310 [ 1390.967178][T25031] ? __pfx_rpm_resume+0x10/0x10 [ 1390.967204][T25031] ? do_raw_spin_lock+0x12c/0x2b0 [ 1390.967235][T25031] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1390.967278][T25031] __pm_runtime_resume+0xb6/0x170 [ 1390.967309][T25031] usb_autoresume_device+0x23/0xe0 [ 1390.967354][T25031] usbdev_open+0x228/0x8b0 [ 1390.967397][T25031] ? kobject_get_unless_zero+0x156/0x1e0 [ 1390.967437][T25031] ? __pfx_usbdev_open+0x10/0x10 [ 1390.967479][T25031] ? chrdev_open+0x10b/0x6a0 [ 1390.967519][T25031] ? __pfx_usbdev_open+0x10/0x10 [ 1390.967560][T25031] chrdev_open+0x234/0x6a0 [ 1390.967595][T25031] ? __pfx_apparmor_file_open+0x10/0x10 [ 1390.967645][T25031] ? __pfx_chrdev_open+0x10/0x10 [ 1390.967684][T25031] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1390.967725][T25031] do_dentry_open+0x982/0x1530 [ 1390.967762][T25031] ? __pfx_chrdev_open+0x10/0x10 [ 1390.967805][T25031] vfs_open+0x82/0x3f0 [ 1390.967852][T25031] path_openat+0x1de4/0x2cb0 [ 1390.967897][T25031] ? __pfx_path_openat+0x10/0x10 [ 1390.967941][T25031] do_filp_open+0x20b/0x470 [ 1390.967975][T25031] ? __pfx_do_filp_open+0x10/0x10 [ 1390.968034][T25031] ? alloc_fd+0x471/0x7d0 [ 1390.968073][T25031] do_sys_openat2+0x11b/0x1d0 [ 1390.968126][T25031] ? __pfx_do_sys_openat2+0x10/0x10 [ 1390.968185][T25031] __x64_sys_openat+0x174/0x210 [ 1390.968231][T25031] ? __pfx___x64_sys_openat+0x10/0x10 [ 1390.968299][T25031] do_syscall_64+0xcd/0x4b0 [ 1390.968338][T25031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1390.968368][T25031] RIP: 0033:0x7f0c8038eec9 [ 1390.968391][T25031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1390.968419][T25031] RSP: 002b:00007f0c81144038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1390.968446][T25031] RAX: ffffffffffffffda RBX: 00007f0c805e5fa0 RCX: 00007f0c8038eec9 [ 1390.968465][T25031] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1390.968488][T25031] RBP: 00007f0c80411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1390.968506][T25031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1390.968523][T25031] R13: 00007f0c805e6038 R14: 00007f0c805e5fa0 R15: 00007ffdab8b4a08 [ 1390.968558][T25031] [ 1390.968665][T25031] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1392.267907][T25065] random: crng reseeded on system resumption [ 1392.276581][T25063] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3750'. [ 1392.967388][T25080] FAULT_INJECTION: forcing a failure. [ 1392.967388][T25080] name failslab, interval 1, probability 0, space 0, times 0 [ 1393.000642][T25080] CPU: 1 UID: 0 PID: 25080 Comm: syz.2.3753 Not tainted syzkaller #0 PREEMPT(full) [ 1393.000688][T25080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1393.000710][T25080] Call Trace: [ 1393.000722][T25080] [ 1393.000735][T25080] dump_stack_lvl+0x16c/0x1f0 [ 1393.000786][T25080] should_fail_ex+0x512/0x640 [ 1393.000835][T25080] ? fs_reclaim_acquire+0xae/0x150 [ 1393.000887][T25080] should_failslab+0xc2/0x120 [ 1393.000935][T25080] __kmalloc_cache_noprof+0x72/0x780 [ 1393.000972][T25080] ? usb_control_msg+0xbc/0x4a0 [ 1393.001014][T25080] ? usb_control_msg+0xbc/0x4a0 [ 1393.001047][T25080] usb_control_msg+0xbc/0x4a0 [ 1393.001083][T25080] ? __pfx_usb_control_msg+0x10/0x10 [ 1393.001120][T25080] ? __lock_acquire+0xb97/0x1ce0 [ 1393.001173][T25080] hub_ext_port_status+0x14e/0x670 [ 1393.001250][T25080] hub_activate+0x6e5/0x1d60 [ 1393.001294][T25080] ? __pfx_hub_activate+0x10/0x10 [ 1393.001325][T25080] ? find_held_lock+0x2b/0x80 [ 1393.001366][T25080] ? async_getcompleted+0x100/0x1b0 [ 1393.001430][T25080] hub_resume+0xa8/0x3f0 [ 1393.001466][T25080] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1393.001512][T25080] ? __pfx_hub_resume+0x10/0x10 [ 1393.001545][T25080] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1393.001603][T25080] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1393.001660][T25080] usb_resume_both+0x237/0x960 [ 1393.001708][T25080] ? __pfx_usb_resume_both+0x10/0x10 [ 1393.001754][T25080] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1393.001805][T25080] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1393.001854][T25080] __rpm_callback+0xc8/0x610 [ 1393.001889][T25080] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1393.001940][T25080] rpm_callback+0x1b7/0x200 [ 1393.001970][T25080] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1393.002021][T25080] rpm_resume+0xd0a/0x1310 [ 1393.002063][T25080] ? __pfx_rpm_resume+0x10/0x10 [ 1393.002091][T25080] ? do_raw_spin_lock+0x12c/0x2b0 [ 1393.002128][T25080] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1393.002188][T25080] __pm_runtime_resume+0xb6/0x170 [ 1393.002226][T25080] usb_autoresume_device+0x23/0xe0 [ 1393.002282][T25080] usbdev_open+0x228/0x8b0 [ 1393.002335][T25080] ? kobject_get_unless_zero+0x156/0x1e0 [ 1393.002383][T25080] ? __pfx_usbdev_open+0x10/0x10 [ 1393.002436][T25080] ? chrdev_open+0x10b/0x6a0 [ 1393.002485][T25080] ? __pfx_usbdev_open+0x10/0x10 [ 1393.002536][T25080] chrdev_open+0x234/0x6a0 [ 1393.002580][T25080] ? __pfx_apparmor_file_open+0x10/0x10 [ 1393.002631][T25080] ? __pfx_chrdev_open+0x10/0x10 [ 1393.002679][T25080] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1393.002730][T25080] do_dentry_open+0x982/0x1530 [ 1393.002774][T25080] ? __pfx_chrdev_open+0x10/0x10 [ 1393.002828][T25080] vfs_open+0x82/0x3f0 [ 1393.002886][T25080] path_openat+0x1de4/0x2cb0 [ 1393.002947][T25080] ? __pfx_path_openat+0x10/0x10 [ 1393.003001][T25080] do_filp_open+0x20b/0x470 [ 1393.003044][T25080] ? __pfx_do_filp_open+0x10/0x10 [ 1393.003117][T25080] ? alloc_fd+0x471/0x7d0 [ 1393.003171][T25080] do_sys_openat2+0x11b/0x1d0 [ 1393.003216][T25080] ? __pfx_do_sys_openat2+0x10/0x10 [ 1393.003266][T25080] __x64_sys_openat+0x174/0x210 [ 1393.003305][T25080] ? __pfx___x64_sys_openat+0x10/0x10 [ 1393.003356][T25080] do_syscall_64+0xcd/0x4b0 [ 1393.003388][T25080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1393.003413][T25080] RIP: 0033:0x7f0c8038eec9 [ 1393.003434][T25080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1393.003459][T25080] RSP: 002b:00007f0c81144038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1393.003481][T25080] RAX: ffffffffffffffda RBX: 00007f0c805e5fa0 RCX: 00007f0c8038eec9 [ 1393.003498][T25080] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1393.003513][T25080] RBP: 00007f0c80411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1393.003528][T25080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1393.003542][T25080] R13: 00007f0c805e6038 R14: 00007f0c805e5fa0 R15: 00007ffdab8b4a08 [ 1393.003573][T25080] [ 1393.404770][T25080] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1394.323338][T25113] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1394.334046][T25103] can: request_module (can-proto-0) failed. [ 1396.357273][T25167] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1397.431539][T25158] Process accounting paused [ 1398.321551][T25204] FAULT_INJECTION: forcing a failure. [ 1398.321551][T25204] name failslab, interval 1, probability 0, space 0, times 0 [ 1398.410596][T25204] CPU: 0 UID: 0 PID: 25204 Comm: syz.2.3782 Not tainted syzkaller #0 PREEMPT(full) [ 1398.410627][T25204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1398.410641][T25204] Call Trace: [ 1398.410649][T25204] [ 1398.410659][T25204] dump_stack_lvl+0x16c/0x1f0 [ 1398.410698][T25204] should_fail_ex+0x512/0x640 [ 1398.410749][T25204] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1398.410788][T25204] should_failslab+0xc2/0x120 [ 1398.410821][T25204] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1398.410846][T25204] ? alloc_empty_file+0x55/0x1e0 [ 1398.410886][T25204] ? alloc_empty_file+0x55/0x1e0 [ 1398.410917][T25204] ? _raw_spin_unlock+0x28/0x50 [ 1398.410939][T25204] alloc_empty_file+0x55/0x1e0 [ 1398.410974][T25204] alloc_file_pseudo+0x13a/0x230 [ 1398.411010][T25204] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1398.411053][T25204] __shmem_file_setup+0x1a3/0x330 [ 1398.411100][T25204] shmem_zero_setup+0x93/0x1a0 [ 1398.411130][T25204] __mmap_region+0x2076/0x27a0 [ 1398.411160][T25204] ? __pfx___mmap_region+0x10/0x10 [ 1398.411188][T25204] ? lock_acquire+0x179/0x350 [ 1398.411224][T25204] ? find_held_lock+0x2b/0x80 [ 1398.411264][T25204] ? rcu_is_watching+0x12/0xc0 [ 1398.411343][T25204] ? trace_cap_capable+0x18d/0x200 [ 1398.411387][T25204] mmap_region+0x1ab/0x3f0 [ 1398.411412][T25204] ? __get_unmapped_area+0x267/0x440 [ 1398.411448][T25204] do_mmap+0xa3e/0x1210 [ 1398.411485][T25204] ? __pfx_do_mmap+0x10/0x10 [ 1398.411518][T25204] ? __pfx_down_write_killable+0x10/0x10 [ 1398.411556][T25204] vm_mmap_pgoff+0x29e/0x470 [ 1398.411594][T25204] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1398.411633][T25204] ? __x64_sys_futex+0x1e0/0x4c0 [ 1398.411668][T25204] ? __x64_sys_futex+0x1e9/0x4c0 [ 1398.411707][T25204] ksys_mmap_pgoff+0x7d/0x5c0 [ 1398.411737][T25204] ? xfd_validate_state+0x61/0x180 [ 1398.411763][T25204] __x64_sys_mmap+0x125/0x190 [ 1398.411790][T25204] do_syscall_64+0xcd/0x4b0 [ 1398.411820][T25204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.411843][T25204] RIP: 0033:0x7f0c8038eec9 [ 1398.411861][T25204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1398.411884][T25204] RSP: 002b:00007f0c81144038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1398.411905][T25204] RAX: ffffffffffffffda RBX: 00007f0c805e5fa0 RCX: 00007f0c8038eec9 [ 1398.411920][T25204] RDX: 00000000000000df RSI: 000000000000e983 RDI: 0000000000000000 [ 1398.411934][T25204] RBP: 00007f0c80411f91 R08: 0000000000000401 R09: 0000000000008000 [ 1398.411949][T25204] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1398.411964][T25204] R13: 00007f0c805e6038 R14: 00007f0c805e5fa0 R15: 00007ffdab8b4a08 [ 1398.411993][T25204] [ 1398.492052][T25199] netlink: 268 bytes leftover after parsing attributes in process `syz.1.3780'. [ 1399.442368][T25230] vhci_hcd: invalid port number 16 [ 1399.463338][T25230] vhci_hcd: invalid port number 16 [ 1399.719024][T25242] netlink: zone id is out of range [ 1399.740319][T25242] netlink: del zone limit has 4 unknown bytes [ 1399.756812][T25243] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3789'. [ 1399.808803][T25243] netlink: 93 bytes leftover after parsing attributes in process `syz.1.3789'. [ 1399.819494][T25242] HfR: entered promiscuous mode [ 1400.242740][T25260] nbd: must specify a device to reconfigure [ 1401.006202][T25262] can: request_module (can-proto-5) failed. [ 1401.628332][T25286] random: crng reseeded on system resumption [ 1401.678270][T25285] netlink: 326 bytes leftover after parsing attributes in process `syz.3.3804'. [ 1404.830371][T25365] random: crng reseeded on system resumption [ 1405.969906][T25390] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1406.404306][T25398] FAULT_INJECTION: forcing a failure. [ 1406.404306][T25398] name failslab, interval 1, probability 0, space 0, times 0 [ 1406.430473][T25398] CPU: 1 UID: 0 PID: 25398 Comm: syz.2.3830 Not tainted syzkaller #0 PREEMPT(full) [ 1406.430523][T25398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1406.430545][T25398] Call Trace: [ 1406.430557][T25398] [ 1406.430570][T25398] dump_stack_lvl+0x16c/0x1f0 [ 1406.430619][T25398] should_fail_ex+0x512/0x640 [ 1406.430669][T25398] ? fs_reclaim_acquire+0xae/0x150 [ 1406.430721][T25398] should_failslab+0xc2/0x120 [ 1406.430768][T25398] __kmalloc_cache_noprof+0x72/0x780 [ 1406.430806][T25398] ? usb_control_msg+0xbc/0x4a0 [ 1406.430847][T25398] ? usb_control_msg+0xbc/0x4a0 [ 1406.430880][T25398] usb_control_msg+0xbc/0x4a0 [ 1406.430918][T25398] ? __pfx_usb_control_msg+0x10/0x10 [ 1406.430959][T25398] ? __lock_acquire+0xb97/0x1ce0 [ 1406.431016][T25398] hub_ext_port_status+0x14e/0x670 [ 1406.431085][T25398] hub_activate+0x6e5/0x1d60 [ 1406.431133][T25398] ? __pfx_hub_activate+0x10/0x10 [ 1406.431173][T25398] ? find_held_lock+0x2b/0x80 [ 1406.431215][T25398] ? async_getcompleted+0x100/0x1b0 [ 1406.431279][T25398] hub_resume+0xa8/0x3f0 [ 1406.431314][T25398] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1406.431353][T25398] ? __pfx_hub_resume+0x10/0x10 [ 1406.431379][T25398] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1406.431427][T25398] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1406.431466][T25398] usb_resume_both+0x237/0x960 [ 1406.431500][T25398] ? __pfx_usb_resume_both+0x10/0x10 [ 1406.431533][T25398] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1406.431572][T25398] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1406.431608][T25398] __rpm_callback+0xc8/0x610 [ 1406.431635][T25398] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1406.431671][T25398] rpm_callback+0x1b7/0x200 [ 1406.431694][T25398] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1406.431729][T25398] rpm_resume+0xd0a/0x1310 [ 1406.431760][T25398] ? __pfx_rpm_resume+0x10/0x10 [ 1406.431781][T25398] ? do_raw_spin_lock+0x12c/0x2b0 [ 