last executing test programs: 12m36.341945813s ago: executing program 1 (id=867): mmap$auto(0x0, 0x2020009, 0x3, 0x4000ff, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x4) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/swaps\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x1, 0x10006) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES32=0xffffffffffffffff, @ANYBLOB], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYRES64=r3, @ANYRESHEX, @ANYRESDEC=r0, @ANYRESDEC=r0, @ANYRESHEX, @ANYRESOCT, @ANYRESHEX=r3, @ANYRES32, @ANYRESDEC], 0x1ac}}, 0x40000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x6, &(0x7f0000000100)={0x0, 0xfc1}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x6, 0x4008) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x1ad240, 0x1b1) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) mmap$auto(0xffffffffffffffff, 0x20009, 0x4000000040df, 0xeb2, r0, 0x8000) r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0) readv$auto(r5, &(0x7f0000000080)={&(0x7f0000000000), 0x197188}, 0x8) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/bus/netdevsim/new_device\x00', 0x149b01, 0x0) r7 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r7, 0x0, 0x1f40) writev$auto(r6, &(0x7f0000000200)={0x0, 0x9}, 0x7) 12m35.848180905s ago: executing program 1 (id=869): r0 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x28442, 0x0) ioctl$auto_XFS_IOC_ALLOCSP64(r0, 0x40305824, &(0x7f00000001c0)={0x7, 0xa, 0x343d, 0x1, 0x2}) connect$auto(0xffffffffffffffff, 0x0, 0x55) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r2, 0x0, 0x20) writev$auto(r1, &(0x7f0000000200)={0x0, 0x3}, 0x3) select$auto(0x6, &(0x7f0000000240)={[0x324b, 0x5000000000000, 0x8, 0x4, 0x4, 0x100000001, 0x95, 0x9, 0x3000000000, 0x7, 0x0, 0x4, 0x9, 0x1, 0x2, 0x2]}, &(0x7f00000002c0)={[0x36d, 0x1, 0xe, 0x7, 0x8c76, 0x3, 0xfffffffffffffffb, 0xd4c, 0x64ed, 0x5, 0x81, 0x100000000000, 0x0, 0x3, 0x8000000000000001, 0x7]}, &(0x7f0000000340)={[0xffff, 0xb, 0xc, 0x400, 0x734ab7c3, 0x8, 0xe, 0xa, 0x8, 0x1, 0x2, 0xffffffff, 0x1, 0xfffffffffffffffc, 0xff, 0x6]}, &(0x7f00000003c0)={0x80000001, 0x9f7f}) 12m34.840795526s ago: executing program 1 (id=871): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x141000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r0, &(0x7f0000000480)="f21a9a3c5c3e006e163bb154d7886d87a5c2574c58e9867ecec3371cadbc48770dc8f745d1c76eed1672bb713aca465c9bbc23b50000000000000004c635fcd1410f37152ad1f7fa09270ce98f867fefbe147095e2928c0a", 0x58) prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000100)="000004") write$auto(r1, 0x0, 0x41ec) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi28\x00', 0xc0500, 0x0) execveat$auto(r2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)=&(0x7f0000000100)='/dev/vbi28\x00', &(0x7f00000001c0)=&(0x7f0000000180)='\x00', 0x24) ioctl$auto(0x3, 0x40045612, 0x34) setreuid$auto(0x0, 0x5) lchown$auto(&(0x7f0000000080)='./file0\x00', 0xee01, 0xee00) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/oom_adj\x00', 0x142, 0x0) read$auto(r3, 0x0, 0x4) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x9) unshare$auto(0x8000000) 12m34.024733546s ago: executing program 1 (id=873): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) symlink$auto(&(0x7f00000000c0)='\'--[[\x14+\\\x00', &(0x7f0000000000)='\'--[[\x14+\\\x00') set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) readlink$auto(&(0x7f0000000040)='\'--[[\x14+\\\x00', &(0x7f0000000140)='\x00', 0x8) 12m33.716189412s ago: executing program 1 (id=876): bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x5, 0x1, 0x8}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cec12\x00', 0x40, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket(0xa, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) 12m30.954057131s ago: executing program 1 (id=885): mmap$auto(0x0, 0x800000000004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async) r0 = socket(0x2, 0x2, 0x0) ioctl$auto_FS_IOC_UNRESVSP64(r0, 0x4030582b, 0x9) (async) r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) (async, rerun: 64) r2 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r2, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000bab6254557147d2930947dc361fe2d58dd06002f1727ecd154f329986c9c2a9b262e57eab69e797c7d1c675fd12d4f6458091f081cdac09de73da33d99119605b25bfb2ddf6d4fc96c5f3da4f139a3d7f38e6e06671ae4eb77d3d9f2689d7df9bd680cdaf536189da408a62b8249e8c1ca8399f4e117e32b0164156b0c3e077e8c22c96a3fabc7fd67cd6ba060b57c554a1759e47466b83875b6547fdea9d75d46e894162eca076305b7dcee6c9b2600fd9c58a624024098fd73594bb7cc473bfe8b41e93cd4345fc85f81ef187952fd7a2d283d1cdd1fd0d764e2198f27e82629a35560f36e9bffb1ac1198cfde1686daa0", @ANYRES16=r3, @ANYBLOB="2f032abd7000ffdbdf251200f000"], 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080) (async) socket(0x1e, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) readv$auto(0xffffffffffffffff, 0x0, 0x6) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) (async) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) (async) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttys2\x00', 0x100, 0x0) (async) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0xc6ee8009f2cda04c, 0x0) (async) mmap$auto(0xfffffffffffffffe, 0x20009, 0x5, 0x1b, 0x1, 0x8004) (async) write$auto(r1, &(0x7f0000000c40)='gthtool\x00', 0x5) (async) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async, rerun: 64) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (rerun: 64) recvmmsg$auto(r1, 0x0, 0x10001, 0x700, 0x0) prctl$auto(0x80000000, 0x1, 0x0, 0x1, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) 12m15.715306026s ago: executing program 32 (id=885): mmap$auto(0x0, 0x800000000004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async) r0 = socket(0x2, 0x2, 0x0) ioctl$auto_FS_IOC_UNRESVSP64(r0, 0x4030582b, 0x9) (async) r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) (async, rerun: 64) r2 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r2, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000bab6254557147d2930947dc361fe2d58dd06002f1727ecd154f329986c9c2a9b262e57eab69e797c7d1c675fd12d4f6458091f081cdac09de73da33d99119605b25bfb2ddf6d4fc96c5f3da4f139a3d7f38e6e06671ae4eb77d3d9f2689d7df9bd680cdaf536189da408a62b8249e8c1ca8399f4e117e32b0164156b0c3e077e8c22c96a3fabc7fd67cd6ba060b57c554a1759e47466b83875b6547fdea9d75d46e894162eca076305b7dcee6c9b2600fd9c58a624024098fd73594bb7cc473bfe8b41e93cd4345fc85f81ef187952fd7a2d283d1cdd1fd0d764e2198f27e82629a35560f36e9bffb1ac1198cfde1686daa0", @ANYRES16=r3, @ANYBLOB="2f032abd7000ffdbdf251200f000"], 