last executing test programs: 2m27.437022192s ago: executing program 3 (id=886): mmap$auto(0x0, 0x400008, 0xdd, 0x38, 0x1, 0x8000000000000000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x101082, 0x0) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="080100e6", @ANYRES16=0x0, @ANYBLOB="51032bbd7000fcdbdf2507"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x20000800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) timer_create$auto(0x8, 0x0, 0x0) 2m26.91639346s ago: executing program 3 (id=888): mmap$auto(0x0, 0x1f4000, 0x4000000000df, 0x412, 0x403, 0x8000) socket(0xa, 0x2, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xeae22, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setresuid$auto(0x2, 0x7, 0x8080) madvise$auto(0x0, 0x2003f0, 0x15) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x0, 0x8, 0x70bd2d, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r0, &(0x7f0000000100)="0a1b9a2f5c7b", 0x6) shutdown$auto(0x200000003, 0x2) listen$auto(0x3, 0x81) timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, &(0x7f0000000240)={@sival_int=0x28df, @inferred, 0x8, @_sigev_thread={&(0x7f0000000200)=&(0x7f00000001c0)=0xcb, &(0x7f0000000b00)="ef38516df8d2fbbb02ec87e465b9b31373a446354d238fe569de896a9a0f0623bbc860fb34e4b0c33475d349808660ac571a38c4751808869aaaabc84c5d7caae39f366b6c5091d7360ade7523c54f7d1b036b3d7b093054619c7059793d5facd90dd23853169efc7c01b5bd6df26325c61633957e4fab5b31faa0bf83e735a1381aff285af1752750e2b740dd2381627178f258ef9ed1b89736b81cd03ec2cc07a8e1ab1c260cdc382023cc3dfac3087c82e388b180124f81883a56c6e0073cf51bfb49c17c43f2e92966e90907f40d2c42c6b49e2dd80de7dc7fe399734fde0c69d55918bdfbcdd7f284711e79982ee6661f652684b3eb1bd79979c5dca77f2e03f78e1eb9047ec61f1fbe264ad4f5873149dc05d1f6259f1c68552c9ae924365f6b95bd6ad84ca6445bcf3215e648ea3fe0963e6b52bbca274311dff1502a0a4c87190d97b65a78e8be924304310943b88e9c6069b29465c92c81a5a6e6fe6fe9547920d042eba323a2f61bdc067bf28ea01d519eeceb6650d99f098e546450e3d3141ba99700fe06c04698e8ddbcccaf6da1c2a6e37da96a9de339239a3aa34b6521fcdb713370527266cf84b39e91f980265fd1d09b5aaaf4dd72b3ba04f81596bd715ca1919ea4d9f57ec3a3691e896d77fd5f639223c2406e4e243955718c0bc4f76c87be5b7f269a9e48e62b581d38c57cde759f2da8a98c9a4de675e0a9a14c15106a064d8a3676d248986add0325a4a58afa561d5dfad425f60b2daab68a8fb3f5ed2f05cb06a3eada447b41a5c3d310fb1a6925a995e2edf79350c51eca0e79e8f1beb1707fe85fc46d90a8b5df2211483f9793af5d9784178c20429525866e5c25b480edae913b58b95aa2b51fa29cb0b5acc92c8d3d0622ffc143528ad4010162216139995a26693bab7e88a7482c242f31aaa9ce0da41493c05c021ad9f2537e198788e0c0a989a1b63e0f88e12a2d30d2d0e0aceca42f318cab6332d33dfecd4d9d106861d0d6d8801a2bab150c1db7d38b3e645cdcb464db831db2c8697287b475db021e92cf87aace63e5fa63c9241ef5139cf6d86115edd439c855ec89bbadbf5175e7865e5563f8c33152cd2860ec8e88e0fd56da848e85d84ce720e97de380844603dc1a043870716a29bd8c03d50c85afa01639b851e416ffdb900cc8f15ba91ab35c862679b7e483f1922dd40c954be945c507439b94a044fedc15c705b6b36d84e1580c14518b712a586481c4d1e842db2b247df0ba0d4bdc0d74fd5cf125fbc052ec6bea0023e9c93f54bd2c48a54a784b769446f806a2b5dfe27fa81a683c1211d51ed778ea9e7a43a4e7e3e3b30985669087119f9388a9b16d18d3f673d6c7c8abaa231b4c8083722ae9339e77b071ef243a2864ee40c6bfa41db5d94c85fc45ba71318af1bf746e4df0301e13bf3c412d0a2af63384e1d6d4fc9471687a6b7b8cffa6e7555f2726bd251658b32fe79a41624e788e80a3af6fb9ff90687e5fc0f943a218f2504946847ca1a6c0f39427156f75c47b356295444a5e54321f4ee9fd65106e1ddc7cba05acf6990536b50043fb062259319901fd332297cbc2bb8d5e71219eba44e989d66ce462b087937aed85b7cbdc1b252045948790d78b2cb570a0be967de05cd827dd22058608e9b8e63d3008cb3262b130126f9cc78ea93cb9073cfcd828b3fe1e79125877ffc0299ef6606c9e710dd7695967d0924544de20ea2ac6be35245a6719e20083b0dce9c86ced76a5208285d44b4b6c37d1d6db2bd0b9b10c376deaefd6c75fa8592a11d87bcd34a5cbb1c7ed6677b8fed469c5e3e348397f14ae0f07a7cd751d541e9aac18ab091a299c25f40bc226c015ffbe72c27c7a23a48dc16642453ef5c45a1325d5c7c0cabbbabcce38f27da8de8564afbf3ed8aa76982bba634071f128f8affeea3a493673c90575b36c480fecbd1356a6f4ca54abffc162e9c2aa77c9199512ecf6f9eba165d307baec68a8b364ad7f26f6283505d9b1231aa00c4078a2666ec185d595597169a11839cc1f39646fde5ff5158cbcc48f853da8bb860d53b180559cdc40d705c9c52430c5c5fbe11836b347ecdec9c972582d2a50126d71695b11a538129a429857c30b08fc4403c954b36d115f6f5fd6420193f1b7b01d4d6f71c9bf54c117506a97f0309bba6b0030aff4b8d21f0e56afd04a2bc2843bfa4df483dbc129c61b27db9d404be51dca45d034f78a9d9cc60f27a93ad6320524f89b266bbaea6331df1c1b91c3f10a1584565fb8803f2a07acfe57053ce51fb36ed9b6725d8b4d6c284fd4a8eb5da384aea5d290a95d9a872b8b0b1f77f786fe75a41f834af85a6e7a617a2b28d68913d8b404e94a35e8e950a860ac5b3ddb791df5eb725e979b1efc816fd22c8e629fcc7f30a2b21213761598b23e02d53aa76be5824e4625bec2c3a8d4747d419bb122a1f456202960dc35a986e04d5976cf9eed7e230804e90f06e0be02dc3f22e20a19a822186e7369767ac89110e5fce90685bb3943c12090e9b29e5b7f61edd654ac6da2e808bf35ca7df067305be30af6911c922ae0f777af17a1dc7107625ce477bb4110e6832d350adb21f028cfe6363247da170c2370115b94e10bad0d30f4b24d32a228d55207a67bc4ebee03e290528a05833107176e24b755d9a6aa0397b61335870b9a5414f5c4f1fd0af7509d59afecb946838e92edb2cc3577b5f9c0f21e4227d8b9c1b1c09f6ff083eaafe8a075cfa404f1b6224225098ae1a18b385bce95e8f6c255813cf361fb253d618a07c966167b17882a81e0c12bc0e8904e5fafd7fa46e720ab85524c3d97d7ad9e189bdff886fd679622122f94b106f5f59416b329e1b50d2aa7ecfe7b7ea690a48fef3d7c8ad71481af46e8cb7455db49fc9a47f60851a6ce926d2468d2126e2bf189ad79eed1855afa42b662117319bd3d7dfa5cf35250a5d967b449e370bd6d8aafcddc537edbf14012d866f4f12499a444a64977e36572a54c4b9228fa7da1be71a1f3b9793feaf8d7177e57ee3391840a5d249288b6e8b84f79da14a0f7f71a92d55f4d27c22fb13510d71ad43d20d251398a560d93b63c2889fe3a9bad94e65dd92d8b0a98decd526361fa996e054858f50ecf0b9eb57a4762eeaa951065efcd2b213663eaa455e4dfbe9eaaec065c9772c4b002421336a157b8b1be5d356de2facf55b5618126b07b23c6aab062a201e514e16f4d10f7cf6e6c702b23eae006744bc4ffb28f9979198cdd1e720fd432a1508f01ecac33ee49be061cc0c0cc4ae16db4ca144ea306eb660384340f2048aad7daca072ee0db900fd9e012073c6185fe4503593063db43f36cc57bd715adc83b50bdf455bad222bd62ddf8a955dd87686907cd171000cbac7fff4f290f605aaab3ef43bcda5f07726262e4c4ad17353e1c0a37cd8995c1813c70856eb25ca3bbe27a5ccc0bd32638a6010b7067ac6846adc61fee4a1d33360c6a905fe219ff0202de123f5a913d5164dc29c0904ddc2715e679c26dd0210898ad2cc678245436bc8a77e06847e2eab6ee4746b64951b9483f9530c603d6cf6dab7f5053b00ad2891766222195a0ff0d759250d772a6ea0698928f36005a500efb637fb976ef6b0e1a80ef82fb753ec93ea87ad83a481d67172b6e8df51909a6966a2070a3452754d5759aa1ef43823db0224cabff4030d442602a4110704215ced6a61ef08a67b4522d001c6157c299fd6a0ac653295213643fa49ca29d97133d27f5449dd38fb910d65f8535689ebeee2b41b3bcda497c38493eff90c219e67c202242a87329906caf11343edfa4f1f9de0f1d7f39f639be6b9cdee3391a2aca9ab0b40ef5e02a1339c43b95af5c31890c4fd1840db97b41c80a17710f953f986eaecbee726eafcccf3212e7aa36a890a547594d83a25d7eb92915791efdbff30f1997efd3a7c6dbf5d1584f01106a1b4066ad2ddd95dd21f5347484f79b987c7bdaa8cd8175f5a44e0cd798ee05e51e61534de49725cef9bed6d362b913e8b64505124bfff920aa2b610fe4adcbc804ccd8036a739addb6579b4b1c13092ced13c54e901422a0225257f9af7de16d39b9b6ac923b4f6667e1c77a35ee34e00c0d3f3d67a3b85300117392e560a4b3d4fef340250a8859ce5e7965709b6c22f2fd4b895d94b41383672a1a90a09bfaf8835c83c8a7b92cea9c12ed78314c6a6dd0f4bce5bb89b32e13256f01a19bf72373ef8d3b765fe8f72a4ac406422f5b81b31baf2c2ec0a8bffea36a1ee471f7245c1bc6002c8e78e79959c8d368e6a72dfe57a4fc08661cba4bc5fc3bb1c4fecb6376c60036816ee5ca3fee8c850e7bfb7b227fad2fe073ef6150c5b1d55b77c23c0c2785f5965c6f67bbdcf9a187b212e5d977a11b53af46d9271db54c6f0230fcfb4f63044738b5dbf164e6b41b76475420890d3dfcb143d87831ec1c217fbf3dea37f47a1aba32b2895853ff8bddd1b9722d9cfd4a69e75664c2f074b8728987e57a86840bd07e6e9e68acef073a1ef46e96854d5f5ecf690069a8f2d81c443fa84ac98d69f674aea83b8bd2b66ad09fa14d0e2f5b0b5aebb974443acb49d4779748e538ceedf3d3afc80c98b4d91f18b78d61cb306fbe57b07f2da5001d87c266d88975aaf9f2fefd342c38cbee17469ec43a29bdfa28f8ce97a8785ae0863d1cd6ddf24224885729a83555dc8e997b1784bbe06094a8aa05d59ee9b697884a4ca68c66ab213cf978c2d54715f3e57008fa9af3a4632ba279a386304917575a3e27fb4479d1696feea03cb20c62114a93eb230bcb232e86344066f71e36b7ae024d67a31a1ea7774cfd2887b49dfb9ae6b8b86970bf093f89214658e4a93e240656c4c1cc4328bd29c67b035c6eb88e9931797fa4b6fbe07e831678b70b06f6f8d90a1f2a16b56bb41d7cb21fc62f0a8d395fec2e8b49cba758b86c40ef23874c34885e96c2ed2166ee62781bd85613b5feec9e8bcfff66669529b04b88d81258dd97ea25ffce37bc201b99c7f31bd24bc46d3e892e611d198dd4c832c47174ca666bf356a7963be646c8f4e2c7b07bf9029266a67138aec62b49d14dff02890953fb1ac857bff26e0c18ce45384aa3fa79d54d0e6a1fe06397a6473e395001370827286c8cfc846a4d0c6dd77716affe3a306260331c2e6b2a5200b1d7c588109321a479b1ed6d75c1c674721ab1da2daf7d4717097ff73dfed284fe76da08c26bad4fc6df26c41c83c2ce0bf78f189ca8721770121c4fdbdf13ea068c6ab3defd36c0b85a92ed45643731efff602680051606d16eef2e9ca1399d32df031a4182b47aa6603dd224fb57434a12a896b4e832d2c77d1851e456621aeba45f3c8d3b83f86e093e9ece128431eb697d46a9de2af748f468cea06513f3b60c33c41d1552d635fddc0958a4608a32036313c1d996c6ffb0924faf2a81943db73f48c3df3a61549945e777d3c3feab6d18b9166a1f2c8a86af6f729cb119ecccfab17c84ef804601691d1590cf7135567fefc57132e4229585ca1b12c6664d5db43386db2d7287e98a46d7a1802e8f4a52dd0dcb738138225bf34314aa7d0cfb65fe80ba1528695303f8b91246e777e4e7e2035c5f52b2f181a068a3b30ce66351cd3f98ecebe9da820bf01792204d17d6fd9e010802e3e6e1c72eab5c5668a6ae6274e7a9312479e63c2bc528ed3b2e79e9d3faec2439afa0c7f46b533ced8837afed79a9ff16f03b42185f59bf88a333f96d07bb27af6aeabc21e48b3c3df260761fb3fd"}}, &(0x7f0000000280)=0x7) 2m26.604199289s ago: executing program 3 (id=889): open(0x0, 0x22240, 0x154) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0x2) write$auto(0xffffffffffffffff, &(0x7f0000008d40)='($}-)#@\x00', 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f00000004c0)='./file0\x00', 0x2a4c0, 0x355) execve$auto(&(0x7f0000000480)='./file1\x00', 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm0c/sub4/sw_params\x00', 0x16240, 0x0) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') 2m25.299576208s ago: executing program 3 (id=895): mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) sysfs$auto(0x2, 0xf, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) fsopen$auto(0x0, 0x1) setsockopt$auto(0xffffffffffffffff, 0x0, 0x19, 0x0, 0x17) 2m23.994423993s ago: executing program 3 (id=901): open(0x0, 0x22240, 0x154) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0x2) write$auto(0xffffffffffffffff, &(0x7f0000008d40)='($}-)#@\x00', 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f00000004c0)='./file0\x00', 0x2a4c0, 0x355) execve$auto(&(0x7f0000000480)='./file1\x00', 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm0c/sub4/sw_params\x00', 0x16240, 0x0) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') 2m23.090257833s ago: executing program 3 (id=906): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) vmsplice$auto(0x4, &(0x7f0000000080)={0x0, 0x80000000002}, 0x3, 0x4) read$auto(0x3, 0x0, 0x1f40) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000002, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) sendmsg$auto_IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0xfdf3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) open(&(0x7f0000001180)='./file0\x00', 0x42a40, 0x12) utime$auto(&(0x7f0000001680)='./file0\x00', &(0x7f00000016c0)={0x1000}) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys0\x00', 0x200000, 0x0) ioctl$auto_TCFLSH2(r2, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) listen$auto(r0, 0x80) 2m8.049023174s ago: executing program 32 (id=906): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) vmsplice$auto(0x4, &(0x7f0000000080)={0x0, 0x80000000002}, 0x3, 0x4) read$auto(0x3, 0x0, 0x1f40) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000002, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) sendmsg$auto_IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0xfdf3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) open(&(0x7f0000001180)='./file0\x00', 0x42a40, 0x12) utime$auto(&(0x7f0000001680)='./file0\x00', &(0x7f00000016c0)={0x1000}) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptys0\x00', 0x200000, 0x0) ioctl$auto_TCFLSH2(r2, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) listen$auto(r0, 0x80) 8.05405949s ago: executing program 0 (id=1387): close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) sysfs$auto(0x2, 0xf, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29202, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) 5.980430874s ago: executing program 2 (id=1392): close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) sysfs$auto(0x2, 0xf, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29202, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) 5.616114235s ago: executing program 0 (id=1393): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x3, 0xa) r2 = socket(0x23, 0x2, 0x0) connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x54) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r1, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="80010000", @ANYRES16=0x0, @ANYBLOB="00012bbd7000fddbdf25920000001400f200c6ed4a6b4198e7e5bf68c968a064cd0142000f00c9c20ecbae61deed3af10eec1311f94db9d2bcc4f331fb0fe463c9f75efd0042e7427abf41d37e54443e727fa192480b5054b4d28ade7e300fc6c3a17d1500003f00cd00ea657f57bba8e15491bcf2eef926d42755ca53adec66802083e5935eba8d886fd311c0e467dc04438eec544865cbc8e7f489a077ec3baf392e4bcb00080009000700000009001800b85d827422000000c0009c00f5cbc54518d9311a0dce72497ab082bd346880ec2a9ed8fd5cf1720000008803bd8e481e08cbc20d02769aef7851100eb6efc9aecf6e885e88d1677a1a3c941b0cf3ddc2d0d9289d47bc264f6324b59ba37c7fbb74328c9207217e84f18f4c52abdaba53f8f76fcb28bd5187fb4970fa5f9198207fa3a1cbffbd5672643aab0fc616f05cad24cad8a2e13d537409a8c81c708928401675a3d1b8ebb7914b4bb9396e36763d675691524fd4f127c2bb5b276f4157cdee7d5755e5b0f8"], 0x180}, 0x1, 0x0, 0x0, 0x4}, 0x4000001) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) add_key$auto_KEY_SPEC_PROCESS_KEYRING(&(0x7f00000015c0)='$\x00', &(0x7f0000001600)='\x00', &(0x7f0000001640)="e95dd484a0153863ab016aeb60e109e4b13a162e69a993b642193b756bda54f8cfb1dae4debe126f2f91de984daed4c052db86ae59674285b90bb64ad5d085237a99a594e226883c5b5945e82d8ee9c413d4d7894e41cb", 0x5, 0xfffffffffffffffe) vmsplice$auto(r2, &(0x7f00000000c0)={0x0, 0x7ff}, 0x8000000000000041, 0xd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f00000000c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000ffdbdf250100000008000900", @ANYRES32=r4, @ANYBLOB="08000200", @ANYRES32=0x0, @ANYBLOB="110001006f76735f00000000000000000000000008000200", @ANYRES32=0x0, @ANYBLOB="1300070002000000"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) r5 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), r2) sendmsg$auto_NFC_CMD_LLC_GET_PARAMS(r1, &(0x7f0000001480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x21000000}, 0xc, &(0x7f0000001440)={&(0x7f0000000440)={0x11c, r5, 0x20, 0x70bd2a, 0x25dfdbfd, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x3}, @NFC_ATTR_DEVICE_NAME={0xe8, 0x2, '!&\x98\xfd\x7fT\xc1I\xe9\xb7\xf7\xaa\xaa\x85\x8d\xf0\x81A\x8a\x96\xa8H\xdc\xff<\x9b\x19\x9a\no\x93\xbd;\x13^\xc2\x81@WH\xb6h\x80\xd2\x1d\f\x82\x03{\xaa\xc0\x8f\xa7+AZ\x81\xdc\xeb&\xdd[\xf4\xf5\xda\xd4\xbf\x8e\x8b\r\xaa^\xd0]\x1c\x1a2\x98\x8cx\x12\xf4\x87xyc\xfe(\aP\x95\xfe\xedC\xb6\xb3\xa8\xea\"g\xcd4r\xe0\x18\x18K\xc2\x02\x9aX!\xacJo\x90\x88*\xea\xe2\xbb9+\x80i\xedl\xeeYk\xbf\xc5\xa2\x14\x14\xf6Av\xae\xa1F\xf5\xe9\xbd\xcf\f{\xc6\x83\xe7k\x94\xc3\xfb%i\xa5\x10B\x152\xa9u/|\x9dG\x19\x87Q\xf3\xd1-\xf4\xf3%\xeb#\xc1,\x10\x8a&\xe91&\xd99\xf7\x9a\x03\xf4\x94\xe5m7\xda\x16t\x1bg_2\x918\xd8\xd4\xfa\x06\x9b\xb4\x896\xe2\xd8\xbe\x04\xa0\xa6\xad_\xda;\x00\x00\x00\x00\x00'}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x2}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xfffffffd}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x2}]}, 0x11c}, 0x1, 0x0, 0x0, 0x48000}, 0x4000) 5.22644485s ago: executing program 1 (id=1395): r0 = prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) r1 = socket(0x2000000000000021, 0x2, 0x10000000000002) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = creat$auto(&(0x7f0000000140)='./file0\x00', 0xb8f) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f00000001c0), r3) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c400000d189e6c1e23a1a42ef303a55910e0000cc8a42f6ed7b283519fa0a0628", @ANYRES16=r5, @ANYBLOB="01002dbd7000fedbdf2501000000080005000800000008000700020000000500010000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20008004) sendmsg$auto_OVS_DP_CMD_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="beb3d2080caa4bc85e6b6a1db396112dce0fd6ba0b3b6118a924f3f50b3e956d84c2a965bc876d7ec61948f9084b11426ba84f5c49f7c4aaf7e058a1c5091e375b8e21cb34851d44c0381038027655d4cf392cb4fd", @ANYRES16=r5, @ANYBLOB="000225bd7000ffdbdf250400000008000500070000000d0001002f6465762f6b766d00000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) ioctl$auto(0x3, 0xaea3, 0xffffffffffffffff) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) ioperm$auto(0x7, 0x6, 0x2) r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) r7 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec29\x00', 0x900, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r7, 0xc05c6104, &(0x7f0000000100)={"fda256c4", 0xffff, 0x6, 0x4, 0x9b4, 0x9, "0800aafc241cd010c7543bfbca2ce1", "0200", "00000600", "2ff43123", ['\x00', "f8ffffffffffffff00000001", "0004154db00b0004000400", "5fe10eedab2c4b353c392a92"]}) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.0/attach\x00', 0xa001, 0x0) write$auto(r8, &(0x7f0000000040)='\x01\x00^\xa2\x02\x00\x00\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xb2s\x83\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4zG\x01[{\x17\x05I\xe0\xb1d)\x06z8L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x3) r9 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r6, 0x5609, r9) getsockopt$auto_SO_BUSY_POLL(r7, 0x7, 0x2e, &(0x7f0000000180)='nfsd\x00', &(0x7f00000001c0)=0x2) r10 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r9) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r0, &(0x7f0000000100)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0x14, r10, 0x400, 0x70bd29, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x200448d1}, 0x4000000) setsockopt$auto(r1, 0x110, 0x1, 0x0, 0x275d) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) madvise$auto(0x110c230000, 0x8031ca, 0x9) 4.542773072s ago: executing program 1 (id=1396): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x89b0, &(0x7f0000000080)={'bond0\x00'}) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r1 = inotify_init1$auto(0x800) pipe$auto(0x0) mmap$auto(0x2, 0x9, 0x0, 0x13, 0x404, 0x10008004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) r3 = openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000001200)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x60041, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/state\x00', 0x88002, 0x0) read$auto(r5, &(0x7f0000001200)='\x00', 0x100000004) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r4) sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r6, @ANYBLOB="810b65bdf080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r7 = io_uring_setup$auto(0x406, 0x0) io_uring_register$auto_IORING_REGISTER_PBUF_RING(r7, 0x16, 0x0, 0x7) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x18, r6, 0x2, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_MLO_LINK_DISABLED={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20004000}, 0x1) sendmsg$auto_NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r6, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x9}, @NL80211_ATTR_BSS_BASIC_RATES={0x5, 0x24, "1d"}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x805) write$auto_drm_connector_fops_drm_debugfs(r3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) 4.507269933s ago: executing program 2 (id=1397): r0 = prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) r1 = socket(0x2000000000000021, 0x2, 0x10000000000002) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = creat$auto(&(0x7f0000000140)='./file0\x00', 0xb8f) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f00000001c0), r3) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c400000d189e6c1e23a1a42ef303a55910e0000cc8a42f6ed7b283519fa0a0628", @ANYRES16=r5, @ANYBLOB="01002dbd7000fedbdf2501000000080005000800000008000700020000000500010000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20008004) sendmsg$auto_OVS_DP_CMD_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="beb3d2080caa4bc85e6b6a1db396112dce0fd6ba0b3b6118a924f3f50b3e956d84c2a965bc876d7ec61948f9084b11426ba84f5c49f7c4aaf7e058a1c5091e375b8e21cb34851d44c0381038027655d4cf392cb4fd", @ANYRES16=r5, @ANYBLOB="000225bd7000ffdbdf250400000008000500070000000d0001002f6465762f6b766d00000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) ioctl$auto(0x3, 0xaea3, 0xffffffffffffffff) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) r7 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec29\x00', 0x900, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r7, 0xc05c6104, &(0x7f0000000100)={"fda256c4", 0xffff, 0x6, 0x4, 0x9b4, 0x9, "0800aafc241cd010c7543bfbca2ce1", "0200", "00000600", "2ff43123", ['\x00', "f8ffffffffffffff00000001", "0004154db00b0004000400", "5fe10eedab2c4b353c392a92"]}) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.0/attach\x00', 0xa001, 0x0) write$auto(r8, &(0x7f0000000040)='\x01\x00^\xa2\x02\x00\x00\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xb2s\x83\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4zG\x01[{\x17\x05I\xe0\xb1d)\x06z8L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x3) r9 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r6, 0x5609, r9) getsockopt$auto_SO_BUSY_POLL(r7, 0x7, 0x2e, &(0x7f0000000180)='nfsd\x00', &(0x7f00000001c0)=0x2) r10 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r9) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r0, &(0x7f0000000100)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0x14, r10, 0x400, 0x70bd29, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x200448d1}, 0x4000000) setsockopt$auto(r1, 0x110, 0x1, 0x0, 0x275d) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) madvise$auto(0x110c230000, 