1406.431807][T25398] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1406.431844][T25398] __pm_runtime_resume+0xb6/0x170 [ 1406.431879][T25398] usb_autoresume_device+0x23/0xe0 [ 1406.431930][T25398] usbdev_open+0x228/0x8b0 [ 1406.431979][T25398] ? kobject_get_unless_zero+0x156/0x1e0 [ 1406.432023][T25398] ? __pfx_usbdev_open+0x10/0x10 [ 1406.432066][T25398] ? chrdev_open+0x10b/0x6a0 [ 1406.432106][T25398] ? __pfx_usbdev_open+0x10/0x10 [ 1406.432155][T25398] chrdev_open+0x234/0x6a0 [ 1406.432190][T25398] ? __pfx_apparmor_file_open+0x10/0x10 [ 1406.432234][T25398] ? __pfx_chrdev_open+0x10/0x10 [ 1406.432272][T25398] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1406.432312][T25398] do_dentry_open+0x982/0x1530 [ 1406.432349][T25398] ? __pfx_chrdev_open+0x10/0x10 [ 1406.432393][T25398] vfs_open+0x82/0x3f0 [ 1406.432443][T25398] path_openat+0x1de4/0x2cb0 [ 1406.432489][T25398] ? __pfx_path_openat+0x10/0x10 [ 1406.432532][T25398] do_filp_open+0x20b/0x470 [ 1406.432567][T25398] ? __pfx_do_filp_open+0x10/0x10 [ 1406.432627][T25398] ? alloc_fd+0x471/0x7d0 [ 1406.432668][T25398] do_sys_openat2+0x11b/0x1d0 [ 1406.432711][T25398] ? __pfx_do_sys_openat2+0x10/0x10 [ 1406.432769][T25398] __x64_sys_openat+0x174/0x210 [ 1406.432813][T25398] ? __pfx___x64_sys_openat+0x10/0x10 [ 1406.432873][T25398] do_syscall_64+0xcd/0x4b0 [ 1406.432910][T25398] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1406.432939][T25398] RIP: 0033:0x7f0c8038eec9 [ 1406.432962][T25398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1406.432993][T25398] RSP: 002b:00007f0c81144038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1406.433020][T25398] RAX: ffffffffffffffda RBX: 00007f0c805e5fa0 RCX: 00007f0c8038eec9 [ 1406.433040][T25398] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1406.433060][T25398] RBP: 00007f0c80411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1406.433078][T25398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1406.433096][T25398] R13: 00007f0c805e6038 R14: 00007f0c805e5fa0 R15: 00007ffdab8b4a08 [ 1406.433133][T25398] [ 1406.434375][T25398] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1408.936831][T25464] FAULT_INJECTION: forcing a failure. [ 1408.936831][T25464] name failslab, interval 1, probability 0, space 0, times 0 [ 1408.982140][T25464] CPU: 1 UID: 0 PID: 25464 Comm: syz.0.3842 Not tainted syzkaller #0 PREEMPT(full) [ 1408.982186][T25464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1408.982209][T25464] Call Trace: [ 1408.982222][T25464] [ 1408.982236][T25464] dump_stack_lvl+0x16c/0x1f0 [ 1408.982286][T25464] should_fail_ex+0x512/0x640 [ 1408.982345][T25464] ? fs_reclaim_acquire+0xae/0x150 [ 1408.982398][T25464] should_failslab+0xc2/0x120 [ 1408.982449][T25464] __kmalloc_cache_noprof+0x72/0x780 [ 1408.982486][T25464] ? usb_control_msg+0xbc/0x4a0 [ 1408.982528][T25464] ? usb_control_msg+0xbc/0x4a0 [ 1408.982561][T25464] usb_control_msg+0xbc/0x4a0 [ 1408.982598][T25464] ? __pfx_usb_control_msg+0x10/0x10 [ 1408.982638][T25464] ? __lock_acquire+0xb97/0x1ce0 [ 1408.982708][T25464] hub_ext_port_status+0x14e/0x670 [ 1408.982779][T25464] hub_activate+0x6e5/0x1d60 [ 1408.982827][T25464] ? __pfx_hub_activate+0x10/0x10 [ 1408.982859][T25464] ? find_held_lock+0x2b/0x80 [ 1408.982928][T25464] ? async_getcompleted+0x100/0x1b0 [ 1408.982995][T25464] hub_resume+0xa8/0x3f0 [ 1408.983030][T25464] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1408.983076][T25464] ? __pfx_hub_resume+0x10/0x10 [ 1408.983111][T25464] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1408.983172][T25464] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1408.983228][T25464] usb_resume_both+0x237/0x960 [ 1408.983277][T25464] ? __pfx_usb_resume_both+0x10/0x10 [ 1408.983326][T25464] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1408.983382][T25464] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1408.983444][T25464] __rpm_callback+0xc8/0x610 [ 1408.983483][T25464] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1408.983537][T25464] rpm_callback+0x1b7/0x200 [ 1408.983570][T25464] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1408.983622][T25464] rpm_resume+0xd0a/0x1310 [ 1408.983668][T25464] ? __pfx_rpm_resume+0x10/0x10 [ 1408.983700][T25464] ? do_raw_spin_lock+0x12c/0x2b0 [ 1408.983739][T25464] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1408.983794][T25464] __pm_runtime_resume+0xb6/0x170 [ 1408.983834][T25464] usb_autoresume_device+0x23/0xe0 [ 1408.983887][T25464] usbdev_open+0x228/0x8b0 [ 1408.983947][T25464] ? kobject_get_unless_zero+0x156/0x1e0 [ 1408.983995][T25464] ? __pfx_usbdev_open+0x10/0x10 [ 1408.984047][T25464] ? chrdev_open+0x10b/0x6a0 [ 1408.984099][T25464] ? __pfx_usbdev_open+0x10/0x10 [ 1408.984149][T25464] chrdev_open+0x234/0x6a0 [ 1408.984190][T25464] ? __pfx_apparmor_file_open+0x10/0x10 [ 1408.984240][T25464] ? __pfx_chrdev_open+0x10/0x10 [ 1408.984287][T25464] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1408.984337][T25464] do_dentry_open+0x982/0x1530 [ 1408.984380][T25464] ? __pfx_chrdev_open+0x10/0x10 [ 1408.984433][T25464] vfs_open+0x82/0x3f0 [ 1408.984491][T25464] path_openat+0x1de4/0x2cb0 [ 1408.984548][T25464] ? __pfx_path_openat+0x10/0x10 [ 1408.984602][T25464] do_filp_open+0x20b/0x470 [ 1408.984645][T25464] ? __pfx_do_filp_open+0x10/0x10 [ 1408.984717][T25464] ? alloc_fd+0x471/0x7d0 [ 1408.984767][T25464] do_sys_openat2+0x11b/0x1d0 [ 1408.984820][T25464] ? __pfx_do_sys_openat2+0x10/0x10 [ 1408.984893][T25464] __x64_sys_openat+0x174/0x210 [ 1408.984963][T25464] ? __pfx___x64_sys_openat+0x10/0x10 [ 1408.985037][T25464] do_syscall_64+0xcd/0x4b0 [ 1408.985083][T25464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1408.985119][T25464] RIP: 0033:0x7fd83e98eec9 [ 1408.985148][T25464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1408.985181][T25464] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1408.985213][T25464] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1408.985235][T25464] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1408.985259][T25464] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1408.985287][T25464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1408.985308][T25464] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1408.985354][T25464] [ 1409.264286][T25464] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1409.955824][T25485] Setting dangerous option i915.mitigations - tainting kernel [ 1410.096853][T25485] FAULT_INJECTION: forcing a failure. [ 1410.096853][T25485] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.109574][T25485] CPU: 1 UID: 0 PID: 25485 Comm: syz.2.3849 Tainted: G U syzkaller #0 PREEMPT(full) [ 1410.109612][T25485] Tainted: [U]=USER [ 1410.109625][T25485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1410.109642][T25485] Call Trace: [ 1410.109655][T25485] [ 1410.109669][T25485] dump_stack_lvl+0x16c/0x1f0 [ 1410.109716][T25485] should_fail_ex+0x512/0x640 [ 1410.109765][T25485] ? fs_reclaim_acquire+0xae/0x150 [ 1410.109814][T25485] should_failslab+0xc2/0x120 [ 1410.109862][T25485] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1410.109897][T25485] ? __pfx_map_id_range_down+0x10/0x10 [ 1410.109952][T25485] ? security_inode_alloc+0x3b/0x2b0 [ 1410.110009][T25485] ? security_inode_alloc+0x3b/0x2b0 [ 1410.110058][T25485] security_inode_alloc+0x3b/0x2b0 [ 1410.110100][T25485] inode_init_always_gfp+0xce4/0x1030 [ 1410.110132][T25485] alloc_inode+0x86/0x240 [ 1410.110167][T25485] sock_alloc+0x40/0x280 [ 1410.110193][T25485] do_accept+0xf7/0x530 [ 1410.110225][T25485] ? do_raw_spin_lock+0x12c/0x2b0 [ 1410.110252][T25485] ? __pfx_do_accept+0x10/0x10 [ 1410.110302][T25485] __sys_accept4+0x100/0x1c0 [ 1410.110332][T25485] ? __pfx___sys_accept4+0x10/0x10 [ 1410.110364][T25485] ? xfd_validate_state+0x61/0x180 [ 1410.110393][T25485] __x64_sys_accept4+0x96/0x100 [ 1410.110423][T25485] ? lockdep_hardirqs_on+0x7c/0x110 [ 1410.110451][T25485] do_syscall_64+0xcd/0x4b0 [ 1410.110483][T25485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1410.110510][T25485] RIP: 0033:0x7f0c8038eec9 [ 1410.110530][T25485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1410.110554][T25485] RSP: 002b:00007f0c81144038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 1410.110577][T25485] RAX: ffffffffffffffda RBX: 00007f0c805e5fa0 RCX: 00007f0c8038eec9 [ 1410.110593][T25485] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1410.110607][T25485] RBP: 00007f0c80411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1410.110622][T25485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1410.110637][T25485] R13: 00007f0c805e6038 R14: 00007f0c805e5fa0 R15: 00007ffdab8b4a08 [ 1410.110667][T25485] [ 1410.975020][T25496] netlink: 'syz.1.3851': attribute type 1 has an invalid length. [ 1410.982978][T25496] netlink: 'syz.1.3851': attribute type 6 has an invalid length. [ 1410.994093][T25496] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3851'. [ 1412.242993][T25516] random: crng reseeded on system resumption [ 1415.715788][T25540] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3861'. [ 1416.565652][T25563] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1417.313472][T25570] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3870'. [ 1417.349062][T25572] FAULT_INJECTION: forcing a failure. [ 1417.349062][T25572] name failslab, interval 1, probability 0, space 0, times 0 [ 1417.371925][T25572] CPU: 0 UID: 0 PID: 25572 Comm: syz.0.3871 Tainted: G U syzkaller #0 PREEMPT(full) [ 1417.371979][T25572] Tainted: [U]=USER [ 1417.371990][T25572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1417.372012][T25572] Call Trace: [ 1417.372023][T25572] [ 1417.372036][T25572] dump_stack_lvl+0x16c/0x1f0 [ 1417.372083][T25572] should_fail_ex+0x512/0x640 [ 1417.372131][T25572] ? fs_reclaim_acquire+0xae/0x150 [ 1417.372183][T25572] should_failslab+0xc2/0x120 [ 1417.372231][T25572] __kmalloc_cache_noprof+0x72/0x780 [ 1417.372277][T25572] ? usb_control_msg+0xbc/0x4a0 [ 1417.372319][T25572] ? usb_control_msg+0xbc/0x4a0 [ 1417.372352][T25572] usb_control_msg+0xbc/0x4a0 [ 1417.372388][T25572] ? __pfx_usb_control_msg+0x10/0x10 [ 1417.372423][T25572] ? __lock_acquire+0xb97/0x1ce0 [ 1417.372478][T25572] hub_ext_port_status+0x14e/0x670 [ 1417.372547][T25572] hub_activate+0x6e5/0x1d60 [ 1417.372597][T25572] ? __pfx_hub_activate+0x10/0x10 [ 1417.372637][T25572] ? find_held_lock+0x2b/0x80 [ 1417.372687][T25572] ? async_getcompleted+0x100/0x1b0 [ 1417.372762][T25572] hub_resume+0xa8/0x3f0 [ 1417.372797][T25572] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1417.372846][T25572] ? __pfx_hub_resume+0x10/0x10 [ 1417.372882][T25572] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1417.372944][T25572] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1417.373001][T25572] usb_resume_both+0x237/0x960 [ 1417.373050][T25572] ? __pfx_usb_resume_both+0x10/0x10 [ 1417.373099][T25572] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1417.373155][T25572] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1417.373209][T25572] __rpm_callback+0xc8/0x610 [ 1417.373247][T25572] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1417.373316][T25572] rpm_callback+0x1b7/0x200 [ 1417.373349][T25572] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1417.373403][T25572] rpm_resume+0xd0a/0x1310 [ 1417.373448][T25572] ? __pfx_rpm_resume+0x10/0x10 [ 1417.373479][T25572] ? do_raw_spin_lock+0x12c/0x2b0 [ 1417.373516][T25572] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1417.373571][T25572] __pm_runtime_resume+0xb6/0x170 [ 1417.373610][T25572] usb_autoresume_device+0x23/0xe0 [ 1417.373662][T25572] usbdev_open+0x228/0x8b0 [ 1417.373715][T25572] ? kobject_get_unless_zero+0x156/0x1e0 [ 1417.373763][T25572] ? __pfx_usbdev_open+0x10/0x10 [ 1417.373813][T25572] ? chrdev_open+0x10b/0x6a0 [ 1417.373863][T25572] ? __pfx_usbdev_open+0x10/0x10 [ 1417.373913][T25572] chrdev_open+0x234/0x6a0 [ 1417.373956][T25572] ? __pfx_apparmor_file_open+0x10/0x10 [ 1417.374008][T25572] ? __pfx_chrdev_open+0x10/0x10 [ 1417.374054][T25572] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1417.374106][T25572] do_dentry_open+0x982/0x1530 [ 1417.374151][T25572] ? __pfx_chrdev_open+0x10/0x10 [ 1417.374204][T25572] vfs_open+0x82/0x3f0 [ 1417.374269][T25572] path_openat+0x1de4/0x2cb0 [ 1417.374328][T25572] ? __pfx_path_openat+0x10/0x10 [ 1417.374382][T25572] do_filp_open+0x20b/0x470 [ 1417.374425][T25572] ? __pfx_do_filp_open+0x10/0x10 [ 1417.374501][T25572] ? alloc_fd+0x471/0x7d0 [ 1417.374551][T25572] do_sys_openat2+0x11b/0x1d0 [ 1417.374604][T25572] ? __pfx_do_sys_openat2+0x10/0x10 [ 1417.374677][T25572] __x64_sys_openat+0x174/0x210 [ 1417.374733][T25572] ? __pfx___x64_sys_openat+0x10/0x10 [ 1417.374808][T25572] do_syscall_64+0xcd/0x4b0 [ 1417.374856][T25572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1417.374891][T25572] RIP: 0033:0x7fd83e98eec9 [ 