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080) (async) socket(0x1e, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) readv$auto(0xffffffffffffffff, 0x0, 0x6) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) (async) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) (async) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ttys2\x00', 0x100, 0x0) (async) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0xc6ee8009f2cda04c, 0x0) (async) mmap$auto(0xfffffffffffffffe, 0x20009, 0x5, 0x1b, 0x1, 0x8004) (async) write$auto(r1, &(0x7f0000000c40)='gthtool\x00', 0x5) (async) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async, rerun: 64) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (rerun: 64) recvmmsg$auto(r1, 0x0, 0x10001, 0x700, 0x0) prctl$auto(0x80000000, 0x1, 0x0, 0x1, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) 5m14.981234481s ago: executing program 3 (id=2058): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) get_robust_list$auto(0x0, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r1 = socket(0x2, 0x3, 0xa) openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x100800, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x25, 0x5, 0x0) sendfile$auto(0x6, r1, 0x0, 0xfdef) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) rseq$auto(&(0x7f0000000200)={0xe, 0x20401, 0x5fc, 0x10000006, 0xffffffff, 0x9}, 0x40, 0x0, 0x6) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) 5m14.195343014s ago: executing program 3 (id=2061): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/gro_flush_timeout\x00', 0x88282, 0x0) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) write$auto(r0, 0x0, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000001040)={0x80, 0x6, 0xf00, 0xb205, 0x3, 0x0, 0x0}) 5m13.445084742s ago: executing program 3 (id=2063): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0xfffffffffffffffc, 0x400008, 0xdf, 0x20000009b72, 0x2, 0x8000000000000001) mmap$auto(0x8000000000000000, 0x80000001, 0x2, 0x18, 0x602, 0x5b37) socket(0x2, 0x1, 0x106) ioctl$auto(0x3, 0x10000, r0) socket$nl_generic(0x10, 0x3, 0x10) r1 = clone$auto(0x21, 0x80000007, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) io_uring_setup$auto(0x6, 0x0) wait4$auto(r1, 0x0, 0x80000000, 0x0) close_range$auto(r0, 0xffffffffffffffff, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) 5m12.100793772s ago: executing program 3 (id=2064): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) pipe$auto(0x0) mincore$auto(0x0, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x35, 0x0, 0x9) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(0xfffffffffffffffe, r0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) newfstatat$auto(r1, 0x0, 0x0, 0xfffffffe) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) openat$auto_proc_auxv_operations_base(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/auxv\x00', 0x101102, 0x0) 5m10.352271491s ago: executing program 3 (id=2071): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) get_robust_list$auto(0x0, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r1 = socket(0x2, 0x3, 0xa) openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x100800, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x25, 0x5, 0x0) sendfile$auto(0x6, r1, 0x0, 0xfdef) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) rseq$auto(&(0x7f0000000200)={0xe, 0x20401, 0x5fc, 0x10000006, 0xffffffff, 0x9}, 0x40, 0x0, 0x6) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) 5m9.449648295s ago: executing program 3 (id=2075): open(&(0x7f0000000040)='./file0\x00', 0x4ac41, 0x1) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x80045503, r0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) r1 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000001500)='/proc/kpagecgroup\x00', 0x101000, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) socket(0x1, 0x1, 0x0) listen$auto(0xffffffffffffffff, 0x91) r2 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x12a382, 0x0) write$auto_split_huge_pages_fops_huge_memory(r2, &(0x7f0000000100)='1', 0x1) unshare$auto(0x40000080) r3 = open(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0xa0400, 0x8) ioctl$auto_OTPSELECT(r1, 0x80044d0d, &(0x7f00000000c0)=0x8) open_by_handle_at$auto(r3, &(0x7f0000000040)={0x8, 0x2, "0200000000000000"}, 0x3ffff) 4m53.179925269s ago: executing program 33 (id=2075): open(&(0x7f0000000040)='./file0\x00', 0x4ac41, 0x1) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x80045503, r0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) r1 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000001500)='/proc/kpagecgroup\x00', 0x101000, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) socket(0x1, 0x1, 0x0) listen$auto(0xffffffffffffffff, 0x91) r2 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x12a382, 0x0) write$auto_split_huge_pages_fops_huge_memory(r2, &(0x7f0000000100)='1', 0x1) unshare$auto(0x40000080) r3 = open(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00', 0xa0400, 0x8) ioctl$auto_OTPSELECT(r1, 0x80044d0d, &(0x7f00000000c0)=0x8) open_by_handle_at$auto(r3, &(0x7f0000000040)={0x8, 0x2, "0200000000000000"}, 0x3ffff) 8.380616619s ago: executing program 4 (id=2967): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = socket(0xa, 0x3, 0xff) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x3c1640, 0x0) r2 = socket(0x1b, 0x3, 0x76) madvise$auto(0x0, 0x2000040080000003, 0xe) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r3, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r2, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) r6 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth1_macvtap\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'veth1_virt_wifi\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth0_to_hsr\x00', 0x0}) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r10) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001980)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="2f212cbd8966efb91b2e351f000008000300", @ANYRES32=r12], 