0x8031ca, 0x9) 4.278730781s ago: executing program 0 (id=1398): close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) sysfs$auto(0x2, 0xf, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(r2, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) fsopen$auto(0x0, 0x1) r3 = socket(0x2, 0x1, 0x0) setsockopt$auto(r3, 0x0, 0x19, 0x0, 0x17) 3.923066303s ago: executing program 2 (id=1399): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0xd, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) read$auto_usbfs_devices_fops_usb(r0, &(0x7f0000000040)=""/37, 0x25) read$auto_regulator_summary_fops_(r0, 0x0, 0x0) socket(0x2a, 0xa, 0x2) mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000) getpid() setsockopt$auto(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x6f7250c4) read$auto_regulator_summary_fops_(r0, &(0x7f00000002c0)=""/153, 0x99) mkdir$auto(0x0, 0x8001) statx$auto(0xffffffffffffffff, 0x0, 0x1003, 0xb8d, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) socket(0x11, 0x3, 0x9) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) r2 = socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x11, 0x5, 0xffff}]}) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r4, 0x5646, r4) read$auto_v4l2_fops_v4l2_dev(r4, &(0x7f0000000280)=""/40, 0x28) 3.530145581s ago: executing program 4 (id=1401): r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) open_tree_attr$auto(0xffffffffffffffff, 0x0, 0x3000, 0x0, 0x7ff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r3, 0x0, 0x4) rseq$auto(0x0, 0x8000, 0x0, 0x6) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) r4 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4}, 0xa3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, r0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0xc, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x688cfcf374ddd4c2}, 0x4048000) 3.447022255s ago: executing program 1 (id=1402): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8932, &(0x7f0000000780)={'dummy0\x00'}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) timerfd_create$auto(0x9, 0x0) poll$auto(&(0x7f0000000000)={0xffffffffffffffff, 0x6, 0x5}, 0x81, 0x4) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r0) r2 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$auto_TIPC_NL_MON_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f0000001980)=ANY=[@ANYBLOB="8c110000", @ANYRES16=r1, @ANYBLOB="000229bd7000fddbdf2512000000100007800400960008002a00", @ANYRES32=r0, @ANYBLOB="e000000019de7cb6a058c101f4f6b3914a6c5030afa528feda021cc43475e6b7bb7b0b3dc4e410e868637a69502c685572e39a1ffa69af20f37c03f15b4565a0480cd33c4cc3ce351d09b524721b3160036d4858f78c547933bbad45dfe48260b757a810df243462eb0c187624e9a27b6d78318a94ea03ff663de75e851f061bac2bb71475ff80068f132d2b32d8c7f6dd7616d940466441325425d6cda203bcb166d2c3c1f10f11552ef69ebfc81b5764447189a431b6645cf639a72909b4ea4688c519da7a6cc321797ee66b649aa00dcc722150952c4b42c2685dd24ab8cc8610018084068a9f03c1f0f71314ca6aec902bcff74f64bc85d24544a88f0932bf96f832a0a167f1c64465551c84df7fdcab0c108344b1ca1d8784a00e4219da4534083f2d6e97afa959645362b6719a7090b994a3949701317f10e086084d6bcec795e968b269deb166c12da0f308009000", @ANYRES32=r0, @ANYBLOB="52b63bda61e46c529c5437ea71218da6d56088991445a9a2b2a742cf80cb2ee65921299451696fda1293c69a601ca8540cc021c2a606351b6d855e228550fb2d8f229eea6e31c7fafb4c911c90763cada4b78a329244c6b4ce8515fbbfc363768f18fa6ea96aec5df5f4d844b308382bbfe3e26d9b36c2be3530b7d640f45be00d81768dd67c06c228f9a332b5ea0fb75e8eefec29d0b3606dea0e4038da93304837b02133e679047273f7f9b82a588881e8571d776d190649afcf9c2714ec6b8fd613291deb4161b01e2ebf44ac18ecc5d73849f9bccbe7cb46e61ecb4f76889bc2ae1c85641ad08f0f031470c978cf6bf516ed3d73bfca2baecf8ea5a705d01ac2795be06255a963a609eef94f17774df7de39b563013086123aeea6ec2cca6ab971710278c012f3de0f974263664de1c3d14a88cd6d613657f967e26cf0e5a0d08f57e0afbc5a8e88b6bf25f39854241b77181d2adf0cd9dfcef2d3e71f4d8cc9ebed1d9e5c3cd9b728916937f5ee0a791cf9d4e7514ae315fbf3f1debf4da1be64e9fdaf64eef00df7aeb3b60b352154e5b8c02ba1dc8fcafc5fe41bbdd3794f9d004158c7521f360666a47d4c1dd579ed147e2920202d7b27e23f40f07263fc541a3ef0ebff72ae496fa9f3860dbc24035f6be0549f33fbd6fa94939ddf0e2c1ea3cdff476beb8c36de31df1ae1752ced7e13d5c9d655615447bd00d2aa8e01ed498ededab191701425ab2a8785adc5cf8adf251320c7ea2aa9fc3c68f2bd81001e6723fab0d9e0768e515d5dc63afb7305149610c14372efef1e4ab1d11ca958bab33b374b139c192608d66dd5e2451198eb881e6cafeb3799876c91eb0b5ff6d8fc897c7b6010ca3f13618ef4ad14620033c7400ee31b87a85d981e4e0f340e6e6344c263dea9af5b109a33cc0ec2810af032cbd1734e307dfeafe49a57bf3e54ea87259d2821e68cd620c9618a04812f44080c95d83532c62908f3db36cfe7977e6a87151405c0dbeb786caf554669f05101af20302a858a6404d4938f33b2d9db72a27c98d62d8ce4a34afb6efd1848738160b556f9cd6fb8c5106218254e20658dda3b4a4d5a0c7215885393e61f64b6a7e52460600c3b399795165bc1eeec762186c43ef5a96e5514282ec9f5caf9db320bc5f6c0fe41ddc8e5f988e917f9692e669fd0478660b897191cc73396952d730662fae22abece0da787985ba0f2fa41318213b9d930e99fe3dee3e999ab3cfdba038e9bff712b3f2bf8ae1e866479f3d934edf2b3c90cc3e50011e17f963cd0a6f8bbd81092c7017fd39c9d1a61b9ac8d595a2a0e5571970308b6cfd85c7ec993ff7cf613ba74f66d552a76f19fcda144e64c00c79bfd1ff6fe5552c9bc7ed0b56a2b10f9b2baaac60d6eb92f679fb5ef9f2e28d838406f39f5e875ec72047d4e3147953612a7a276c44b0bfd5aa03ad380ec5d5f72ec05e2e5dc0539cc4a85ad07b7722f9a4d6387ec4fe8015d55a2a758d3a9d0b62fbfa4523b5e205acccac0babf15f03d01f3f3365ae79998f9239df6522c9e3021f7a95a2576682bcf3205bb01258e44608a42a81eb47c2474082497d30e08d5e85592544c67e67f170e61f86c3e62d56c5291a15fe30800cf36ae94e3042951ce890666f422239afb8ab51da6dce2d114bd9502a96a9b33d2731cb994d4ff186934d66118ad3505ead8183c4591c395c202830e68aca8d4e6fb45f4104736261b02ea1b6a8d7624660eaf2801d3a924341c6d063363c12c0040349414db6b094ced76d4d0efc31f9a6a8663ee5ea5d7e8240a91b526c9d6f92a1a77522e220d33700301c8cc3b4262add0abb51f23897ae0e119b5c39db837d29bc20d784d1a13ba12dd32b9d8525f04c3d782583334ba04533486ed38fbcc6f475991eda1d5e14cef6133732f0c1959d9f4f01f9c57f5315ac1807396cdb8a96e4f095b320159e9ded58f3d1933cb5a2c84f8e04a426d7e6cee163b545ca09ed2a0ee16acb8e995805a972adde433dafca455e2460719b4828f500c1c8dc9612986642d3c9b692eda5c353fffc9a6d8d6179cbf93cd2611bc6fbdb89f30471c5b2cf51ec2ac34a5e067f80257e4d2a1fed38f10b8616647fb993af0f2f01840429d1ab59db5e7191c7fe7b3fafdfda638ef6c256e330acbc11371ea507dcc27c4e18dfdb4176fec2dc1608d8348a08c29976e66e89603a1c62e77b96c09e4a7931cac7dbb20a871de366c7e801b89ec3cc6d2062a08c5d9c78196622078084fa4f2ff5b9174a4f3fa3ba9725f3d791ba18feec7ff497758103a6d31ced047eddac5514f91885dd81736c7ba3fe05265b025c238f67f64e1d62ebe919b6fd572b2002ec8967a0212d1a74d36952126615892b6de54aeabddcbdb4230c3d607d1d14fd1f41368ffc30fa705b837ebc0ce1d2aabf3719d26abd7f811b26374d2ca70a926a4957b23b96609d6a338b73fa914c76a58f32ffec547404a0103271a8135e2d8b96187ea6dadefbb5e8bed7acd5de979fd87b2737c1cc5ea83e6cc701960cdc46b3ed767e12dd9c0a7f03b56e464097351927619f2fb966d08626a43e5813adea48d0499eebc31bbedded21794cf95f056a1ef3d1678119a2daa805bbd8051a13d1077f63cae98705a82bae38eb29251a5337999af85af62734958679392f4bd10d532ba7a59d807a874307d189990e574d90c683ef2ccfa647277b2ee27be9d0f530a3977be08e896e4fb739949355862fd507e55465794853262906ebae97f58b335fa9a3fff4e723ddc30e0c5c26e6d4b099a59858f1a9c86f0942e1e2686ddf4cb86058066362ae52eceff4f688a70e602fa8fa87c442bffd855124903de1610ddc47e20de6b28e5360217268bc51fc17b3b6dfdfdfcd8ec544fa353c216b699f0e04dd95104e94d8ca54730fc8d573964e82450ea9260d73757b1115a2735fdc71cfa5af499c5ec350b42b9114a9706f34b9487f721aedef6125a31ea4a8e0b88095a9660c4942aa72794aded770f701b42b74f1f83c1d84ee1a770408f05bca265c770e63de6bbe9e5912a015aa5a7d9d380a9d09173b158d81134450da095817e47755e4b7a80fc63efb4f9c5c81819e301f8556b090fec4a178b4990e9d6a1447891efcaf3c2ab7d31fda9b17fa12a8e0bd5ac301d4285ca0aa6161100f6a9e1b1904c495a7dd8564553e05f7d5d58ac5c333ef8d29abba180ff7e3020ebe815cb37f5b2da4c263aada400e132c5bbba905a620f2ffeed08d366f77fd888c13e4a1402b533c3ac236cceffb58853bf9bb746ea04685e205615f056a123d35c1e4e2d278eca1717e06b797bb21b65fc8c643aa4f59ced07b6412592cbac1ef161f8844355ac9b58c47043aae8d2407e05252080e3aa619bc188617158b5e7d8fc709010c773fc2f3346b0e391227cd695615edeeea050ffce66cb09a6e7aa40c790b165be7045c9eca7a6259cae8fd297f6590f8bf6fbdbb9e4415637d53f0e55929a68afedc3f27bfdaadceec3637051ca28f462134c2a3e1025baba86b25ba5e8e3dc55a54dbf9d639a8c8bea0d5fe8d47e8ab1bcd130c67d03f1f0b38797cf6a651cd5ddcd0d54ebb557e02d716a3e5b23cb7be53cdc95f59724589568c056f98fa9d44c0b2ececd95d565cbe1221ac3da2f9f3b2357da429355dca953dac51c1e7d15e9962c1fa67d7ac78726ceecc6cb72528ea26c292a6f5792c2f82a7bac42a6cddbd3ef1fddcceab18c27595e5ef6801b4101ebfc18325a6181c221ccdf76246a313707e2f284eec9911ad0fc4d5b22709fab53e044a0d8188fe999d0ef55f7a4dbd55b41887716a0acdbf5d54f87d3139d6658241d91f1b4a737982d2d561ea4b69e236f66d1b866a8f082c5a5b21d29883ba59aeb3d3ae2ab66c937c2b066db1efc31bb69118060625f85dc4fb9755007fd25d0d2a9a72c206c8ba65d32ca0431b835207b77c8ba08cc6b99c7bfd025e5c91825df344641b7cfb6e3d04bedbf3e90b90e939e48a3f9c0f6cb2ca6c0c616d2d63975e4a7d65c74c3d3ab10238a1c14799d2e22f2d23a02ff37f95b174fafa538ad1f24ae9bb3703b9a23bc7e4c9fb4dc1acd2a5189577eb3bad50f51d5cbc9dbc286d44bc2394d66a47261abb4dfee2457ca17e8e3b5415ed912ca7b8dc8518d1cd34825129dee381f2a75e9ed88b68cbf5abf52f47e8b76fd0b944a9491e38c9d671a42c2bf9d3cee5a93dd80aff52bc867c879c3f5263dbd4dad3ac905515fabd1d82a6d4d80edf256b5799125b76eeb4bcecf5d5e81fb2a95a19f062b1dca988772b7670aa327168eb477e595d1e9cd77f84556bbf30481ff6dbec0000d711a61d1af9ef91722fd33306fbee9d84515d0bb230aa42821800bc5ae000b69cfca344e59cf565466deae09fc6514d66f39d3016f92e3bb5d975235c2df5b4cdbf7a12013a659d1d16a9d1531f41dbdf923637604db0c1daf96bdef3863887b49d2b2f282e6f217d5ad4a7ee39ee1fa98a9585c3a17a45b68297ea200e7d837c866eb20f492368f067af78fdf6423f471339a4e10ad386bdbffea9cc87790f5dfb62eb15115eca8062340b16126678003696951cccfea18fc9be4dbaf1f819af144fbc22afb8516f21c3471176b000c34512fc0a1bc871d7d3b4e7926183c7898b38c23e75e47f851eb7f8d457bdc875f520f9d1364420078779e61c7154ceef5075e68aced8e542031d81d11745e237dd8ec1937578f7cdcc7af5059f8f98e7230530b9dcf706d5fe33072a0ccfc3d2438dbb4aebb2fdb31b597235904633aa742e27b2e8fff6e61bac91c3af498916c576f6ada1c72c56a992a6e3a16bd36e3d958a9b8bcabc20080e2aaae76f4428add70fb957ba6e8e302530b45fa70b7330d8d0032968b672f1339a22c1dfc52d4f789def22f9436c7ffd60fdf8f0a5ca2905848e9c31e7305ffbb68e9672c6c0fade17f3ba994a063dc3292872cef43438a3eb514051c50bd6ffc90908e0da6f2bc5ce4a5df3ce3ef05e6afffe0bd8e29079a55d23fabc03da8b03766afcec938f272de1866eabdf55d7fca21d75f6924c66d5260d2027feed30a7be2770a77b75dd0d82ba113cb126ddf12e716c6bece4eb0168785d87d6f337c28e27faf687abdff2368fc506c98f584cf78cce9c7d5acab931cb95e57f2bf6a0f09efd64d071f3a27d2ea8203f0612888dc3b010aacce281f08d43395c29ec9992c23ee024cb3957bb45ce4cd430c4590abb9dfc30cbe2bcacaebd00dc7910b507159d1e0f0060ffd931652e8ff8149fc82886ad84a75179c844c0066a164140703fc4d037f05075d24f6e0cd0ac3eef3cc71e3763ec19f63662ec1694dad5b1630692687ec9be679ccb861857a3c11fd7868c5d50cdddc5076dc6f425ee794c61422d52ec2c356ab020aab86bf274479aff6a4ad7f66a4c4f4040ef0e1350fe0f0885762d38d1839214bebfe1bd2afb99a6312fcbcb31ffad3b0b806e847dff77ee723fb10fe0e52d30fa356b8bdaca3401ff8481b06e1e782aff4a2571783ca4b5553491ae549bef75fbad7ce9020312455ddcb546687e614603ea334c87f39fc3b5e7fe298e760769750105c71ef239126b261339fbf334a24ca44b0737ee65ca8f704fce872da86fac701c25eb56455d4937922d3823d8c9284b3a3c99d84f01a19d72fbadff2b9f7116b00cbd24f1ec13230ddd7afbf19d0b9e14eec6e9d6ac0b46d53afbc35df0d16a46ba1b9a011a1205995799c191058209198b4df3d1b74ba9acd96bbcf800b13364234f6735608001700", @ANYRES32=r2, @ANYBLOB="d200dc8004002b800000108737aa90f9dea8abd90b02a92fcd9528243eb288282c511014db6650c3f92ccd93af6fe64f15bf44d99ad198418e2d1f33c327309b91623a3543f7b24670ccb0a87b8e93e451bac02c6ebf542b219a985cfb55270f957515cc517abff224c6a558d9e8c6ed"], 0x118c}, 0x1, 0x0, 0x0, 0xc084}, 0x20008000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0xa0540, 0x0) ioctl$auto(r3, 0x80045430, 0x38) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon4\x00', 0x8000, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r0) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r2, 0x0, 0x40010) 3.328379896s ago: executing program 2 (id=1403): mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0xf, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(r2, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) fsopen$auto(0x0, 0x1) r3 = socket(0x2, 0x1, 0x0) setsockopt$auto(r3, 0x0, 0x19, 0x0, 0x17) 3.250022847s ago: executing program 1 (id=1404): socket(0x2, 0x5, 0x0) sendto$auto(0x3, 0x0, 0xe70, 0x3, &(0x7f0000000200), 0xfffffffc) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket(0x2, 0x801, 0x106) listen$auto(0x3, 0x83) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x89b0, &(0x7f0000000080)={'bond0\x00'}) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec2\x00', 0x20081, 0x0) ioctl$auto_CEC_TRANSMIT(r1, 0xc0386105, &(0x7f00000000c0)={0x9, 0x8001, 0x3, 0x8, 0x1, 0x3ff, "ffa00000ddff000000000000c40600", 0x4, 0x5, 0x7, 0x9, 0xb9, 0x4, 0xc5}) inotify_init1$auto(0x800) pipe$auto(0x0) mmap$auto(0x6, 0x2000d, 0x0, 0xebe, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000001) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) r3 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D1p\x00', 0x40, 0x0) ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR64(r3, 0xc0884123, &(0x7f0000000280)={0x5, 0x0, @reserved="e5d3ae87fbcd20f354bc462d9518a90adaffe1ee53ac907ef49a78f7f58694e39f46c35bd0c8ad2a47a2aff7fda026a07e8dd68f0a57203bb6c2cf1b764eaba7", @control={{}, 0x4, {}, {}, 0x6}}) r4 = openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000001200)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x60041, 0x0) write$auto_drm_connector_fops_drm_debugfs(r4, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) 2.468055675s ago: executing program 4 (id=1405): mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) sysfs$auto(0x2, 0xf, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(r2, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) fsopen$auto(0x0, 0x1) r3 = socket(0x2, 0x1, 0x0) setsockopt$auto(r3, 0x0, 0x19, 0x0, 0x17) 2.161519799s ago: executing program 1 (id=1406): close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) sysfs$auto(0x2, 0xf, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(r2, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) fsopen$auto(0x0, 0x1) r3 = socket(0x2, 0x1, 0x0) setsockopt$auto(r3, 0x0, 0x19, 0x0, 0x17) 2.058934798s ago: executing program 0 (id=1407): openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) unshare$auto(0x400) select$auto(0xd, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0xff, 0x2000000000000002, 0x9, 0xfffffffffffff761, 0x103, 0xa, 0x4, 0x7fff, 0x5, 0x4006]}, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x82, 0x0, 0x8) close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0xffff, 0xe2, 0x18, 0x2, 0x8000) r0 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x89b0, &(0x7f0000000080)={'bond0\x00'}) inotify_init1$auto(0x800) pipe$auto(0x0) mmap$auto(0x6, 0x2000d, 0x0, 0xebe, 0x404, 0x10008000) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r1 = socket(0x11, 0x2, 0x40000e) capset$auto(0x0, &(0x7f0000000000)={0xfffffffb, 0x3f, 0x4}) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, 0x0, 0x30, 0x0, 0x9, 0x8}, 0x5}, 0x20000002, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) r3 = openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000001200)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x60041, 0x0) write$auto_drm_connector_fops_drm_debugfs(r3, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x34, 0x3, 0xff) socket(0x2, 0x1, 0x0) 1.466774352s ago: executing program 4 (id=1408): r0 = prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) r1 = socket(0x2000000000000021, 0x2, 0x10000000000002) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = creat$auto(&(0x7f0000000140)='./file0\x00', 0xb8f) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f00000001c0), r3) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c400000d189e6c1e23a1a42ef303a55910e0000cc8a42f6ed7b283519fa0a0628", @ANYRES16=r5, @ANYBLOB="01002dbd7000fedbdf2501000000080005000800000008000700020000000500010000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x20008004) sendmsg$auto_OVS_DP_CMD_SET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="beb3d2080caa4bc85e6b6a1db396112dce0fd6ba0b3b6118a924f3f50b3e956d84c2a965bc876d7ec61948f9084b11426ba84f5c49f7c4aaf7e058a1c5091e375b8e21cb34851d44c0381038027655d4cf392cb4fd", @ANYRES16=r5, @ANYBLOB="000225bd7000ffdbdf250400000008000500070000000d0001002f6465762f6b766d00000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x40) ioctl$auto(0x3, 0xaea3, 0xffffffffffffffff) ioperm$auto(0x7, 0x6, 0x2) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) r7 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec29\x00', 0x900, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r7, 0xc05c6104, &(0x7f0000000100)={"fda256c4", 0xffff, 0x6, 0x4, 0x9b4, 0x9, "0800aafc241cd010c7543bfbca2ce1", "0200", "00000600", "2ff43123", ['\x00', "f8ffffffffffffff00000001", "0004154db00b0004000400", "5fe10eedab2c4b353c392a92"]}) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.0/attach\x00', 0xa001, 0x0) write$auto(r8, &(0x7f0000000040)='\x01\x00^\xa2\x02\x00\x00\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xb2s\x83\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4zG\x01[{\x17\x05I\xe0\xb1d)\x06z8L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x3) r9 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r6, 0x5609, r9) getsockopt$auto_SO_BUSY_POLL(r7, 0x7, 0x2e, &(0x7f0000000180)='nfsd\x00', &(0x7f00000001c0)=0x2) r10 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000000040), r9) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r0, &(0x7f0000000100)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0x14, r10, 0x400, 0x70bd29, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x200448d1}, 0x4000000) setsockopt$auto(r1, 0x110, 0x1, 0x0, 0x275d) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) madvise$auto(0x110c230000, 0x8031ca, 0x9) 1.359899178s ago: executing program 2 (id=1409): r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000002040)='/dev/snd/pcmC1D1c\x00', 0x80, 0x0) msgctl$auto_MSG_STAT(0xbf, 0xb, &(0x7f0000000180)={{0x922, 0xee01, 0xffffffffffffffff, 0x4, 0x6, 0xff, 0x3}, 0x0, 0x0, 0x80000000, 0x9, 0x80000001, 0x8000000000000000, 0x3, 0x2, 0xc, 0x0, @raw=0x3, @inferred=0xffffffffffffffff}) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16, @ANYBLOB="000126bd7000fbdbdf2502000000080001"], 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x8080) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="06000000", @ANYRES16=0x0, @ANYBLOB="0100"], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='R'], 0x1ac}}, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0x96bc}, 0x2, &(0x7f0000000380), 0x7, 0xa505}, 0x9}, 0x7, 0x4008) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r2 = socket(0xa, 0x5, 0x0) getsockopt$auto(r2, 0x84, 0x7, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, &(0x7f0000000080)={0x79}) r5 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) open_by_handle_at$auto(r5, &(0x7f0000000000)={0x8, 0x2, "8b00000000000000"}, 0x36c) ioctl$auto_SNDRV_PCM_IOCTL_PAUSE2(r0, 0x40044145, 0x0) 1.353239438s ago: executing program 0 (id=1410): r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) open_tree_attr$auto(0xffffffffffffffff, 0x0, 0x3000, 0x0, 0x7ff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r3, 0x0, 0x4) (fail_nth: 2) rseq$auto(0x0, 0x8000, 0x0, 0x6) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) r4 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4}, 0xa3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, r0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0xc, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x688cfcf374ddd4c2}, 0x4048000) 1.161285402s ago: executing program 4 (id=1411): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x1) syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x2}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyub\x00', 0x200002, 0x0) ioctl$auto_FIFREEZE(r0, 0xc0045878, 0x9694) syz_clone(0x40011, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async) unshare$auto(0x1) (async) syz_clone3(&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, {0x2}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyub\x00', 0x200002, 0x0) (async) ioctl$auto_FIFREEZE(r0, 0xc0045878, 0x9694) (async) syz_clone(0x40011, 0x0, 0x0, 0x0, 0x0, 0x0) (async) 620.975086ms ago: executing program 2 (id=1412): syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) open_tree_attr$auto(0xffffffffffffffff, 0x0, 0x3000, 0x0, 0x7ff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'dvmrp0\x00'}) r1 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) r2 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0) read$auto_ecryptfs_miscdev_fops_miscdev(r2, 0x0, 0x0) write$auto_fuse_dev_operations_fuse_i(r1, &(0x7f0000000440)="110000000200"/16, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syzkaller0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto(0xffffffffffffffff, 0x5, 0x6) socket(0x2, 0x1, 0x0) 620.712441ms ago: executing program 4 (id=1413): mmap$auto(0x0, 0xf, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket(0xa, 0x5, 0x0) r1 = pipe2$auto(0x0, 0x80) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9) writev$auto(0x3, 0x0, 0x8009) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) unshare$auto(0x8000000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_OVS_FLOW_CMD_DEL(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x1000, 0x4, 0x4000000000df, 0x40eb2, 0xffffffffffffffff, 0x300000000000) r2 = openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci4\x00', 0x2000, 0x0) mmap$auto(0x1, 0x400008, 0xe0, 0x9b72, r2, 0x0) mmap$auto(0x0, 0x8, 0x9, 0x18, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x1, 0x0) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000100), 0xffffffffffffffff) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x40000003, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r1, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000640)=ANY=[@ANYBLOB="b81786fd3e52942f642b2b6e59ad", @ANYRES16=0x0, @ANYBLOB="00032bbd7000fcdbdf251f00000008000200f3ffffff0500060000000000080002000005000008000300ff070000050004000c0000000500060000000000"], 