1417.374919][T25572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1417.374954][T25572] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1417.374987][T25572] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1417.375020][T25572] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1417.375044][T25572] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1417.375066][T25572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1417.375088][T25572] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1417.375134][T25572] [ 1417.375155][T25572] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1418.032063][T25585] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3873'. [ 1418.058971][T25587] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3873'. [ 1418.879222][T25599] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3877'. [ 1418.921313][T25602] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1418.952516][T25602] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1418.962885][T25602] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1418.984432][T25602] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1418.997665][T25602] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1419.369731][T25599] bond0: (slave bond_slave_1): Releasing backup interface [ 1419.770620][T25611] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1419.971045][T25600] chnl_net:caif_netlink_parms(): no params data found [ 1420.040367][T25475] bridge0: port 3(syz_tun) entered disabled state [ 1420.080182][T25614] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3880'. [ 1420.123680][T25475] syz_tun (unregistering): left allmulticast mode [ 1420.137056][T25475] syz_tun (unregistering): left promiscuous mode [ 1420.144286][T25475] bridge0: port 3(syz_tun) entered disabled state [ 1420.714545][T25607] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3878'. [ 1420.738158][T11918] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1421.095143][T11315] Bluetooth: hci2: command tx timeout [ 1421.143653][T11918] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1421.432554][T11918] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1421.974802][T11918] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1422.054190][T25600] bridge0: port 1(bridge_slave_0) entered blocking state [ 1422.107502][T25600] bridge0: port 1(bridge_slave_0) entered disabled state [ 1422.114733][T25600] bridge_slave_0: entered allmulticast mode [ 1422.149075][T25600] bridge_slave_0: entered promiscuous mode [ 1422.190699][T25600] bridge0: port 2(bridge_slave_1) entered blocking state [ 1422.216626][T25600] bridge0: port 2(bridge_slave_1) entered disabled state [ 1422.245558][T25600] bridge_slave_1: entered allmulticast mode [ 1422.256826][T25633] kAFS: unparsable volume name [ 1422.258836][T25600] bridge_slave_1: entered promiscuous mode [ 1422.497912][T25600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1422.511146][T25600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1422.651284][T25600] team0: Port device team_slave_0 added [ 1422.734101][T25600] team0: Port device team_slave_1 added [ 1423.064972][T25600] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1423.079022][T25600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1423.105055][ C0] vkms_vblank_simulate: vblank timer overrun [ 1423.145216][T25600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1423.161820][T11315] Bluetooth: hci2: command tx timeout [ 1423.211630][T11918] bridge_slave_1: left allmulticast mode [ 1423.217345][T11918] bridge_slave_1: left promiscuous mode [ 1423.231780][T11918] bridge0: port 2(bridge_slave_1) entered disabled state [ 1423.298619][T11918] bridge_slave_0: left allmulticast mode [ 1423.320842][T11918] bridge_slave_0: left promiscuous mode [ 1423.326800][T11918] bridge0: port 1(bridge_slave_0) entered disabled state [ 1423.431605][T25657] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3887'. [ 1424.385845][T11918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1424.426106][T11918] bond0 (unregistering): Released all slaves [ 1424.466821][T25600] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1424.480768][T25600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1424.534493][T25600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1424.745098][T25657] bond0: (slave bond_slave_1): Releasing backup interface [ 1424.962728][T25600] hsr_slave_0: entered promiscuous mode [ 1424.979815][T25600] hsr_slave_1: entered promiscuous mode [ 1425.012595][T25600] debugfs: 'hsr0' already exists in 'hsr' [ 1425.041315][T25600] Cannot create hsr debugfs directory [ 1425.221174][T11315] Bluetooth: hci2: command tx timeout [ 1425.227505][T25661] __vm_enough_memory: pid: 25661, comm: syz.1.3894, bytes: 4398046511104 not enough memory for the allocation [ 1425.302842][T25684] random: crng reseeded on system resumption [ 1426.899571][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1426.906432][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1427.200806][T11918] hsr_slave_0: left promiscuous mode [ 1427.235189][T25709] FAULT_INJECTION: forcing a failure. [ 1427.235189][T25709] name failslab, interval 1, probability 0, space 0, times 0 [ 1427.254941][T11918] hsr_slave_1: left promiscuous mode [ 1427.280203][T25709] CPU: 0 UID: 0 PID: 25709 Comm: syz.2.3892 Tainted: G U syzkaller #0 PREEMPT(full) [ 1427.280254][T25709] Tainted: [U]=USER [ 1427.280263][T25709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1427.280278][T25709] Call Trace: [ 1427.280286][T25709] [ 1427.280296][T25709] dump_stack_lvl+0x16c/0x1f0 [ 1427.280332][T25709] should_fail_ex+0x512/0x640 [ 1427.280367][T25709] ? fs_reclaim_acquire+0xae/0x150 [ 1427.280405][T25709] should_failslab+0xc2/0x120 [ 1427.280442][T25709] __kmalloc_cache_noprof+0x72/0x780 [ 1427.280470][T25709] ? usb_control_msg+0xbc/0x4a0 [ 1427.280499][T25709] ? usb_control_msg+0xbc/0x4a0 [ 1427.280522][T25709] usb_control_msg+0xbc/0x4a0 [ 1427.280548][T25709] ? __pfx_usb_control_msg+0x10/0x10 [ 1427.280575][T25709] ? __lock_acquire+0xb97/0x1ce0 [ 1427.280617][T25709] hub_ext_port_status+0x14e/0x670 [ 1427.280667][T25709] hub_activate+0x6e5/0x1d60 [ 1427.280699][T25709] ? __pfx_hub_activate+0x10/0x10 [ 1427.280730][T25709] ? find_held_lock+0x2b/0x80 [ 1427.280760][T25709] ? async_getcompleted+0x100/0x1b0 [ 1427.280806][T25709] hub_resume+0xa8/0x3f0 [ 1427.280831][T25709] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1427.280863][T25709] ? __pfx_hub_resume+0x10/0x10 [ 1427.280888][T25709] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1427.280931][T25709] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1427.280969][T25709] usb_resume_both+0x237/0x960 [ 1427.281003][T25709] ? __pfx_usb_resume_both+0x10/0x10 [ 1427.281036][T25709] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1427.281074][T25709] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1427.281111][T25709] __rpm_callback+0xc8/0x610 [ 1427.281137][T25709] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1427.281174][T25709] rpm_callback+0x1b7/0x200 [ 1427.281196][T25709] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1427.281233][T25709] rpm_resume+0xd0a/0x1310 [ 1427.281263][T25709] ? __pfx_rpm_resume+0x10/0x10 [ 1427.281285][T25709] ? do_raw_spin_lock+0x12c/0x2b0 [ 1427.281310][T25709] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1427.281347][T25709] __pm_runtime_resume+0xb6/0x170 [ 1427.281375][T25709] usb_autoresume_device+0x23/0xe0 [ 1427.281412][T25709] usbdev_open+0x228/0x8b0 [ 1427.281449][T25709] ? kobject_get_unless_zero+0x156/0x1e0 [ 1427.281497][T25709] ? __pfx_usbdev_open+0x10/0x10 [ 1427.281534][T25709] ? chrdev_open+0x10b/0x6a0 [ 1427.281570][T25709] ? __pfx_usbdev_open+0x10/0x10 [ 1427.281606][T25709] chrdev_open+0x234/0x6a0 [ 1427.281636][T25709] ? __pfx_apparmor_file_open+0x10/0x10 [ 1427.281672][T25709] ? __pfx_chrdev_open+0x10/0x10 [ 1427.281707][T25709] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1427.281748][T25709] do_dentry_open+0x982/0x1530 [ 1427.281779][T25709] ? __pfx_chrdev_open+0x10/0x10 [ 1427.281817][T25709] vfs_open+0x82/0x3f0 [ 1427.281857][T25709] path_openat+0x1de4/0x2cb0 [ 1427.281896][T25709] ? __pfx_path_openat+0x10/0x10 [ 1427.281933][T25709] do_filp_open+0x20b/0x470 [ 1427.281962][T25709] ? __pfx_do_filp_open+0x10/0x10 [ 1427.282012][T25709] ? alloc_fd+0x471/0x7d0 [ 1427.282046][T25709] do_sys_openat2+0x11b/0x1d0 [ 1427.282083][T25709] ? __pfx_do_sys_openat2+0x10/0x10 [ 1427.282133][T25709] __x64_sys_openat+0x174/0x210 [ 1427.282171][T25709] ? __pfx___x64_sys_openat+0x10/0x10 [ 1427.282222][T25709] do_syscall_64+0xcd/0x4b0 [ 1427.282254][T25709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1427.282279][T25709] RIP: 0033:0x7f0c8038eec9 [ 1427.282299][T25709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1427.282322][T25709] RSP: 002b:00007f0c81144038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1427.282345][T25709] RAX: ffffffffffffffda RBX: 00007f0c805e5fa0 RCX: 00007f0c8038eec9 [ 1427.282361][T25709] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1427.282377][T25709] RBP: 00007f0c80411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1427.282391][T25709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1427.282406][T25709] R13: 00007f0c805e6038 R14: 00007f0c805e5fa0 R15: 00007ffdab8b4a08 [ 1427.282437][T25709] [ 1427.282452][T25709] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1427.698154][T11315] Bluetooth: hci2: command tx timeout [ 1427.737795][T11918] veth1_macvtap: left promiscuous mode [ 1427.744625][T11918] veth0_macvtap: left promiscuous mode [ 1427.750578][T11918] veth1_vlan: left promiscuous mode [ 1427.757682][T11918] veth0_vlan: left promiscuous mode [ 1427.974102][T25719] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1428.080717][T25709] Process accounting resumed [ 1428.559864][T25723] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1428.994989][T25725] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3895'. [ 1429.283450][T25722] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3893'. [ 1429.819927][T11918] team0 (unregistering): Port device team_slave_1 removed [ 1429.930767][T11918] team0 (unregistering): Port device team_slave_0 removed [ 1430.630198][T25722] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12 [ 1430.684229][T25722] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12 [ 1430.694285][T25722] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1431.645296][T25600] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1431.674852][T25600] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1431.702835][T25600] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1431.732078][T25600] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1433.177220][T25778] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1433.394250][T25600] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1433.497399][T25600] 8021q: adding VLAN 0 to HW filter on device team0 [ 1433.600991][T19021] bridge0: port 1(bridge_slave_0) entered blocking state [ 1433.608414][T19021] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1433.731200][T11902] bridge0: port 2(bridge_slave_1) entered blocking state [ 1433.738488][T11902] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1434.887618][T25600] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1435.048016][T25600] veth0_vlan: entered promiscuous mode [ 1435.068659][T25776] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3902'. [ 1435.109490][T25600] veth1_vlan: entered promiscuous mode [ 1435.251998][T25600] veth0_macvtap: entered promiscuous mode [ 1435.302095][T25600] veth1_macvtap: entered promiscuous mode [ 1435.502377][T25600] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1435.576915][T25600] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1435.602344][T11902] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1435.677211][T11902] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1435.695929][T11902] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1435.716314][T11902] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1436.219350][T11903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1436.257800][T11903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1436.344177][T11902] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1436.355475][T11902] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1437.192721][T25832] random: crng reseeded on system resumption [ 1438.925789][T25869] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1439.217212][T25876] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1439.422926][T25860] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3910'. [ 1439.665899][T25860] veth0_macvtap: left promiscuous mode [ 1440.300974][T25875] netlink: 268 bytes leftover after parsing attributes in process `syz.3.3915'. [ 1440.461932][T25881] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1443.152684][T25939] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1444.106940][T25937] netlink: 