0x28}}, 0x4000000) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'nr0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_QUEUE_GET2(r4, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x44, r6, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r7}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r8}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r9}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r12}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r13}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r14}]}, 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x804) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r5, 0x0, 0x400c080) read$auto(0x3, 0x0, 0x80) 6.414975662s ago: executing program 5 (id=2972): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (fail_nth: 33) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) 6.06174726s ago: executing program 5 (id=2973): openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) (async) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) sendfile$auto(0x1, r1, 0x0, 0x400007ffff000) (async) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) (async) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0xffffffffffffffff, 0x10008000) (async) close_range$auto(0x0, 0x5, 0x0) r2 = fanotify_init$auto(0x5, 0x2000000000002) (async) inotify_init1$auto(0x3000000000000) socket(0x21, 0x5, 0x0) (async) getsockopt$auto(0x2, 0x114, 0x2721, 0xfffffffffffffffc, 0x0) (async) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x6, 0x0, 0x0, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x3, 0xa) write$auto(0x3, 0x0, 0xfdef) close_range$auto(r2, 0xfffffffffffff000, 0x100000) (async) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r4, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 6.059217026s ago: executing program 4 (id=2974): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syz_clone(0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x2003ec, 0x14) mmap$auto(0x0, 0x3acc, 0x2, 0xfffffffffffff7b5, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0xa, 0x2, 0x3a) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) setsockopt$auto(r1, 0x29, 0x39, 0x0, 0x110) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000004440)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYRES16=r3], 0x1ac}}, 0x40000) recvmmsg$auto(r5, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) 4.977808432s ago: executing program 5 (id=2978): mmap$auto(0x0, 0x20009, 0xd, 0x4000000000cf55, 0x40000000000a5, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x401f02, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) fsopen$auto(&(0x7f00000001c0)='nfsd\x00', 0x1) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x8}, 0x400) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) recvmmsg$auto(0x3, 0x0, 0x10000, 0x2, 0x0) shutdown$auto(0x200000003, 0x2) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ttyt5\x00', 0x20102, 0x0) 4.738648119s ago: executing program 2 (id=2980): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001440), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000f0", @ANYRES16=r3, @ANYBLOB="83d72dbd7000fbdbdf2504"], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x4040) 4.494787155s ago: executing program 2 (id=2981): ioprio_get$auto(0x3, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x144000, 0x0) mmap$auto(0xfffffffffffffffc, 0x2000000008e1, 0xdb, 0x13, 0xffffffffffffffff, 0xb) socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2b, 0x1, 0x1) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, 0x0, 0x0) select$auto(0x9, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd4/sched/write2_next_rq\x00', 0x0, 0x0) ioctl$auto(0xffffffffffffffff, 0x4b67, 0x1) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2000, 0x0) unshare$auto(0x40000080) r2 = socket(0x11, 0x1, 0x87) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket(0xa, 0x2, 0x0) setsockopt$auto(r3, 0x29, 0x30, 0x0, 0x20004) r4 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x1, 0x0) io_submit$auto(0x6, 0x6, &(0x7f0000000240)=&(0x7f0000000200)={0x1, 0x7fff, 0x2, 0x10c, 0x9, r1, 0x4, 0x6, 0x2, 0x0, 0x2, r2}) ioctl$auto_TCFLSH2(r5, 0x540b, &(0x7f0000000280)="1a2e29d0b0ebb36fa3d70644a47ac782a7e8149059ceb66119862f667ba2685c07d845e86017d859a898072b67e3f323aa904a2254d64004eb1cef62815d84cc26cacaa80fd5c9ee8ba536be032b76691543190b9e1d4872c42196ee942ed62ec47685bed8af01989630882aee75a52a1abf9a60cbfb7ee60e2b5d727340") write$auto_configfs_file_operations_configfs_internal(r4, &(0x7f0000000140)="8e", 0x1) close_range$auto(0x2, 0x8, 0x0) prctl$auto_PR_SET_SECCOMP(0x16, 0x9d9, 0x879, 0x1, 0xc606) 4.108973584s ago: executing program 4 (id=2982): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x2020009, 0x2, 0xfffffffffffffffb, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x20008000}, 0x8000) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYRES32=r0], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20048014) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000001140)='/proc/self/oom_adj\x00', 0x52c83, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x1, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0xa}, 0x3) capset$auto(0x0, &(0x7f0000000000)={0xb213, 0x2c, 0x800}) sendmmsg$auto(r1, &(0x7f0000000100)={{&(0x7f0000000000), 0x5aa, &(0x7f00000003c0)={&(0x7f0000000040)='f', 0x49}, 0x1, &(0x7f0000000340)="9bc114fa497af712b6b580d7d3725f4ab4b2a5150cea7f5578022c77b097e35e2a254dde956af5371bcc3d4f40362f31deff4974d7553c2842aaae2428876348e7c3f06bed2e5ad637f28c8326380a", 0x5, 0x3}, 0x4}, 0x2, 0x100) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60980, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x2000000000040, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000140), 0x220100, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) pwrite64$auto(0xc8, 0x0, 0xfdf2, 0x3a) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x400, 0x7) ioprio_set$auto(0x5, 0x0, 0x3e4) 3.78564196s ago: executing program 5 (id=2984): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (fail_nth: 34) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) 3.182782821s ago: executing program 2 (id=2985): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="4a000400", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000300000400000a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32=0x0, @ANYBLOB="080002"], 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) (async) r0 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r0, 0x80044df9, &(0x7f0000000100)) mmap$auto(0x100000004, 0x2, 0xfffffffffffffffe, 0x13, 0xfffffffffffffffa, 0x41) capget$auto(&(0x7f00000000c0)={0xb, 0xffffffffffffffff}, &(0x7f0000000200)={0x8000002, 0x7, 0x7fff}) (async) waitid$auto(0xa, 0xffffffffffffffff, &(0x7f0000000440)={@_si_pad}, 0x6, &(0x7f00000004c0)={{0xc76f, 0x1}, {0x7, 0x3fc}, 0x8, 0xfff, 0x2, 0x3, 0x4000000000068a, 0x100aa, 0x2, 0xa0, 0xe, 0x8af, 0x10, 0x0, 0x6, 0x81}) sysfs$auto(0x5, 0x4, 0x3) (async) lsm_list_modules$auto(0x0, 0x0, 0x400) (async) getcwd$auto(0x0, 0x8000000000000000) (async) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x40146f2c, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async, rerun: 32) r1 = io_uring_setup$auto(0x6, 0x0) (rerun: 32) close_range$auto(0x0, 0xfffffffffffff001, 0x2) (async, rerun: 64) socket(0x11, 0x80003, 0x300) (async, rerun: 64) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04, 0x0) (async) socket(0x29, 0x5, 0x0) (async, rerun: 32) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) (rerun: 32) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) (async) sendfile$auto(0x1, 0x3, 0x0, 0xc01) (async) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001340)=ANY=[@ANYBLOB='4\b\x00\x00', @ANYBLOB="beeabdbf18ae8883087d9f69f2a657fa893fca2ab1792a2b3367f97409591fecfe77a7930b106c8db907532288c0feca553ab3fdb3f83577d3257dbb1cf0ecf80fe1132e311379674a0ef7ca26f46510782213f30883d549c02b403888b698e5bfbace4990188a5916e511c5eb770579e936e02a2ee2e5f19fca0f65825114b5931df41eaf32f2a25a4fbe791ce25c39512a1482ac4d28570519d69cdfc88dc300bd443b966722dfa5ef8980b1ecd6732a4fce2fc0eec61cf9d39872f65cf8f407e7f9569f01d14a55f7385f19c28b370fcdebf337e0f6c8d271fe95c1018a08265cc54c42822a89dff6f66f9f09b01b932fb2f4f7c8310e787eefb37c9557de3a64fb39e0068a5b274578b458d86669f5d131a19cf99c7d7e68610caf525121f349d348a5e5e438ba5cc3fa7a5f1464e5656fff34f48151aedb8cdc88540f31e30216c16ebbf7b1a28f41015e9df85ef9f3b19f7d1ad736eba9c2d67e1bb4a0e317bf7f8191d7fb2ece321a73ca2c72fea127af96d8930c0568b13bb31ed35c510d8e34e77e92de07ac31536bddc2c0c4829982f56b3a1dfaf1e9a3a67dfa20ffeedf20f213339e60e8e3ebd00fcf0e08066a6ab4fe58a59ffba1bad913292927000cff5ea9ecb2766ea75c8d699f6da3063f54482f370011a8cdfe2b9c9680019d275818c2074d4480321fcf7a69b20ae6f349de07f0047f934e5c404058c443bc4d239cdb0d42919041e89bd332dc92f8005986aca533c689d2f296227cfd13b485bbde104095a9d4fb5fd7cd6818786ceb898e4b8208e810e96dcb6e78ee7c229d42ed8f8ffd9b8d3e125861c7dd313b3e5c010890bb3409c9a3d81d81b748b6b3ca4e069edfb38b12b57dd6163de0ae4271f9acbd0a6327433b7492b62be9a53532bf02664c14598a3afbb1e82996040b422c1df5650484684e4458d6d1a2d8b1ca966ed2852cf2bb10970c8e734213e1e8a4c85df3c9a1216ca168f58fc8d650fb833e576f8bb1c08c32de8c1360072a3be1449a8c7c85d429ada21e338a9724ee873bd29150d022eae187d5e7aa151fd3a641190c661b1c11e85c3e6a704e2289b000e695f40913ff4816b4831412ec0e1162f707162902384593c739c48c4e9f5b57f7fa2affe9ebb5225a8ccbfea7bd9cd4d91207a86abc6062d68f743db92e0cb8d462fede7f88767b890c1d2f16940b1f9e087b8b41bba8af3f01412c741e628b64b700adbe227b3e8776887a5850c4eb831c471598c207cff80987b3f6e856dee577662721bd9b88f69b9158a56a2741531428a136128e0be3cc2cacc679fd24cf97f54585c6ec3db6cfc553772ee56ea4be2eefc83a2b4cac718a019363797bc48bc2fbbc9436cedaf330f086e7d3164b5dd73ded73aa063ade20ee3c12b97322a239aed93f067062e2b5231a1a59c159cc833a73c967dba7d5d68a3612e7d9df7af54a07ed21b76a4671dbb9d68808a6869095c3ec137240db8420114ab7fe156d76bd8690a1e4006b4003e097cf925809a2f8fd14884ba25b29f257bf7fa3221d9339c73937ca15e07567869735fcbd53f54c3bbfc9cf40cdc86b52b37018612f98bd73dc8edb8cd1f94286facb07bf2a40d2a05445f73c9a2a0e36366004802cf043746f906fe77076733d8533d9e6cd875094ec2c147773be2e9b92fab73fefa267b38e7356e915076b08c7818ddf03a1bfe85ee46df4ff86781ec535834d584a40a44611428a8d20cd728d0f368627b206373027ecf9c398662346e93a6360b76177e9259330d1e32c30682fafd82626a1fc1d97dd4104ba66eeb0882c4686bf3e4a0bd5f54eeae8b872dada44cda81c17b6a9551647331cc2d63c14e07831385122f6cb9f85a0e3af5cf28f528b91f34ae63432c0178b0265f167d2a124a8d9c5e2de9c5e334d7149c6fd0099b08939af4baf957535852f97f137971c92b15c094c83d67d5354e0b4796416671f77599bf6b8705615505d48e1e152c202e92a29be55769f840799d1cbd20a3a1788d55b00d5d166ff5bae2fa1493e083be5ab07d80b68b62095a3d5c3a6b299bfba7ae3235c3eb3582b417b8a6b53e545e0b060e1639d6be37c79dfc8e2b0b89f956ee203ab15094b114016b5c96bf4aeed4ed4c4d2b91e888a1c3ed14a873d4e8c01ed7405f409605c", @ANYBLOB="010026bd7000fcdbdf2501000000", @ANYRES32=0x4, @ANYBLOB="080001002e53520008000200", @ANYRES32=r2], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80) bpf$auto(0xd, 0x0, 0x6f5) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) socket(0x10, 0x2, 0x0) 3.182425818s ago: executing program 5 (id=2986): socket(0x28, 0x1, 0x0) r0 = open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000001380)={0x2, 0x0, [{0x277, 0x400, 0xffffffffffffffff}]}) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/rt_acct\x00', 0x840, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000180)=""/138, 0x8a) unshare$auto(0x40000080) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x401, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYRES16=r4, @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b80040043"], 0x40}, 0x1, 0x0, 0x0, 0x20004040}, 0x44) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fedbdf2502000000080003008000400008001d"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x841) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) msgsnd$auto(0x1, &(0x7f0000000040)={0xfffffffffffffff8, 0x2}, 0xbde, 0x5) 3.137419904s ago: executing program 0 (id=2987): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101e81, 0x0) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) r3 = ioctl$auto_TUNSETCARRIER(r1, 0x400454e2, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/module/ib_iser/parameters/max_sectors\x00', 0x20a42, 0x0) sendfile$auto(r4, r4, 0x0, 0x4f64a1d2) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) r5 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_add_rule$auto(r5, 0x2, 0x0, 0x0) r6 = epoll_create$auto(0x3e) epoll_ctl$auto(r6, 0x1, 