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x40080) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcc, 0x0, 0x567) setsockopt$auto(0x400000000000003, 0x29, 0xcd, 0x0, 0x567) msgrcv$auto(0x7, &(0x7f0000000600)={0x6, 0x7f}, 0xb, 0xfffffffffffffffc, 0xd9) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x8) listen$auto(0x3, 0x83) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r3 = socket(0xa, 0x3, 0x3b) r4 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000040), r0) sendmsg$auto_MAC802154_HWSIM_CMD_SET_EDGE(r3, &(0x7f0000000480)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000440)={&(0x7f0000000080)={0x3a8, r4, 0x206, 0x70bd2c, 0x25dfdbfe, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGE={0x2e5, 0x2, 0x0, 0x1, [@typed={0x8, 0xd4, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x40}}, @generic="a6a3eec66df925f0aa3a4e49584c163da83b8b1fd9373c3cdbc1998c35d677386df25f236a85f24928f615bc674cdd87a3fe17a2242e8fc07c23c0bd2404b28201d1f516207c890e45c42518456cf5a4e1c3f81e8d84a71e877438c9fe0f56877b2f103677e9ec01a53dd666cb37ba9e24ef72149472f1e84b581e222844996f28", @nested={0xd3, 0x10a, 0x0, 0x1, [@generic="51ced842094d535aaecfedca5c15570b313e4449ec2a828579e30a0539a4d262ec081c6cd10cc930ec3b578e82f36ed47199d87a9a7690847a2be6a59c14c9a228db799004de96c264f9c80aa5af8100e23ef6d1a67f3ca2e0e8d59ee57820d634310a8a060255ce89434e3831dbadae6bfc696af6f51b4fdb570141ef672ac6196b1a4bf53c75148e563af6d42a387d07f3062e6c6c663829a79c92f00407e32a76ebca820082f6faf944e706e1fd7eb682d3a9832bfa1003055065aa01acfc263587a9f65e632cb51bddf8c99111"]}, @typed={0x8, 0x10f, 0x0, 0x0, @u32=0xc}, @typed={0x14, 0xe3, 0x0, 0x0, @ipv6=@loopback}, @nested={0x160, 0x68, 0x0, 0x1, [@typed={0x98, 0x83, 0x0, 0x0, @binary="5e64b1d6098d2b9647efe44bdaa0888794e89389c07f2be5e7155d195951f67931590e6688a84d671c5a68e185da8c1ab663ea6ba3e042bcba833673c56b56e3a5e39df7f3cc1e2b3db39569e635494dcfda1d43351c7dfb050d511bd282a0fe73dfae24ed0ad3dea6e7122d511ef8055c4036eb54e09f2221779bb5985e42ebbd3cf3efb4e2664a6105b440d1e26b6939f01709"}, @generic="453d67e79a777732eb7cd11c198361d4b87583cdd6012e373cbd5a88d8d3e1b197c0254a4f7557a0fc98475c2794d4d581b72e4de425d125db0b883318db6ab93632decf9500d6829789af0f6a4f029e2e9a6fe7cb3762fe11418a688f4107a325e443182b4c4a4927cbf232c75d1ea46227e1f6b0bcb5daeebf1bcdb343dcb3e5882c9d98a7141990b11135b8f4e3f76be49589622df11a45100bc67eb43254140606754ca1ae2955d2b6fbff64e5fe1ca59b0bba8a49c0a85af985b5ed7d0c8bd87333"]}, @typed={0x8, 0x13, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x3d}}]}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x6ef}, @MAC802154_HWSIM_ATTR_RADIO_EDGE={0xa4, 0x2, 0x0, 0x1, [@nested={0xa0, 0x81, 0x0, 0x1, [@generic="c9ab09733d7f4444b0782ece32b821ae669cf54eaaba17e3e7233d575f088a624a3cf0b793df437c8622a48a718575ef3635873edd1b01b71a669e50afa23d88ae87edae3fefcdac6ac2f9b42860d1e0b26c96e25dc0649f4b36ce297e1f2a79b3164d7a7989f81d6f69c2315c42f9486b650df78a76cf676e123b4f4f9a8c75f3dec383532b0b1e4059dd72", @typed={0x8, 0x93, 0x0, 0x0, @u32=0x5}, @nested={0x4, 0x100}, @nested={0x4, 0x23}]}]}]}, 0x3a8}, 0x1, 0x0, 0x0, 0x8004}, 0x20000801) getsockopt$auto(r3, 0x29, 0x6, 0x0, 0x0) 260.024388ms ago: executing program 0 (id=1414): r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) open_tree_attr$auto(0xffffffffffffffff, 0x0, 0x3000, 0x0, 0x7ff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r3, 0x0, 0x4) rseq$auto(0x0, 0x8000, 0x0, 0x6) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) r4 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4}, 0xa3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, r0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0xc, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x688cfcf374ddd4c2}, 0x4048000) 80.895647ms ago: executing program 1 (id=1415): syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) r0 = openat$auto_u32_array_fops_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/ports/3/udp_ports_table1\x00', 0x140, 0x0) write$auto(r0, &(0x7f0000000180)='/dev/usbmon13\x00', 0xfc4a) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xeae22, 0x0) mmap$auto(0xa, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x20000000000001) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setresuid$auto(0x2, 0x7, 0x8080) madvise$auto(0x0, 0xc7, 0x14) r1 = socket(0xa, 0x801, 0x106) getsockopt$auto(r1, 0x6, 0x19, 0x0, &(0x7f0000000040)) madvise$auto_MADV_POPULATE_WRITE(0xa0f, 0x6, 0x17) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) unshare$auto(0x400) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon13\x00', 0x2702, 0x0) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xd, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0xff, 0x2000000000000002, 0x9, 0xfffffffffffff761, 0x103, 0xa, 0x4, 0x7fff, 0x5, 0x4006]}, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r2, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) listen$auto(0x3, 0x81) timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x0, 0x0) 0s ago: executing program 4 (id=1416): mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) sysfs$auto(0x2, 0xf, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(r2, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) fsopen$auto(0x0, 0x1) r3 = socket(0x2, 0x1, 0x0) setsockopt$auto(r3, 0x0, 0x19, 0x0, 0x17) kernel console output (not intermixed with test programs): : true [ 129.775094][ T6564] vivid-007: Generate SCR: true [ 129.781571][ T6564] tpg source WxH: 320x240 (Y'CbCr) [ 129.787266][ T6564] tpg field: 1 [ 129.795029][ T6564] tpg crop: (0,0)/320x240 [ 129.806874][ T6564] tpg compose: (0,0)/320x240 [ 129.811560][ T6564] tpg colorspace: 8 [ 129.816210][ T6564] tpg transfer function: 0/0 [ 129.820849][ T6564] tpg Y'CbCr encoding: 0/0 [ 129.826549][ T6564] tpg quantization: 0/0 [ 129.830889][ T6564] tpg RGB range: 0/2 [ 129.836518][ T6564] vivid-007: ================== END STATUS ================== [ 130.375756][ T6554] netlink: 342 bytes leftover after parsing attributes in process `syz.2.141'. [ 131.450213][ T6574] netlink: 342 bytes leftover after parsing attributes in process `syz.3.147'. [ 132.183182][ T6600] netlink: 342 bytes leftover after parsing attributes in process `syz.1.156'. [ 132.195566][ T6600] netlink: 342 bytes leftover after parsing attributes in process `syz.1.156'. [ 132.207806][ T6600] netlink: 342 bytes leftover after parsing attributes in process `syz.1.156'. [ 132.217433][ T6600] netlink: 342 bytes leftover after parsing attributes in process `syz.1.156'. [ 132.227971][ T6600] netlink: 306 bytes leftover after parsing attributes in process `syz.1.156'. [ 132.342276][ T6593] netlink: 342 bytes leftover after parsing attributes in process `syz.2.153'. [ 132.548846][ T6610] vivid-007: ================= START STATUS ================= [ 132.556896][ T6610] vivid-007: Generate PTS: true [ 132.562157][ T6610] vivid-007: Generate SCR: true [ 132.597823][ T6610] tpg source WxH: 320x240 (Y'CbCr) [ 132.747774][ T6610] tpg field: 1 [ 132.751172][ T6610] tpg crop: (0,0)/320x240 [ 132.757877][ T6610] tpg compose: (0,0)/320x240 [ 132.763790][ T6610] tpg colorspace: 8 [ 132.770760][ T6610] tpg transfer function: 0/0 [ 132.798896][ T6610] tpg Y'CbCr encoding: 0/0 [ 132.806315][ T6610] tpg quantization: 0/0 [ 132.810575][ T6610] tpg RGB range: 0/2 [ 132.820088][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.826640][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.847179][ T6610] vivid-007: ================== END STATUS ================== [ 133.008436][ T6620] netlink: 266 bytes leftover after parsing attributes in process `syz.1.163'. [ 133.017631][ T6620] IPv6: NLM_F_CREATE should be specified when creating new route [ 133.147540][ T6624] vivid-007: ================= START STATUS ================= [ 133.157679][ T6616] netlink: 342 bytes leftover after parsing attributes in process `syz.0.161'. [ 133.186248][ T6624] vivid-007: Generate PTS: true [ 133.252429][ T6624] vivid-007: Generate SCR: true [ 133.425835][ T6624] tpg source WxH: 320x240 (Y'CbCr) [ 133.474640][ T6624] tpg field: 1 [ 133.478052][ T6624] tpg crop: (0,0)/320x240 [ 133.482366][ T6624] tpg compose: (0,0)/320x240 [ 133.487817][ T6624] tpg colorspace: 8 [ 133.491617][ T6624] tpg transfer function: 0/0 [ 133.497994][ T6624] tpg Y'CbCr encoding: 0/0 [ 133.502439][ T6624] tpg quantization: 0/0 [ 133.507629][ T6624] tpg RGB range: 0/2 [ 133.511739][ T6624] vivid-007: ================== END STATUS ================== [ 133.535504][ T6628] random: crng reseeded on system resumption [ 133.670077][ T6631] netlink: 342 bytes leftover after parsing attributes in process `syz.2.166'. [ 134.054632][ T6644] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 134.136311][ T6648] vivid-007: ================= START STATUS ================= [ 134.154348][ T6648] vivid-007: Generate PTS: true [ 134.159341][ T6648] vivid-007: Generate SCR: true [ 134.166267][ T6648] tpg source WxH: 320x240 (Y'CbCr) [ 134.171427][ T6648] tpg field: 1 [ 134.181409][ T6648] tpg crop: (0,0)/320x240 [ 134.186746][ T6648] tpg compose: (0,0)/320x240 [ 134.191506][ T6648] tpg colorspace: 8 [ 134.206782][ T6648] tpg transfer function: 0/0 [ 134.214957][ T6648] tpg Y'CbCr encoding: 0/0 [ 134.222816][ T6648] tpg quantization: 0/0 [ 134.228372][ T6648] tpg RGB range: 0/2 [ 134.232498][ T6648] vivid-007: ================== END STATUS ================== [ 134.429761][ T6657] vivid-007: ================= START STATUS ================= [ 134.445866][ T6657] vivid-007: Generate PTS: true [ 134.451820][ T6657] vivid-007: Generate SCR: true [ 134.458317][ T6657] tpg source WxH: 320x240 (Y'CbCr) [ 134.463617][ T6657] tpg field: 1 [ 134.467293][ T6657] tpg crop: (0,0)/320x240 [ 134.471831][ T6657] tpg compose: (0,0)/320x240 [ 134.479767][ T6657] tpg colorspace: 8 [ 134.484338][ T6657] tpg transfer function: 0/0 [ 134.491858][ T6657] tpg Y'CbCr encoding: 0/0 [ 134.499466][ T6657] tpg quantization: 0/0 [ 134.503819][ T6657] tpg RGB range: 0/2 [ 134.508045][ T6657] vivid-007: ================== END STATUS ================== [ 137.556319][ T6726] __nla_validate_parse: 4 callbacks suppressed [ 137.556334][ T6726] netlink: 28 bytes leftover after parsing attributes in process `syz.1.195'. [ 138.292374][ T6739] FAULT_INJECTION: forcing a failure. [ 138.292374][ T6739] name failslab, interval 1, probability 0, space 0, times 0 [ 138.305560][ T6739] CPU: 1 UID: 0 PID: 6739 Comm: syz.3.198 Not tainted syzkaller #0 PREEMPT(full) [ 138.305594][ T6739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 138.305609][ T6739] Call Trace: [ 138.305618][ T6739] [ 138.305628][ T6739] dump_stack_lvl+0x16c/0x1f0 [ 138.305665][ T6739] should_fail_ex+0x512/0x640 [ 138.305701][ T6739] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 138.305732][ T6739] should_failslab+0xc2/0x120 [ 138.305767][ T6739] kmem_cache_alloc_noprof+0x75/0x6e0 [ 138.305800][ T6739] ? vm_area_alloc+0x1f/0x160 [ 138.305830][ T6739] ? vm_area_alloc+0x1f/0x160 [ 138.305851][ T6739] vm_area_alloc+0x1f/0x160 [ 138.305875][ T6739] __mmap_region+0xf85/0x27a0 [ 138.305902][ T6739] ? find_held_lock+0x2b/0x80 [ 138.305930][ T6739] ? __pfx___mmap_region+0x10/0x10 [ 138.305976][ T6739] ? finish_task_switch.isra.0+0x21c/0xc10 [ 138.306008][ T6739] ? rcu_is_watching+0x12/0xc0 [ 138.306035][ T6739] ? finish_task_switch.isra.0+0x221/0xc10 [ 138.306061][ T6739] ? lockdep_hardirqs_on+0x7c/0x110 [ 138.306091][ T6739] ? finish_task_switch.isra.0+0x221/0xc10 [ 138.306151][ T6739] ? __pfx___schedule+0x10/0x10 [ 138.306224][ T6739] ? trace_cap_capable+0x18d/0x200 [ 138.306271][ T6739] mmap_region+0x1ab/0x3f0 [ 138.306297][ T6739] ? __get_unmapped_area+0x267/0x440 [ 138.306333][ T6739] do_mmap+0xa3e/0x1210 [ 138.306371][ T6739] ? __pfx_do_mmap+0x10/0x10 [ 138.306404][ T6739] ? __pfx_down_write_killable+0x10/0x10 [ 138.306446][ T6739] vm_mmap_pgoff+0x29e/0x470 [ 138.306486][ T6739] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 138.306525][ T6739] ? __x64_sys_futex+0x1e0/0x4c0 [ 138.306558][ T6739] ? __x64_sys_futex+0x1e9/0x4c0 [ 138.306595][ T6739] ksys_mmap_pgoff+0x7d/0x5c0 [ 138.306625][ T6739] ? xfd_validate_state+0x61/0x180 [ 138.306658][ T6739] ? __pfx_ksys_write+0x10/0x10 [ 138.306690][ T6739] __x64_sys_mmap+0x125/0x190 [ 138.306731][ T6739] do_syscall_64+0xcd/0xfa0 [ 138.306764][ T6739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.306795][ T6739] RIP: 0033:0x7f3cdab8f6c9 [ 138.306816][ T6739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.306840][ T6739] RSP: 002b:00007f3cdba3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 138.306865][ T6739] RAX: ffffffffffffffda RBX: 00007f3cdade5fa0 RCX: 00007f3cdab8f6c9 [ 138.306882][ T6739] RDX: 00000000000000df RSI: 000000000000e983 RDI: 0000000000000000 [ 138.306898][ T6739] RBP: 00007f3cdac11f91 R08: 0000000000000401 R09: 0000000000008000 [ 138.306914][ T6739] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 138.306929][ T6739] R13: 00007f3cdade6038 R14: 00007f3cdade5fa0 R15: 00007ffe93254f68 [ 138.306966][ T6739] [ 138.724381][ T6747] vivid-007: ================= START STATUS ================= [ 138.730618][ T6735] random: crng reseeded on system resumption [ 138.732211][ T6747] vivid-007: Generate PTS: true [ 138.745765][ T6747] vivid-007: Generate SCR: true [ 138.750672][ T6747] tpg source WxH: 320x240 (Y'CbCr) [ 138.756091][ T6747] tpg field: 1 [ 138.759476][ T6747] tpg crop: (0,0)/320x240 [ 138.759510][ T6747] tpg compose: (0,0)/320x240 [ 138.768816][ T6747] tpg colorspace: 8 [ 138.772636][ T6747] tpg transfer function: 0/0 [ 138.777641][ T6747] tpg Y'CbCr encoding: 0/0 [ 138.783157][ T6747] tpg quantization: 0/0 [ 138.788404][ T6747] tpg RGB range: 0/2 [ 138.792433][ T6747] vivid-007: ================== END STATUS ================== [ 140.073501][ T6762] netlink: 342 bytes leftover after parsing attributes in process `syz.0.214'. [ 140.703829][ T6780] FAULT_INJECTION: forcing a failure. [ 140.703829][ T6780] name fail_futex, interval 1, probability 0, space 0, times 1 [ 140.716874][ T6780] CPU: 0 UID: 0 PID: 6780 Comm: syz.0.210 Not tainted syzkaller #0 PREEMPT(full) [ 140.716895][ T6780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 140.716905][ T6780] Call Trace: [ 140.716910][ T6780] [ 140.716915][ T6780] dump_stack_lvl+0x16c/0x1f0 [ 140.716939][ T6780] should_fail_ex+0x512/0x640 [ 140.716964][ T6780] should_fail_futex+0x4c/0x60 [ 140.716984][ T6780] futex_lock_pi_atomic+0x148/0xd50 [ 140.717010][ T6780] futex_lock_pi+0x23f/0x7c0 [ 140.717035][ T6780] ? __pfx_futex_lock_pi+0x10/0x10 [ 140.717056][ T6780] ? preempt_schedule_common+0x44/0xc0 [ 140.717075][ T6780] ? preempt_schedule_thunk+0x16/0x30 [ 140.717105][ T6780] ? __pfx_try_to_wake_up+0x10/0x10 [ 140.717126][ T6780] ? futex_private_hash_put+0xd5/0x190 [ 140.717147][ T6780] ? __pfx_futex_wake_mark+0x10/0x10 [ 140.717176][ T6780] ? ksys_write+0x190/0x250 [ 140.717196][ T6780] do_futex+0x11a/0x350 [ 140.717216][ T6780] ? __pfx_do_futex+0x10/0x10 [ 140.717241][ T6780] __x64_sys_futex+0x1e0/0x4c0 [ 140.717262][ T6780] ? fput+0x9b/0xd0 [ 140.717280][ T6780] ? __pfx___x64_sys_futex+0x10/0x10 [ 140.717300][ T6780] ? xfd_validate_state+0x61/0x180 [ 140.717320][ T6780] ? __pfx_ksys_write+0x10/0x10 [ 140.717342][ T6780] do_syscall_64+0xcd/0xfa0 [ 140.717361][ T6780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.717376][ T6780] RIP: 0033:0x7f28d9d8f6c9 [ 140.717389][ T6780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.717403][ T6780] RSP: 002b:00007f28dad01038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 140.717418][ T6780] RAX: ffffffffffffffda RBX: 00007f28d9fe5fa0 RCX: 00007f28d9d8f6c9 [ 140.717428][ T6780] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 140.717437][ T6780] RBP: 00007f28d9e11f91 R08: 0000000000000000 R09: 000000008000fff5 [ 140.717446][ T6780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 140.717454][ T6780] R13: 00007f28d9fe6038 R14: 00007f28d9fe5fa0 R15: 00007fff82fb21f8 [ 140.717474][ T6780] [ 140.950540][ T6764] netlink: 342 bytes leftover after parsing attributes in process `syz.3.206'. [ 141.254931][ T6782] vivid-007: ================= START STATUS ================= [ 141.262617][ T6782] vivid-007: Generate PTS: true [ 141.280575][ T6784] netlink: 342 bytes leftover after parsing attributes in process `syz.0.212'. [ 141.290094][ T6782] vivid-007: Generate SCR: true [ 141.309139][ T6782] tpg source WxH: 320x240 (Y'CbCr) [ 141.335449][ T6784] netlink: 342 bytes leftover after parsing attributes in process `syz.0.212'. [ 141.345976][ T6784] netlink: 342 bytes leftover after parsing attributes in process `syz.0.212'. [ 141.359495][ T6784] netlink: 342 bytes leftover after parsing attributes in process `syz.0.212'. [ 141.373565][ T6784] netlink: 218 bytes leftover after parsing attributes in process `syz.0.212'. [ 141.390455][ T6782] tpg field: 1 [ 141.393876][ T6782] tpg crop: (0,0)/320x240 [ 141.436356][ T6787] netlink: 342 bytes leftover after parsing attributes in process `syz.0.215'. [ 141.447308][ T6787] netlink: 342 bytes leftover after parsing attributes in process `syz.0.215'. [ 141.498849][ T6782] tpg compose: (0,0)/320x240 [ 141.504373][ T6782] tpg colorspace: 8 [ 141.509162][ T6782] tpg transfer function: 0/0 [ 141.515042][ T6782] tpg Y'CbCr encoding: 0/0 [ 141.519787][ T6782] tpg quantization: 0/0 [ 141.524073][ T6782] tpg RGB range: 0/2 [ 141.533067][ T6782] vivid-007: ================== END STATUS ================== [ 142.111738][ T6810] FAULT_INJECTION: forcing a failure. [ 142.111738][ T6810] name failslab, interval 1, probability 0, space 0, times 0 [ 142.126650][ T6811] FAULT_INJECTION: forcing a failure. [ 142.126650][ T6811] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 142.163490][ T6811] CPU: 1 UID: 0 PID: 6811 Comm: syz.3.221 Not tainted syzkaller #0 PREEMPT(full) [ 142.163530][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 142.163543][ T6811] Call Trace: [ 142.163549][ T6811] [ 142.163555][ T6811] dump_stack_lvl+0x16c/0x1f0 [ 142.163577][ T6811] should_fail_ex+0x512/0x640 [ 142.163602][ T6811] strncpy_from_user+0x3b/0x2e0 [ 142.163624][ T6811] getname_flags.part.0+0x8f/0x550 [ 142.163648][ T6811] __x64_sys_unlink+0xb0/0x110 [ 142.163665][ T6811] do_syscall_64+0xcd/0xfa0 [ 142.163684][ T6811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.163698][ T6811] RIP: 0033:0x7f3cdab8f6c9 [ 142.163710][ T6811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.163723][ T6811] RSP: 002b:00007f3cdba1b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 142.163737][ T6811] RAX: ffffffffffffffda RBX: 00007f3cdade6090 RCX: 00007f3cdab8f6c9 [ 142.163746][ T6811] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000380 [ 142.163754][ T6811] RBP: 00007f3cdba1b090 R08: 0000000000000000 R09: 0000000000000000 [ 142.163762][ T6811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.163770][ T6811] R13: 00007f3cdade6128 R14: 00007f3cdade6090 R15: 00007ffe93254f68 [ 142.163789][ T6811] [ 142.299677][ T6810] CPU: 0 UID: 0 PID: 6810 Comm: syz.1.222 Not tainted syzkaller #0 PREEMPT(full) [ 142.299710][ T6810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 142.299723][ T6810] Call Trace: [ 142.299731][ T6810] [ 142.299741][ T6810] dump_stack_lvl+0x16c/0x1f0 [ 142.299774][ T6810] should_fail_ex+0x512/0x640 [ 142.299809][ T6810] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 142.299841][ T6810] should_failslab+0xc2/0x120 [ 142.299877][ T6810] __kmalloc_node_noprof+0xe0/0x8a0 [ 142.299902][ T6810] ? lockdep_init_map_type+0x5c/0x280 [ 142.299934][ T6810] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 142.299970][ T6810] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 142.299997][ T6810] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 142.300023][ T6810] ? __pfx_idr_alloc+0x10/0x10 [ 142.300059][ T6810] loop_add+0x3b2/0xb70 [ 142.300088][ T6810] ? __pfx_loop_add+0x10/0x10 [ 142.300139][ T6810] ? find_held_lock+0x2b/0x80 [ 142.300170][ T6810] loop_control_ioctl+0x13e/0x630 [ 142.300199][ T6810] ? __pfx_loop_control_ioctl+0x10/0x10 [ 142.300232][ T6810] ? __pfx_loop_control_ioctl+0x10/0x10 [ 142.300270][ T6810] __x64_sys_ioctl+0x18e/0x210 [ 142.300310][ T6810] do_syscall_64+0xcd/0xfa0 [ 142.300342][ T6810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.300369][ T6810] RIP: 0033:0x7f92fa98f6c9 [ 142.300390][ T6810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.300412][ T6810] RSP: 002b:00007f92fb8bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 142.300436][ T6810] RAX: ffffffffffffffda RBX: 00007f92fabe5fa0 RCX: 00007f92fa98f6c9 [ 142.300453][ T6810] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000004 [ 142.300467][ T6810] RBP: 00007f92faa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 142.300481][ T6810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 142.300495][ T6810] R13: 00007f92fabe6038 R14: 00007f92fabe5fa0 R15: 00007ffd789979b8 [ 142.300529][ T6810] [ 142.747540][ T6819] __nla_validate_parse: 8 callbacks suppressed [ 142.747561][ T6819] netlink: 342 bytes leftover after parsing attributes in process `syz.1.226'. [ 142.845636][ T6819] netlink: 342 bytes leftover after parsing attributes in process `syz.1.226'. [ 142.892469][ T6819] netlink: 342 bytes leftover after parsing attributes in process `syz.1.226'. [ 142.917209][ T6824] netlink: 306 bytes leftover after parsing attributes in process `syz.1.226'. [ 143.042304][ T6826] FAULT_INJECTION: forcing a failure. [ 143.042304][ T6826] name failslab, interval 1, probability 0, space 0, times 0 [ 143.078019][ T6826] CPU: 1 UID: 0 PID: 6826 Comm: syz.0.228 Not tainted syzkaller #0 PREEMPT(full) [ 143.078053][ T6826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 143.078067][ T6826] Call Trace: [ 143.078076][ T6826] [ 143.078086][ T6826] dump_stack_lvl+0x16c/0x1f0 [ 143.078121][ T6826] should_fail_ex+0x512/0x640 [ 143.078154][ T6826] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 143.078183][ T6826] should_failslab+0xc2/0x120 [ 143.078213][ T6826] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 143.078240][ T6826] ? proc_alloc_inode+0x25/0x200 [ 