268 bytes leftover after parsing attributes in process `syz.0.3926'. [ 1445.313315][T11315] Bluetooth: hci2: unexpected event 0x3e length: 509 > 260 [ 1445.313361][T11315] Bluetooth: hci2: unexpected subevent 0x02 length: 508 > 260 [ 1445.328371][T11315] Bluetooth: hci2: Dropping invalid advertising data [ 1446.066926][T25988] FAULT_INJECTION: forcing a failure. [ 1446.066926][T25988] name failslab, interval 1, probability 0, space 0, times 0 [ 1446.080121][T25988] CPU: 0 UID: 0 PID: 25988 Comm: syz.0.3936 Tainted: G U syzkaller #0 PREEMPT(full) [ 1446.080167][T25988] Tainted: [U]=USER [ 1446.080179][T25988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1446.080198][T25988] Call Trace: [ 1446.080209][T25988] [ 1446.080222][T25988] dump_stack_lvl+0x16c/0x1f0 [ 1446.080269][T25988] should_fail_ex+0x512/0x640 [ 1446.080325][T25988] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1446.080369][T25988] should_failslab+0xc2/0x120 [ 1446.080417][T25988] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1446.080454][T25988] ? __alloc_skb+0x2b2/0x380 [ 1446.080509][T25988] ? __alloc_skb+0x2b2/0x380 [ 1446.080551][T25988] ? __pfx_netlink_insert+0x10/0x10 [ 1446.080600][T25988] __alloc_skb+0x2b2/0x380 [ 1446.080645][T25988] ? __pfx___alloc_skb+0x10/0x10 [ 1446.080694][T25988] ? netlink_autobind.isra.0+0x158/0x370 [ 1446.080756][T25988] netlink_alloc_large_skb+0x69/0x140 [ 1446.080812][T25988] netlink_sendmsg+0x698/0xdd0 [ 1446.080873][T25988] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1446.080931][T25988] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1446.080987][T25988] sock_write_iter+0x566/0x610 [ 1446.081026][T25988] ? __pfx_sock_write_iter+0x10/0x10 [ 1446.081079][T25988] ? bpf_lsm_file_permission+0x9/0x10 [ 1446.081122][T25988] ? security_file_permission+0x71/0x210 [ 1446.081158][T25988] ? rw_verify_area+0xcf/0x6c0 [ 1446.081196][T25988] vfs_write+0x7d3/0x11d0 [ 1446.081235][T25988] ? __pfx_sock_write_iter+0x10/0x10 [ 1446.081277][T25988] ? __pfx_vfs_write+0x10/0x10 [ 1446.081319][T25988] ? find_held_lock+0x2b/0x80 [ 1446.081388][T25988] ksys_write+0x1f8/0x250 [ 1446.081428][T25988] ? __pfx_ksys_write+0x10/0x10 [ 1446.081480][T25988] do_syscall_64+0xcd/0x4b0 [ 1446.081525][T25988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1446.081559][T25988] RIP: 0033:0x7fd83e98eec9 [ 1446.081585][T25988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1446.081618][T25988] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1446.081649][T25988] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1446.081671][T25988] RDX: 00000000000002fb RSI: 0000200000000000 RDI: 0000000000000003 [ 1446.081692][T25988] RBP: 00007fd83f896090 R08: 0000000000000000 R09: 0000000000000000 [ 1446.081713][T25988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1446.081733][T25988] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1446.081777][T25988] [ 1446.909276][T25992] FAULT_INJECTION: forcing a failure. [ 1446.909276][T25992] name failslab, interval 1, probability 0, space 0, times 0 [ 1446.941780][T25992] CPU: 0 UID: 0 PID: 25992 Comm: syz.0.3937 Tainted: G U syzkaller #0 PREEMPT(full) [ 1446.941835][T25992] Tainted: [U]=USER [ 1446.941847][T25992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1446.941870][T25992] Call Trace: [ 1446.941883][T25992] [ 1446.941897][T25992] dump_stack_lvl+0x16c/0x1f0 [ 1446.941954][T25992] should_fail_ex+0x512/0x640 [ 1446.942004][T25992] ? fs_reclaim_acquire+0xae/0x150 [ 1446.942059][T25992] should_failslab+0xc2/0x120 [ 1446.942109][T25992] __kmalloc_cache_noprof+0x72/0x780 [ 1446.942147][T25992] ? usb_control_msg+0xbc/0x4a0 [ 1446.942190][T25992] ? usb_control_msg+0xbc/0x4a0 [ 1446.942225][T25992] usb_control_msg+0xbc/0x4a0 [ 1446.942263][T25992] ? __pfx_usb_control_msg+0x10/0x10 [ 1446.942303][T25992] ? __lock_acquire+0xb97/0x1ce0 [ 1446.942360][T25992] hub_ext_port_status+0x14e/0x670 [ 1446.942431][T25992] hub_activate+0x6e5/0x1d60 [ 1446.942477][T25992] ? __pfx_hub_activate+0x10/0x10 [ 1446.942508][T25992] ? find_held_lock+0x2b/0x80 [ 1446.942550][T25992] ? async_getcompleted+0x100/0x1b0 [ 1446.942620][T25992] hub_resume+0xa8/0x3f0 [ 1446.942657][T25992] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1446.942703][T25992] ? __pfx_hub_resume+0x10/0x10 [ 1446.942738][T25992] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1446.942801][T25992] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1446.942854][T25992] usb_resume_both+0x237/0x960 [ 1446.942900][T25992] ? __pfx_usb_resume_both+0x10/0x10 [ 1446.942957][T25992] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1446.943013][T25992] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1446.943065][T25992] __rpm_callback+0xc8/0x610 [ 1446.943102][T25992] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1446.943153][T25992] rpm_callback+0x1b7/0x200 [ 1446.943184][T25992] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1446.943232][T25992] rpm_resume+0xd0a/0x1310 [ 1446.943276][T25992] ? __pfx_rpm_resume+0x10/0x10 [ 1446.943307][T25992] ? do_raw_spin_lock+0x12c/0x2b0 [ 1446.943344][T25992] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1446.943396][T25992] __pm_runtime_resume+0xb6/0x170 [ 1446.943433][T25992] usb_autoresume_device+0x23/0xe0 [ 1446.943487][T25992] usbdev_open+0x228/0x8b0 [ 1446.943536][T25992] ? kobject_get_unless_zero+0x156/0x1e0 [ 1446.943584][T25992] ? __pfx_usbdev_open+0x10/0x10 [ 1446.943635][T25992] ? chrdev_open+0x10b/0x6a0 [ 1446.943685][T25992] ? __pfx_usbdev_open+0x10/0x10 [ 1446.943733][T25992] chrdev_open+0x234/0x6a0 [ 1446.943779][T25992] ? __pfx_apparmor_file_open+0x10/0x10 [ 1446.943831][T25992] ? __pfx_chrdev_open+0x10/0x10 [ 1446.943876][T25992] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1446.943925][T25992] do_dentry_open+0x982/0x1530 [ 1446.943978][T25992] ? __pfx_chrdev_open+0x10/0x10 [ 1446.944032][T25992] vfs_open+0x82/0x3f0 [ 1446.944090][T25992] path_openat+0x1de4/0x2cb0 [ 1446.944147][T25992] ? __pfx_path_openat+0x10/0x10 [ 1446.944200][T25992] do_filp_open+0x20b/0x470 [ 1446.944248][T25992] ? __pfx_do_filp_open+0x10/0x10 [ 1446.944322][T25992] ? alloc_fd+0x471/0x7d0 [ 1446.944373][T25992] do_sys_openat2+0x11b/0x1d0 [ 1446.944427][T25992] ? __pfx_do_sys_openat2+0x10/0x10 [ 1446.944498][T25992] __x64_sys_openat+0x174/0x210 [ 1446.944553][T25992] ? __pfx___x64_sys_openat+0x10/0x10 [ 1446.944626][T25992] do_syscall_64+0xcd/0x4b0 [ 1446.944671][T25992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1446.944707][T25992] RIP: 0033:0x7fd83e98eec9 [ 1446.944735][T25992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1446.944770][T25992] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1446.944803][T25992] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1446.944827][T25992] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1446.944850][T25992] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1446.944871][T25992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1446.944892][T25992] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1446.944938][T25992] [ 1446.945097][T25992] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1447.717757][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1447.728071][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1447.816013][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1447.854604][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1447.880074][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1447.943167][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1447.977719][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.034812][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.101996][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.147694][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.180806][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.202453][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.221656][T26026] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3945'. [ 1448.231459][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.247807][T26026] hsr_slave_0: left promiscuous mode [ 1448.269921][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.321427][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.331254][T26026] hsr_slave_1: left promiscuous mode [ 1448.394357][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.425396][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.435854][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.504480][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.579743][T26003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1448.675229][T11315] Bluetooth: hci1: SCO packet too small [ 1449.211791][T11315] Bluetooth: hci2: unexpected event 0x36 length: 123 > 7 [ 1449.725033][T25491] smpboot: CPU 1 is now offline [ 1450.493977][T26063] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1450.789568][T26059] zswap: compressor not available [ 1451.113982][T26065] FAULT_INJECTION: forcing a failure. [ 1451.113982][T26065] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1451.167347][T26065] CPU: 0 UID: 0 PID: 26065 Comm: syz.3.3952 Tainted: G U syzkaller #0 PREEMPT(full) [ 1451.167384][T26065] Tainted: [U]=USER [ 1451.167392][T26065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1451.167406][T26065] Call Trace: [ 1451.167414][T26065] [ 1451.167424][T26065] dump_stack_lvl+0x16c/0x1f0 [ 1451.167457][T26065] should_fail_ex+0x512/0x640 [ 1451.167496][T26065] get_futex_key+0x293/0x1560 [ 1451.167534][T26065] ? __pfx_get_futex_key+0x10/0x10 [ 1451.167567][T26065] ? __mutex_trylock_common+0xe9/0x250 [ 1451.167629][T26065] futex_wake+0xea/0x530 [ 1451.167656][T26065] ? __pfx_futex_wake+0x10/0x10 [ 1451.167692][T26065] do_futex+0x1e3/0x350 [ 1451.167728][T26065] ? __pfx_do_futex+0x10/0x10 [ 1451.167760][T26065] ? __might_fault+0xe3/0x190 [ 1451.167794][T26065] mm_release+0x24e/0x300 [ 1451.167825][T26065] do_exit+0x68e/0x2bf0 [ 1451.167850][T26065] ? __pfx_do_exit+0x10/0x10 [ 1451.167871][T26065] ? do_raw_spin_lock+0x12c/0x2b0 [ 1451.167895][T26065] ? find_held_lock+0x2b/0x80 [ 1451.167929][T26065] do_group_exit+0xd3/0x2a0 [ 1451.167952][T26065] get_signal+0x2671/0x26d0 [ 1451.167994][T26065] ? __pfx_get_signal+0x10/0x10 [ 1451.168025][T26065] ? do_futex+0x122/0x350 [ 1451.168060][T26065] ? __pfx_do_futex+0x10/0x10 [ 1451.168097][T26065] arch_do_signal_or_restart+0x8f/0x790 [ 1451.168133][T26065] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1451.168176][T26065] ? xfd_validate_state+0x61/0x180 [ 1451.168203][T26065] exit_to_user_mode_loop+0x85/0x130 [ 1451.168228][T26065] do_syscall_64+0x419/0x4b0 [ 1451.168260][T26065] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1451.168284][T26065] RIP: 0033:0x7fda5c38eec9 [ 1451.168303][T26065] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1451.168326][T26065] RSP: 002b:00007fda59db00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1451.168349][T26065] RAX: fffffffffffffe00 RBX: 00007fda5c5e6368 RCX: 00007fda5c38eec9 [ 1451.168364][T26065] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fda5c5e6368 [ 1451.168379][T26065] RBP: 00007fda5c5e6360 R08: 0000000000000000 R09: 0000000000000000 [ 1451.168394][T26065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1451.168408][T26065] R13: 00007fda5c5e63f8 R14: 00007ffc7f896720 R15: 00007ffc7f896808 [ 1451.168438][T26065] [ 1453.574420][T26072] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3953'. [ 1453.771709][T26072] veth0_macvtap: left promiscuous mode [ 1454.201031][ T30] audit: type=1800 audit(4294967413.625:42): pid=26115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3964" name="lu_gp_id" dev="configfs" ino=86776 res=0 errno=0 [ 1454.507568][T26112] netlink: 268 bytes leftover after parsing attributes in process `syz.1.3966'. [ 1455.348407][T26130] nbd: socks must be embedded in a SOCK_ITEM attr [ 1455.398351][T26130] block nbd0: shutting down sockets [ 1455.905541][T26143] FAULT_INJECTION: forcing a failure. [ 1455.905541][T26143] name failslab, interval 1, probability 0, space 0, times 0 [ 1455.978829][T26143] CPU: 0 UID: 0 PID: 26143 Comm: syz.3.3974 Tainted: G U syzkaller #0 PREEMPT(full) [ 1455.978867][T26143] Tainted: [U]=USER [ 1455.978876][T26143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1455.978891][T26143] Call Trace: [ 1455.978899][T26143] [ 1455.978909][T26143] dump_stack_lvl+0x16c/0x1f0 [ 1455.978944][T26143] should_fail_ex+0x512/0x640 [ 1455.978979][T26143] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1455.979007][T26143] should_failslab+0xc2/0x120 [ 1455.979042][T26143] __kmalloc_cache_noprof+0x72/0x780 [ 1455.979069][T26143] ? usbdev_open+0x9d/0x8b0 [ 1455.979110][T26143] ? usbdev_open+0x9d/0x8b0 [ 1455.979144][T26143] usbdev_open+0x9d/0x8b0 [ 1455.979180][T26143] ? kobject_get_unless_zero+0x156/0x1e0 [ 1455.979281][T26143] ? __pfx_usbdev_open+0x10/0x10 [ 1455.979317][T26143] ? chrdev_open+0x10b/0x6a0 [ 