0x8000000000000000, 0x0) ioctl$auto_EVIOCSKEYCODE_V2(r6, 0x40284504, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/max_page_sharing\x00', 0x1ab101, 0x0) write$auto(r7, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r8 = io_uring_setup$auto(0x1, 0x0) r9 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000040), r8) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(r8, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r9, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x7fff}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x3f7}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x101}]}, 0x2c}}, 0x4000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101f81, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 2.969941973s ago: executing program 4 (id=2988): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'}) r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc854}, 0x0) (async) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc854}, 0x0) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/ip_vs_stats\x00', 0x121140, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/ip_vs_stats\x00', 0x121140, 0x0) read$auto(0x3, 0x0, 0x80) socket(0xb, 0x1, 0x7) (async) r2 = socket(0xb, 0x1, 0x7) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x8, 0x2020009, 0x8000000001, 0xeb1, r2, 0x8000) (async) mmap$auto(0x8, 0x2020009, 0x8000000001, 0xeb1, r2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x11, 0x3, 0x9) (async) socket(0x11, 0x3, 0x9) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event2\x00', 0x20881, 0x0) socket(0x15, 0x4, 0x400c) (async) socket(0x15, 0x4, 0x400c) r5 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x3, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async) mmap$auto(0x3, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r6 = socket(0x5, 0x2, 0x1) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYRES32=r5, @ANYRES16=r1, @ANYBLOB="00022abd7000dddbdf25020001000800030000000000080015"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) (async) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x4004010}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES64=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES64=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYRESDEC=r3, @ANYRESOCT=r6], 0x1ac}, 0x1, 0x0, 0x0, 0x2000000}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xcb}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x3, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) 2.755068497s ago: executing program 0 (id=2989): eventfd2$auto(0x1, 0x1e17) r0 = prctl$auto_PR_SYS_DISPATCH_ON(0x8, 0x1, 0x0, 0xffffffff7fffffff, 0xffffffffffffffff) write$auto(r0, &(0x7f0000000040)='!\x00', 0x1) write$auto(0xffffffffffffffff, 0x0, 0xc6) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto_SO_BROADCAST(r0, 0x9, 0x6, &(0x7f0000000080)='$&:\x00', 0x80000000) r1 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0xff, 0x3, 0x0, 0x2, 0xfff) ioctl$auto_PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000000)=0x1) 2.692114667s ago: executing program 2 (id=2990): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000001440), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_GET(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400ffff", @ANYRES16=r3, @ANYBLOB="83d72dbd7000fbdbdf2504"], 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x4040) 2.609277354s ago: executing program 5 (id=2991): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syz_clone(0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x2003ec, 0x14) mmap$auto(0x0, 0x3acc, 0x2, 0xfffffffffffff7b5, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0xa, 0x2, 0x3a) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000) setsockopt$auto(r1, 0x29, 0x39, 0x0, 0x110) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000004440)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYRES16=r3], 0x1ac}}, 0x40000) recvmmsg$auto(r5, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) 2.567817184s ago: executing program 0 (id=2992): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x3, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/bluetooth/hci2/force_devcoredump\x00', 0x500, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) socket(0x2, 0x5, 0x0) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) socket(0x2, 0x801, 0x100) socket(0x25, 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x4000, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = pidfd_open$auto(0x1, 0x0) setns(r3, 0x20000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0xe4, 0x95f4da0a, 0xfffffffffff7ffff, 0x3, 0x62, 0x80000001, 0xa, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r4 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) move_mount$auto(r4, 0x0, r4, 0x0, 0x277) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948d, 0x3, 0x15f4da0a, 0x4, 0xffffffffffffff3f, 0x100, 0x8000001f, 0x29, 0x6d3e, 0x6, 0x2, 0x6]}, 0x0) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x84, 0xf3, 0xb0, @raw=0xfffff010}}) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) mmap$auto(0x4, 0x20008, 0x5d, 0xfffffffffffffffd, 0x40000000000a5, 0x5) socket(0x2, 0x801, 0x106) 2.512150649s ago: executing program 2 (id=2993): mmap$auto(0x0, 0x0, 0xc00000072, 0xfffffffffffffff7, 0x1000000002, 0x8000) r0 = io_uring_setup$auto(0x86, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) ioctl$auto_PPPIOCSDEBUG(r1, 0x40047440, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x400000000000001, 0x100000007, 0x800000000000000d, 0x8fd6, 0x19488, 0x3, 0x8, 0x7f, 0x2, 0xffffffffffffffff, 0xdfe, 0x8, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x128e2, 0x0) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/dynamic_debug/control\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x200000000003, 0x2f4a3a23) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/netdevsim/link_device\x00', 0xc0481, 0x0) socket(0x18, 0x3, 0x1) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/dirty_writeback_centisecs\x00', 0x163041, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r4 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000040)={0x4, "87fe7b014077e08701ee88c6923077b8542c55f8c30ccb575540f50c0a515ca3", @inferred=r4}) r5 