143.078277][ T6826] ? __pfx_proc_alloc_inode+0x10/0x10 [ 143.078308][ T6826] ? proc_alloc_inode+0x25/0x200 [ 143.078338][ T6826] proc_alloc_inode+0x25/0x200 [ 143.078369][ T6826] alloc_inode+0x64/0x240 [ 143.078402][ T6826] new_inode+0x22/0x1c0 [ 143.078432][ T6826] ? proc_lookup_de+0x201/0x360 [ 143.078481][ T6826] proc_get_inode+0x1d/0x780 [ 143.078518][ T6826] proc_lookup_de+0x236/0x360 [ 143.078561][ T6826] proc_lookup+0xcf/0x110 [ 143.078598][ T6826] proc_root_lookup+0x3b/0x70 [ 143.078634][ T6826] __lookup_slow+0x251/0x460 [ 143.078671][ T6826] ? __pfx___lookup_slow+0x10/0x10 [ 143.078730][ T6826] ? lookup_fast+0x156/0x610 [ 143.078758][ T6826] walk_component+0x353/0x5b0 [ 143.078786][ T6826] link_path_walk+0x627/0xe20 [ 143.078820][ T6826] path_openat+0x1b0/0x2cb0 [ 143.078856][ T6826] ? __pfx_path_openat+0x10/0x10 [ 143.078884][ T6826] ? __lock_acquire+0xb8a/0x1c90 [ 143.078919][ T6826] do_filp_open+0x20b/0x470 [ 143.078947][ T6826] ? __pfx_do_filp_open+0x10/0x10 [ 143.079001][ T6826] ? alloc_fd+0x471/0x7d0 [ 143.079037][ T6826] do_sys_openat2+0x11b/0x1d0 [ 143.079071][ T6826] ? __pfx_do_sys_openat2+0x10/0x10 [ 143.079120][ T6826] __x64_sys_openat+0x174/0x210 [ 143.079155][ T6826] ? __pfx___x64_sys_openat+0x10/0x10 [ 143.079205][ T6826] do_syscall_64+0xcd/0xfa0 [ 143.079237][ T6826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.079262][ T6826] RIP: 0033:0x7f28d9d8f6c9 [ 143.079282][ T6826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.079305][ T6826] RSP: 002b:00007f28dad01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 143.079329][ T6826] RAX: ffffffffffffffda RBX: 00007f28d9fe5fa0 RCX: 00007f28d9d8f6c9 [ 143.079346][ T6826] RDX: 0000000000080002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 143.079362][ T6826] RBP: 00007f28d9e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 143.079377][ T6826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.079392][ T6826] R13: 00007f28d9fe6038 R14: 00007f28d9fe5fa0 R15: 00007fff82fb21f8 [ 143.079429][ T6826] [ 143.913648][ T6823] netlink: 342 bytes leftover after parsing attributes in process `syz.2.227'. [ 144.243674][ T6835] netlink: 342 bytes leftover after parsing attributes in process `syz.1.230'. [ 144.563761][ T6846] netlink: 342 bytes leftover after parsing attributes in process `syz.3.233'. [ 144.604076][ T6846] netlink: 342 bytes leftover after parsing attributes in process `syz.3.233'. [ 144.640186][ T6846] netlink: 342 bytes leftover after parsing attributes in process `syz.3.233'. [ 144.688524][ T6851] netlink: 306 bytes leftover after parsing attributes in process `syz.3.233'. [ 144.717143][ T6852] vivid-007: ================= START STATUS ================= [ 144.730022][ T6852] vivid-007: Generate PTS: true [ 144.739044][ T6852] vivid-007: Generate SCR: true [ 144.746868][ T6852] tpg source WxH: 320x240 (Y'CbCr) [ 144.752136][ T6852] tpg field: 1 [ 144.756633][ T6852] tpg crop: (0,0)/320x240 [ 144.761119][ T6852] tpg compose: (0,0)/320x240 [ 144.766224][ T6852] tpg colorspace: 8 [ 144.770113][ T6852] tpg transfer function: 0/0 [ 144.775015][ T6852] tpg Y'CbCr encoding: 0/0 [ 144.796769][ T6852] tpg quantization: 0/0 [ 144.800985][ T6852] tpg RGB range: 0/2 [ 144.808339][ T6852] vivid-007: ================== END STATUS ================== [ 144.817514][ T6854] vivid-007: ================= START STATUS ================= [ 144.825635][ T6854] vivid-007: Generate PTS: true [ 144.831616][ T6854] vivid-007: Generate SCR: true [ 144.837078][ T6854] tpg source WxH: 320x240 (Y'CbCr) [ 144.842352][ T6854] tpg field: 1 [ 144.847329][ T6854] tpg crop: (0,0)/320x240 [ 144.851747][ T6854] tpg compose: (0,0)/320x240 [ 144.856989][ T6854] tpg colorspace: 8 [ 144.860906][ T6854] tpg transfer function: 0/0 [ 144.865640][ T6854] tpg Y'CbCr encoding: 0/0 [ 144.870201][ T6854] tpg quantization: 0/0 [ 144.874799][ T6854] tpg RGB range: 0/2 [ 144.878863][ T6854] vivid-007: ================== END STATUS ================== [ 145.871077][ T6887] vivid-007: ================= START STATUS ================= [ 145.882662][ T6887] vivid-007: Generate PTS: true [ 145.889961][ T6887] vivid-007: Generate SCR: true [ 145.895184][ T6887] tpg source WxH: 320x240 (Y'CbCr) [ 145.900378][ T6887] tpg field: 1 [ 145.903800][ T6887] tpg crop: (0,0)/320x240 [ 145.908489][ T6887] tpg compose: (0,0)/320x240 [ 145.913139][ T6887] tpg colorspace: 8 [ 145.917069][ T6887] tpg transfer function: 0/0 [ 145.922998][ T6887] tpg Y'CbCr encoding: 0/0 [ 145.927591][ T6887] tpg quantization: 0/0 [ 145.931897][ T6887] tpg RGB range: 0/2 [ 145.939661][ T6887] vivid-007: ================== END STATUS ================== [ 146.587689][ T6899] FAULT_INJECTION: forcing a failure. [ 146.587689][ T6899] name failslab, interval 1, probability 0, space 0, times 0 [ 146.605297][ T6899] CPU: 0 UID: 0 PID: 6899 Comm: syz.0.250 Not tainted syzkaller #0 PREEMPT(full) [ 146.605318][ T6899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 146.605326][ T6899] Call Trace: [ 146.605331][ T6899] [ 146.605337][ T6899] dump_stack_lvl+0x16c/0x1f0 [ 146.605359][ T6899] should_fail_ex+0x512/0x640 [ 146.605381][ T6899] ? fs_reclaim_acquire+0xae/0x150 [ 146.605402][ T6899] should_failslab+0xc2/0x120 [ 146.605421][ T6899] __kmalloc_noprof+0xdd/0x880 [ 146.605444][ T6899] ? tomoyo_encode2+0x100/0x3e0 [ 146.605464][ T6899] ? tomoyo_encode2+0x100/0x3e0 [ 146.605478][ T6899] tomoyo_encode2+0x100/0x3e0 [ 146.605497][ T6899] tomoyo_encode+0x29/0x50 [ 146.605512][ T6899] tomoyo_realpath_from_path+0x18f/0x6e0 [ 146.605534][ T6899] tomoyo_path_perm+0x274/0x460 [ 146.605546][ T6899] ? tomoyo_path_perm+0x260/0x460 [ 146.605560][ T6899] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 146.605594][ T6899] ? __d_lookup+0x25c/0x4a0 [ 146.605621][ T6899] tomoyo_path_unlink+0x91/0xe0 [ 146.605639][ T6899] ? __pfx_tomoyo_path_unlink+0x10/0x10 [ 146.605658][ T6899] ? lookup_dcache+0x66/0x170 [ 146.605681][ T6899] security_path_unlink+0x145/0x2b0 [ 146.605696][ T6899] do_unlinkat+0x463/0x6a0 [ 146.605713][ T6899] ? __pfx_do_unlinkat+0x10/0x10 [ 146.605737][ T6899] ? getname_flags.part.0+0x1c5/0x550 [ 146.605759][ T6899] __x64_sys_unlink+0xc5/0x110 [ 146.605776][ T6899] do_syscall_64+0xcd/0xfa0 [ 146.605794][ T6899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.605809][ T6899] RIP: 0033:0x7f28d9d8f6c9 [ 146.605821][ T6899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.605834][ T6899] RSP: 002b:00007f28dace0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 146.605848][ T6899] RAX: ffffffffffffffda RBX: 00007f28d9fe6090 RCX: 00007f28d9d8f6c9 [ 146.605857][ T6899] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000380 [ 146.605865][ T6899] RBP: 00007f28dace0090 R08: 0000000000000000 R09: 0000000000000000 [ 146.605873][ T6899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.605881][ T6899] R13: 00007f28d9fe6128 R14: 00007f28d9fe6090 R15: 00007fff82fb21f8 [ 146.605903][ T6899] [ 146.605920][ T6899] ERROR: Out of memory at tomoyo_realpath_from_path. [ 147.021870][ T6879] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 151.276612][ T6956] __nla_validate_parse: 7 callbacks suppressed [ 151.276626][ T6956] netlink: 342 bytes leftover after parsing attributes in process `syz.2.263'. [ 151.468773][ T6964] netlink: 342 bytes leftover after parsing attributes in process `syz.0.265'. [ 151.629840][ T6973] netlink: 342 bytes leftover after parsing attributes in process `syz.2.267'. [ 151.639894][ T6973] netlink: 342 bytes leftover after parsing attributes in process `syz.2.267'. [ 151.678139][ T6973] netlink: 218 bytes leftover after parsing attributes in process `syz.2.267'. [ 152.423704][ T30] audit: type=1800 audit(1763454761.982:3): pid=6993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.274" name="version" dev="configfs" ino=12701 res=0 errno=0 [ 152.449675][ T6993] FAULT_INJECTION: forcing a failure. [ 152.449675][ T6993] name fail_futex, interval 1, probability 0, space 0, times 0 [ 152.462746][ T6993] CPU: 0 UID: 0 PID: 6993 Comm: syz.0.274 Not tainted syzkaller #0 PREEMPT(full) [ 152.462773][ T6993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 152.462784][ T6993] Call Trace: [ 152.462789][ T6993] [ 152.462795][ T6993] dump_stack_lvl+0x16c/0x1f0 [ 152.462817][ T6993] should_fail_ex+0x512/0x640 [ 152.462841][ T6993] should_fail_futex+0x4c/0x60 [ 152.462859][ T6993] futex_lock_pi_atomic+0x148/0xd50 [ 152.462885][ T6993] futex_lock_pi+0x23f/0x7c0 [ 152.462908][ T6993] ? __pfx_futex_lock_pi+0x10/0x10 [ 152.462927][ T6993] ? preempt_schedule_common+0x44/0xc0 [ 152.462944][ T6993] ? preempt_schedule_thunk+0x16/0x30 [ 152.462972][ T6993] ? __pfx_try_to_wake_up+0x10/0x10 [ 152.462991][ T6993] ? futex_private_hash_put+0xd5/0x190 [ 152.463011][ T6993] ? __pfx_futex_wake_mark+0x10/0x10 [ 152.463038][ T6993] ? ksys_write+0x190/0x250 [ 152.463056][ T6993] do_futex+0x11a/0x350 [ 152.463075][ T6993] ? __pfx_do_futex+0x10/0x10 [ 152.463098][ T6993] __x64_sys_futex+0x1e0/0x4c0 [ 152.463117][ T6993] ? fput+0x9b/0xd0 [ 152.463134][ T6993] ? __pfx___x64_sys_futex+0x10/0x10 [ 152.463153][ T6993] ? xfd_validate_state+0x61/0x180 [ 152.463171][ T6993] ? __pfx_ksys_write+0x10/0x10 [ 152.463191][ T6993] do_syscall_64+0xcd/0xfa0 [ 152.463209][ T6993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.463223][ T6993] RIP: 0033:0x7f28d9d8f6c9 [ 152.463235][ T6993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.463247][ T6993] RSP: 002b:00007f28dad01038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 152.463261][ T6993] RAX: ffffffffffffffda RBX: 00007f28d9fe5fa0 RCX: 00007f28d9d8f6c9 [ 152.463270][ T6993] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 152.463278][ T6993] RBP: 00007f28d9e11f91 R08: 0000000000000000 R09: 000000008000fff5 [ 152.463286][ T6993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.463294][ T6993] R13: 00007f28d9fe6038 R14: 00007f28d9fe5fa0 R15: 00007fff82fb21f8 [ 152.463313][ T6993] [ 154.329607][ T7013] netlink: 342 bytes leftover after parsing attributes in process `syz.1.280'. [ 156.818225][ T7070] netlink: 342 bytes leftover after parsing attributes in process `syz.2.293'. [ 156.850663][ T7070] netlink: 342 bytes leftover after parsing attributes in process `syz.2.293'. [ 158.255266][ T7104] vivid-007: ================= START STATUS ================= [ 158.284834][ T7104] vivid-007: Generate PTS: true [ 158.306383][ T7104] vivid-007: Generate SCR: true [ 158.333674][ T7104] tpg source WxH: 320x240 (Y'CbCr) [ 158.437463][ T7104] tpg field: 1 [ 158.440881][ T7104] tpg crop: (0,0)/320x240 [ 158.445494][ T7104] tpg compose: (0,0)/320x240 [ 158.451530][ T7104] tpg colorspace: 8 [ 158.455482][ T7104] tpg transfer function: 0/0 [ 158.460084][ T7104] tpg Y'CbCr encoding: 0/0 [ 158.465735][ T7104] tpg quantization: 0/0 [ 158.469892][ T7104] tpg RGB range: 0/2 [ 158.473764][ T7104] vivid-007: ================== END STATUS ================== [ 160.730026][ T7149] vivid-007: ================= START STATUS ================= [ 160.737777][ T7149] vivid-007: Generate PTS: true [ 160.742669][ T7149] vivid-007: Generate SCR: true [ 160.752906][ T7149] tpg source WxH: 320x240 (Y'CbCr) [ 160.763273][ T7149] tpg field: 1 [ 160.779522][ T7149] tpg crop: (0,0)/320x240 [ 160.784220][ T7149] tpg compose: (0,0)/320x240 [ 160.814523][ T7149] tpg colorspace: 8 [ 160.818686][ T7149] tpg transfer function: 0/0 [ 160.823387][ T7149] tpg Y'CbCr encoding: 0/0 [ 160.827992][ T7149] tpg quantization: 0/0 [ 160.832326][ T7149] tpg RGB range: 0/2 [ 160.836670][ T7149] vivid-007: ================== END STATUS ================== [ 163.535670][ T7196] vivid-007: ================= START STATUS ================= [ 163.579490][ T7196] vivid-007: Generate PTS: true [ 163.603489][ T7196] vivid-007: Generate SCR: true [ 163.624793][ T7196] tpg source WxH: 320x240 (Y'CbCr) [ 163.630170][ T7196] tpg field: 1 [ 163.650343][ T7196] tpg crop: (0,0)/320x240 [ 163.655052][ T7196] tpg compose: (0,0)/320x240 [ 163.659652][ T7196] tpg colorspace: 8 [ 163.663585][ T7196] tpg transfer function: 0/0 [ 163.692981][ T7196] tpg Y'CbCr encoding: 0/0 [ 163.700078][ T7196] tpg quantization: 0/0 [ 163.715047][ T7196] tpg RGB range: 0/2 [ 163.719191][ T7196] vivid-007: ================== END STATUS ================== [ 164.282300][ T7214] vivid-007: ================= START STATUS ================= [ 164.290929][ T7214] vivid-007: Generate PTS: true [ 164.301049][ T7214] vivid-007: Generate SCR: true [ 164.309824][ T7214] tpg source WxH: 320x240 (Y'CbCr) [ 164.447745][ T7214] tpg field: 1 [ 164.451389][ T7214] tpg crop: (0,0)/320x240 [ 164.455994][ T7214] tpg compose: (0,0)/320x240 [ 164.460602][ T7214] tpg colorspace: 8 [ 164.464566][ T7214] tpg transfer function: 0/0 [ 164.469815][ T7214] tpg Y'CbCr encoding: 0/0 [ 164.474552][ T7214] tpg quantization: 0/0 [ 164.483317][ T7214] tpg RGB range: 0/2 [ 164.487392][ T7214] vivid-007: ================== END STATUS ================== [ 174.779080][ T7395] netlink: 342 bytes leftover after parsing attributes in process `syz.3.368'. [ 175.092491][ T7406] vivid-007: ================= START STATUS ================= [ 175.143859][ T7406] vivid-007: Generate PTS: true [ 175.161323][ T7406] vivid-007: Generate SCR: true [ 175.188914][ T7406] tpg source WxH: 320x240 (Y'CbCr) [ 175.255561][ T7406] tpg field: 1 [ 175.260557][ T7406] tpg crop: (0,0)/320x240 [ 175.265533][ T7406] tpg compose: (0,0)/320x240 [ 175.270152][ T7406] tpg colorspace: 8 [ 175.273971][ T7406] tpg transfer function: 0/0 [ 175.279237][ T7406] tpg Y'CbCr encoding: 0/0 [ 175.283675][ T7406] tpg quantization: 0/0 [ 175.287950][ T7406] tpg RGB range: 0/2 [ 175.291857][ T7406] vivid-007: ================== END STATUS ================== [ 176.391366][ T7431] netlink: 342 bytes leftover after parsing attributes in process `syz.3.377'. [ 178.871527][ T7473] netlink: 342 bytes leftover after parsing attributes in process `syz.2.388'. [ 178.979137][ T7476] bond0: Unable to set down delay as MII monitoring is disabled [ 179.044874][ T7476] FAULT_INJECTION: forcing a failure. [ 179.044874][ T7476] name failslab, interval 1, probability 0, space 0, times 0 [ 179.096181][ T7476] CPU: 1 UID: 0 PID: 7476 Comm: syz.3.389 Not tainted syzkaller #0 PREEMPT(full) [ 179.096204][ T7476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 179.096212][ T7476] Call Trace: [ 179.096217][ T7476] [ 179.096223][ T7476] dump_stack_lvl+0x16c/0x1f0 [ 179.096246][ T7476] should_fail_ex+0x512/0x640 [ 179.096268][ T7476] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 179.096286][ T7476] should_failslab+0xc2/0x120 [ 179.096306][ T7476] kmem_cache_alloc_noprof+0x75/0x6e0 [ 179.096320][ T7476] ? alloc_empty_file+0x55/0x1e0 [ 179.096346][ T7476] ? alloc_empty_file+0x55/0x1e0 [ 179.096364][ T7476] alloc_empty_file+0x55/0x1e0 [ 179.096384][ T7476] path_openat+0xda/0x2cb0 [ 179.096405][ T7476] ? __pfx_path_openat+0x10/0x10 [ 179.096422][ T7476] ? __lock_acquire+0xb8a/0x1c90 [ 179.096443][ T7476] do_filp_open+0x20b/0x470 [ 179.096458][ T7476] ? __pfx_do_filp_open+0x10/0x10 [ 179.096487][ T7476] ? alloc_fd+0x471/0x7d0 [ 179.096507][ T7476] do_sys_openat2+0x11b/0x1d0 [ 179.096529][ T7476] ? __pfx_do_sys_openat2+0x10/0x10 [ 179.096547][ T7476] ? __sock_release+0x20b/0x270 [ 179.096569][ T7476] __x64_sys_openat+0x174/0x210 [ 179.096589][ T7476] ? __pfx___x64_sys_openat+0x10/0x10 [ 179.096625][ T7476] do_syscall_64+0xcd/0xfa0 [ 179.096645][ T7476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.096660][ T7476] RIP: 0033:0x7f3cdab8f6c9 [ 179.096672][ T7476] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.096685][ T7476] RSP: 002b:00007f3cdba3c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 179.096699][ T7476] RAX: ffffffffffffffda RBX: 00007f3cdade5fa0 RCX: 00007f3cdab8f6c9 [ 179.096708][ T7476] RDX: 00000000000c0040 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 179.096717][ T7476] RBP: 00007f3cdac11f91 R08: 0000000000000000 R09: 0000000000000000 [ 179.096725][ T7476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.096733][ T7476] R13: 00007f3cdade6038 R14: 00007f3cdade5fa0 R15: 00007ffe93254f68 [ 179.096752][ T7476] [ 180.946645][ T7510] netlink: 342 bytes leftover after parsing attributes in process `syz.3.399'. [ 180.963855][ T7510] netlink: 342 bytes leftover after parsing attributes in process `syz.3.399'. [ 181.644442][ T7519] netlink: 342 bytes leftover after parsing attributes in process `syz.2.400'. [ 181.834947][ T7525] vivid-007: ================= START STATUS ================= [ 181.910232][ T7525] vivid-007: Generate PTS: true [ 181.954306][ T7525] vivid-007: Generate SCR: true [ 181.961700][ T7525] tpg source WxH: 320x240 (Y'CbCr) [ 182.121197][ T7525] tpg field: 1 [ 182.128856][ T7525] tpg crop: (0,0)/320x240 [ 182.155708][ T7525] tpg compose: (0,0)/320x240 [ 182.160580][ T7525] tpg colorspace: 8 [ 182.168922][ T7525] tpg transfer function: 0/0 [ 182.235873][ T7525] tpg Y'CbCr encoding: 0/0 [ 182.255819][ T7525] tpg quantization: 0/0 [ 182.274118][ T7525] tpg RGB range: 0/2 [ 182.285007][ T7525] vivid-007: ================== END STATUS ================== [ 184.679022][ T7572] vivid-007: ================= START STATUS ================= [ 184.687052][ T7572] vivid-007: Generate PTS: true [ 184.694390][ T7572] vivid-007: Generate SCR: true [ 184.699441][ T7572] tpg source WxH: 320x240 (Y'CbCr) [ 184.704919][ T7572] tpg field: 1 [ 184.708280][ T7572] tpg crop: (0,0)/320x240 [ 184.714730][ T7572] tpg compose: (0,0)/320x240 [ 184.744803][ T7572] tpg colorspace: 8 [ 184.748662][ T7572] tpg transfer function: 0/0 [ 184.753261][ T7572] tpg Y'CbCr encoding: 0/0 [ 184.796131][ T7572] tpg quantization: 0/0 [ 184.800316][ T7572] tpg RGB range: 0/2 [ 184.804454][ T7572] vivid-007: ================== END STATUS ================== [ 185.661222][ T7597] hub 8-0:1.0: USB hub found [ 185.666617][ T7597] hub 8-0:1.0: 1 port detected [ 185.742487][ T7597] random: crng reseeded on system resumption [ 186.210812][ T7607] FAULT_INJECTION: forcing a failure. [ 186.210812][ T7607] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.287039][ T7607] CPU: 0 UID: 0 PID: 7607 Comm: syz.0.423 Not tainted syzkaller #0 PREEMPT(full) [ 186.287061][ T7607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 186.287069][ T7607] Call Trace: [ 186.287074][ T7607] [ 186.287080][ T7607] dump_stack_lvl+0x16c/0x1f0 [ 186.287103][ T7607] should_fail_ex+0x512/0x640 [ 186.287128][ T7607] _copy_from_user+0x2e/0xd0 [ 186.287151][ T7607] __sys_bpf+0x248/0x4980 [ 186.287169][ T7607] ? __pfx___sys_bpf+0x10/0x10 [ 186.287183][ T7607] ? find_held_lock+0x2b/0x80 [ 186.287202][ T7607] ? find_held_lock+0x2b/0x80 [ 186.287221][ T7607] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 186.287251][ T7607] ? fput+0x9b/0xd0 [ 186.287270][ T7607] ? ksys_write+0x1ac/0x250 [ 186.287284][ T7607] ? __pfx_ksys_write+0x10/0x10 [ 186.287303][ T7607] __x64_sys_bpf+0x78/0xc0 [ 186.287317][ T7607] ? lockdep_hardirqs_on+0x7c/0x110 [ 186.287334][ T7607] do_syscall_64+0xcd/0xfa0 [ 186.287352][ T7607] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.287367][ T7607] RIP: 0033:0x7f28d9d8f6c9 [ 186.287378][ T7607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.287391][ T7607] RSP: 002b:00007f28dad01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 186.287405][ T7607] RAX: ffffffffffffffda RBX: 00007f28d9fe5fa0 RCX: 00007f28d9d8f6c9 [ 186.287414][ T7607] RDX: 00000000000000a3 RSI: 0000200000000000 RDI: 0000000000000000 [ 186.287422][ T7607] RBP: 00007f28dad01090 R08: 0000000000000000 R09: 0000000000000000 [ 186.287430][ T7607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.287438][ T7607] R13: 00007f28d9fe6038 R14: 00007f28d9fe5fa0 R15: 00007fff82fb21f8 [ 186.287457][ T7607] [ 187.149063][ T7622] vivid-007: ================= START STATUS ================= [ 187.161306][ T7622] vivid-007: Generate PTS: true [ 187.167630][ T7622] vivid-007: Generate SCR: true [ 187.172590][ T7622] tpg source WxH: 320x240 (Y'CbCr) [ 187.178898][ T7622] tpg field: 1 [ 187.182300][ T7622] tpg crop: (0,0)/320x240 [ 187.188019][ T7622] tpg compose: (0,0)/320x240 [ 187.196979][ T7622] tpg colorspace: 8 [ 187.202906][ T7622] tpg transfer function: 0/0 [ 187.207774][ T7622] tpg Y'CbCr encoding: 0/0 [ 187.213242][ T7622] tpg quantization: 0/0 [ 187.244367][ T7622] tpg RGB range: 0/2 [ 187.248316][ T7622] vivid-007: ================== END STATUS ================== [ 187.868023][ T7641] futex_wake_op: syz.0.433 tries to shift op by -2048; fix this program [ 188.049422][ T7647] vivid-007: ================= START STATUS ================= [ 188.069729][ T7647] vivid-007: Generate PTS: true [ 188.081792][ T7647] vivid-007: Generate SCR: true [ 188.090064][ T7647] tpg source WxH: 320x240 (Y'CbCr) [ 188.095669][ T7647] tpg field: 1 [ 188.099176][ T7647] tpg crop: (0,0)/320x240 [ 188.099786][ T7649] hub 8-0:1.0: USB hub found [ 188.103585][ T7647] tpg compose: (0,0)/320x240 [ 188.108773][ T7649] hub 8-0:1.0: 1 port detected [ 188.116316][ T7647] tpg colorspace: 8 [ 188.122376][ T7647] tpg transfer function: 0/0 [ 188.127725][ T7647] tpg Y'CbCr encoding: 0/0 [ 188.135595][ T7647] tpg quantization: 0/0 [ 188.137772][ T7651] random: crng reseeded on system resumption [ 188.140020][ T7647] tpg RGB range: 0/2 [ 188.151261][ T7647] vivid-007: ================== END STATUS ================== [ 190.427964][ T7686] vivid-007: ================= START STATUS ================= [ 190.436489][ T7686] vivid-007: Generate PTS: true [ 190.441373][ T7686] vivid-007: Generate SCR: true [ 190.446453][ T7686] tpg source WxH: 320x240 (Y'CbCr) [ 190.451789][ T7686] tpg field: 1 [ 190.458625][ T7686] tpg crop: (0,0)/320x240 [ 190.467733][ T7686] tpg compose: (0,0)/320x240 [ 190.472335][ T7686] tpg colorspace: 8 [ 190.482575][ T7686] tpg transfer function: 0/0 [ 190.487330][ T7686] tpg Y'CbCr encoding: 0/0 [ 190.491755][ T7686] tpg quantization: 0/0 [ 190.500866][ T7686] tpg RGB range: 0/2 [ 190.504925][ T7686] vivid-007: ================== END STATUS ================== [ 191.238032][ T7701] cgroup: fork rejected by pids controller in /syz3 [ 191.977200][ T7760] netlink: 342 bytes leftover after parsing attributes in process `syz.1.453'. [ 192.077723][ T7760] netlink: 306 bytes leftover