1455.979352][T26143] ? __pfx_usbdev_open+0x10/0x10 [ 1455.979388][T26143] chrdev_open+0x234/0x6a0 [ 1455.979418][T26143] ? __pfx_apparmor_file_open+0x10/0x10 [ 1455.979454][T26143] ? __pfx_chrdev_open+0x10/0x10 [ 1455.979487][T26143] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1455.979522][T26143] do_dentry_open+0x982/0x1530 [ 1455.979553][T26143] ? __pfx_chrdev_open+0x10/0x10 [ 1455.979589][T26143] vfs_open+0x82/0x3f0 [ 1455.979629][T26143] path_openat+0x1de4/0x2cb0 [ 1455.979667][T26143] ? __pfx_path_openat+0x10/0x10 [ 1455.979703][T26143] do_filp_open+0x20b/0x470 [ 1455.979732][T26143] ? __pfx_do_filp_open+0x10/0x10 [ 1455.979782][T26143] ? alloc_fd+0x471/0x7d0 [ 1455.979815][T26143] do_sys_openat2+0x11b/0x1d0 [ 1455.979852][T26143] ? __pfx_do_sys_openat2+0x10/0x10 [ 1455.979901][T26143] __x64_sys_openat+0x174/0x210 [ 1455.979939][T26143] ? __pfx___x64_sys_openat+0x10/0x10 [ 1455.979989][T26143] do_syscall_64+0xcd/0x4b0 [ 1455.980021][T26143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1455.980047][T26143] RIP: 0033:0x7fda5c38eec9 [ 1455.980065][T26143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1455.980089][T26143] RSP: 002b:00007fda5d176038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1455.980112][T26143] RAX: ffffffffffffffda RBX: 00007fda5c5e5fa0 RCX: 00007fda5c38eec9 [ 1455.980128][T26143] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1455.980144][T26143] RBP: 00007fda5c411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1455.980159][T26143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1455.980174][T26143] R13: 00007fda5c5e6038 R14: 00007fda5c5e5fa0 R15: 00007ffc7f896808 [ 1455.980208][T26143] [ 1457.431274][T26175] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3979'. [ 1457.492158][T26177] netlink: 354 bytes leftover after parsing attributes in process `syz.3.3979'. [ 1458.156430][T26183] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1458.412260][T26151] Process accounting paused [ 1458.921321][T26198] netlink: 'syz.1.3985': attribute type 1 has an invalid length. [ 1458.941388][T26202] FAULT_INJECTION: forcing a failure. [ 1458.941388][T26202] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1459.019734][T26202] CPU: 0 UID: 0 PID: 26202 Comm: syz.3.3987 Tainted: G U syzkaller #0 PREEMPT(full) [ 1459.019774][T26202] Tainted: [U]=USER [ 1459.019782][T26202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1459.019798][T26202] Call Trace: [ 1459.019805][T26202] [ 1459.019815][T26202] dump_stack_lvl+0x16c/0x1f0 [ 1459.019849][T26202] should_fail_ex+0x512/0x640 [ 1459.019889][T26202] get_futex_key+0x1d0/0x1560 [ 1459.019928][T26202] ? __pfx_get_futex_key+0x10/0x10 [ 1459.019960][T26202] ? __destroy_inode+0x2e4/0x730 [ 1459.020003][T26202] ? __pfx_sock_free_inode+0x10/0x10 [ 1459.020031][T26202] ? destroy_inode+0x12c/0x1b0 [ 1459.020063][T26202] ? evict+0x5b4/0x920 [ 1459.020098][T26202] futex_wake+0xea/0x530 [ 1459.020122][T26202] ? __lock_acquire+0xb97/0x1ce0 [ 1459.020162][T26202] ? __pfx_futex_wake+0x10/0x10 [ 1459.020202][T26202] do_futex+0x1e3/0x350 [ 1459.020240][T26202] ? __pfx_do_futex+0x10/0x10 [ 1459.020278][T26202] ? do_raw_spin_unlock+0x172/0x230 [ 1459.020307][T26202] __x64_sys_futex+0x1e0/0x4c0 [ 1459.020347][T26202] ? __pfx___x64_sys_futex+0x10/0x10 [ 1459.020384][T26202] ? xfd_validate_state+0x61/0x180 [ 1459.020413][T26202] ? __pfx_ksys_read+0x10/0x10 [ 1459.020451][T26202] do_syscall_64+0xcd/0x4b0 [ 1459.020484][T26202] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1459.020509][T26202] RIP: 0033:0x7fda5c38eec9 [ 1459.020527][T26202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1459.020552][T26202] RSP: 002b:00007fda5d1760e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1459.020575][T26202] RAX: ffffffffffffffda RBX: 00007fda5c5e5fa8 RCX: 00007fda5c38eec9 [ 1459.020592][T26202] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fda5c5e5fac [ 1459.020607][T26202] RBP: 00007fda5c5e5fa0 R08: 00007fda5d177000 R09: 0000000000000000 [ 1459.020623][T26202] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1459.020638][T26202] R13: 00007fda5c5e6038 R14: 00007ffc7f896720 R15: 00007ffc7f896808 [ 1459.020668][T26202] [ 1460.275178][T11315] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7 [ 1463.497111][T26264] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3998'. [ 1463.874905][T26275] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1464.145220][T11315] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1464.201723][T26279] FAULT_INJECTION: forcing a failure. [ 1464.201723][T26279] name failslab, interval 1, probability 0, space 0, times 0 [ 1464.263795][T26279] CPU: 0 UID: 0 PID: 26279 Comm: syz.0.4003 Tainted: G U syzkaller #0 PREEMPT(full) [ 1464.263835][T26279] Tainted: [U]=USER [ 1464.263843][T26279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1464.263858][T26279] Call Trace: [ 1464.263865][T26279] [ 1464.263875][T26279] dump_stack_lvl+0x16c/0x1f0 [ 1464.263909][T26279] should_fail_ex+0x512/0x640 [ 1464.263945][T26279] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1464.263973][T26279] should_failslab+0xc2/0x120 [ 1464.264009][T26279] __kmalloc_cache_noprof+0x72/0x780 [ 1464.264034][T26279] ? ipv4_mib_init_net+0x263/0x5f0 [ 1464.264068][T26279] ? ipv4_mib_init_net+0x263/0x5f0 [ 1464.264096][T26279] ipv4_mib_init_net+0x263/0x5f0 [ 1464.264124][T26279] ? __pfx_igmp_net_init+0x10/0x10 [ 1464.264157][T26279] ? __pfx_ipv4_mib_init_net+0x10/0x10 [ 1464.264186][T26279] ops_init+0x1e2/0x5f0 [ 1464.264226][T26279] setup_net+0x100/0x390 [ 1464.264264][T26279] ? __pfx_setup_net+0x10/0x10 [ 1464.264304][T26279] ? debug_mutex_init+0x37/0x70 [ 1464.264336][T26279] copy_net_ns+0x2f8/0x690 [ 1464.264364][T26279] create_new_namespaces+0x3ea/0xa90 [ 1464.264403][T26279] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1464.264439][T26279] ksys_unshare+0x45b/0xa40 [ 1464.264475][T26279] ? __pfx_ksys_unshare+0x10/0x10 [ 1464.264513][T26279] ? xfd_validate_state+0x61/0x180 [ 1464.264545][T26279] __x64_sys_unshare+0x31/0x40 [ 1464.264581][T26279] do_syscall_64+0xcd/0x4b0 [ 1464.264633][T26279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1464.264659][T26279] RIP: 0033:0x7fd83e98eec9 [ 1464.264678][T26279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1464.264703][T26279] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1464.264726][T26279] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1464.264743][T26279] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1464.264758][T26279] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1464.264773][T26279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1464.264789][T26279] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1464.264820][T26279] [ 1464.520735][T26272] netlink: 268 bytes leftover after parsing attributes in process `syz.3.4000'. [ 1465.859629][T26309] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1465.978605][T26311] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1466.138492][T26312] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1467.573967][T26349] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1467.929922][T26356] netlink: 266 bytes leftover after parsing attributes in process `syz.2.4017'. [ 1468.011244][T26356] IPv6: NLM_F_CREATE should be specified when creating new route [ 1469.742938][T26383] Line length is too long: Should be less than 4094 [ 1471.968213][T26437] random: crng reseeded on system resumption [ 1472.322088][T26445] FAULT_INJECTION: forcing a failure. [ 1472.322088][T26445] name failslab, interval 1, probability 0, space 0, times 0 [ 1472.404133][T26445] CPU: 0 UID: 0 PID: 26445 Comm: syz.2.4036 Tainted: G U syzkaller #0 PREEMPT(full) [ 1472.404170][T26445] Tainted: [U]=USER [ 1472.404178][T26445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1472.404193][T26445] Call Trace: [ 1472.404200][T26445] [ 1472.404209][T26445] dump_stack_lvl+0x16c/0x1f0 [ 1472.404248][T26445] should_fail_ex+0x512/0x640 [ 1472.404280][T26445] ? __kmalloc_noprof+0xca/0x880 [ 1472.404305][T26445] should_failslab+0xc2/0x120 [ 1472.404338][T26445] __kmalloc_noprof+0xdd/0x880 [ 1472.404360][T26445] ? lsm_blob_alloc+0x68/0x90 [ 1472.404393][T26445] ? lsm_blob_alloc+0x68/0x90 [ 1472.404418][T26445] lsm_blob_alloc+0x68/0x90 [ 1472.404446][T26445] security_sk_alloc+0x30/0x270 [ 1472.404486][T26445] sk_prot_alloc+0x1c7/0x2a0 [ 1472.404514][T26445] sk_alloc+0x36/0xc20 [ 1472.404547][T26445] __netlink_create+0x5e/0x2c0 [ 1472.404576][T26445] ? __wake_up+0x3f/0x60 [ 1472.404608][T26445] netlink_create+0x39e/0x620 [ 1472.404640][T26445] ? __pfx_genl_bind+0x10/0x10 [ 1472.404661][T26445] ? __pfx_genl_unbind+0x10/0x10 [ 1472.404681][T26445] ? __pfx_genl_release+0x10/0x10 [ 1472.404708][T26445] __sock_create+0x335/0x8d0 [ 1472.404781][T26445] __sys_socket+0x14d/0x260 [ 1472.404807][T26445] ? __fget_files+0x20e/0x3c0 [ 1472.404832][T26445] ? __pfx___sys_socket+0x10/0x10 [ 1472.404859][T26445] ? xfd_validate_state+0x61/0x180 [ 1472.404888][T26445] __x64_sys_socket+0x72/0xb0 [ 1472.404916][T26445] ? lockdep_hardirqs_on+0x7c/0x110 [ 1472.404954][T26445] do_syscall_64+0xcd/0x4b0 [ 1472.404985][T26445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1472.405009][T26445] RIP: 0033:0x7f0c8038eec9 [ 1472.405027][T26445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1472.405050][T26445] RSP: 002b:00007f0c7e593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1472.405072][T26445] RAX: ffffffffffffffda RBX: 00007f0c805e6360 RCX: 00007f0c8038eec9 [ 1472.405088][T26445] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1472.405102][T26445] RBP: 00007f0c80411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1472.405116][T26445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1472.405130][T26445] R13: 00007f0c805e63f8 R14: 00007f0c805e6360 R15: 00007ffdab8b4a08 [ 1472.405160][T26445] [ 1472.970883][ T30] audit: type=1800 audit(4294967432.322:43): pid=26452 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4035" name="discovery_nqn" dev="configfs" ino=89328 res=0 errno=0 [ 1473.550638][T26463] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1474.697686][T26489] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4047'. [ 1475.937260][T26524] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1476.339537][ T30] audit: type=1800 audit(4294967435.881:44): pid=26527 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4049" name="dbroot" dev="configfs" ino=89585 res=0 errno=0 [ 1476.703077][T26531] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1476.890744][T26533] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 1477.261329][T26530] netlink: 268 bytes leftover after parsing attributes in process `syz.2.4056'. [ 1479.544527][T26574] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1479.636544][T26571] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1479.735077][T26577] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1480.903693][T26601] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4072'. [ 1480.952150][T26601] tc_dump_action: action bad kind [ 1481.054781][T26606] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1482.679680][T26625] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1485.189046][T26684] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1485.551853][T26687] FAULT_INJECTION: forcing a failure. [ 1485.551853][T26687] name failslab, interval 1, probability 0, space 0, times 0 [ 1485.627820][T26687] CPU: 0 UID: 0 PID: 26687 Comm: syz.0.4092 Tainted: G U syzkaller #0 PREEMPT(full) [ 1485.627863][T26687] Tainted: [U]=USER [ 1485.627872][T26687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1485.627886][T26687] Call Trace: [ 1485.627893][T26687] [ 1485.627903][T26687] dump_stack_lvl+0x16c/0x1f0 [ 1485.627937][T26687] should_fail_ex+0x512/0x640 [ 1485.627971][T26687] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1485.628002][T26687] should_failslab+0xc2/0x120 [ 1485.628036][T26687] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1485.628062][T26687] ? copy_process+0x4b5/0x76a0 [ 1485.628102][T26687] ? copy_process+0x4b5/0x76a0 [ 1485.628134][T26687] copy_process+0x4b5/0x76a0 [ 1485.628179][T26687] ? __pfx_copy_process+0x10/0x10 [ 1485.628227][T26687] kernel_clone+0xfc/0x930 [ 1485.628262][T26687] ? __pfx_kernel_clone+0x10/0x10 [ 1485.628307][T26687] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1485.628338][T26687] ? 0xffffffffff600000 [ 1485.628356][T26687] ? 0xffffffffff600000 [ 1485.628372][T26687] __do_sys_clone+0xce/0x120 [ 1485.628405][T26687] ? __pfx___do_sys_clone+0x10/0x10 [ 1485.628440][T26687] ? 0xffffffffff600000 [ 1485.628456][T26687] ? 0xffffffffff600000 [ 1485.628471][T26687] ? 