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) close_range$auto(0x2, 0x8, 0x0) read$auto(r5, &(0x7f0000000080)='\xbb\x00', 0x3) openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x30100, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE_JOURNAL(r0, 0x4018bc0f, &(0x7f0000000180)={0xa, 0x0, 0x364, 0x6}) 1.921675915s ago: executing program 4 (id=2994): setfsuid$auto(0xee00) mmap$auto(0x8, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffff8) readlink$auto(0x0, 0x0, 0x7) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r0 = set_tid_address$auto(0x0) getdents$auto(0xffffffffffffffff, 0x0, 0x3f1) getdents$auto(0xffffffffffffffff, 0x0, 0x40012) sched_rr_get_interval$auto(r0, 0x0) lseek$auto(0x3, 0x8, 0x3) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/020/001\x00', 0x80000, 0x0) socket(0x25, 0x1, 0x3) setsockopt$auto(0xffffffffffffffff, 0x9, 0x3, 0x0, 0x5) mknod$auto(&(0x7f00000000c0)='./file1\x00', 0x5, 0x804) socket(0x1f, 0x6, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0xa8a00, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'}) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2d16473b2de33d7b, 0x4) r1 = socket(0x1d, 0x2, 0x9) r2 = socket(0x2, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r1, &(0x7f0000000000)=@can={0x1d, r3}, 0x6a) r4 = socket$nl_generic(0x10, 0x3, 0x10) bind$auto(r4, 0x0, 0x9) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'vcan0\x00'}) 1.303817695s ago: executing program 0 (id=2995): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (fail_nth: 35) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) 291.196718ms ago: executing program 4 (id=2996): ioprio_get$auto(0x3, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x8de, 0x8000000000000df, 0x4000591b, 0x2, 0xb) socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2b, 0x1, 0x1) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x8100000a3d1) select$auto(0x9, 0x0, 0x0, 0x0, 0x0) select$auto(0x9, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_GET_STATS(r2, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0xa0, r3, 0x100, 0x70bd28, 0x800, {}, "07d7e91d141f09d98bb09800beb91987abd2cf92daa82aaf20a8c2ff93394bd8685018babc4ac6f40bcca06bb07ffca0376a8e5a621123d7f83dde95ffb5be54e2712f2d5db6ff14deb60a830dc0c35a7825f87cc2962f392fc1240681b50410c7a99d2708dff96eb2310e86cf3a35987bfc808224cbb80dd59867fe16c7c8d202e5485a09c406a3244855"}, 0xa0}, 0x1, 0x0, 0x0, 0x20002000}, 0x4000040) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000280)={0xf8, r3, 0x300, 0x70bd2d, 0x25dfdbfb, {}, "8da487041aa555b0e2f076af5ccd37cb7b3db448732d67258189ee8b88add0d49adc2cdb3ca94e725b4638af0d523c7220938632bf26fbe0424010071d4a132b3775570711fda1517fddf51e649363a64e29b524714ff6bccba88538ae057a7b8620915bef8383326d3341199e0107cdaf15ba1d1c00a9600b5546957c282c34c9ad7e4e8fcdde4ec3e595d9856039cf5e6642d587104447dc68398445d31b2daeaade69b61343aade78762df4e0197dcd783618a0f4c82b70da615394846371a052127c81b5313dedbbaa33f6f11b1ff2a8e56ccb3b5bd0baa9af3472c1d979f2"}, 0xf8}, 0x1, 0x0, 0x0, 0x8004}, 0x40) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0x4, 0x80}, 0x96) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc) write$auto(0x3, 0x0, 0xfffffdef) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r4, 0x5408, 0x0) 288.487569ms ago: executing program 2 (id=2997): r0 = prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x5, 0xfffffffd, 0x7, 0xee00, 0x6) r1 = openat$auto_evm_key_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000080), 0x40802, 0x0) r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) read$auto(r2, 0x0, 0x1) write$auto_evm_key_ops_evm_secfs(r1, 0x0, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x418000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x18, r3, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4140}, 0x45) process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x8, &(0x7f0000002a40)={0x0, 0x7fffffff}, 0x6, 0x0) 113.720976ms ago: executing program 0 (id=2998): r0 = openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002640)='/sys/kernel/debug/tracing/set_event_pid\x00', 0x2002, 0x0) r1 = openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/set_event_pid\x00', 0x105c00, 0x0) write$auto_ftrace_set_event_pid_fops_trace_events(r1, &(0x7f0000000040)="ba4f9658a778c3b7869c10fe8999331e122cbd29433d0e1bd787c1d43a28efafeaf45706af6b45d3a5f669d1c9d2cb7e17f76d183167ceed629d28952599f288a26a9bd67ea0c05e2f3c77d497f93610b9c0cffc1b9a3af70607593c53dbba1a94f48922969b63b55fce57d0c771377e76970697068a3061bccf0e18021b", 0x7e) read$auto_ftrace_set_event_pid_fops_trace_events(r0, &(0x7f0000000100)=""/126, 0x7e) 0s ago: executing program 0 (id=2999): ioperm$auto(0xffffffffffffffff, 0x389, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101e01, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) r1 = epoll_create$auto(0x3e) epoll_ctl$auto(r1, 0x1, 0x8000000000000000, 0x0) ioctl$auto_EVIOCSKEYCODE_V2(r1, 0x40284504, 0x0) io_uring_setup$auto(0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101f81, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) kernel console output (not intermixed with test programs): c20 [ 1057.798447][T19875] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1057.798483][T19875] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1057.798522][T19875] shmem_get_folio_gfp+0x67f/0x1600 [ 1057.798550][T19875] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1057.798575][T19875] ? __pfx_timestamp_truncate+0x10/0x10 [ 1057.798601][T19875] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1057.798636][T19875] shmem_fault+0x1fe/0xa30 [ 1057.798660][T19875] ? current_time+0x11d/0x1a0 [ 1057.798684][T19875] ? __pfx_shmem_fault+0x10/0x10 [ 1057.798707][T19875] ? __up_read+0x1f8/0x750 [ 1057.798738][T19875] ? __pfx___up_read+0x10/0x10 [ 1057.798769][T19875] ? fault_dirty_shared_page+0x573/0x6c0 [ 1057.798797][T19875] ? inode_to_bdi+0x9e/0x160 [ 1057.798824][T19875] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 1057.798862][T19875] ? __pfx_filemap_map_pages+0x10/0x10 [ 1057.798887][T19875] __do_fault+0x10d/0x490 [ 1057.798931][T19875] ? lock_acquire+0x2cd/0x350 [ 1057.798973][T19875] ? __pfx_filemap_map_pages+0x10/0x10 [ 1057.798998][T19875] do_pte_missing+0x1a6/0x3ba0 [ 1057.799037][T19875] ? __handle_mm_fault+0x14fd/0x2a50 [ 