after parsing attributes in process `syz.1.453'. [ 192.525303][ T7774] vivid-007: ================= START STATUS ================= [ 192.536795][ T7774] vivid-007: Generate PTS: true [ 192.541888][ T7774] vivid-007: Generate SCR: true [ 192.554746][ T7774] tpg source WxH: 320x240 (Y'CbCr) [ 192.560007][ T7774] tpg field: 1 [ 192.563510][ T7774] tpg crop: (0,0)/320x240 [ 192.569356][ T7774] tpg compose: (0,0)/320x240 [ 192.645865][ T7774] tpg colorspace: 8 [ 192.760097][ T7774] tpg transfer function: 0/0 [ 192.766867][ T7774] tpg Y'CbCr encoding: 0/0 [ 192.771498][ T7774] tpg quantization: 0/0 [ 192.775885][ T7774] tpg RGB range: 0/2 [ 192.779930][ T7774] vivid-007: ================== END STATUS ================== [ 194.259947][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.275751][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.298414][ T7813] vivid-007: ================= START STATUS ================= [ 194.354365][ T7813] vivid-007: Generate PTS: true [ 194.369818][ T7813] vivid-007: Generate SCR: true [ 194.378856][ T7813] tpg source WxH: 320x240 (Y'CbCr) [ 194.405296][ T7813] tpg field: 1 [ 194.408731][ T7813] tpg crop: (0,0)/320x240 [ 194.413037][ T7813] tpg compose: (0,0)/320x240 [ 194.444717][ T7813] tpg colorspace: 8 [ 194.450846][ T7813] tpg transfer function: 0/0 [ 194.457946][ T7813] tpg Y'CbCr encoding: 0/0 [ 194.462443][ T7813] tpg quantization: 0/0 [ 194.467904][ T7813] tpg RGB range: 0/2 [ 194.471859][ T7813] vivid-007: ================== END STATUS ================== [ 194.611103][ T7823] netlink: 342 bytes leftover after parsing attributes in process `syz.0.470'. [ 194.634909][ T7825] vivid-007: ================= START STATUS ================= [ 194.642598][ T7825] vivid-007: Generate PTS: true [ 194.670498][ T7825] vivid-007: Generate SCR: true [ 194.695939][ T7825] tpg source WxH: 320x240 (Y'CbCr) [ 194.711816][ T7825] tpg field: 1 [ 194.756481][ T7823] netlink: 218 bytes leftover after parsing attributes in process `syz.0.470'. [ 194.765773][ T7825] tpg crop: (0,0)/320x240 [ 194.773900][ T7825] tpg compose: (0,0)/320x240 [ 194.786527][ T7825] tpg colorspace: 8 [ 194.797791][ T7825] tpg transfer function: 0/0 [ 194.840811][ T7825] tpg Y'CbCr encoding: 0/0 [ 194.848045][ T7825] tpg quantization: 0/0 [ 194.852257][ T7825] tpg RGB range: 0/2 [ 194.856346][ T7825] vivid-007: ================== END STATUS ================== [ 197.071955][ T7871] vivid-007: ================= START STATUS ================= [ 197.087114][ T7871] vivid-007: Generate PTS: true [ 197.128450][ T7871] vivid-007: Generate SCR: true [ 197.153738][ T7871] tpg source WxH: 320x240 (Y'CbCr) [ 197.161890][ T7871] tpg field: 1 [ 197.169400][ T7871] tpg crop: (0,0)/320x240 [ 197.179350][ T7871] tpg compose: (0,0)/320x240 [ 197.248901][ T7871] tpg colorspace: 8 [ 197.276277][ T7871] tpg transfer function: 0/0 [ 197.281986][ T7871] tpg Y'CbCr encoding: 0/0 [ 197.302774][ T7871] tpg quantization: 0/0 [ 197.359921][ T7871] tpg RGB range: 0/2 [ 197.406889][ T7871] vivid-007: ================== END STATUS ================== [ 198.105532][ T7884] netlink: 342 bytes leftover after parsing attributes in process `syz.2.482'. [ 199.398927][ T7908] netlink: 342 bytes leftover after parsing attributes in process `syz.0.489'. [ 200.345721][ T7927] vivid-007: ================= START STATUS ================= [ 200.354338][ T7927] vivid-007: Generate PTS: true [ 200.359207][ T7927] vivid-007: Generate SCR: true [ 200.364056][ T7927] tpg source WxH: 320x240 (Y'CbCr) [ 200.376790][ T7927] tpg field: 1 [ 200.380197][ T7927] tpg crop: (0,0)/320x240 [ 200.381598][ T7926] netlink: 342 bytes leftover after parsing attributes in process `syz.0.493'. [ 200.425272][ T7926] netlink: 218 bytes leftover after parsing attributes in process `syz.0.493'. [ 200.437788][ T7927] tpg compose: (0,0)/320x240 [ 200.447896][ T7927] tpg colorspace: 8 [ 200.451722][ T7927] tpg transfer function: 0/0 [ 200.489239][ T7927] tpg Y'CbCr encoding: 0/0 [ 200.507731][ T7927] tpg quantization: 0/0 [ 200.511945][ T7927] tpg RGB range: 0/2 [ 200.525803][ T7927] vivid-007: ================== END STATUS ================== [ 202.037927][ T7955] netlink: 342 bytes leftover after parsing attributes in process `syz.2.501'. [ 203.021157][ T7975] sysfs_service_op_store: Client not running :-5: [ 203.525042][ T7988] FAULT_INJECTION: forcing a failure. [ 203.525042][ T7988] name fail_futex, interval 1, probability 0, space 0, times 0 [ 203.537924][ T7988] CPU: 1 UID: 0 PID: 7988 Comm: syz.0.508 Not tainted syzkaller #0 PREEMPT(full) [ 203.537945][ T7988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 203.537953][ T7988] Call Trace: [ 203.537959][ T7988] [ 203.537965][ T7988] dump_stack_lvl+0x16c/0x1f0 [ 203.537988][ T7988] should_fail_ex+0x512/0x640 [ 203.538013][ T7988] should_fail_futex+0x4c/0x60 [ 203.538031][ T7988] futex_lock_pi_atomic+0x148/0xd50 [ 203.538056][ T7988] futex_lock_pi+0x23f/0x7c0 [ 203.538081][ T7988] ? __pfx_futex_lock_pi+0x10/0x10 [ 203.538100][ T7988] ? preempt_schedule_common+0x44/0xc0 [ 203.538117][ T7988] ? preempt_schedule_thunk+0x16/0x30 [ 203.538145][ T7988] ? __pfx_try_to_wake_up+0x10/0x10 [ 203.538164][ T7988] ? futex_private_hash_put+0xd5/0x190 [ 203.538184][ T7988] ? __pfx_futex_wake_mark+0x10/0x10 [ 203.538211][ T7988] ? ksys_write+0x190/0x250 [ 203.538230][ T7988] do_futex+0x11a/0x350 [ 203.538249][ T7988] ? __pfx_do_futex+0x10/0x10 [ 203.538272][ T7988] __x64_sys_futex+0x1e0/0x4c0 [ 203.538291][ T7988] ? fput+0x9b/0xd0 [ 203.538308][ T7988] ? __pfx___x64_sys_futex+0x10/0x10 [ 203.538326][ T7988] ? xfd_validate_state+0x61/0x180 [ 203.538345][ T7988] ? __pfx_ksys_write+0x10/0x10 [ 203.538365][ T7988] do_syscall_64+0xcd/0xfa0 [ 203.538384][ T7988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.538398][ T7988] RIP: 0033:0x7f28d9d8f6c9 [ 203.538410][ T7988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.538423][ T7988] RSP: 002b:00007f28dad01038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 203.538436][ T7988] RAX: ffffffffffffffda RBX: 00007f28d9fe5fa0 RCX: 00007f28d9d8f6c9 [ 203.538451][ T7988] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 203.538460][ T7988] RBP: 00007f28d9e11f91 R08: 0000000000000000 R09: 000000008000fff5 [ 203.538469][ T7988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 203.538477][ T7988] R13: 00007f28d9fe6038 R14: 00007f28d9fe5fa0 R15: 00007fff82fb21f8 [ 203.538497][ T7988] [ 204.845495][ T8005] netlink: 342 bytes leftover after parsing attributes in process `syz.0.513'. [ 205.378077][ T8020] vivid-007: ================= START STATUS ================= [ 205.414251][ T8020] vivid-007: Generate PTS: true [ 205.421831][ T8020] vivid-007: Generate SCR: true [ 205.439696][ T8020] tpg source WxH: 320x240 (Y'CbCr) [ 205.462717][ T8020] tpg field: 1 [ 205.485016][ T8020] tpg crop: (0,0)/320x240 [ 205.489479][ T8020] tpg compose: (0,0)/320x240 [ 205.494791][ T8020] tpg colorspace: 8 [ 205.531979][ T8020] tpg transfer function: 0/0 [ 205.708311][ T8020] tpg Y'CbCr encoding: 0/0 [ 205.727477][ T8020] tpg quantization: 0/0 [ 205.732356][ T8020] tpg RGB range: 0/2 [ 205.773419][ T8020] vivid-007: ================== END STATUS ================== [ 206.583504][ T8027] netlink: 342 bytes leftover after parsing attributes in process `syz.1.519'. [ 207.184364][ T8046] vivid-007: ================= START STATUS ================= [ 207.193192][ T8046] vivid-007: Generate PTS: true [ 207.198474][ T8046] vivid-007: Generate SCR: true [ 207.203346][ T8046] tpg source WxH: 320x240 (Y'CbCr) [ 207.300990][ T8046] tpg field: 1 [ 207.371534][ T8046] tpg crop: (0,0)/320x240 [ 207.376085][ T8046] tpg compose: (0,0)/320x240 [ 207.415356][ T8046] tpg colorspace: 8 [ 207.419286][ T8046] tpg transfer function: 0/0 [ 207.423904][ T8046] tpg Y'CbCr encoding: 0/0 [ 207.436712][ T8046] tpg quantization: 0/0 [ 207.441601][ T8046] tpg RGB range: 0/2 [ 207.451468][ T8046] vivid-007: ================== END STATUS ================== [ 207.822883][ T8060] netlink: 16 bytes leftover after parsing attributes in process `syz.2.527'. [ 208.096000][ T8067] vhci_hcd: not connected 4 [ 208.360298][ T8056] netlink: 342 bytes leftover after parsing attributes in process `syz.0.528'. [ 209.148009][ T8083] netlink: 342 bytes leftover after parsing attributes in process `syz.0.533'. [ 210.832829][ T8107] netlink: 342 bytes leftover after parsing attributes in process `syz.1.537'. [ 211.700861][ T5842] Bluetooth: hci2: command 0x0406 tx timeout [ 211.700874][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 211.700914][ T5847] Bluetooth: hci1: command 0x0406 tx timeout [ 211.710680][ T5842] Bluetooth: hci0: command 0x0406 tx timeout [ 213.259937][ T8135] netlink: 342 bytes leftover after parsing attributes in process `syz.1.544'. [ 214.061230][ T8152] vivid-007: ================= START STATUS ================= [ 214.123957][ T8152] vivid-007: Generate PTS: true [ 214.141758][ T8152] vivid-007: Generate SCR: true [ 214.151893][ T8152] tpg source WxH: 320x240 (Y'CbCr) [ 214.172187][ T8152] tpg field: 1 [ 214.184563][ T8152] tpg crop: (0,0)/320x240 [ 214.206996][ T8152] tpg compose: (0,0)/320x240 [ 214.212712][ T8152] tpg colorspace: 8 [ 214.233043][ T8152] tpg transfer function: 0/0 [ 214.268031][ T8152] tpg Y'CbCr encoding: 0/0 [ 214.278555][ T8152] tpg quantization: 0/0 [ 214.437375][ T8152] tpg RGB range: 0/2 [ 214.446957][ T8152] vivid-007: ================== END STATUS ================== [ 215.070609][ T8167] netlink: 342 bytes leftover after parsing attributes in process `syz.0.551'. [ 217.114466][ T8194] netlink: 342 bytes leftover after parsing attributes in process `syz.2.558'. [ 217.595968][ T8210] netlink: 342 bytes leftover after parsing attributes in process `syz.2.561'. [ 219.118450][ T8238] vivid-007: ================= START STATUS ================= [ 219.139717][ T8238] vivid-007: Generate PTS: true [ 219.169350][ T8238] vivid-007: Generate SCR: true [ 219.218401][ T8238] tpg source WxH: 320x240 (Y'CbCr) [ 219.276919][ T8238] tpg field: 1 [ 219.280341][ T8238] tpg crop: (0,0)/320x240 [ 219.284996][ T8238] tpg compose: (0,0)/320x240 [ 219.289585][ T8238] tpg colorspace: 8 [ 219.293374][ T8238] tpg transfer function: 0/0 [ 219.310359][ T8238] tpg Y'CbCr encoding: 0/0 [ 219.340530][ T8238] tpg quantization: 0/0 [ 219.387046][ T8238] tpg RGB range: 0/2 [ 219.407143][ T8238] vivid-007: ================== END STATUS ================== [ 220.429972][ T8251] netlink: 342 bytes leftover after parsing attributes in process `syz.1.570'. [ 220.808087][ T8266] netlink: 342 bytes leftover after parsing attributes in process `syz.3.573'. [ 223.242786][ T8305] vivid-007: ================= START STATUS ================= [ 223.275010][ T8305] vivid-007: Generate PTS: true [ 223.327860][ T8305] vivid-007: Generate SCR: true [ 223.332782][ T8305] tpg source WxH: 320x240 (Y'CbCr) [ 223.371646][ T8305] tpg field: 1 [ 223.386932][ T8305] tpg crop: (0,0)/320x240 [ 223.397551][ T8305] tpg compose: (0,0)/320x240 [ 223.422806][ T8305] tpg colorspace: 8 [ 223.438828][ T8305] tpg transfer function: 0/0 [ 223.455961][ T8305] tpg Y'CbCr encoding: 0/0 [ 223.473332][ T8305] tpg quantization: 0/0 [ 223.493597][ T8305] tpg RGB range: 0/2 [ 223.514087][ T8305] vivid-007: ================== END STATUS ================== [ 223.823715][ T8313] openvswitch: netlink: IPv4 tunnel dst address is zero [ 223.914131][ T8306] netlink: 342 bytes leftover after parsing attributes in process `syz.2.583'. [ 224.034349][ T8319] netlink: 342 bytes leftover after parsing attributes in process `syz.0.586'. [ 224.391529][ T8334] vivid-007: ================= START STATUS ================= [ 224.404554][ T8334] vivid-007: Generate PTS: true [ 224.409653][ T8334] vivid-007: Generate SCR: true [ 224.415191][ T8334] tpg source WxH: 320x240 (Y'CbCr) [ 224.420479][ T8334] tpg field: 1 [ 224.423997][ T8334] tpg crop: (0,0)/320x240 [ 224.429028][ T8334] tpg compose: (0,0)/320x240 [ 224.433771][ T8334] tpg colorspace: 8 [ 224.467960][ T8334] tpg transfer function: 0/0 [ 224.508246][ T8334] tpg Y'CbCr encoding: 0/0 [ 224.532317][ T8334] tpg quantization: 0/0 [ 224.542695][ T8334] tpg RGB range: 0/2 [ 224.552784][ T8334] vivid-007: ================== END STATUS ================== [ 225.818638][ T8354] vivid-007: ================= START STATUS ================= [ 225.894419][ T8354] vivid-007: Generate PTS: true [ 225.899345][ T8354] vivid-007: Generate SCR: true [ 225.974490][ T8354] tpg source WxH: 320x240 (Y'CbCr) [ 225.993345][ T8354] tpg field: 1 [ 226.014026][ T8354] tpg crop: (0,0)/320x240 [ 226.036115][ T8354] tpg compose: (0,0)/320x240 [ 226.040892][ T8354] tpg colorspace: 8 [ 226.044965][ T8354] tpg transfer function: 0/0 [ 226.049822][ T8354] tpg Y'CbCr encoding: 0/0 [ 226.054338][ T8354] tpg quantization: 0/0 [ 226.058587][ T8354] tpg RGB range: 0/2 [ 226.062576][ T8354] vivid-007: ================== END STATUS ================== [ 226.917941][ T8377] openvswitch: netlink: IPv4 tunnel dst address is zero [ 227.630198][ T8384] netlink: 342 bytes leftover after parsing attributes in process `syz.0.600'. [ 229.581868][ T8426] openvswitch: netlink: IPv4 tunnel dst address is zero [ 230.046708][ T8434] FAULT_INJECTION: forcing a failure. [ 230.046708][ T8434] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 230.109572][ T8434] CPU: 0 UID: 0 PID: 8434 Comm: syz.0.610 Not tainted syzkaller #0 PREEMPT(full) [ 230.109605][ T8434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 230.109619][ T8434] Call Trace: [ 230.109628][ T8434] [ 230.109637][ T8434] dump_stack_lvl+0x16c/0x1f0 [ 230.109672][ T8434] should_fail_ex+0x512/0x640 [ 230.109712][ T8434] _copy_from_iter+0x29f/0x1720 [ 230.109756][ T8434] ? __pfx__copy_from_iter+0x10/0x10 [ 230.109791][ T8434] ? rcu_is_watching+0x12/0xc0 [ 230.109817][ T8434] ? trace_kmalloc+0x2b/0xd0 [ 230.109844][ T8434] ? __kmalloc_noprof+0x34f/0x880 [ 230.109880][ T8434] ? kernfs_fop_write_iter+0x237/0x570 [ 230.109911][ T8434] kernfs_fop_write_iter+0x19a/0x570 [ 230.109940][ T8434] vfs_write+0x7d3/0x11d0 [ 230.109968][ T8434] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 230.109994][ T8434] ? __pfx___mutex_lock+0x10/0x10 [ 230.110024][ T8434] ? __pfx_vfs_write+0x10/0x10 [ 230.110075][ T8434] ksys_write+0x12a/0x250 [ 230.110100][ T8434] ? __pfx_ksys_write+0x10/0x10 [ 230.110137][ T8434] do_syscall_64+0xcd/0xfa0 [ 230.110169][ T8434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.110193][ T8434] RIP: 0033:0x7f28d9d8f6c9 [ 230.110212][ T8434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.110239][ T8434] RSP: 002b:00007f28dad01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 230.110261][ T8434] RAX: ffffffffffffffda RBX: 00007f28d9fe5fa0 RCX: 00007f28d9d8f6c9 [ 230.110276][ T8434] RDX: 0000000000000081 RSI: 0000200000000040 RDI: 0000000000000003 [ 230.110290][ T8434] RBP: 00007f28dad01090 R08: 0000000000000000 R09: 0000000000000000 [ 230.110304][ T8434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 230.110318][ T8434] R13: 00007f28d9fe6038 R14: 00007f28d9fe5fa0 R15: 00007fff82fb21f8 [ 230.110354][ T8434] [ 230.635735][ T8440] netlink: 342 bytes leftover after parsing attributes in process `syz.2.613'. [ 231.715316][ T8462] netlink: 342 bytes leftover after parsing attributes in process `syz.2.618'. [ 232.993068][ T8480] vivid-007: ================= START STATUS ================= [ 233.003868][ T8480] vivid-007: Generate PTS: true [ 233.009462][ T8480] vivid-007: Generate SCR: true [ 233.017677][ T8480] tpg source WxH: 320x240 (Y'CbCr) [ 233.022834][ T8480] tpg field: 1 [ 233.022847][ T8480] tpg crop: (0,0)/320x240 [ 233.030968][ T8480] tpg compose: (0,0)/320x240 [ 233.035632][ T8480] tpg colorspace: 8 [ 233.039446][ T8480] tpg transfer function: 0/0 [ 233.044237][ T8480] tpg Y'CbCr encoding: 0/0 [ 233.054765][ T8480] tpg quantization: 0/0 [ 233.058948][ T8480] tpg RGB range: 0/2 [ 233.062823][ T8480] vivid-007: ================== END STATUS ================== [ 233.216267][ T8485] vivid-007: ================= START STATUS ================= [ 233.223998][ T8485] vivid-007: Generate PTS: true [ 233.231027][ T8485] vivid-007: Generate SCR: true [ 233.240020][ T8485] tpg source WxH: 320x240 (Y'CbCr) [ 233.250645][ T8485] tpg field: 1 [ 233.401319][ T8485] tpg crop: (0,0)/320x240 [ 233.439916][ T8485] tpg compose: (0,0)/320x240 [ 233.448181][ T8485] tpg colorspace: 8 [ 233.461076][ T8485] tpg transfer function: 0/0 [ 233.478188][ T8485] tpg Y'CbCr encoding: 0/0 [ 233.489171][ T8485] tpg quantization: 0/0 [ 233.497175][ T8485] tpg RGB range: 0/2 [ 233.510440][ T8485] vivid-007: ================== END STATUS ================== [ 233.998153][ T8501] vivid-007: ================= START STATUS ================= [ 234.027265][ T8501] vivid-007: Generate PTS: true [ 234.040608][ T8501] vivid-007: Generate SCR: true [ 234.087250][ T8501] tpg source WxH: 320x240 (Y'CbCr) [ 234.092418][ T8501] tpg field: 1 [ 234.097114][ T8501] tpg crop: (0,0)/320x240 [ 234.101479][ T8501] tpg compose: (0,0)/320x240 [ 234.172613][ T8501] tpg colorspace: 8 [ 234.176610][ T8501] tpg transfer function: 0/0 [ 234.181294][ T8501] tpg Y'CbCr encoding: 0/0 [ 234.185792][ T8501] tpg quantization: 0/0 [ 234.189972][ T8501] tpg RGB range: 0/2 [ 234.193940][ T8501] vivid-007: ================== END STATUS ================== [ 234.808088][ T8500] netlink: 342 bytes leftover after parsing attributes in process `syz.1.626'. [ 235.843021][ T8526] netlink: 146 bytes leftover after parsing attributes in process `syz.0.633'. [ 235.890840][ T8526] vivid-007: ================= START STATUS ================= [ 235.899321][ T8526] vivid-007: Generate PTS: true [ 235.904582][ T8526] vivid-007: Generate SCR: true [ 235.914528][ T8526] tpg source WxH: 320x240 (Y'CbCr) [ 235.919666][ T8526] tpg field: 1 [ 235.923045][ T8526] tpg crop: (0,0)/320x240 [ 235.927877][ T8526] tpg compose: (0,0)/320x240 [ 235.932489][ T8526] tpg colorspace: 8 [ 235.937400][ T8526] tpg transfer function: 0/0 [ 235.942873][ T8526] tpg Y'CbCr encoding: 0/0 [ 235.948069][ T8526] tpg quantization: 0/0 [ 235.952393][ T8526] tpg RGB range: 0/2 [ 235.962650][ T8526] vivid-007: ================== END STATUS ================== [ 235.973576][ T8528] vivid-007: ================= START STATUS ================= [ 235.981751][ T8528] vivid-007: Generate PTS: true [ 236.004282][ T8528] vivid-007: Generate SCR: true [ 236.014540][ T8528] tpg source WxH: 320x240 (Y'CbCr) [ 236.025385][ T8528] tpg field: 1 [ 236.029109][ T8528] tpg crop: (0,0)/320x240 [ 236.036161][ T8528] tpg compose: (0,0)/320x240 [ 236.040846][ T8528] tpg colorspace: 8 [ 236.050755][ T8528] tpg transfer function: 0/0 [ 236.061162][ T8528] tpg Y'CbCr encoding: 0/0 [ 236.074886][ T8528] tpg quantization: 0/0 [ 236.079103][ T8528] tpg RGB range: 0/2 [ 236.086396][ T8528] vivid-007: ================== END STATUS ================== [ 237.500780][ T8550] netlink: 342 bytes leftover after parsing attributes in process `syz.2.640'. [ 238.001256][ T8568] netlink: 342 bytes leftover after parsing attributes in process `syz.3.644'. [ 238.445685][ T8572] netlink: 342 bytes leftover after parsing attributes in process `syz.1.645'. [ 239.010850][ T8581] vivid-007: ================= START STATUS ================= [ 239.034375][ T8581] vivid-007: Generate PTS: true [ 239.039835][ T8581] vivid-007: Generate SCR: true [ 239.053393][ T8581] tpg source WxH: 320x240 (Y'CbCr) [ 239.070855][ T8581] tpg field: 1 [ 239.097840][ T8581] tpg crop: (0,0)/320x240 [ 239.111744][ T8581] tpg compose: (0,0)/320x240 [ 239.118522][ T8581] tpg colorspace: 8 [ 239.123704][ T8581] tpg transfer function: 0/0 [ 239.134942][ T8581] tpg Y'CbCr encoding: 0/0 [ 239.150056][ T8581] tpg quantization: 0/0 [ 239.175947][ T8581] tpg RGB range: 0/2 [ 239.179896][ T8581] vivid-007: ================== END STATUS ================== [ 240.892821][ T8608] netlink: 342 bytes leftover after parsing attributes in process `syz.1.655'. [ 241.477366][ T8636] netlink: 4 bytes leftover after parsing attributes in process `syz.0.659'. [ 241.624589][ T8644] vivid-007: ================= START STATUS ================= [ 241.632585][ T8644] vivid-007: Generate PTS: true [ 241.661890][ T8644] vivid-007: Generate SCR: true [ 241.667116][ T8644] tpg source WxH: 320x240 (Y'CbCr) [ 241.672254][ T8644] tpg field: 1 [ 241.688757][ T8644] tpg crop: (0,0)/320x240 [ 241.693225][ T8644] tpg compose: (0,0)/320x240 [ 241.721022][ T8644] tpg colorspace: 8 [ 241.725164][ T8644] tpg transfer function: 0/0 [ 241.731993][ T8644] tpg Y'CbCr encoding: 0/0 [ 241.753951][ T8644] tpg quantization: 0/0 [ 241.768588][ T8644] tpg RGB range: 0/2 [ 241.779815][ T8644] vivid-007: ================== END STATUS ================== [ 242.114695][ T8647] netlink: 342 bytes leftover after parsing attributes in process `syz.3.661'. [ 244.241909][ T8695] vivid-007: ================= START STATUS ================= [ 244.251202][ T8695] vivid-007: Generate PTS: true [ 244.257510][ T8695] vivid-007: Generate SCR: true [ 244.263650][ T8695] tpg source WxH: 320x240 (Y'CbCr) [ 244.269330][ T8695] tpg field: 1 [ 244.272784][ T8695] tpg crop: (0,0)/320x240 [ 244.277585][ T8695] tpg compose: (0,0)/320x240 [ 244.282264][ T8695] tpg colorspace: 8 [ 244.286619][ T8695] tpg transfer function: 0/0 [ 244.291309][ T8695] tpg Y'CbCr encoding: 0/0 [ 244.296766][ T8695] tpg quantization: 0/0 [ 244.301219][ T8695] tpg RGB range: 0/2 [ 244.314873][ T8695] vivid-007: ================== END STATUS ================== [ 244.554508][ T8704] FAULT_INJECTION: forcing a failure. [ 244.554508][ T8704] name fail_futex, interval 1, probability 0, space 0, times 0 [ 244.568299][ T8704] CPU: 0 UID: 0 PID: 8704 Comm: syz.0.673 Not tainted syzkaller #0 PREEMPT(full) [ 244.568336][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 244.568362][ T8704] Call Trace: [ 244.568371][ T8704] [ 244.568381][ T8704] dump_stack_lvl+0x16c/0x1f0 [ 244.568419][ T8704] should_fail_ex+0x512/0x640 [ 244.568462][ T8704] should_fail_futex+0x4c/0x60 [ 244.568493][ T8704] futex_lock_pi_atomic+0x148/0xd50 [ 244.568538][ T8704] futex_lock_pi+0x23f/0x7c0 [ 244.568581][ T8704] ? __pfx_futex_lock_pi+0x10/0x10 [ 244.568621][ T8704] ? css_rstat_updated+0x1c2/0x510 [ 244.568652][ T8704] ? __pfx_css_rstat_updated+0x10/0x10 [ 244.568711][ T8704] ? find_held_lock+0x2b/0x80 [ 244.568743][ T8704] ? __pfx_futex_wake_mark+0x10/0x10 [ 244.568790][ T8704] ? rcu_is_watching+0x12/0xc0 [ 244.568818][ T8704] ? trace_sched_exit_tp+0xd1/0x120 [ 244.568855][ T8704] ? __schedule+0x11a3/0x5de0 [ 244.568889][ T8704] do_futex+0x11a/0x350 [ 244.568923][ T8704] ? __pfx_do_futex+0x10/0x10 [ 244.568967][ T8704] __x64_sys_futex+0x1e0/0x4c0 [ 244.569003][ T8704] ? handle_softirqs+0x5be/0x8e0 [ 244.569031][ T8704] ? __pfx___x64_sys_futex+0x10/0x10 [ 244.569065][ T8704] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 244.569116][ T8704] do_syscall_64+0xcd/0xfa0 [ 244.569149][ T8704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 244.569175][ T8704] RIP: 0033:0x7f28d9d8f6c9 [ 244.569196][ T8704] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 244.569219][ T8704] RSP: 002b:00007f28dad01038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 244.569244][ T8704] RAX: ffffffffffffffda RBX: 00007f28d9fe5fa0 RCX: 00007f28d9d8f6c9 [ 244.569261][ T8704] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 244.569275][ T8704] RBP: 00007f28d9e11f91 R08: 0000000000000000 R09: 000000008000fff5 [ 244.569290][ T8704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 244.569304][ T8704] R13: 00007f28d9fe6038 R14: 00007f28d9fe5fa0 R15: 00007fff82fb21f8 [ 244.569340][ T8704] [ 244.780001][ C0] vkms_vblank_simulate: vblank timer overrun [ 246.175194][ T8723] netlink: 342 bytes leftover after parsing attributes in process `syz.3.676'. [ 248.287154][ T8768] netlink: 342 bytes leftover after parsing attributes in process `syz.3.684'. [ 248.297847][ T8768] netlink: 342 bytes leftover after parsing attributes in process `syz.3.684'. [ 248.310185][ T8768] netlink: 306 bytes leftover after parsing attributes in process `syz.3.684'. [ 248.695664][ T8774] vivid-007: ================= START STATUS ================= [ 248.714331][ T8774] vivid-007: Generate PTS: true [ 248.719252][ T8774] vivid-007: Generate SCR: true [ 248.724099][ T8774] tpg source WxH: 320x240 (Y'CbCr) [ 248.734589][ T8774] tpg field: 1 [ 248.755177][ T8774] tpg crop: (0,0)/320x240 [ 248.795146][ T8774] tpg compose: (0,0)/320x240 [ 248.799763][ T8774] tpg colorspace: 8 [ 248.803551][ T8774] tpg transfer function: 0/0 [ 248.834703][ T8774] tpg Y'CbCr encoding: 0/0 [ 248.839253][ T8774] tpg quantization: 0/0 [ 248.843428][ T8774] tpg RGB range: 0/2 [ 248.847443][ T8774] vivid-007: ================== END STATUS ================== [ 248.924969][ T8770] netlink: 342 bytes leftover after parsing attributes in process `syz.3.685'. [ 249.016453][ T8783] FAULT_INJECTION: forcing a failure. [ 249.016453][ T8783] name failslab, interval 1, probability 0, space 0, times 0 [ 249.029535][ T8783] CPU: 0 UID: 0 PID: 8783 Comm: syz.0.689 Not tainted syzkaller #0 PREEMPT(full) [ 249.029555][ T8783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 249.029564][ T8783] Call Trace: [ 249.029570][ T8783] [ 249.029576][ T8783] dump_stack_lvl+0x16c/0x1f0 [ 249.029599][ T8783] should_fail_ex+0x512/0x640 [ 249.029621][ T8783] ? fs_reclaim_acquire+0xae/0x150 [ 249.029642][ T8783] should_failslab+0xc2/0x120 [ 249.029661][ T8783] __kmalloc_noprof+0xdd/0x880 [ 249.029683][ T8783] ? kfree+0x252/0x6d0 [ 249.029694][ T8783] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 249.029715][ T8783] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 249.029730][ T8783] tomoyo_realpath_from_path+0xc2/0x6e0 [ 249.029752][ T8783] tomoyo_check_open_permission+0x2ab/0x3c0 [ 249.029767][ T8783] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 249.029809][ T8783] ? do_raw_spin_lock+0x12c/0x2b0 [ 249.029836][ T8783] tomoyo_file_open+0x6b/0x90 [ 249.029855][ T8783] security_file_open+0x84/0x1e0 [ 249.029870][ T8783] do_dentry_open+0x596/0x1530 [ 249.029892][ T8783] vfs_open+0x82/0x3f0 [ 249.029925][ T8783] path_openat+0x1de4/0x2cb0 [ 249.029948][ T8783] ? __pfx_path_openat+0x10/0x10 [ 249.029966][ T8783] ? __lock_acquire+0xb8a/0x1c90 [ 249.029988][ T8783] do_filp_open+0x20b/0x470 [ 249.030004][ T8783] ? __pfx_do_filp_open+0x10/0x10 [ 249.030035][ T8783] ? alloc_fd+0x471/0x7d0 [ 249.030055][ T8783] do_sys_openat2+0x11b/0x1d0 [ 249.030075][ T8783] ? __pfx_do_sys_openat2+0x10/0x10 [ 249.030103][ T8783] __x64_sys_openat+0x174/0x210 [ 249.030123][ T8783] ? __pfx___x64_sys_openat+0x10/0x10 [ 249.030151][ T8783] do_syscall_64+0xcd/0xfa0 [ 249.030170][ T8783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.030184][ T8783] RIP: 0033:0x7f28d9d8f6c9 [ 249.030196][ T8783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.030209][ T8783] RSP: 002b:00007f28dad01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 249.030223][ T8783] RAX: ffffffffffffffda RBX: 00007f28d9fe5fa0 RCX: 00007f28d9d8f6c9 [ 249.030232][ T8783] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 249.030240][ T8783] RBP: 00007f28d9e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 249.030248][ T8783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 249.030257][ T8783] R13: 00007f28d9fe6038 R14: 00007f28d9fe5fa0 R15: 00007fff82fb21f8 [ 249.030277][ T8783] [ 249.030284][ T8783] ERROR: Out of memory at tomoyo_realpath_from_path. [ 249.376072][ T8781] Line length is too long: Should be less than 4094 [ 249.951196][ T8791] netlink: 342 bytes leftover after parsing attributes in process `syz.1.690'. [ 250.598357][ T8809] netlink: 342 bytes leftover after parsing attributes in process `syz.0.694'. [ 250.615309][ T8809] netlink: 342 bytes leftover after parsing attributes in process `syz.0.694'. [ 250.884612][ T8809] netlink: 218 bytes leftover after parsing attributes in process `syz.0.694'. [ 255.499675][ T8874] netlink: 342 bytes leftover after parsing attributes in process `syz.2.708'. [ 255.708975][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.716504][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.455262][ T8893] netlink: 342 bytes leftover after parsing attributes in process `syz.3.712'. [ 258.741166][ T8950] binder: 8949:8950 ioctl c00c6211 0 returned -14 [ 258.968859][ T8957] Invalid ELF header magic: != ELF [ 259.446179][ T8959] Invalid ELF header magic: != ELF [ 260.423839][ T8967] netlink: 342 bytes leftover after parsing attributes in process `syz.1.725'. [ 261.216768][ T8988] FAULT_INJECTION: forcing a failure. [ 261.216768][ T8988] name fail_futex, interval 1, probability 0, space 0, times 0 [ 261.254561][ T8988] CPU: 1 UID: 0 PID: 8988 Comm: syz.1.730 Not tainted syzkaller #0 PREEMPT(full) [ 261.254584][ T8988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 261.254592][ T8988] Call Trace: [ 261.254597][ T8988] [ 261.254603][ T8988] dump_stack_lvl+0x16c/0x1f0 [ 261.254626][ T8988] should_fail_ex+0x512/0x640 [ 261.254651][ T8988] get_futex_key+0x1d0/0x1560 [ 261.254672][ T8988] ? __pfx_get_futex_key+0x10/0x10 [ 261.254691][ T8988] ? __pfx___schedule+0x10/0x10 [ 261.254706][ T8988] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 261.254726][ T8988] futex_wait_setup+0x9d/0x550 [ 261.254744][ T8988] __futex_wait+0x193/0x2f0 [ 261.254758][ T8988] ? __pfx___futex_wait+0x10/0x10 [ 261.254774][ T8988] ? __pfx_futex_wake_mark+0x10/0x10 [ 261.254798][ T8988] ? find_held_lock+0x2b/0x80 [ 261.254815][ T8988] ? futex_private_hash_put+0xd5/0x190 [ 261.254834][ T8988] futex_wait+0xe8/0x380 [ 261.254846][ T8988] ? __pfx_futex_wait+0x10/0x10 [ 261.254864][ T8988] ? ksys_write+0x190/0x250 [ 261.254883][ T8988] do_futex+0x229/0x350 [ 261.254902][ T8988] ? __pfx_do_futex+0x10/0x10 [ 261.254919][ T8988] ? __fget_files+0x204/0x3c0 [ 261.254937][ T8988] __x64_sys_futex+0x1e0/0x4c0 [ 261.254966][ T8988] ? __pfx___x64_sys_futex+0x10/0x10 [ 261.254986][ T8988] ? xfd_validate_state+0x61/0x180 [ 261.255006][ T8988] ? __sys_setsockopt+0x140/0x1a0 [ 261.255025][ T8988] do_syscall_64+0xcd/0xfa0 [ 261.255043][ T8988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.255057][ T8988] RIP: 0033:0x7f92fa98f6c9 [ 261.255069][ T8988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.255083][ T8988] RSP: 002b:00007f92fb8bc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 261.255096][ T8988] RAX: ffffffffffffffda RBX: 00007f92fabe5fa8 RCX: 00007f92fa98f6c9 [ 261.255105][ T8988] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f92fabe5fa8 [ 261.255113][ T8988] RBP: 00007f92fabe5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 261.255121][ T8988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.255129][ T8988] R13: 00007f92fabe6038 R14: 00007ffd789978d0 R15: 00007ffd789979b8 [ 261.255148][ T8988] [ 261.631147][ T8987] netlink: 342 bytes leftover after parsing attributes in process `syz.2.729'. [ 262.237632][ T9004] binder: 9003:9004 ioctl c00c6211 0 returned -14 [ 263.113926][ T9015] netlink: 334 bytes leftover after parsing attributes in process `syz.3.736'. [ 264.647542][ T9042] netlink: 342 bytes leftover after parsing attributes in process `syz.1.742'. [ 264.680644][ T9027] netlink: 342 bytes leftover after parsing attributes in process `syz.3.738'. [ 264.688522][ T9042] netlink: 342 bytes leftover after parsing attributes in process `syz.1.742'. [ 264.707828][ T9042] netlink: 306 bytes leftover after parsing attributes in process `syz.1.742'. [ 265.481650][ T9056] binder: 9052:9056 ioctl c00c6211 0 returned -14 [ 266.679351][ T9077] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84 [ 267.112274][ T9078] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input85 [ 267.472626][ T9080] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 267.494648][ T9080] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 267.602392][ T9080] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 267.618426][ T9080] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 267.627344][ T9080] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 267.635584][ T9080] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 267.711324][ T9080] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 267.730968][ T9080] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 268.538828][ T9091] netlink: 342 bytes leftover after parsing attributes in process `syz.2.751'. [ 268.894271][ T5151] Bluetooth: hci0: command 0x0406 tx timeout [ 269.614341][ T5151] Bluetooth: hci1: command 0x0406 tx timeout [ 269.694228][ T5151] Bluetooth: hci2: command 0x0406 tx timeout [ 269.774260][ T5151] Bluetooth: hci3: command 0x0406 tx timeout [ 270.106999][ T9109] netlink: 342 bytes leftover after parsing attributes in process `syz.1.754'. [ 270.165274][ T9114] netlink: 342 bytes leftover after parsing attributes in process `syz.0.764'. [ 270.974865][ T5151] Bluetooth: hci0: command 0x0406 tx timeout [ 271.137773][ T9143] Invalid ELF header magic: != ELF [ 271.698530][ T5151] Bluetooth: hci1: command 0x0406 tx timeout [ 271.774251][ T5151] Bluetooth: hci2: command 0x0406 tx timeout [ 271.857807][ T5151] Bluetooth: hci3: command 0x0406 tx timeout [ 271.889637][ T9144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.202588][ T9138] Invalid ELF header magic: != ELF [ 272.606233][ T9161] vivid-007: ================= START STATUS ================= [ 272.613889][ T9161] vivid-007: Generate PTS: true [ 272.664992][ T9161] vivid-007: Generate SCR: true [ 272.676737][ T9161] tpg source WxH: 320x240 (Y'CbCr) [ 272.685090][ T9161] tpg field: 1 [ 272.692006][ T9161] tpg crop: (0,0)/320x240 [ 272.713450][ T9161] tpg compose: (0,0)/320x240 [ 272.808498][ T9161] tpg colorspace: 8 [ 272.849472][ T9161] tpg transfer function: 0/0 [ 272.873671][ T1123] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.925501][ T9161] tpg Y'CbCr encoding: 0/0 [ 272.930052][ T9161] tpg quantization: 0/0 [ 272.952810][ T9161] tpg RGB range: 0/2 [ 272.968421][ T9161] vivid-007: ================== END STATUS ================== [ 272.994306][ T9162] FAULT_INJECTION: forcing a failure. [ 272.994306][ T9162] name failslab, interval 1, probability 0, space 0, times 0 [ 273.027733][ T9162] CPU: 0 UID: 0 PID: 9162 Comm: syz.1.763 Not tainted syzkaller #0 PREEMPT(full) [ 273.027755][ T9162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 273.027764][ T9162] Call Trace: [ 273.027769][ T9162] [ 273.027775][ T9162] dump_stack_lvl+0x16c/0x1f0 [ 273.027797][ T9162] should_fail_ex+0x512/0x640 [ 273.027819][ T9162] ? __kmalloc_cache_noprof+0x5f/0x780 [ 273.027835][ T9162] should_failslab+0xc2/0x120 [ 273.027855][ T9162] __kmalloc_cache_noprof+0x72/0x780 [ 273.027868][ T9162] ? __vb2_init_fileio+0x253/0x1100 [ 273.027882][ T9162] ? mark_held_locks+0x49/0x80 [ 273.027903][ T9162] ? __vb2_init_fileio+0x253/0x1100 [ 273.027915][ T9162] __vb2_init_fileio+0x253/0x1100 [ 273.027927][ T9162] ? __mutex_lock+0x1c5/0x1060 [ 273.027945][ T9162] ? vb2_fop_read+0xe6/0x3e0 [ 273.027970][ T9162] __vb2_perform_fileio+0x9c2/0x1660 [ 273.027988][ T9162] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 273.028002][ T9162] ? get_pid_task+0xfc/0x250 [ 273.028025][ T9162] vb2_fop_read+0x215/0x3e0 [ 273.028043][ T9162] ? common_file_perm+0x1a9/0x340 [ 273.028061][ T9162] v4l2_read+0x229/0x360 [ 273.028077][ T9162] ? __pfx_v4l2_read+0x10/0x10 [ 273.028093][ T9162] vfs_read+0x1e4/0xcf0 [ 273.028113][ T9162] ? __pfx_vfs_read+0x10/0x10 [ 273.028126][ T9162] ? find_held_lock+0x2b/0x80 [ 273.028140][ T9162] ? __fget_files+0x204/0x3c0 [ 273.028158][ T9162] ? __fget_files+0x20e/0x3c0 [ 273.028178][ T9162] ksys_read+0x12a/0x250 [ 273.028192][ T9162] ? __pfx_ksys_read+0x10/0x10 [ 273.028213][ T9162] do_syscall_64+0xcd/0xfa0 [ 273.028232][ T9162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.028246][ T9162] RIP: 0033:0x7f92fa98f6c9 [ 273.028258][ T9162] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.028272][ T9162] RSP: 002b:00007f92fb89b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 273.028285][ T9162] RAX: ffffffffffffffda RBX: 00007f92fabe6090 RCX: 00007f92fa98f6c9 [ 273.028294][ T9162] RDX: 0000000000000028 RSI: 0000200000000280 RDI: 0000000000000003 [ 273.028303][ T9162] RBP: 00007f92fb89b090 R08: 0000000000000000 R09: 0000000000000000 [ 273.028311][ T9162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 273.028319][ T9162] R13: 00007f92fabe6128 R14: 00007f92fabe6090 R15: 00007ffd789979b8 [ 273.028345][ T9162] [ 273.373921][ T1123] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.567565][ T5835] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 273.626294][ T1123] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.841056][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 273.881312][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 273.924850][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 273.942219][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 274.016300][ T1123] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.568466][ T9175] netlink: 342 bytes leftover after parsing attributes in process `syz.3.768'. [ 274.643713][ T1123] bridge_slave_1: left allmulticast mode [ 274.687751][ T1123] bridge_slave_1: left promiscuous mode [ 274.871485][ T1123] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.005496][ T1123] bridge_slave_0: left allmulticast mode [ 275.064099][ T1123] bridge_slave_0: left promiscuous mode [ 275.074455][ T1123] bridge0: port 1(bridge_slave_0) entered disabled state [ 276.024289][ T5151] Bluetooth: hci3: command tx timeout [ 276.225608][ T1123] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 276.252602][ T1123] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 276.274509][ T1123] bond0 (unregistering): Released all slaves [ 276.283706][ T9212] netlink: 342 bytes leftover after parsing attributes in process `syz.0.772'. [ 277.275902][ T9171] chnl_net:caif_netlink_parms(): no params data found [ 278.094427][ T5151] Bluetooth: hci3: command tx timeout [ 278.287061][ T9171] bridge0: port 1(bridge_slave_0) entered blocking state [ 278.324743][ T9171] bridge0: port 1(bridge_slave_0) entered disabled state [ 278.334714][ T9171] bridge_slave_0: entered allmulticast mode [ 278.342072][ T9171] bridge_slave_0: entered promiscuous mode [ 278.358153][ T9171] bridge0: port 2(bridge_slave_1) entered blocking state [ 278.366790][ T9171] bridge0: port 2(bridge_slave_1) entered disabled state [ 278.374026][ T9171] bridge_slave_1: entered allmulticast mode [ 278.384333][ T9171] bridge_slave_1: entered promiscuous mode [ 278.630080][ T9171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 278.828002][ T9171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 279.010488][ T9171] team0: Port device team_slave_0 added [ 279.109074][ T9171] team0: Port device team_slave_1 added [ 279.226617][ T9171] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 279.246164][ T9171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 279.274981][ T9171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 279.334059][ T9171] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 279.367833][ T9171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 279.395072][ T9171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 279.752000][ T9171] hsr_slave_0: entered promiscuous mode [ 279.763607][ T9171] hsr_slave_1: entered promiscuous mode [ 280.013137][ T9171] debugfs: 'hsr0' already exists in 'hsr' [ 280.049643][ T9171] Cannot create hsr debugfs directory [ 280.174288][ T5151] Bluetooth: hci3: command tx timeout [ 280.269292][ T1123] hsr_slave_0: left promiscuous mode [ 280.420347][ T1123] hsr_slave_1: left promiscuous mode [ 280.511072][ T1123] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 280.564920][ T1123] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 280.597122][ T1123] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 280.610252][ T1123] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 280.698343][ T1123] veth1_macvtap: left promiscuous mode [ 280.726582][ T1123] veth0_macvtap: left promiscuous mode [ 280.732216][ T1123] veth1_vlan: left promiscuous mode [ 280.737747][ T1123] veth0_vlan: left promiscuous mode [ 281.631186][ T1123] team0 (unregistering): Port device team_slave_1 removed [ 281.664485][ T1123] team0 (unregistering): Port device team_slave_0 removed [ 282.266657][ T5151] Bluetooth: hci3: command tx timeout [ 283.382976][ T9171] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 283.681149][ T9313] netlink: 342 bytes leftover after parsing attributes in process `syz.1.781'. [ 283.753429][ T9171] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 283.795002][ T9171] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 283.873914][ T9171] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 284.943729][ T9171] 8021q: adding VLAN 0 to HW filter on device bond0 [ 285.047274][ T9171] 8021q: adding VLAN 0 to HW filter on device team0 [ 285.126357][ T1123] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.133555][ T1123] bridge0: port 1(bridge_slave_0) entered forwarding state [ 285.201766][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.208943][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state [ 285.543218][ T30] audit: type=1804 audit(1763454895.102:4): pid=9376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.788" name="/newroot/sys/kernel/tracing/per_cpu/cpu1/trace" dev="tracefs" ino=264 res=1 errno=0 [ 286.512813][ T9171] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 286.642660][ T9171] veth0_vlan: entered promiscuous mode [ 286.660725][ T9171] veth1_vlan: entered promiscuous mode [ 286.747105][ T9171] veth0_macvtap: entered promiscuous mode [ 286.807011][ T9171] veth1_macvtap: entered promiscuous mode [ 287.028073][ T9171] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 287.083462][ T9171] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 287.178983][ T1111] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.196624][ T1111] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.484743][ T1111] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.493788][ T1111] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.918735][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.968075][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 288.045992][ T9418] netlink: 342 bytes leftover after parsing attributes in process `syz.0.793'. [ 288.096222][ T9418] netlink: 218 bytes leftover after parsing attributes in process `syz.0.793'. [ 288.179928][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 288.192587][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 288.274648][ T9427] netlink: 342 bytes leftover after parsing attributes in process `syz.0.796'. [ 288.312073][ T9427] netlink: 218 bytes leftover after parsing attributes in process `syz.0.796'. [ 288.595452][ T9436] vivid-009: ================= START STATUS ================= [ 288.623548][ T9436] vivid-009: RDS Tx I/O Mode: Controls [ 288.649876][ T9436] vivid-009: RDS Program ID: 32904 [ 288.660731][ T9436] vivid-009: RDS Program Type: 3 [ 288.672415][ T9436] vivid-009: RDS PS Name: VIVID-TX [ 288.686636][ T9436] vivid-009: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 288.774362][ T9436] vivid-009: RDS Stereo: true [ 288.781674][ T9436] vivid-009: RDS Artificial Head: false [ 288.814991][ T9436] vivid-009: RDS Compressed: false [ 288.874871][ T9436] vivid-009: RDS Dynamic PTY: false [ 288.887677][ T9436] vivid-009: RDS Traffic Announcement: false [ 288.893736][ T9436] vivid-009: RDS Traffic Program: true [ 288.931246][ T9436] vivid-009: RDS Music: true [ 288.939583][ T9436] vivid-009: ================== END STATUS ================== [ 290.549177][ T9483] netlink: 342 bytes leftover after parsing attributes in process `syz.1.802'. [ 291.915295][ T9511] netlink: 342 bytes leftover after parsing attributes in process `syz.1.805'. [ 291.968309][ T9511] netlink: 306 bytes leftover after parsing attributes in process `syz.1.805'. [ 292.577193][ T9517] netlink: 342 bytes leftover after parsing attributes in process `syz.1.806'. [ 292.670939][ T9517] netlink: 306 bytes leftover after parsing attributes in process `syz.1.806'. [ 294.075295][ T9540] netlink: 342 bytes leftover after parsing attributes in process `syz.1.812'. [ 294.955526][ T9547] netlink: 342 bytes leftover after parsing attributes in process `syz.3.815'. [ 297.751971][ T9606] netlink: 342 bytes