0xffffffffff600000 [ 1485.628496][T26687] ? ksys_write+0x1ac/0x250 [ 1485.628523][T26687] ? __pfx_ksys_write+0x10/0x10 [ 1485.628559][T26687] do_syscall_64+0xcd/0x4b0 [ 1485.628590][T26687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1485.628615][T26687] RIP: 0033:0x7fd83e98eec9 [ 1485.628632][T26687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1485.628656][T26687] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1485.628677][T26687] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1485.628693][T26687] RDX: ffffffffff600000 RSI: 0000000000000009 RDI: 0000000000001000 [ 1485.628708][T26687] RBP: 00007fd83f896090 R08: 0000000000000005 R09: 0000000000000000 [ 1485.628723][T26687] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 1485.628744][T26687] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1485.628765][T26687] ? 0xffffffffff600000 [ 1485.628784][T26687] ? 0xffffffffff600000 [ 1485.628805][T26687] [ 1485.860124][ C0] vkms_vblank_simulate: vblank timer overrun [ 1486.274388][T26692] FAULT_INJECTION: forcing a failure. [ 1486.274388][T26692] name failslab, interval 1, probability 0, space 0, times 0 [ 1486.319365][T26692] CPU: 0 UID: 0 PID: 26692 Comm: syz.3.4095 Tainted: G U syzkaller #0 PREEMPT(full) [ 1486.319405][T26692] Tainted: [U]=USER [ 1486.319413][T26692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1486.319428][T26692] Call Trace: [ 1486.319436][T26692] [ 1486.319446][T26692] dump_stack_lvl+0x16c/0x1f0 [ 1486.319480][T26692] should_fail_ex+0x512/0x640 [ 1486.319515][T26692] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1486.319546][T26692] should_failslab+0xc2/0x120 [ 1486.319581][T26692] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1486.319608][T26692] ? getname_flags.part.0+0x4c/0x550 [ 1486.319651][T26692] ? getname_flags.part.0+0x4c/0x550 [ 1486.319687][T26692] getname_flags.part.0+0x4c/0x550 [ 1486.319728][T26692] getname_flags+0x93/0xf0 [ 1486.319754][T26692] do_sys_openat2+0xb8/0x1d0 [ 1486.319792][T26692] ? __pfx_do_sys_openat2+0x10/0x10 [ 1486.319831][T26692] ? __pfx___might_resched+0x10/0x10 [ 1486.319869][T26692] __x64_sys_openat+0x174/0x210 [ 1486.319916][T26692] ? __pfx___x64_sys_openat+0x10/0x10 [ 1486.319967][T26692] do_syscall_64+0xcd/0x4b0 [ 1486.319999][T26692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1486.320024][T26692] RIP: 0033:0x7fda5c38eec9 [ 1486.320042][T26692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1486.320066][T26692] RSP: 002b:00007fda5d176038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1486.320089][T26692] RAX: ffffffffffffffda RBX: 00007fda5c5e5fa0 RCX: 00007fda5c38eec9 [ 1486.320105][T26692] RDX: 0000000000183042 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1486.320121][T26692] RBP: 00007fda5c411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1486.320136][T26692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1486.320150][T26692] R13: 00007fda5c5e6038 R14: 00007fda5c5e5fa0 R15: 00007ffc7f896808 [ 1486.320181][T26692] [ 1486.508952][ C0] vkms_vblank_simulate: vblank timer overrun [ 1488.016704][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1488.023111][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1488.813304][T26716] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4100'. [ 1488.905586][T26716] tc_dump_action: action bad kind [ 1489.371018][T26684] Process accounting resumed [ 1490.033077][T26731] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1491.654683][T26747] netlink: 'syz.1.4107': attribute type 1 has an invalid length. [ 1492.224792][T26761] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4111'. [ 1492.370527][T26761] tc_dump_action: action bad kind [ 1492.605132][T26768] netlink: 268 bytes leftover after parsing attributes in process `syz.1.4112'. [ 1493.676645][T26760] vhci_hcd: invalid port number 16 [ 1493.681887][T26760] vhci_hcd: invalid port number 16 [ 1493.882163][T26788] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1502.043259][T26888] netlink: 268 bytes leftover after parsing attributes in process `syz.1.4140'. syzkaller syzkaller login: [ 1505.457166][T26937] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1505.492841][T26937] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1505.533257][T26937] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1505.670720][T26937] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1505.701156][T26937] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1505.707146][T26937] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1505.824495][T26937] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1506.955032][T11315] Bluetooth: hci3: command 0x0c1a tx timeout [ 1507.176152][T26980] nfs: Unknown parameter 'ީiʟby7J ؀V{ [ 1507.176152][T26980] \9-*;#rRcFGL֍*(ܦ)5&yAlj Lp%Zw}GSιk' [ 1507.513562][T11315] Bluetooth: hci0: command 0x0c1a tx timeout [ 1507.670812][T11315] Bluetooth: hci1: command 0x0c1a tx timeout [ 1507.750259][T11315] Bluetooth: hci2: command 0x0c1a tx timeout [ 1509.583809][T11315] Bluetooth: hci0: command 0x0c1a tx timeout [ 1509.819406][T11315] Bluetooth: hci2: command 0x0c1a tx timeout [ 1511.888575][T11315] Bluetooth: hci2: command 0x0c1a tx timeout [ 1516.214223][T27137] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1516.884783][T27144] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1517.393438][T27159] mkiss: ax0: crc mode is auto. [ 1517.472084][T27154] netlink: 10 bytes leftover after parsing attributes in process `syz.3.4193'. [ 1517.539989][T27154] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 1518.545418][T27182] openvswitch: netlink: Message has 8 unknown bytes. [ 1518.825668][T27176] ERROR: Out of memory at tomoyo_memory_ok. [ 1518.901973][T27176] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/syz-executor /root/syz-executor /newroot/69/:,' not defined. [ 1521.231206][T27199] Process accounting paused [ 1521.566517][T27227] FAULT_INJECTION: forcing a failure. [ 1521.566517][T27227] name failslab, interval 1, probability 0, space 0, times 0 [ 1521.680369][T27227] CPU: 0 UID: 0 PID: 27227 Comm: syz.2.4208 Tainted: G U syzkaller #0 PREEMPT(full) [ 1521.680409][T27227] Tainted: [U]=USER [ 1521.680417][T27227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1521.680433][T27227] Call Trace: [ 1521.680441][T27227] [ 1521.680451][T27227] dump_stack_lvl+0x16c/0x1f0 [ 1521.680486][T27227] should_fail_ex+0x512/0x640 [ 1521.680526][T27227] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1521.680555][T27227] should_failslab+0xc2/0x120 [ 1521.680591][T27227] __kmalloc_cache_noprof+0x72/0x780 [ 1521.680614][T27227] ? apparmor_capable+0x114/0x1d0 [ 1521.680651][T27227] ? evm_write_xattrs+0x1ab/0x8d0 [ 1521.680674][T27227] ? bpf_lsm_capable+0x9/0x10 [ 1521.680713][T27227] ? evm_write_xattrs+0x1ab/0x8d0 [ 1521.680735][T27227] evm_write_xattrs+0x1ab/0x8d0 [ 1521.680759][T27227] ? __pfx_evm_write_xattrs+0x10/0x10 [ 1521.680799][T27227] ? __pfx_evm_write_xattrs+0x10/0x10 [ 1521.680821][T27227] vfs_write+0x2a0/0x11d0 [ 1521.680853][T27227] ? __pfx___mutex_lock+0x10/0x10 [ 1521.680883][T27227] ? __pfx_vfs_write+0x10/0x10 [ 1521.680925][T27227] ? __fget_files+0x20e/0x3c0 [ 1521.680960][T27227] ksys_write+0x12a/0x250 [ 1521.680988][T27227] ? __pfx_ksys_write+0x10/0x10 [ 1521.681025][T27227] do_syscall_64+0xcd/0x4b0 [ 1521.681063][T27227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1521.681088][T27227] RIP: 0033:0x7f0c8038eec9 [ 1521.681107][T27227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1521.681131][T27227] RSP: 002b:00007f0c7e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1521.681154][T27227] RAX: ffffffffffffffda RBX: 00007f0c805e6090 RCX: 00007f0c8038eec9 [ 1521.681170][T27227] RDX: 000000000000001a RSI: 0000000000000000 RDI: 000000000000000a [ 1521.681184][T27227] RBP: 00007f0c80411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1521.681198][T27227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1521.681213][T27227] R13: 00007f0c805e6128 R14: 00007f0c805e6090 R15: 00007ffdab8b4a08 [ 1521.681244][T27227] [ 1522.265279][ T30] audit: type=1806 audit(4294967314.913:45): res=-12 [ 1525.638016][T27293] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1525.877370][T27294] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4223'. [ 1526.253992][T27291] netlink: 268 bytes leftover after parsing attributes in process `syz.2.4224'. [ 1526.802522][ T30] audit: type=1400 audit(4294967320.170:46): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=27298 comm="syz.0.4225" [ 1528.343976][T27329] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4231'. [ 1529.900527][T27349] sd 0:0:1:0: PR command failed: 1026 [ 1530.063934][T27349] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1530.285354][T27349] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1531.765712][T27369] bond0: invalid ARP target specified [ 1531.796176][T27369] netlink: 342 bytes leftover after parsing attributes in process `syz.0.4240'. [ 1532.210865][T27380] FAULT_INJECTION: forcing a failure. [ 1532.210865][T27380] name failslab, interval 1, probability 0, space 0, times 0 [ 1532.302752][T27380] CPU: 0 UID: 0 PID: 27380 Comm: syz.0.4243 Tainted: G U syzkaller #0 PREEMPT(full) [ 1532.302792][T27380] Tainted: [U]=USER [ 1532.302800][T27380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1532.302815][T27380] Call Trace: [ 1532.302823][T27380] [ 1532.302833][T27380] dump_stack_lvl+0x16c/0x1f0 [ 1532.302869][T27380] should_fail_ex+0x512/0x640 [ 1532.302904][T27380] ? fs_reclaim_acquire+0xae/0x150 [ 1532.302941][T27380] should_failslab+0xc2/0x120 [ 1532.302976][T27380] __kmalloc_cache_noprof+0x72/0x780 [ 1532.303007][T27380] ? usb_control_msg+0xbc/0x4a0 [ 1532.303037][T27380] ? usb_control_msg+0xbc/0x4a0 [ 1532.303060][T27380] usb_control_msg+0xbc/0x4a0 [ 1532.303086][T27380] ? __pfx_usb_control_msg+0x10/0x10 [ 1532.303114][T27380] ? __lock_acquire+0xb97/0x1ce0 [ 1532.303155][T27380] hub_ext_port_status+0x14e/0x670 [ 1532.303204][T27380] hub_activate+0x6e5/0x1d60 [ 1532.303238][T27380] ? __pfx_hub_activate+0x10/0x10 [ 1532.303260][T27380] ? find_held_lock+0x2b/0x80 [ 1532.303297][T27380] ? async_getcompleted+0x100/0x1b0 [ 1532.303343][T27380] hub_resume+0xa8/0x3f0 [ 1532.303368][T27380] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1532.303401][T27380] ? __pfx_hub_resume+0x10/0x10 [ 1532.303426][T27380] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1532.303468][T27380] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1532.303507][T27380] usb_resume_both+0x237/0x960 [ 1532.303542][T27380] ? __pfx_usb_resume_both+0x10/0x10 [ 1532.303575][T27380] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1532.303613][T27380] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1532.303650][T27380] __rpm_callback+0xc8/0x610 [ 1532.303676][T27380] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1532.303713][T27380] rpm_callback+0x1b7/0x200 [ 1532.303735][T27380] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1532.303771][T27380] rpm_resume+0xd0a/0x1310 [ 1532.303802][T27380] ? __pfx_rpm_resume+0x10/0x10 [ 1532.303823][T27380] ? do_raw_spin_lock+0x12c/0x2b0 [ 1532.303849][T27380] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1532.303886][T27380] __pm_runtime_resume+0xb6/0x170 [ 1532.303913][T27380] usb_autoresume_device+0x23/0xe0 [ 1532.303951][T27380] usbdev_open+0x228/0x8b0 [ 1532.303988][T27380] ? kobject_get_unless_zero+0x156/0x1e0 [ 1532.304021][T27380] ? __pfx_usbdev_open+0x10/0x10 [ 1532.304057][T27380] ? chrdev_open+0x10b/0x6a0 [ 1532.304092][T27380] ? __pfx_usbdev_open+0x10/0x10 [ 1532.304127][T27380] chrdev_open+0x234/0x6a0 [ 1532.304157][T27380] ? __pfx_apparmor_file_open+0x10/0x10 [ 1532.304193][T27380] ? __pfx_chrdev_open+0x10/0x10 [ 1532.304226][T27380] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1532.304261][T27380] do_dentry_open+0x982/0x1530 [ 1532.304296][T27380] ? __pfx_chrdev_open+0x10/0x10 [ 1532.304334][T27380] vfs_open+0x82/0x3f0 [ 1532.304373][T27380] path_openat+0x1de4/0x2cb0 [ 1532.304412][T27380] ? __pfx_path_openat+0x10/0x10 [ 1532.304449][T27380] do_filp_open+0x20b/0x470 [ 1532.304478][T27380] ? __pfx_do_filp_open+0x10/0x10 [ 1532.304529][T27380] ? alloc_fd+0x471/0x7d0 [ 1532.304563][T27380] do_sys_openat2+0x11b/0x1d0 [ 1532.304600][T27380] ? __pfx_do_sys_openat2+0x10/0x10 [ 1532.304650][T27380] __x64_sys_openat+0x174/0x210 [ 1532.304689][T27380] ? __pfx___x64_sys_openat+0x10/0x10 [ 1532.304740][T27380] do_syscall_64+0xcd/0x4b0 [ 1532.304772][T27380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1532.304797][T27380] RIP: 0033:0x7fd83e98eec9 [ 1532.304816][T27380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1532.304840][T27380] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1532.304863][T27380] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1532.304879][T27380] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1532.304895][T27380] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1532.304910][T27380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1532.304924][T27380] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1532.304955][T27380] [ 1532.304970][T27380] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1533.114424][T27390] FAULT_INJECTION: forcing a failure. [ 1533.114424][T27390] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1533.137886][T27390] CPU: 0 UID: 0 PID: 27390 Comm: syz.2.4244 Tainted: G U syzkaller #0 PREEMPT(full) [ 1533.137924][T27390] Tainted: [U]=USER [ 1533.137933][T27390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1533.137948][T27390] Call Trace: [ 1533.137956][T27390] [ 1533.137965][T27390] dump_stack_lvl+0x16c/0x1f0 [ 1533.137999][T27390] should_fail_ex+0x512/0x640 [ 1533.138039][T27390] get_futex_key+0x1d0/0x1560 [ 1533.138078][T27390] ? __pfx_get_futex_key+0x10/0x10 [ 1533.138123][T27390] futex_wait_setup+0x9d/0x550 [ 1533.138156][T27390] __futex_wait+0x193/0x2f0 [ 1533.138182][T27390] ? __pfx___futex_wait+0x10/0x10 [ 1533.138221][T27390] ? __pfx_futex_wake_mark+0x10/0x10 [ 1533.138250][T27390] ? futex_private_hash_put+0x176/0x300 [ 1533.138288][T27390] ? futex_private_hash_put+0x18a/0x300 [ 1533.138325][T27390] futex_wait+0xe8/0x380 [ 1533.138349][T27390] ? __pfx_futex_wait+0x10/0x10 [ 1533.138390][T27390] do_futex+0x229/0x350 [ 1533.138426][T27390] ? __pfx_do_futex+0x10/0x10 [ 1533.138462][T27390] ? find_held_lock+0x2b/0x80 [ 1533.138497][T27390] __x64_sys_futex+0x1e0/0x4c0 [ 1533.138534][T27390] ? __do_sys_close_range+0x278/0x730 [ 1533.138564][T27390] ? __pfx___x64_sys_futex+0x10/0x10 [ 1533.138601][T27390] ? __pfx___do_sys_close_range+0x10/0x10 [ 1533.138639][T27390] do_syscall_64+0xcd/0x4b0 [ 1533.138671][T27390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1533.138696][T27390] RIP: 0033:0x7f0c8038eec9 [ 1533.138714][T27390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1533.138738][T27390] RSP: 002b:00007f0c811440e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1533.138762][T27390] RAX: ffffffffffffffda RBX: 00007f0c805e5fa8 RCX: 00007f0c8038eec9 [ 1533.138778][T27390] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0c805e5fa8 [ 1533.138793][T27390] RBP: 00007f0c805e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1533.138808][T27390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1533.138823][T27390] R13: 00007f0c805e6038 R14: 00007ffdab8b4920 R15: 00007ffdab8b4a08 [ 1533.138853][T27390] [ 1534.618008][T27421] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1535.169192][T27430] FAULT_INJECTION: forcing a failure. [ 1535.169192][T27430] name failslab, interval 1, probability 0, space 0, times 0 [ 1535.261873][T27430] CPU: 0 UID: 0 PID: 27430 Comm: syz.0.4254 Tainted: G U syzkaller #0 PREEMPT(full) [ 1535.261913][T27430] Tainted: [U]=USER [ 1535.261921][T27430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1535.261935][T27430] Call Trace: [ 1535.261944][T27430] [ 1535.261953][T27430] dump_stack_lvl+0x16c/0x1f0 [ 1535.262056][T27430] should_fail_ex+0x512/0x640 [ 1535.262091][T27430] ? fs_reclaim_acquire+0xae/0x150 [ 1535.262129][T27430] should_failslab+0xc2/0x120 [ 1535.262164][T27430] __kmalloc_cache_noprof+0x72/0x780 [ 1535.262190][T27430] ? usb_control_msg+0xbc/0x4a0 [ 1535.262219][T27430] ? usb_control_msg+0xbc/0x4a0 [ 1535.262243][T27430] usb_control_msg+0xbc/0x4a0 [ 1535.262269][T27430] ? __pfx_usb_control_msg+0x10/0x10 [ 1535.262297][T27430] ? __lock_acquire+0xb97/0x1ce0 [ 1535.262337][T27430] hub_ext_port_status+0x14e/0x670 [ 1535.262387][T27430] hub_activate+0x6e5/0x1d60 [ 1535.262421][T27430] ? __pfx_hub_activate+0x10/0x10 [ 1535.262443][T27430] ? find_held_lock+0x2b/0x80 [ 1535.262472][T27430] ? async_getcompleted+0x100/0x1b0 [ 1535.262518][T27430] hub_resume+0xa8/0x3f0 [ 1535.262543][T27430] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1535.262575][T27430] ? __pfx_hub_resume+0x10/0x10 [ 1535.262600][T27430] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1535.262643][T27430] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1535.262682][T27430] usb_resume_both+0x237/0x960 [ 1535.262715][T27430] ? __pfx_usb_resume_both+0x10/0x10 [ 1535.262749][T27430] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1535.262787][T27430] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1535.262825][T27430] __rpm_callback+0xc8/0x610 [ 1535.262851][T27430] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1535.262889][T27430] rpm_callback+0x1b7/0x200 [ 1535.262918][T27430] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1535.262955][T27430] rpm_resume+0xd0a/0x1310 [ 1535.262995][T27430] ? __pfx_rpm_resume+0x10/0x10 [ 1535.263017][T27430] ? do_raw_spin_lock+0x12c/0x2b0 [ 1535.263043][T27430] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1535.263081][T27430] __pm_runtime_resume+0xb6/0x170 [ 1535.263108][T27430] usb_autoresume_device+0x23/0xe0 [ 1535.263146][T27430] usbdev_open+0x228/0x8b0 [ 1535.263183][T27430] ? kobject_get_unless_zero+0x156/0x1e0 [ 1535.263217][T27430] ? __pfx_usbdev_open+0x10/0x10 [ 1535.263253][T27430] ? chrdev_open+0x10b/0x6a0 [ 1535.263288][T27430] ? __pfx_usbdev_open+0x10/0x10 [ 1535.263323][T27430] chrdev_open+0x234/0x6a0 [ 1535.263353][T27430] ? __pfx_apparmor_file_open+0x10/0x10 [ 1535.263390][T27430] ? __pfx_chrdev_open+0x10/0x10 [ 1535.263423][T27430] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1535.263458][T27430] do_dentry_open+0x982/0x1530 [ 1535.263495][T27430] ? __pfx_chrdev_open+0x10/0x10 [ 1535.263533][T27430] vfs_open+0x82/0x3f0 [ 1535.263573][T27430] path_openat+0x1de4/0x2cb0 [ 1535.263613][T27430] ? __pfx_path_openat+0x10/0x10 [ 1535.263649][T27430] do_filp_open+0x20b/0x470 [ 1535.263678][T27430] ? __pfx_do_filp_open+0x10/0x10 [ 1535.263729][T27430] ? alloc_fd+0x471/0x7d0 [ 1535.263762][T27430] do_sys_openat2+0x11b/0x1d0 [ 1535.263803][T27430] ? __pfx_do_sys_openat2+0x10/0x10 [ 1535.263853][T27430] __x64_sys_openat+0x174/0x210 [ 1535.263891][T27430] ? __pfx___x64_sys_openat+0x10/0x10 [ 1535.263942][T27430] do_syscall_64+0xcd/0x4b0 [ 1535.263980][T27430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1535.264005][T27430] RIP: 0033:0x7fd83e98eec9 [ 1535.264025][T27430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1535.264049][T27430] RSP: 002b:00007fd83f896038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1535.264072][T27430] RAX: ffffffffffffffda RBX: 00007fd83ebe5fa0 RCX: 00007fd83e98eec9 [ 1535.264088][T27430] RDX: 0000000000040101 RSI: 0000200000000240 RDI: ffffffffffffff9c [ 1535.264104][T27430] RBP: 00007fd83ea11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1535.264119][T27430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1535.264133][T27430] R13: 00007fd83ebe6038 R14: 00007fd83ebe5fa0 R15: 00007ffedeb31e18 [ 1535.264164][T27430] [ 1535.264180][T27430] hub 2-0:1.0: hub_ext_port_status failed (err = -12) [ 1535.702711][T27437] ERROR: Out of memory at tomoyo_memory_ok. [ 1538.049046][T27501] netlink: 'syz.1.4269': attribute type 4 has an invalid length. [ 1538.116203][T27501] netlink: 314 bytes leftover after parsing attributes in process `syz.1.4269'. [ 1538.170127][T27501] IPv6: NLM_F_CREATE should be specified when creating new route [ 1540.697123][T27554] nvme_fabrics: missing parameter 'transport=%s' [ 1540.772414][T27554] nvme_fabrics: missing parameter 'nqn=%s' [ 1541.643400][T27574] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(10) [ 1542.307370][T27589] netlink: zone id is out of range [ 1542.402988][T27581] vivid-003: ================= START STATUS ================= [ 1542.461663][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805e2fc000: rx timeout, send abort [ 1542.512740][T27581] vivid-003: Radio HW Seek Mode: Bounded [ 1542.518457][T27581] vivid-003: Radio Programmable HW Seek: false [ 1542.639586][T27581] vivid-003: RDS Rx I/O Mode: Block I/O [ 1542.689650][T27581] vivid-003: Generate RBDS Instead of RDS: false [ 1542.764520][T27581] vivid-003: RDS Reception: true [ 1542.833874][T27581] vivid-003: RDS Program Type: 0 inactive [ 1542.896743][T27581] vivid-003: RDS PS Name: inactive [ 1542.967355][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805e2fc000: abort rx timeout. Force session deactivation [ 1542.978267][T27581] vivid-003: RDS Radio Text: inactive [ 1542.983767][T27581] vivid-003: RDS Traffic Announcement: false inactive [ 1543.164456][T27581] vivid-003: RDS Traffic Program: false inactive [ 1543.238551][T27581] vivid-003: RDS Music: false inactive [ 1543.265932][T27581] vivid-003: ================== END STATUS ================== [ 1544.461598][T27625] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4296'. [ 1544.527576][ T30] audit: type=1326 audit(4294967337.992:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27626 comm="syz.3.4297" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fda5c38eec9 code=0x0 [ 1544.787150][T27631] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 1545.064399][T27642] ptrace attach of "./syz-executor exec"[19826] was attempted by ""[27642] [ 1546.174618][T27665] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1548.083401][T27693] FAULT_INJECTION: forcing a failure. [ 1548.083401][T27693] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1548.188771][T27693] CPU: 0 UID: 0 PID: 27693 Comm: syz.3.4313 Tainted: G U syzkaller #0 PREEMPT(full) [ 1548.188810][T27693] Tainted: [U]=USER [ 1548.188818][T27693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1548.188833][T27693] Call Trace: [ 1548.188841][T27693] [ 1548.188850][T27693] dump_stack_lvl+0x16c/0x1f0 [ 1548.188883][T27693] should_fail_ex+0x512/0x640 [ 1548.188926][T27693] get_futex_key+0x1d0/0x1560 [ 1548.188970][T27693] ? __pfx_get_futex_key+0x10/0x10 [ 1548.189002][T27693] ? futex_private_hash_put+0x176/0x300 [ 1548.189043][T27693] futex_wake+0xea/0x530 [ 1548.189069][T27693] ? __pfx_futex_wake+0x10/0x10 [ 1548.189095][T27693] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 1548.189131][T27693] do_futex+0x1e3/0x350 [ 1548.189166][T27693] ? __pfx_do_futex+0x10/0x10 [ 1548.189198][T27693] ? rcu_is_watching+0x12/0xc0 [ 1548.189229][T27693] ? ktime_get+0x200/0x310 [ 1548.189260][T27693] ? lockdep_hardirqs_on+0x7c/0x110 [ 1548.189287][T27693] ? read_tsc+0x9/0x20 [ 1548.189322][T27693] __x64_sys_futex+0x1e0/0x4c0 [ 1548.189360][T27693] ? __pfx___x64_sys_futex+0x10/0x10 [ 1548.189396][T27693] ? xfd_validate_state+0x61/0x180 [ 1548.189426][T27693] do_syscall_64+0xcd/0x4b0 [ 1548.189464][T27693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1548.189488][T27693] RIP: 0033:0x7fda5c38eec9 [ 1548.189507][T27693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1548.189530][T27693] RSP: 002b:00007ffc7f896968 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1548.189552][T27693] RAX: ffffffffffffffda RBX: 00007fda5c5e6188 RCX: 00007fda5c38eec9 [ 1548.189567][T27693] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fda5c5e6188 [ 1548.189583][T27693] RBP: 0000000000000002 R08: 0000000000000000 R09: 000000147f896c5f [ 1548.189596][T27693] R10: 00007fda5c5e5fa0 R11: 0000000000000246 R12: 00007fda5c5e618c [ 1548.189612][T27693] R13: 00007fda5c5e6180 R14: 000000000000106e R15: 0000000000000006 [ 1548.189640][T27693] [ 1548.857404][T27715] capability: warning: `syz.1.4317' uses deprecated v2 capabilities in a way that may be insecure [ 1549.142134][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1549.151426][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1549.832084][T27735] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1550.417577][ T5174] Trying to write to read-only block-device sda1 [ 1550.469949][T11902] Trying to write to read-only block-device sda [ 1550.886302][T27758] queue_state_write: operation too long [ 1550.920426][T27758] queue_state_write: use 'run', 'start' or 'kick' [ 1551.109313][ T30] audit: type=1806 audit(4294967344.617:48): xattr="." res=0 [ 1551.135380][T27762] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1551.271133][T27727] Process accounting resumed [ 1553.111679][T27785] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1553.371201][T11315] block nbd0: Receive control failed (result -107) [ 1553.433757][T27792] __vm_enough_memory: pid: 27792, comm: syz.1.4331, bytes: 4398046511104 not enough memory for the allocation [ 1554.089925][ T30] audit: type=1326 audit(4294967347.612:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27799 comm="syz.2.4332" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0c8038eec9 code=0x0 [ 1554.152189][T27801] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1554.212278][T27801] FAULT_INJECTION: forcing a failure. [ 1554.212278][T27801] name failslab, interval 1, probability 0, space 0, times 0 [ 1554.297833][T27801] CPU: 0 UID: 0 PID: 27801 Comm: syz.2.4332 Tainted: G U syzkaller #0 PREEMPT(full) [ 1554.297872][T27801] Tainted: [U]=USER [ 1554.297880][T27801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1554.297895][T27801] Call Trace: [ 1554.297903][T27801] [ 1554.297912][T27801] dump_stack_lvl+0x16c/0x1f0 [ 1554.297948][T27801] should_fail_ex+0x512/0x640 [ 1554.297983][T27801] ? fs_reclaim_acquire+0xae/0x150 [ 1554.298020][T27801] should_failslab+0xc2/0x120 [ 1554.298055][T27801] __kmalloc_noprof+0xdd/0x880 [ 1554.298080][T27801] ? tomoyo_encode2+0x100/0x3e0 [ 1554.298111][T27801] ? tomoyo_encode2+0x100/0x3e0 [ 1554.298134][T27801] tomoyo_encode2+0x100/0x3e0 [ 1554.298165][T27801] tomoyo_encode+0x29/0x50 [ 1554.298189][T27801] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1554.298226][T27801] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1554.298267][T27801] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1554.298336][T27801] ? do_raw_spin_lock+0x12c/0x2b0 [ 1554.298371][T27801] tomoyo_file_open+0x6b/0x90 [ 1554.298403][T27801] security_file_open+0x84/0x1e0 [ 1554.298429][T27801] do_dentry_open+0x596/0x1530 [ 1554.298468][T27801] vfs_open+0x82/0x3f0 [ 1554.298508][T27801] path_openat+0x1de4/0x2cb0 [ 1554.298558][T27801] ? __pfx_path_openat+0x10/0x10 [ 1554.298598][T27801] do_filp_open+0x20b/0x470 [ 1554.298628][T27801] ? __pfx_do_filp_open+0x10/0x10 [ 1554.298678][T27801] ? alloc_fd+0x471/0x7d0 [ 1554.298713][T27801] do_sys_openat2+0x11b/0x1d0 [ 1554.298750][T27801] ? __pfx_do_sys_openat2+0x10/0x10 [ 1554.298800][T27801] __x64_sys_openat+0x174/0x210 [ 1554.298839][T27801] ? __pfx___x64_sys_openat+0x10/0x10 [ 1554.298890][T27801] do_syscall_64+0xcd/0x4b0 [ 1554.298922][T27801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1554.298947][T27801] RIP: 0033:0x7f0c8038eec9 [ 1554.298965][T27801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1554.298990][T27801] RSP: 002b:00007f0c7e5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1554.299013][T27801] RAX: ffffffffffffffda RBX: 00007f0c805e6090 RCX: 00007f0c8038eec9 [ 1554.299029][T27801] RDX: 0000000000000102 RSI: 0000200000000800 RDI: ffffffffffffff9c [ 1554.299045][T27801] RBP: 00007f0c80411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1554.299060][T27801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1554.299074][T27801] R13: 00007f0c805e6128 R14: 00007f0c805e6090 R15: 00007ffdab8b4a08 [ 1554.299106][T27801] [ 1554.551276][ C0] vkms_vblank_simulate: vblank timer overrun [ 1554.561633][T27801] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1556.735073][T27829] netlink: 268 bytes leftover after parsing attributes in process `syz.1.4338'. [ 1559.057794][T27893] warning: `syz.2.4348' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 1559.304978][T27908] FAULT_INJECTION: forcing a failure. [ 1559.304978][T27908] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1559.447258][T27908] CPU: 0 UID: 0 PID: 27908 Comm: syz.0.4350 Tainted: G U syzkaller #0 PREEMPT(full) [ 1559.447298][T27908] Tainted: [U]=USER [ 1559.447305][T27908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1559.447320][T27908] Call Trace: [ 1559.447328][T27908] [ 1559.447337][T27908] dump_stack_lvl+0x16c/0x1f0 [ 1559.447370][T27908] should_fail_ex+0x512/0x640 [ 1559.447409][T27908] get_futex_key+0xff0/0x1560 [ 1559.447447][T27908] ? __pfx_get_futex_key+0x10/0x10 [ 1559.447481][T27908] ? __mutex_trylock_common+0xe9/0x250 [ 1559.447527][T27908] futex_wake+0xea/0x530 [ 1559.447553][T27908] ? __pfx_futex_wake+0x10/0x10 [ 1559.447589][T27908] do_futex+0x1e3/0x350 [ 1559.447625][T27908] ? __pfx_do_futex+0x10/0x10 [ 1559.447657][T27908] ? __might_fault+0xe3/0x190 [ 1559.447691][T27908] mm_release+0x24e/0x300 [ 1559.447723][T27908] do_exit+0x68e/0x2bf0 [ 1559.447749][T27908] ? __pfx_do_exit+0x10/0x10 [ 1559.447769][T27908] ? do_raw_spin_lock+0x12c/0x2b0 [ 1559.447794][T27908] ? find_held_lock+0x2b/0x80 [ 1559.447827][T27908] do_group_exit+0xd3/0x2a0 [ 1559.447850][T27908] get_signal+0x2671/0x26d0 [ 1559.447888][T27908] ? __asan_memset+0x23/0x50 [ 1559.447916][T27908] ? __pfx_get_signal+0x10/0x10 [ 1559.447947][T27908] ? do_futex+0x122/0x350 [ 1559.447982][T27908] ? __pfx_do_futex+0x10/0x10 [ 1559.448019][T27908] arch_do_signal_or_restart+0x8f/0x790 [ 1559.448056][T27908] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1559.448114][T27908] exit_to_user_mode_loop+0x85/0x130 [ 1559.448140][T27908] do_syscall_64+0x419/0x4b0 [ 1559.448171][T27908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1559.448196][T27908] RIP: 0033:0x7fd83e98eec9 [ 1559.448214][T27908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1559.448237][T27908] RSP: 002b:00007fd83f8750e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1559.448259][T27908] RAX: fffffffffffffe00 RBX: 00007fd83ebe6098 RCX: 00007fd83e98eec9 [ 1559.448274][T27908] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd83ebe6098 [ 1559.448289][T27908] RBP: 00007fd83ebe6090 R08: 0000000000000000 R09: 0000000000000000 [ 1559.448303][T27908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1559.448318][T27908] R13: 00007fd83ebe6128 R14: 00007ffedeb31d30 R15: 00007ffedeb31e18 [ 1559.448348][T27908] [ 1561.288000][T27932] netlink: 268 bytes leftover after parsing attributes in process `syz.1.4353'. [ 1564.030925][T27983] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1564.227700][T27985] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1565.150197][T27990] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1567.336882][T28034] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1569.905331][T28077] netlink: set zone limit has 8 unknown bytes [ 1570.084729][T28071] can: request_module (can-proto-4) failed. [ 1570.365610][T28096] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1570.456296][T28094] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1570.753878][T28099] netlink: 334 bytes leftover after parsing attributes in process `syz.0.4385'. [ 1571.220649][T28106] random: crng reseeded on system resumption [ 1575.232575][T28165] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1577.409649][T28186] netlink: 268 bytes leftover after parsing attributes in process `syz.1.4403'. [ 1579.762686][T28227] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1580.979805][T28248] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1582.162545][T28273] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1582.810010][T28141] ------------[ cut here ]------------ [ 1582.815611][T28141] WARNING: CPU: 0 PID: 28141 at kernel/trace/trace.c:8604 tracing_buffers_mmap_close+0xdd/0x130 [ 1582.826234][T28141] Modules linked in: [ 1582.830579][T28141] CPU: 0 UID: 0 PID: 28141 Comm: syz.3.4394 Tainted: G U syzkaller #0 PREEMPT(full) [ 1582.841636][T28141] Tainted: [U]=USER [ 1582.845455][T28141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1582.855629][T28141] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 1582.862213][T28141] Code: 75 46 48 8b 7b 08 e8 d2 96 ff ff 31 ff 89 c3 89 c6 e8 37 4d fb ff 85 db 75 0a 48 83 c4 08 5b e9 e9 51 fb ff e8 e4 51 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 d6 51 fb ff e8 71 d0 62 00 eb 87 e8 9a [ 1582.882352][T28141] RSP: 0018:ffffc9000b2679c0 EFLAGS: 00010293 [ 1582.889025][T28141] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bf40e9 [ 1582.897014][T28141] RDX: ffff88805803dac0 RSI: ffffffff81bf40fc RDI: 0000000000000005 [ 1582.906198][T28141] RBP: ffffffff81bf4020 R08: 0000000000000005 R09: 0000000000000000 [ 1582.914720][T28141] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff88807fbace08 [ 1582.922763][T28141] R13: dffffc0000000000 R14: ffffc9000b267a48 R15: 0000000000000000 [ 1582.930767][T28141] FS: 0000000000000000(0000) GS:ffff888124e6f000(0000) knlGS:0000000000000000 [ 1582.939913][T28141] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1582.946571][T28141] CR2: 00007fd83f812d58 CR3: 00000000321c6000 CR4: 00000000003526f0 [ 1582.954597][T28141] Call Trace: [ 1582.957983][T28141] [ 1582.960936][T28141] remove_vma+0x88/0x160 [ 1582.965203][T28141] exit_mmap+0x50a/0xb90 [ 1582.969535][T28141] ? __pfx_exit_mmap+0x10/0x10 [ 1582.974338][T28141] ? __lock_acquire+0xb97/0x1ce0 [ 1582.979405][T28141] ? arch_uprobe_clear_state+0x16/0x150 [ 1582.985402][T28141] __mmput+0x12a/0x410 [ 1582.989854][T28141] mmput+0x62/0x70 [ 1582.993601][T28141] do_exit+0x7c7/0x2bf0 [ 1582.997834][T28141] ? proc_coredump_connector+0x2d1/0x4f0 [ 1583.004211][T28141] ? __pfx_do_exit+0x10/0x10 [ 1583.009374][T28141] do_group_exit+0xd3/0x2a0 [ 1583.013900][T28141] get_signal+0x2671/0x26d0 [ 1583.018494][T28141] ? force_sig_fault+0xc4/0x100 [ 1583.023369][T28141] ? __pfx_get_signal+0x10/0x10 [ 1583.028325][T28141] arch_do_signal_or_restart+0x8f/0x790 [ 1583.033898][T28141] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 1583.040223][T28141] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1583.046417][T28141] irqentry_exit_to_user_mode+0x141/0x2b0 [ 1583.052186][T28141] asm_exc_page_fault+0x26/0x30 [ 1583.057082][T28141] RIP: 0033:0x40fff [ 1583.060894][T28141] Code: Unable to access opcode bytes at 0x40fd5. [ 1583.067366][T28141] RSP: 002b:000000000000000a EFLAGS: 00010206 [ 1583.073529][T28141] RAX: 0000000000000000 RBX: 00007fda5c5e5fa0 RCX: 00007fda5c38eec9 [ 1583.081559][T28141] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1583.089913][T28141] RBP: 00007fda5c411f91 R08: 0000000000000002 R09: 0000000000000000 [ 1583.098244][T28141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1583.106970][T28141] R13: 00007fda5c5e6038 R14: 00007fda5c5e5fa0 R15: 00007ffc7f896808 [ 1583.114971][T28141] [ 1583.118525][T28141] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1583.125816][T28141] CPU: 0 UID: 0 PID: 28141 Comm: syz.3.4394 Tainted: G U syzkaller #0 PREEMPT(full) [ 1583.136762][T28141] Tainted: [U]=USER [ 1583.140586][T28141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1583.150653][T28141] Call Trace: [ 1583.153944][T28141] [ 1583.156974][T28141] dump_stack_lvl+0x3d/0x1f0 [ 1583.161597][T28141] vpanic+0x640/0x6f0 [ 1583.165601][T28141] ? tracing_buffers_mmap_close+0xdd/0x130 [ 1583.171441][T28141] panic+0xca/0xd0 [ 1583.175179][T28141] ? __pfx_panic+0x10/0x10 [ 1583.179624][T28141] ? check_panic_on_warn+0x1f/0xb0 [ 1583.184752][T28141] check_panic_on_warn+0xab/0xb0 [ 1583.189705][T28141] __warn+0xf6/0x3c0 [ 1583.193609][T28141] ? tracing_buffers_mmap_close+0xdd/0x130 [ 1583.199436][T28141] report_bug+0x3c3/0x580 [ 1583.203779][T28141] ? tracing_buffers_mmap_close+0xdd/0x130 [ 1583.209645][T28141] handle_bug+0x184/0x210 [ 1583.214017][T28141] exc_invalid_op+0x17/0x50 [ 1583.218547][T28141] asm_exc_invalid_op+0x1a/0x20 [ 1583.223412][T28141] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 1583.229858][T28141] Code: 75 46 48 8b 7b 08 e8 d2 96 ff ff 31 ff 89 c3 89 c6 e8 37 4d fb ff 85 db 75 0a 48 83 c4 08 5b e9 e9 51 fb ff e8 e4 51 fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 d6 51 fb ff e8 71 d0 62 00 eb 87 e8 9a [ 1583.249480][T28141] RSP: 0018:ffffc9000b2679c0 EFLAGS: 00010293 [ 1583.255564][T28141] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bf40e9 [ 1583.263543][T28141] RDX: ffff88805803dac0 RSI: ffffffff81bf40fc RDI: 0000000000000005 [ 1583.271519][T28141] RBP: ffffffff81bf4020 R08: 0000000000000005 R09: 0000000000000000 [ 1583.279586][T28141] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff88807fbace08 [ 1583.287562][T28141] R13: dffffc0000000000 R14: ffffc9000b267a48 R15: 0000000000000000 [ 1583.295543][T28141] ? __pfx_tracing_buffers_mmap_close+0x10/0x10 [ 1583.301806][T28141] ? tracing_buffers_mmap_close+0xc9/0x130 [ 1583.307633][T28141] ? tracing_buffers_mmap_close+0xdc/0x130 [ 1583.313463][T28141] remove_vma+0x88/0x160 [ 1583.317716][T28141] exit_mmap+0x50a/0xb90 [ 1583.321983][T28141] ? __pfx_exit_mmap+0x10/0x10 [ 1583.326776][T28141] ? __lock_acquire+0xb97/0x1ce0 [ 1583.331750][T28141] ? arch_uprobe_clear_state+0x16/0x150 [ 1583.337316][T28141] __mmput+0x12a/0x410 [ 1583.341406][T28141] mmput+0x62/0x70 [ 1583.345145][T28141] do_exit+0x7c7/0x2bf0 [ 1583.349316][T28141] ? proc_coredump_connector+0x2d1/0x4f0 [ 1583.354968][T28141] ? __pfx_do_exit+0x10/0x10 [ 1583.359575][T28141] do_group_exit+0xd3/0x2a0 [ 1583.364085][T28141] get_signal+0x2671/0x26d0 [ 1583.368611][T28141] ? force_sig_fault+0xc4/0x100 [ 1583.373511][T28141] ? __pfx_get_signal+0x10/0x10 [ 1583.378391][T28141] arch_do_signal_or_restart+0x8f/0x790 [ 1583.383978][T28141] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 1583.390059][T28141] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1583.396249][T28141] irqentry_exit_to_user_mode+0x141/0x2b0 [ 1583.402012][T28141] asm_exc_page_fault+0x26/0x30 [ 1583.406874][T28141] RIP: 0033:0x40fff [ 1583.410684][T28141] Code: Unable to access opcode bytes at 0x40fd5. [ 1583.417094][T28141] RSP: 002b:000000000000000a EFLAGS: 00010206 [ 1583.423185][T28141] RAX: 0000000000000000 RBX: 00007fda5c5e5fa0 RCX: 00007fda5c38eec9 [ 1583.431160][T28141] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1583.439136][T28141] RBP: 00007fda5c411f91 R08: 0000000000000002 R09: 0000000000000000 [ 1583.447130][T28141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1583.455108][T28141] R13: 00007fda5c5e6038 R14: 00007fda5c5e5fa0 R15: 00007ffc7f896808 [ 1583.463106][T28141] [ 1583.466192][T28141] Kernel Offset: disabled [ 1583.470612][T28141] Rebooting in 86400 seconds..