leftover after parsing attributes in process `syz.0.828'. [ 299.642461][ T9626] nvme_fcloop: unknown parameter or missing value '7' [ 299.700900][ T9628] vivid-009: ================= START STATUS ================= [ 299.718958][ T9628] vivid-009: RDS Tx I/O Mode: Controls [ 299.728284][ T9628] vivid-009: RDS Program ID: 32904 [ 299.733537][ T9628] vivid-009: RDS Program Type: 3 [ 299.745241][ T9615] netlink: 342 bytes leftover after parsing attributes in process `syz.0.830'. [ 299.754275][ T9628] vivid-009: RDS PS Name: VIVID-TX [ 299.759387][ T9628] vivid-009: RDS Radio Text: This is a VIVID default Radio Text template text, change at will [ 299.797688][ T9628] vivid-009: RDS Stereo: true [ 299.802437][ T9628] vivid-009: RDS Artificial Head: false [ 299.808279][ T9628] vivid-009: RDS Compressed: false [ 299.813428][ T9628] vivid-009: RDS Dynamic PTY: false [ 299.818823][ T9628] vivid-009: RDS Traffic Announcement: false [ 299.824952][ T9628] vivid-009: RDS Traffic Program: true [ 299.830523][ T9628] vivid-009: RDS Music: true [ 299.835326][ T9628] vivid-009: ================== END STATUS ================== [ 299.957247][ T9635] vivid-007: ================= START STATUS ================= [ 300.234854][ T9635] vivid-007: Generate PTS: true [ 300.244421][ T9635] vivid-007: Generate SCR: true [ 300.255478][ T9635] tpg source WxH: 320x240 (Y'CbCr) [ 300.260631][ T9635] tpg field: 1 [ 300.289722][ T9635] tpg crop: (0,0)/320x240 [ 300.355834][ T9635] tpg compose: (0,0)/320x240 [ 300.360654][ T9635] tpg colorspace: 8 [ 300.368195][ T9635] tpg transfer function: 0/0 [ 300.386914][ T9635] tpg Y'CbCr encoding: 0/0 [ 300.421053][ T9635] tpg quantization: 0/0 [ 300.425337][ T9635] tpg RGB range: 0/2 [ 300.431710][ T9635] vivid-007: ================== END STATUS ================== [ 301.015128][ T9644] netlink: 342 bytes leftover after parsing attributes in process `syz.3.840'. [ 301.062520][ T9642] netlink: 342 bytes leftover after parsing attributes in process `syz.0.838'. [ 302.241060][ T9665] can: request_module (can-proto-0) failed. [ 302.702075][ T9681] netlink: 342 bytes leftover after parsing attributes in process `syz.3.845'. [ 305.015074][ T9709] netlink: 342 bytes leftover after parsing attributes in process `syz.1.851'. [ 305.580977][ T9714] netlink: 342 bytes leftover after parsing attributes in process `syz.3.852'. [ 306.493067][ T9735] vivid-007: ================= START STATUS ================= [ 306.553291][ T9735] vivid-007: Generate PTS: true [ 306.558569][ T9735] vivid-007: Generate SCR: true [ 306.603715][ T9735] tpg source WxH: 320x240 (Y'CbCr) [ 306.609237][ T9735] tpg field: 1 [ 306.613006][ T9735] tpg crop: (0,0)/320x240 [ 306.618049][ T9735] tpg compose: (0,0)/320x240 [ 306.635581][ T9735] tpg colorspace: 8 [ 306.654788][ T9735] tpg transfer function: 0/0 [ 306.659595][ T9735] tpg Y'CbCr encoding: 0/0 [ 306.670981][ T9735] tpg quantization: 0/0 [ 306.681324][ T9735] tpg RGB range: 0/2 [ 306.688966][ T9735] vivid-007: ================== END STATUS ================== [ 306.975323][ T9753] netlink: 342 bytes leftover after parsing attributes in process `syz.0.860'. [ 307.582910][ T9762] bond0: option lp_interval: invalid value () [ 307.665688][ T9762] bond0: option lp_interval: allowed values 1 - 2147483647 [ 308.445187][ T9779] syz.1.865 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 312.153504][ T9849] bond0: option lp_interval: invalid value () [ 312.196191][ T9849] bond0: option lp_interval: allowed values 1 - 2147483647 [ 312.603272][ T9852] netlink: 342 bytes leftover after parsing attributes in process `syz.2.877'. [ 314.308988][ T9891] netlink: 342 bytes leftover after parsing attributes in process `syz.3.886'. [ 314.549212][ T9899] netlink: 342 bytes leftover after parsing attributes in process `syz.2.887'. [ 316.663624][ T9938] netlink: 342 bytes leftover after parsing attributes in process `syz.1.897'. [ 316.770980][ T9940] vivid-007: ================= START STATUS ================= [ 316.834955][ T9940] vivid-007: Generate PTS: true [ 316.863196][ T9940] vivid-007: Generate SCR: true [ 316.885314][ T9940] tpg source WxH: 320x240 (Y'CbCr) [ 316.935534][ T9940] tpg field: 1 [ 316.947612][ T9940] tpg crop: (0,0)/320x240 [ 316.968684][ T9940] tpg compose: (0,0)/320x240 [ 316.973329][ T9940] tpg colorspace: 8 [ 316.986975][ T9940] tpg transfer function: 0/0 [ 317.048400][ T9940] tpg Y'CbCr encoding: 0/0 [ 317.058828][ T9940] tpg quantization: 0/0 [ 317.063007][ T9940] tpg RGB range: 0/2 [ 317.116430][ T9940] vivid-007: ================== END STATUS ================== [ 317.152417][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.168166][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.722870][ T9965] vivid-007: ================= START STATUS ================= [ 317.741121][ T9965] vivid-007: Generate PTS: true [ 317.826075][ T9965] vivid-007: Generate SCR: true [ 317.871656][ T9965] tpg source WxH: 320x240 (Y'CbCr) [ 317.886326][ T9965] tpg field: 1 [ 317.937714][ T9965] tpg crop: (0,0)/320x240 [ 317.961460][ T9965] tpg compose: (0,0)/320x240 [ 317.975291][ T9965] tpg colorspace: 8 [ 317.991612][ T9965] tpg transfer function: 0/0 [ 318.054904][ T9965] tpg Y'CbCr encoding: 0/0 [ 318.059341][ T9965] tpg quantization: 0/0 [ 318.063478][ T9965] tpg RGB range: 0/2 [ 318.067518][ T9965] vivid-007: ================== END STATUS ================== [ 319.562442][ T9993] netlink: 342 bytes leftover after parsing attributes in process `syz.2.907'. [ 321.238984][T10015] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 322.469786][T10021] netlink: 342 bytes leftover after parsing attributes in process `syz.1.912'. [ 325.785670][T10075] syz.2.926 uses obsolete (PF_INET,SOCK_PACKET) [ 329.688812][T10133] vivid-007: ================= START STATUS ================= [ 329.696961][T10133] vivid-007: Generate PTS: true [ 329.702251][T10133] vivid-007: Generate SCR: true [ 329.726404][T10133] tpg source WxH: 320x240 (Y'CbCr) [ 329.732308][T10133] tpg field: 1 [ 329.736140][T10133] tpg crop: (0,0)/320x240 [ 329.740671][T10133] tpg compose: (0,0)/320x240 [ 329.750326][T10133] tpg colorspace: 8 [ 329.754544][T10133] tpg transfer function: 0/0 [ 329.759121][T10133] tpg Y'CbCr encoding: 0/0 [ 329.766031][T10133] tpg quantization: 0/0 [ 329.770178][T10133] tpg RGB range: 0/2 [ 329.782691][T10133] vivid-007: ================== END STATUS ================== [ 332.314905][T10162] netlink: 342 bytes leftover after parsing attributes in process `syz.2.943'. [ 333.924029][T10194] netlink: 342 bytes leftover after parsing attributes in process `syz.0.950'. [ 334.029488][T10201] netlink: 342 bytes leftover after parsing attributes in process `syz.1.952'. [ 334.111659][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 334.123332][ T5835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 334.131238][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 334.139629][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 334.154013][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 335.069368][T10203] chnl_net:caif_netlink_parms(): no params data found [ 335.433897][T10203] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.448306][T10203] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.456097][T10203] bridge_slave_0: entered allmulticast mode [ 335.463000][T10203] bridge_slave_0: entered promiscuous mode [ 335.503368][T10203] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.554347][T10203] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.564732][T10203] bridge_slave_1: entered allmulticast mode [ 335.572602][T10203] bridge_slave_1: entered promiscuous mode [ 335.975427][T10203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 336.005495][T10203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 336.080167][T10216] netlink: 342 bytes leftover after parsing attributes in process `syz.2.954'. [ 336.254434][ T5151] Bluetooth: hci4: command tx timeout [ 336.525542][ T3481] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.577595][T10239] netlink: 342 bytes leftover after parsing attributes in process `syz.2.958'. [ 336.588490][T10203] team0: Port device team_slave_0 added [ 336.597396][T10203] team0: Port device team_slave_1 added [ 336.672758][ T3481] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 336.678837][T10242] FAULT_INJECTION: forcing a failure. [ 336.678837][T10242] name failslab, interval 1, probability 0, space 0, times 0 [ 336.695966][T10242] CPU: 0 UID: 0 PID: 10242 Comm: syz.2.959 Not tainted syzkaller #0 PREEMPT(full) [ 336.695999][T10242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 336.696013][T10242] Call Trace: [ 336.696021][T10242] [ 336.696031][T10242] dump_stack_lvl+0x16c/0x1f0 [ 336.696068][T10242] should_fail_ex+0x512/0x640 [ 336.696104][T10242] ? __kmalloc_noprof+0xca/0x880 [ 336.696146][T10242] should_failslab+0xc2/0x120 [ 336.696177][T10242] __kmalloc_noprof+0xdd/0x880 [ 336.696213][T10242] ? sk_prot_alloc+0x1a8/0x2a0 [ 336.696248][T10242] ? sk_prot_alloc+0x1a8/0x2a0 [ 336.696270][T10242] sk_prot_alloc+0x1a8/0x2a0 [ 336.696296][T10242] sk_alloc+0x36/0xc20 [ 336.696331][T10242] mISDN_sock_create+0x275/0x410 [ 336.696366][T10242] __sock_create+0x338/0x8d0 [ 336.696401][T10242] __sys_socket+0x14d/0x260 [ 336.696441][T10242] ? __pfx___sys_socket+0x10/0x10 [ 336.696472][T10242] ? xfd_validate_state+0x61/0x180 [ 336.696503][T10242] ? __pfx_ksys_write+0x10/0x10 [ 336.696532][T10242] __x64_sys_socket+0x72/0xb0 [ 336.696556][T10242] ? lockdep_hardirqs_on+0x7c/0x110 [ 336.696580][T10242] do_syscall_64+0xcd/0xfa0 [ 336.696605][T10242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.696624][T10242] RIP: 0033:0x7fa2aeb8f6c9 [ 336.696640][T10242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.696658][T10242] RSP: 002b:00007fa2afa7b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 336.696677][T10242] RAX: ffffffffffffffda RBX: 00007fa2aede5fa0 RCX: 00007fa2aeb8f6c9 [ 336.696690][T10242] RDX: 0000000000000004 RSI: 0000000000000002 RDI: 0000000000000022 [ 336.696701][T10242] RBP: 00007fa2aec11f91 R08: 0000000000000000 R09: 0000000000000000 [ 336.696713][T10242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.696724][T10242] R13: 00007fa2aede6038 R14: 00007fa2aede5fa0 R15: 00007fff816e6948 [ 336.696752][T10242] [ 336.913524][T10203] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 336.920665][T10203] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 336.957960][T10203] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 336.989873][ T3481] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.028533][T10203] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 337.036364][T10203] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 337.063684][T10203] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 337.098739][ T3481] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.175232][T10203] hsr_slave_0: entered promiscuous mode [ 337.185013][T10203] hsr_slave_1: entered promiscuous mode [ 337.807207][ T3481] bridge_slave_1: left allmulticast mode [ 337.824347][ T3481] bridge_slave_1: left promiscuous mode [ 337.834641][ T3481] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.996514][ T3481] bridge_slave_0: left allmulticast mode [ 338.002618][ T3481] bridge_slave_0: left promiscuous mode [ 338.009468][ T3481] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.336758][ T5151] Bluetooth: hci4: command tx timeout [ 338.620599][T10259] netlink: 342 bytes leftover after parsing attributes in process `syz.2.964'. [ 339.099906][ T3481] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 339.112882][ T3481] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 339.124807][ T3481] bond0 (unregistering): Released all slaves [ 339.351556][T10203] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 339.388051][T10203] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 339.408755][T10203] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 339.427672][T10203] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 340.414859][ T5151] Bluetooth: hci4: command tx timeout [ 340.567350][T10203] 8021q: adding VLAN 0 to HW filter on device bond0 [ 340.785306][T10203] 8021q: adding VLAN 0 to HW filter on device team0 [ 341.255921][ T1111] bridge0: port 1(bridge_slave_0) entered blocking state [ 341.263073][ T1111] bridge0: port 1(bridge_slave_0) entered forwarding state [ 341.285250][ T1111] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.292368][ T1111] bridge0: port 2(bridge_slave_1) entered forwarding state [ 341.583746][ T3481] hsr_slave_0: left promiscuous mode [ 341.644951][ T3481] hsr_slave_1: left promiscuous mode [ 341.675763][ T3481] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 341.683210][ T3481] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 341.715265][ T3481] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 341.774561][ T3481] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 341.797515][ T3481] veth1_macvtap: left promiscuous mode [ 341.804315][ T3481] veth0_macvtap: left promiscuous mode [ 341.810038][ T3481] veth1_vlan: left promiscuous mode [ 341.815671][ T3481] veth0_vlan: left promiscuous mode [ 342.504405][ T5151] Bluetooth: hci4: command tx timeout [ 342.987706][T10352] netlink: 342 bytes leftover after parsing attributes in process `syz.0.974'. [ 343.591803][ T3481] team0 (unregistering): Port device team_slave_1 removed [ 343.649354][ T3481] team0 (unregistering): Port device team_slave_0 removed [ 344.163209][T10203] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 344.214823][T10203] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 345.038775][T10203] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 345.737544][T10203] veth0_vlan: entered promiscuous mode [ 345.863970][T10203] veth1_vlan: entered promiscuous mode [ 346.009679][T10203] veth0_macvtap: entered promiscuous mode [ 346.024716][T10203] veth1_macvtap: entered promiscuous mode [ 346.127869][T10203] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 346.214378][T10203] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 346.256123][ T3481] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 346.347477][ T3481] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 346.389946][ T3481] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 346.409674][ T3481] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 346.948541][ T1343] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 346.957243][ T1343] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 347.010921][ T3481] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 347.074418][ T3481] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 347.307280][T10444] vivid-007: ================= START STATUS ================= [ 347.364413][T10444] vivid-007: Generate PTS: true [ 347.404367][T10444] vivid-007: Generate SCR: true [ 347.427245][T10444] tpg source WxH: 320x240 (Y'CbCr) [ 347.443139][T10444] tpg field: 1 [ 347.493944][T10444] tpg crop: (0,0)/320x240 [ 347.504215][T10444] tpg compose: (0,0)/320x240 [ 347.508840][T10444] tpg colorspace: 8 [ 347.512626][T10444] tpg transfer function: 0/0 [ 347.606824][T10444] tpg Y'CbCr encoding: 0/0 [ 347.612213][T10444] tpg quantization: 0/0 [ 347.616908][T10444] tpg RGB range: 0/2 [ 347.620797][T10444] vivid-007: ================== END STATUS ================== [ 347.795562][T10441] netlink: 342 bytes leftover after parsing attributes in process `syz.1.986'. [ 349.168998][T10487] netlink: 32 bytes leftover after parsing attributes in process `syz.2.992'. [ 351.566599][T10514] netlink: 342 bytes leftover after parsing attributes in process `syz.2.998'. [ 351.922653][T10533] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1001'. [ 352.172963][T10536] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 353.763466][T10575] input: f¬ as /devices/virtual/input/input110 [ 354.061700][T10576] zram: Removed device: zram0 [ 354.473438][T10573] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1008'. [ 354.677530][T10585] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1011'. [ 355.106818][T10588] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1012'. [ 356.108120][T10613] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1020'. [ 356.663837][T10606] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1017'. [ 358.146763][T10647] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1026'. [ 362.851129][T10742] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1037'. [ 364.209656][T10779] vhci_hcd: invalid port number 9 [ 368.043287][T10834] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1058'. [ 370.196507][T10872] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1066'. [ 370.434683][T10891] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1069'. [ 370.765139][T10882] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1067'. [ 371.360315][T10907] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1073'. [ 372.628817][T10910] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1074'. [ 373.663862][T10952] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1080'. [ 373.892102][T10955] vhci_hcd: invalid port number 9 [ 375.132403][T10965] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1083'. [ 377.750909][T11001] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1088'. [ 377.769750][T11017] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1092'. [ 378.611596][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.618018][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.422914][T11044] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1097'. [ 380.710573][T11065] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1101'. [ 381.792431][T11070] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1103'. [ 381.836422][T11078] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1105'. [ 383.959831][T11107] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1112'. [ 384.177817][T11118] ptrace attach of "./syz-executor exec"[11121] was attempted by "./syz-executor exec"[11118] [ 385.473942][T11130] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1116'. [ 389.619548][T11213] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1133'. [ 390.657873][T11229] binder: 11228:11229 unknown command 0 [ 390.702771][T11229] binder: 11228:11229 ioctl c0306201 200000000000 returned -22 [ 390.818604][T11231] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1137'. [ 391.682864][T11255] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1142'. [ 392.672440][T11281] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1155'. [ 393.062548][T11289] can: request_module (can-proto-3) failed. [ 393.108076][T11290] binder: 11285:11290 unknown command 0 [ 393.113708][T11290] binder: 11285:11290 ioctl c0306201 200000000000 returned -22 [ 393.133813][T11290] vivid-007: ================= START STATUS ================= [ 393.193468][T11290] vivid-007: Generate PTS: true [ 393.198959][T11290] vivid-007: Generate SCR: true [ 393.203857][T11290] tpg source WxH: 320x240 (Y'CbCr) [ 393.216503][T11290] tpg field: 1 [ 393.219986][T11290] tpg crop: (0,0)/320x240 [ 393.224439][T11290] tpg compose: (0,0)/320x240 [ 393.234804][T11290] tpg colorspace: 8 [ 393.239085][T11290] tpg transfer function: 0/0 [ 393.249638][T11290] tpg Y'CbCr encoding: 0/0 [ 393.255573][T11290] tpg quantization: 0/0 [ 393.259807][T11290] tpg RGB range: 0/2 [ 393.263685][T11290] vivid-007: ================== END STATUS ================== [ 393.333563][T11299] random: crng reseeded on system resumption [ 394.425653][T11303] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1152'. [ 394.680549][T11317] device-mapper: ioctl: Unable to rename non-existent device,  to „ [ 395.255583][T11328] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 397.475628][T11371] vivid-007: ================= START STATUS ================= [ 397.597197][T11371] vivid-007: Generate PTS: true [ 397.630810][T11371] vivid-007: Generate SCR: true [ 397.735665][T11371] tpg source WxH: 320x240 (Y'CbCr) [ 397.741548][T11371] tpg field: 1 [ 397.745015][T11371] tpg crop: (0,0)/320x240 [ 397.754285][T11371] tpg compose: (0,0)/320x240 [ 397.759848][T11371] tpg colorspace: 8 [ 397.763672][T11371] tpg transfer function: 0/0 [ 397.782887][T11371] tpg Y'CbCr encoding: 0/0 [ 397.787527][T11371] tpg quantization: 0/0 [ 397.791692][T11371] tpg RGB range: 0/2 [ 397.795641][T11371] vivid-007: ================== END STATUS ================== [ 398.768193][T11393] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 398.784270][T11393] vivid-007: ================= START STATUS ================= [ 398.799927][T11393] vivid-007: Generate PTS: true [ 398.814890][T11393] vivid-007: Generate SCR: true [ 398.826273][T11393] tpg source WxH: 320x240 (Y'CbCr) [ 398.847358][T11393] tpg field: 1 [ 398.929523][T11393] tpg crop: (0,0)/320x240 [ 399.115870][T11393] tpg compose: (0,0)/320x240 [ 399.121116][T11393] tpg colorspace: 8 [ 399.134284][T11393] tpg transfer function: 0/0 [ 399.142246][T11393] tpg Y'CbCr encoding: 0/0 [ 399.154908][T11393] tpg quantization: 0/0 [ 399.203459][T11393] tpg RGB range: 0/2 [ 399.209928][T11393] vivid-007: ================== END STATUS ================== [ 399.579976][T11400] device-mapper: ioctl: Unable to rename non-existent device,  to „ [ 399.863895][T11415] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1175'. [ 401.136979][ T5151] Bluetooth: hci3: command 0x0406 tx timeout [ 401.769710][T11457] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 401.809414][T11457] vivid-007: ================= START STATUS ================= [ 401.830653][T11457] vivid-007: Generate PTS: true [ 401.835922][T11457] vivid-007: Generate SCR: true [ 401.840979][T11457] tpg source WxH: 320x240 (Y'CbCr) [ 401.846231][T11457] tpg field: 1 [ 401.849761][T11457] tpg crop: (0,0)/320x240 [ 401.858976][T11457] tpg compose: (0,0)/320x240 [ 401.863607][T11457] tpg colorspace: 8 [ 401.869856][T11457] tpg transfer function: 0/0 [ 401.911577][T11457] tpg Y'CbCr encoding: 0/0 [ 401.923352][T11457] tpg quantization: 0/0 [ 401.940117][T11457] tpg RGB range: 0/2 [ 401.959835][T11457] vivid-007: ================== END STATUS ================== [ 402.207697][T11468] device-mapper: ioctl: Unable to rename non-existent device,  to „ [ 402.430335][T11475] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1188'. [ 402.561936][T11481] random: crng reseeded on system resumption [ 404.869887][T11528] vivid-007: ================= START STATUS ================= [ 404.944381][T11528] vivid-007: Generate PTS: true [ 405.019550][T11528] vivid-007: Generate SCR: true [ 405.031473][T11528] tpg source WxH: 320x240 (Y'CbCr) [ 405.036684][T11528] tpg field: 1 [ 405.040054][T11528] tpg crop: (0,0)/320x240 [ 405.084965][T11528] tpg compose: (0,0)/320x240 [ 405.089630][T11528] tpg colorspace: 8 [ 405.093581][T11528] tpg transfer function: 0/0 [ 405.104396][T11528] tpg Y'CbCr encoding: 0/0 [ 405.108956][T11528] tpg quantization: 0/0 [ 405.113242][T11528] tpg RGB range: 0/2 [ 405.118012][T11528] vivid-007: ================== END STATUS ================== [ 406.139820][T11532] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1202'. [ 406.375029][T11540] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1203'. [ 407.107246][T11548] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1206'. [ 407.748862][T11558] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1208'. [ 407.884894][T11555] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1207'. [ 407.896937][T11565] vivid-007: ================= START STATUS ================= [ 407.904880][T11565] vivid-007: Generate PTS: true [ 407.935108][T11565] vivid-007: Generate SCR: true [ 407.940040][T11565] tpg source WxH: 320x240 (Y'CbCr) [ 407.962881][T11565] tpg field: 1 [ 408.133647][T11565] tpg crop: (0,0)/320x240 [ 408.176211][T11565] tpg compose: (0,0)/320x240 [ 408.194665][T11565] tpg colorspace: 8 [ 408.207594][T11565] tpg transfer function: 0/0 [ 408.312048][T11565] tpg Y'CbCr encoding: 0/0 [ 408.317979][T11565] tpg quantization: 0/0 [ 408.332662][T11565] tpg RGB range: 0/2 [ 408.341798][T11565] vivid-007: ================== END STATUS ================== [ 408.869231][T11590] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1213'. [ 411.308362][T11638] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1221'. [ 411.773066][T11645] netlink: 'syz.1.1226': attribute type 1 has an invalid length. [ 411.782878][T11645] vivid-007: ================= START STATUS ================= [ 411.791490][T11645] vivid-007: Generate PTS: true [ 411.797186][T11645] vivid-007: Generate SCR: true [ 411.814278][T11645] tpg source WxH: 320x240 (Y'CbCr) [ 411.820779][T11647] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1225'. [ 411.837197][T11645] tpg field: 1 [ 411.840583][T11645] tpg crop: (0,0)/320x240 [ 411.978163][T11645] tpg compose: (0,0)/320x240 [ 411.984891][T11647] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1225'. [ 411.997734][T11645] tpg colorspace: 8 [ 412.034353][T11645] tpg transfer function: 0/0 [ 412.084342][T11645] tpg Y'CbCr encoding: 0/0 [ 412.100433][T11645] tpg quantization: 0/0 [ 412.105503][T11645] tpg RGB range: 0/2 [ 412.110550][T11645] vivid-007: ================== END STATUS ================== [ 417.270751][T11737] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1245'. [ 419.225949][T11763] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1251'. [ 419.516271][T11788] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1256'. [ 421.042550][T11812] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1261'. [ 421.073554][T11812] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1261'. [ 421.808844][T11816] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1264'. [ 423.092966][T11839] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1268'. [ 424.440242][T11875] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1274'. [ 424.606755][T11875] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1274'. [ 424.714473][T11875] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1274'. [ 425.674084][T11898] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1278'. [ 425.754861][T11898] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1278'. [ 426.089418][T11908] vivid-007: ================= START STATUS ================= [ 426.226320][T11908] vivid-007: Generate PTS: true [ 426.231205][T11908] vivid-007: Generate SCR: true [ 426.243721][T11908] tpg source WxH: 320x240 (Y'CbCr) [ 426.308858][T11908] tpg field: 1 [ 426.321529][T11908] tpg crop: (0,0)/320x240 [ 426.330765][T11908] tpg compose: (0,0)/320x240 [ 426.355615][T11908] tpg colorspace: 8 [ 426.362863][T11908] tpg transfer function: 0/0 [ 426.374217][T11908] tpg Y'CbCr encoding: 0/0 [ 426.378666][T11908] tpg quantization: 0/0 [ 426.382804][T11908] tpg RGB range: 0/2 [ 426.455965][T11908] vivid-007: ================== END STATUS ================== [ 427.798277][T11941] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1289'. [ 428.009815][T11941] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1289'. [ 428.821783][T11958] vivid-007: ================= START STATUS ================= [ 428.830577][T11958] vivid-007: Generate PTS: true [ 428.835708][T11958] vivid-007: Generate SCR: true [ 428.895435][T11958] tpg source WxH: 320x240 (Y'CbCr) [ 429.037908][T11958] tpg field: 1 [ 429.041327][T11958] tpg crop: (0,0)/320x240 [ 429.045872][T11958] tpg compose: (0,0)/320x240 [ 429.050479][T11958] tpg colorspace: 8 [ 429.127471][T11958] tpg transfer function: 0/0 [ 429.175806][T11958] tpg Y'CbCr encoding: 0/0 [ 429.204984][T11958] tpg quantization: 0/0 [ 429.209194][T11958] tpg RGB range: 0/2 [ 429.213113][T11958] vivid-007: ================== END STATUS ================== [ 429.718083][T11975] vivid-007: ================= START STATUS ================= [ 429.749419][T11975] vivid-007: Generate PTS: true [ 429.757620][T11975] vivid-007: Generate SCR: true [ 429.762519][T11975] tpg source WxH: 320x240 (Y'CbCr) [ 429.767771][T11975] tpg field: 1 [ 429.771157][T11975] tpg crop: (0,0)/320x240 [ 429.777028][T11975] tpg compose: (0,0)/320x240 [ 429.781625][T11975] tpg colorspace: 8 [ 429.787131][T11975] tpg transfer function: 0/0 [ 429.795290][T11975] tpg Y'CbCr encoding: 0/0 [ 429.809706][T11975] tpg quantization: 0/0 [ 429.813900][T11975] tpg RGB range: 0/2 [ 429.834343][T11975] vivid-007: ================== END STATUS ================== [ 435.812632][T12082] vivid-007: ================= START STATUS ================= [ 435.820566][T12082] vivid-007: Generate PTS: true [ 435.825423][T12082] vivid-007: Generate SCR: true [ 435.830326][T12082] tpg source WxH: 320x240 (Y'CbCr) [ 435.835680][T12082] tpg field: 1 [ 435.839413][T12082] tpg crop: (0,0)/320x240 [ 435.843737][T12082] tpg compose: (0,0)/320x240 [ 435.857065][T12082] tpg colorspace: 8 [ 435.871076][T12082] tpg transfer function: 0/0 [ 435.946286][T12082] tpg Y'CbCr encoding: 0/0 [ 435.981367][T12082] tpg quantization: 0/0 [ 436.019835][T12082] tpg RGB range: 0/2 [ 436.023786][T12082] vivid-007: ================== END STATUS ================== [ 436.465940][T12081] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1316'. [ 437.219580][T12097] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1320'. [ 437.320675][T12107] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1322'. [ 438.482198][T12126] vivid-007: ================= START STATUS ================= [ 438.509182][T12126] vivid-007: Generate PTS: true [ 438.515314][T12126] vivid-007: Generate SCR: true [ 438.561758][T12126] tpg source WxH: 320x240 (Y'CbCr) [ 438.672032][T12126] tpg field: 1 [ 438.739522][T12126] tpg crop: (0,0)/320x240 [ 438.743876][T12126] tpg compose: (0,0)/320x240 [ 438.788332][T12126] tpg colorspace: 8 [ 438.830331][T12126] tpg transfer function: 0/0 [ 438.835066][T12126] tpg Y'CbCr encoding: 0/0 [ 438.839991][T12126] tpg quantization: 0/0 [ 438.844246][T12126] tpg RGB range: 0/2 [ 438.848231][T12126] vivid-007: ================== END STATUS ================== [ 438.974144][T12133] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1329'. [ 439.135000][T12138] vivid-007: ================= START STATUS ================= [ 439.145641][T12138] vivid-007: Generate PTS: true [ 439.150800][T12138] vivid-007: Generate SCR: true [ 439.159298][T12138] tpg source WxH: 320x240 (Y'CbCr) [ 439.164482][T12138] tpg field: 1 [ 439.169283][T12138] tpg crop: (0,0)/320x240 [ 439.174948][T12138] tpg compose: (0,0)/320x240 [ 439.179677][T12138] tpg colorspace: 8 [ 439.183470][T12138] tpg transfer function: 0/0 [ 439.189044][T12138] tpg Y'CbCr encoding: 0/0 [ 439.195483][T12138] tpg quantization: 0/0 [ 439.199851][T12138] tpg RGB range: 0/2 [ 439.203831][T12138] vivid-007: ================== END STATUS ================== [ 439.436275][T12135] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1328'. [ 440.025570][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.031993][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.348597][T12163] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1335'. [ 441.287016][T12178] netlink: 'syz.0.1339': attribute type 1 has an invalid length. [ 441.601085][T12174] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1338'. [ 443.333522][T12224] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1347'. [ 444.346914][T12243] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1354'. [ 444.420898][T12245] vivid-007: ================= START STATUS ================= [ 444.492415][T12245] vivid-007: Generate PTS: true [ 444.510733][T12245] vivid-007: Generate SCR: true [ 444.532930][T12245] tpg source WxH: 320x240 (Y'CbCr) [ 444.551662][T12245] tpg field: 1 [ 444.556624][T12245] tpg crop: (0,0)/320x240 [ 444.560994][T12245] tpg compose: (0,0)/320x240 [ 444.613280][T12245] tpg colorspace: 8 [ 444.632626][T12245] tpg transfer function: 0/0 [ 444.637266][T12245] tpg Y'CbCr encoding: 0/0 [ 444.672197][T12245] tpg quantization: 0/0 [ 444.676529][T12245] tpg RGB range: 0/2 [ 444.680440][T12245] vivid-007: ================== END STATUS ================== [ 444.844437][T12241] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1353'. [ 445.410097][T12256] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1356'. [ 445.448277][T12263] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1357'. [ 445.737247][T12268] vivid-007: ================= START STATUS ================= [ 445.894111][T12268] vivid-007: Generate PTS: true [ 445.898998][T12268] vivid-007: Generate SCR: true [ 445.906567][T12268] tpg source WxH: 320x240 (Y'CbCr) [ 445.912107][T12268] tpg field: 1 [ 445.916183][T12268] tpg crop: (0,0)/320x240 [ 445.920633][T12268] tpg compose: (0,0)/320x240 [ 445.929690][T12268] tpg colorspace: 8 [ 445.933916][T12268] tpg transfer function: 0/0 [ 445.938522][T12268] tpg Y'CbCr encoding: 0/0 [ 445.946973][T12268] tpg quantization: 0/0 [ 445.951510][T12268] tpg RGB range: 0/2 [ 445.956148][T12268] vivid-007: ================== END STATUS ================== [ 448.760247][T12322] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1364'. [ 448.972683][T12323] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1365'. [ 450.440984][T12332] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1369'. [ 450.601076][T12356] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1375'. [ 452.511638][T12380] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1381'. [ 453.280917][T12390] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1386'. [ 455.993868][T12428] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1393'. [ 456.577254][T12428] ovs_: entered promiscuous mode [ 457.250108][T12444] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1396'. [ 457.469406][ T5151] Bluetooth: hci4: command 0x0406 tx timeout [ 457.673183][T12448] vivid-007: ================= START STATUS ================= [ 457.681259][T12448] vivid-007: Generate PTS: true [ 457.686482][T12448] vivid-007: Generate SCR: true [ 457.700206][T12448] tpg source WxH: 320x240 (Y'CbCr) [ 457.748385][T12448] tpg field: 1 [ 457.751893][T12448] tpg crop: (0,0)/320x240 [ 457.756243][T12448] tpg compose: (0,0)/320x240 [ 457.812794][T12448] tpg colorspace: 8 [ 457.838378][T12448] tpg transfer function: 0/0 [ 457.857862][T12448] tpg Y'CbCr encoding: 0/0 [ 457.866423][T12448] tpg quantization: 0/0 [ 457.872068][T12448] tpg RGB range: 0/2 [ 457.875998][T12448] vivid-007: ================== END STATUS ================== [ 460.060814][T12503] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1409'. [ 460.183995][T12505] FAULT_INJECTION: forcing a failure. [ 460.183995][T12505] name failslab, interval 1, probability 0, space 0, times 0 [ 460.198170][T12505] CPU: 1 UID: 0 PID: 12505 Comm: syz.0.1410 Not tainted syzkaller #0 PREEMPT(full) [ 460.198203][T12505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 460.198217][T12505] Call Trace: [ 460.198226][T12505] [ 460.198235][T12505] dump_stack_lvl+0x16c/0x1f0 [ 460.198271][T12505] should_fail_ex+0x512/0x640 [ 460.198305][T12505] ? __kmalloc_noprof+0xca/0x880 [ 460.198346][T12505] should_failslab+0xc2/0x120 [ 460.198378][T12505] __kmalloc_noprof+0xdd/0x880 [ 460.198413][T12505] ? __pfx___mutex_lock+0x10/0x10 [ 460.198444][T12505] ? tracepoint_add_func+0x2a6/0xea0 [ 460.198473][T12505] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 460.198511][T12505] ? tracepoint_add_func+0x2a6/0xea0 [ 460.198534][T12505] tracepoint_add_func+0x2a6/0xea0 [ 460.198556][T12505] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 460.198601][T12505] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 460.198638][T12505] tracepoint_probe_register+0xbf/0x100 [ 460.198665][T12505] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 460.198690][T12505] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 460.198727][T12505] ? lockdep_hardirqs_on+0x7c/0x110 [ 460.198765][T12505] tracing_start_sched_switch+0xaf/0x1e0 [ 460.198802][T12505] __ftrace_event_enable_disable+0x694/0x810 [ 460.198835][T12505] __ftrace_set_clr_event_nolock+0x390/0xb70 [ 460.198911][T12505] ftrace_set_clr_event+0x16e/0x330 [ 460.198943][T12505] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 460.198984][T12505] ftrace_event_write+0x259/0x2c0 [ 460.199014][T12505] ? __pfx_ftrace_event_write+0x10/0x10 [ 460.199057][T12505] ? __pfx_ftrace_event_write+0x10/0x10 [ 460.199084][T12505] vfs_write+0x2a0/0x11d0 [ 460.199122][T12505] ? __pfx___mutex_lock+0x10/0x10 [ 460.199154][T12505] ? __pfx_vfs_write+0x10/0x10 [ 460.199191][T12505] ? __fget_files+0x20e/0x3c0 [ 460.199228][T12505] ksys_write+0x12a/0x250 [ 460.199255][T12505] ? __pfx_ksys_write+0x10/0x10 [ 460.199294][T12505] do_syscall_64+0xcd/0xfa0 [ 460.199326][T12505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.199351][T12505] RIP: 0033:0x7f28d9d8f6c9 [ 460.199373][T12505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.199394][T12505] RSP: 002b:00007f28dacbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 460.199417][T12505] RAX: ffffffffffffffda RBX: 00007f28d9fe6180 RCX: 00007f28d9d8f6c9 [ 460.199431][T12505] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000007 [ 460.199444][T12505] RBP: 00007f28dacbf090 R08: 0000000000000000 R09: 0000000000000000 [ 460.199457][T12505] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 460.199471][T12505] R13: 00007f28d9fe6218 R14: 00007f28d9fe6180 R15: 00007fff82fb21f8 [ 460.199502][T12505] [ 460.503909][T12505] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup [ 461.330362][T12525] ------------[ cut here ]------------ [ 461.336056][T12525] WARNING: CPU: 0 PID: 12525 at kernel/tracepoint.c:358 tracepoint_probe_unregister+0x894/0xd70 [ 461.346571][T12525] Modules linked in: [ 461.350638][T12525] CPU: 0 UID: 0 PID: 12525 Comm: syz.0.1414 Not tainted syzkaller #0 PREEMPT(full) [ 461.360162][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 461.370613][T12525] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 461.377203][T12525] Code: 41 5e 41 5f c3 cc cc cc cc e8 38 20 fe ff 48 c7 c6 20 26 be 81 48 89 df e8 99 50 e4 ff eb 9f bb fe ff ff ff e8 1d 20 fe ff 90 <0f> 0b 90 eb 91 e8 12 20 fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 461.397261][T12525] RSP: 0018:ffffc9000461f890 EFLAGS: 00010287 [ 461.403499][T12525] RAX: 0000000000052b30 RBX: 00000000fffffffe RCX: ffffc9000de11000 [ 461.411525][T12525] RDX: 0000000000080000 RSI: ffffffff81be3763 RDI: 0000000000000005 [ 461.419488][T12525] RBP: ffff88801b6b1548 R08: 0000000000000005 R09: 0000000000000000 [ 461.427568][T12525] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff81c446a0 [ 461.435591][T12525] R13: 0000000000000002 R14: 0000000000000000 R15: ffffffff8e7a2180 [ 461.443582][T12525] FS: 00007f28dacbf6c0(0000) GS:ffff888124a0d000(0000) knlGS:0000000000000000 [ 461.452675][T12525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 461.459307][T12525] CR2: 0000200000200000 CR3: 000000007dc1e000 CR4: 00000000003526f0 [ 461.467628][T12525] Call Trace: [ 461.471217][T12525] [ 461.474144][T12525] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 461.480524][T12525] tracing_stop_cmdline_record+0x66/0xa0 [ 461.486153][T12525] __ftrace_event_enable_disable+0x708/0x810 [ 461.492158][T12525] ftrace_event_set_open+0x232/0x380 [ 461.497437][T12525] do_dentry_open+0x982/0x1530 [ 461.502278][T12525] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 461.508078][T12525] vfs_open+0x82/0x3f0 [ 461.512180][T12525] path_openat+0x1de4/0x2cb0 [ 461.516768][T12525] ? __pfx_path_openat+0x10/0x10 [ 461.521716][T12525] ? __lock_acquire+0xb8a/0x1c90 [ 461.526648][T12525] do_filp_open+0x20b/0x470 [ 461.531166][T12525] ? __pfx_do_filp_open+0x10/0x10 [ 461.536193][T12525] ? alloc_fd+0x471/0x7d0 [ 461.540534][T12525] do_sys_openat2+0x11b/0x1d0 [ 461.545203][T12525] ? __pfx_do_sys_openat2+0x10/0x10 [ 461.550517][T12525] ? find_held_lock+0x2b/0x80 [ 461.555268][T12525] __x64_sys_openat+0x174/0x210 [ 461.560145][T12525] ? __pfx___x64_sys_openat+0x10/0x10 [ 461.565545][T12525] do_syscall_64+0xcd/0xfa0 [ 461.570438][T12525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.576331][T12525] RIP: 0033:0x7f28d9d8f6c9 [ 461.581069][T12525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 461.600761][T12525] RSP: 002b:00007f28dacbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 461.609165][T12525] RAX: ffffffffffffffda RBX: 00007f28d9fe6180 RCX: 00007f28d9d8f6c9 [ 461.617156][T12525] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 461.625143][T12525] RBP: 00007f28d9e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 461.633204][T12525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 461.641192][T12525] R13: 00007f28d9fe6218 R14: 00007f28d9fe6180 R15: 00007fff82fb21f8 [ 461.649163][T12525] [ 461.652184][T12525] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 461.659444][T12525] CPU: 0 UID: 0 PID: 12525 Comm: syz.0.1414 Not tainted syzkaller #0 PREEMPT(full) [ 461.668800][T12525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 461.678846][T12525] Call Trace: [ 461.682111][T12525] [ 461.685024][T12525] dump_stack_lvl+0x3d/0x1f0 [ 461.689604][T12525] vpanic+0x640/0x6f0 [ 461.693579][T12525] ? tracepoint_probe_unregister+0x894/0xd70 [ 461.699544][T12525] panic+0xca/0xd0 [ 461.703254][T12525] ? __pfx_panic+0x10/0x10 [ 461.707668][T12525] check_panic_on_warn+0xab/0xb0 [ 461.712625][T12525] __warn+0xf6/0x3c0 [ 461.716514][T12525] ? tracepoint_probe_unregister+0x894/0xd70 [ 461.722480][T12525] report_bug+0x3c3/0x580 [ 461.726800][T12525] ? tracepoint_probe_unregister+0x894/0xd70 [ 461.732765][T12525] handle_bug+0x184/0x210 [ 461.737088][T12525] exc_invalid_op+0x17/0x50 [ 461.741587][T12525] asm_exc_invalid_op+0x1a/0x20 [ 461.746424][T12525] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 461.753001][T12525] Code: 41 5e 41 5f c3 cc cc cc cc e8 38 20 fe ff 48 c7 c6 20 26 be 81 48 89 df e8 99 50 e4 ff eb 9f bb fe ff ff ff e8 1d 20 fe ff 90 <0f> 0b 90 eb 91 e8 12 20 fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 461.772594][T12525] RSP: 0018:ffffc9000461f890 EFLAGS: 00010287 [ 461.778651][T12525] RAX: 0000000000052b30 RBX: 00000000fffffffe RCX: ffffc9000de11000 [ 461.786612][T12525] RDX: 0000000000080000 RSI: ffffffff81be3763 RDI: 0000000000000005 [ 461.794578][T12525] RBP: ffff88801b6b1548 R08: 0000000000000005 R09: 0000000000000000 [ 461.802535][T12525] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff81c446a0 [ 461.810493][T12525] R13: 0000000000000002 R14: 0000000000000000 R15: ffffffff8e7a2180 [ 461.818456][T12525] ? __pfx_probe_sched_switch+0x10/0x10 [ 461.824007][T12525] ? tracepoint_probe_unregister+0x893/0xd70 [ 461.830014][T12525] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 461.836335][T12525] tracing_stop_cmdline_record+0x66/0xa0 [ 461.841968][T12525] __ftrace_event_enable_disable+0x708/0x810 [ 461.847940][T12525] ftrace_event_set_open+0x232/0x380 [ 461.853215][T12525] do_dentry_open+0x982/0x1530 [ 461.857968][T12525] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 461.863765][T12525] vfs_open+0x82/0x3f0 [ 461.867827][T12525] path_openat+0x1de4/0x2cb0 [ 461.872411][T12525] ? __pfx_path_openat+0x10/0x10 [ 461.877346][T12525] ? __lock_acquire+0xb8a/0x1c90 [ 461.882278][T12525] do_filp_open+0x20b/0x470 [ 461.886768][T12525] ? __pfx_do_filp_open+0x10/0x10 [ 461.891790][T12525] ? alloc_fd+0x471/0x7d0 [ 461.896110][T12525] do_sys_openat2+0x11b/0x1d0 [ 461.900809][T12525] ? __pfx_do_sys_openat2+0x10/0x10 [ 461.906001][T12525] ? find_held_lock+0x2b/0x80 [ 461.910668][T12525] __x64_sys_openat+0x174/0x210 [ 461.915512][T12525] ? __pfx___x64_sys_openat+0x10/0x10 [ 461.920884][T12525] do_syscall_64+0xcd/0xfa0 [ 461.925378][T12525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.931256][T12525] RIP: 0033:0x7f28d9d8f6c9 [ 461.935659][T12525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 461.955255][T12525] RSP: 002b:00007f28dacbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 461.963657][T12525] RAX: ffffffffffffffda RBX: 00007f28d9fe6180 RCX: 00007f28d9d8f6c9 [ 461.971615][T12525] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 461.979572][T12525] RBP: 00007f28d9e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 461.987530][T12525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 461.995489][T12525] R13: 00007f28d9fe6218 R14: 00007f28d9fe6180 R15: 00007fff82fb21f8 [ 462.003460][T12525] [ 462.006824][T12525] Kernel Offset: disabled [ 462.011135][T12525] Rebooting in 86400 seconds..