1057.799059][T19875] ? rcu_is_watching+0x12/0xc0 [ 1057.799081][T19875] ? lock_release+0x201/0x2f0 [ 1057.799111][T19875] __handle_mm_fault+0x152a/0x2a50 [ 1057.799137][T19875] ? __pfx___handle_mm_fault+0x10/0x10 [ 1057.799161][T19875] ? __pte_offset_map_lock+0x174/0x310 [ 1057.799197][T19875] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1057.799241][T19875] handle_mm_fault+0x589/0xd10 [ 1057.799266][T19875] __get_user_pages+0x551/0x34a0 [ 1057.799303][T19875] ? down_read_killable+0x220/0x4b0 [ 1057.799337][T19875] ? __pfx___get_user_pages+0x10/0x10 [ 1057.799375][T19875] faultin_page_range+0x338/0x940 [ 1057.799414][T19875] madvise_do_behavior+0x34c/0x530 [ 1057.799469][T19875] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1057.799504][T19875] ? down_read+0x13d/0x480 [ 1057.799538][T19875] ? preempt_count_add+0x76/0x150 [ 1057.799575][T19875] do_madvise+0x176/0x240 [ 1057.799607][T19875] ? __pfx_do_madvise+0x10/0x10 [ 1057.799640][T19875] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1057.799675][T19875] ? __fget_files+0x20e/0x3c0 [ 1057.799705][T19875] ? __pfx_ksys_write+0x10/0x10 [ 1057.799735][T19875] __x64_sys_madvise+0xa9/0x110 [ 1057.799768][T19875] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1057.799805][T19875] do_syscall_64+0xcd/0x490 [ 1057.799836][T19875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1057.799860][T19875] RIP: 0033:0x7f6e9dd8ebe9 [ 1057.799877][T19875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1057.799900][T19875] RSP: 002b:00007f6e9ebca038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1057.799922][T19875] RAX: ffffffffffffffda RBX: 00007f6e9dfb5fa0 RCX: 00007f6e9dd8ebe9 [ 1057.799938][T19875] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1057.799953][T19875] RBP: 00007f6e9ebca090 R08: 0000000000000000 R09: 0000000000000000 [ 1057.799967][T19875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1057.799981][T19875] R13: 00007f6e9dfb6038 R14: 00007f6e9dfb5fa0 R15: 00007ffe46e755e8 [ 1057.800004][T19875] [ 1059.115832][T19853] kexec: Could not allocate control_code_buffer [ 1060.286765][T19899] FAULT_INJECTION: forcing a failure. [ 1060.286765][T19899] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1060.406065][T19899] CPU: 0 UID: 0 PID: 19899 Comm: syz.2.2803 Tainted: G U syzkaller #0 PREEMPT(full) [ 1060.406131][T19899] Tainted: [U]=USER [ 1060.406142][T19899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1060.406161][T19899] Call Trace: [ 1060.406172][T19899] [ 1060.406184][T19899] dump_stack_lvl+0x16c/0x1f0 [ 1060.406253][T19899] should_fail_ex+0x512/0x640 [ 1060.406299][T19899] _copy_from_user+0x2e/0xd0 [ 1060.406347][T19899] user_termio_to_kernel_termios+0x97/0x250 [ 1060.406390][T19899] ? __pfx_user_termio_to_kernel_termios+0x10/0x10 [ 1060.406429][T19899] ? lock_release+0x201/0x2f0 [ 1060.406473][T19899] set_termios+0x5b2/0x880 [ 1060.406505][T19899] ? uart_ioctl+0x1ac3/0x2d30 [ 1060.406566][T19899] ? rcu_is_watching+0x12/0xc0 [ 1060.406599][T19899] ? __pfx_set_termios+0x10/0x10 [ 1060.406632][T19899] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1060.406683][T19899] tty_mode_ioctl+0x15e/0xd30 [ 1060.406720][T19899] ? __pfx_tty_mode_ioctl+0x10/0x10 [ 1060.406759][T19899] ? __pfx_uart_ioctl+0x10/0x10 [ 1060.406805][T19899] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 1060.406862][T19899] ? __pfx_n_tty_ioctl+0x10/0x10 [ 1060.406911][T19899] n_tty_ioctl_helper+0x4b/0x2b0 [ 1060.406948][T19899] n_tty_ioctl+0x7f/0x370 [ 1060.407000][T19899] ? __pfx_n_tty_ioctl+0x10/0x10 [ 1060.407048][T19899] tty_ioctl+0x700/0x1680 [ 1060.407092][T19899] ? __pfx_tty_ioctl+0x10/0x10 [ 1060.407139][T19899] ? rcu_is_watching+0x12/0xc0 [ 1060.407172][T19899] ? __fget_files+0x204/0x3c0 [ 1060.407205][T19899] ? hook_file_ioctl_common+0x145/0x410 [ 1060.407258][T19899] ? __fget_files+0x20e/0x3c0 [ 1060.407294][T19899] ? __pfx_tty_ioctl+0x10/0x10 [ 1060.407336][T19899] __x64_sys_ioctl+0x18e/0x210 [ 1060.407387][T19899] do_syscall_64+0xcd/0x490 [ 1060.407430][T19899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1060.407462][T19899] RIP: 0033:0x7f944338ebe9 [ 1060.407487][T19899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1060.407519][T19899] RSP: 002b:00007f9444174038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1060.407550][T19899] RAX: ffffffffffffffda RBX: 00007f94435b6180 RCX: 00007f944338ebe9 [ 1060.407572][T19899] RDX: 0000000000000000 RSI: 0000000000005408 RDI: 0000000000000004 [ 1060.407592][T19899] RBP: 00007f9444174090 R08: 0000000000000000 R09: 0000000000000000 [ 1060.407612][T19899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1060.407632][T19899] R13: 00007f94435b6218 R14: 00007f94435b6180 R15: 00007fff0c377ae8 [ 1060.407664][T19899] [ 1060.847545][T19904] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1061.064149][T19895] ptrace attach of "./syz-executor exec"[19906] was attempted by "./syz-executor exec"[19895] [ 1063.647630][T19953] FAULT_INJECTION: forcing a failure. [ 1063.647630][T19953] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1063.705964][T19953] CPU: 1 UID: 0 PID: 19953 Comm: syz.5.2815 Tainted: G U syzkaller #0 PREEMPT(full) [ 1063.706013][T19953] Tainted: [U]=USER [ 1063.706024][T19953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1063.706043][T19953] Call Trace: [ 1063.706054][T19953] [ 1063.706065][T19953] dump_stack_lvl+0x16c/0x1f0 [ 1063.706109][T19953] should_fail_ex+0x512/0x640 [ 1063.706155][T19953] _copy_from_user+0x2e/0xd0 [ 1063.706211][T19953] copy_msghdr_from_user+0x98/0x160 [ 1063.706251][T19953] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1063.706298][T19953] ? kfree+0x24f/0x4d0 [ 1063.706324][T19953] ? __pfx__kstrtoull+0x10/0x10 [ 1063.706363][T19953] ___sys_sendmsg+0xfe/0x1d0 [ 1063.706401][T19953] ? __pfx____sys_sendmsg+0x10/0x10 [ 1063.706447][T19953] ? rcu_is_watching+0x12/0xc0 [ 1063.706486][T19953] ? __pfx___might_resched+0x10/0x10 [ 1063.706521][T19953] __sys_sendmmsg+0x200/0x420 [ 1063.706563][T19953] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1063.706653][T19953] ? lock_release+0x201/0x2f0 [ 1063.706700][T19953] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1063.706750][T19953] ? fput+0x9b/0xd0 [ 1063.706884][T19953] ? ksys_write+0x1ac/0x250 [ 1063.706920][T19953] ? __pfx_ksys_write+0x10/0x10 [ 1063.706958][T19953] __x64_sys_sendmmsg+0x9c/0x100 [ 1063.706997][T19953] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1063.707058][T19953] do_syscall_64+0xcd/0x490 [ 1063.707099][T19953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1063.707151][T19953] RIP: 0033:0x7fdeb2b8ebe9 [ 1063.707175][T19953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1063.707209][T19953] RSP: 002b:00007fdeb3ab6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1063.707240][T19953] RAX: ffffffffffffffda RBX: 00007fdeb2db6090 RCX: 00007fdeb2b8ebe9 [ 1063.707262][T19953] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1063.707281][T19953] RBP: 00007fdeb3ab6090 R08: 0000000000000000 R09: 0000000000000000 [ 1063.707302][T19953] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1063.707321][T19953] R13: 00007fdeb2db6128 R14: 00007fdeb2db6090 R15: 00007ffe2de92508 [ 1063.707350][T19953] [ 1064.291607][T19957] FAULT_INJECTION: forcing a failure. [ 1064.291607][T19957] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1064.377729][T19957] CPU: 1 UID: 0 PID: 19957 Comm: syz.2.2817 Tainted: G U syzkaller #0 PREEMPT(full) [ 1064.377778][T19957] Tainted: [U]=USER [ 1064.377789][T19957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1064.377817][T19957] Call Trace: [ 1064.377828][T19957] [ 1064.377839][T19957] dump_stack_lvl+0x16c/0x1f0 [ 1064.377884][T19957] should_fail_ex+0x512/0x640 [ 1064.377932][T19957] should_fail_alloc_page+0xe7/0x130 [ 1064.377977][T19957] prepare_alloc_pages+0x3c2/0x610 [ 1064.378024][T19957] ? rcu_is_watching+0x12/0xc0 [ 1064.378059][T19957] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1064.378098][T19957] ? rcu_is_watching+0x12/0xc0 [ 1064.378129][T19957] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1064.378176][T19957] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 1064.378214][T19957] ? xas_alloc+0x34f/0x460 [ 1064.378254][T19957] ? xas_alloc+0x27c/0x460 [ 1064.378290][T19957] ? css_rstat_updated+0x1c2/0x510 [ 1064.378321][T19957] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1064.378361][T19957] ? do_raw_spin_lock+0x12c/0x2b0 [ 1064.378410][T19957] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1064.378460][T19957] ? do_raw_spin_unlock+0x172/0x230 [ 1064.378508][T19957] ? _raw_spin_unlock+0x28/0x50 [ 1064.378541][T19957] ? __dquot_alloc_space+0x520/0xe20 [ 1064.378583][T19957] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1064.378631][T19957] ? policy_nodemask+0xea/0x4e0 [ 1064.378674][T19957] alloc_pages_mpol+0x1fb/0x550 [ 1064.378715][T19957] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1064.378757][T19957] ? __folio_batch_add_and_move+0x602/0xc90 [ 1064.378797][T19957] ? rcu_is_watching+0x12/0xc0 [ 1064.378837][T19957] ? lock_release+0x201/0x2f0 [ 1064.378878][T19957] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1064.378927][T19957] shmem_alloc_folio+0x135/0x160 [ 1064.378977][T19957] shmem_alloc_and_add_folio+0x499/0xc20 [ 1064.379030][T19957] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1064.379068][T19957] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1064.379108][T19957] shmem_get_folio_gfp+0x67f/0x1600 [ 1064.379148][T19957] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1064.379183][T19957] ? __pfx_timestamp_truncate+0x10/0x10 [ 1064.379220][T19957] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1064.379291][T19957] shmem_fault+0x1fe/0xa30 [ 1064.379326][T19957] ? current_time+0x11d/0x1a0 [ 1064.379363][T19957] ? __pfx_shmem_fault+0x10/0x10 [ 1064.379399][T19957] ? __up_read+0x1f8/0x750 [ 1064.379446][T19957] ? __pfx___up_read+0x10/0x10 [ 1064.379492][T19957] ? fault_dirty_shared_page+0x573/0x6c0 [ 1064.379536][T19957] ? inode_to_bdi+0x9e/0x160 [ 1064.379577][T19957] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 1064.379633][T19957] ? __pfx_filemap_map_pages+0x10/0x10 [ 1064.379672][T19957] __do_fault+0x10d/0x490 [ 1064.379709][T19957] ? lock_acquire+0x2cd/0x350 [ 1064.379751][T19957] ? __pfx_filemap_map_pages+0x10/0x10 [ 1064.379790][T19957] do_pte_missing+0x1a6/0x3ba0 [ 1064.379830][T19957] ? __handle_mm_fault+0x14fd/0x2a50 [ 1064.379860][T19957] ? rcu_is_watching+0x12/0xc0 [ 1064.379892][T19957] ? lock_release+0x201/0x2f0 [ 1064.379936][T19957] __handle_mm_fault+0x152a/0x2a50 [ 1064.379974][T19957] ? __pfx___handle_mm_fault+0x10/0x10 [ 1064.380009][T19957] ? __pte_offset_map_lock+0x174/0x310 [ 1064.380062][T19957] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1064.380116][T19957] handle_mm_fault+0x589/0xd10 [ 1064.380152][T19957] __get_user_pages+0x551/0x34a0 [ 1064.380205][T19957] ? down_read_killable+0x220/0x4b0 [ 1064.380264][T19957] ? __pfx___get_user_pages+0x10/0x10 [ 1064.380312][T19957] faultin_page_range+0x338/0x940 [ 1064.380365][T19957] madvise_do_behavior+0x34c/0x530 [ 1064.380412][T19957] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1064.380458][T19957] ? down_read+0x13d/0x480 [ 1064.380504][T19957] ? preempt_count_add+0x76/0x150 [ 1064.380552][T19957] do_madvise+0x176/0x240 [ 1064.380596][T19957] ? __pfx_do_madvise+0x10/0x10 [ 1064.380636][T19957] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1064.380682][T19957] ? __fget_files+0x20e/0x3c0 [ 1064.380721][T19957] ? __pfx_ksys_write+0x10/0x10 [ 1064.380759][T19957] __x64_sys_madvise+0xa9/0x110 [ 1064.380809][T19957] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1064.380856][T19957] do_syscall_64+0xcd/0x490 [ 1064.380895][T19957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.380947][T19957] RIP: 0033:0x7f944338ebe9 [ 1064.380970][T19957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1064.381003][T19957] RSP: 002b:00007f94441b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1064.381033][T19957] RAX: ffffffffffffffda RBX: 00007f94435b5fa0 RCX: 00007f944338ebe9 [ 1064.381054][T19957] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1064.381075][T19957] RBP: 00007f94441b6090 R08: 0000000000000000 R09: 0000000000000000 [ 1064.381095][T19957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1064.381114][T19957] R13: 00007f94435b6038 R14: 00007f94435b5fa0 R15: 00007fff0c377ae8 [ 1064.381144][T19957] [ 1065.376942][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1065.383242][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1065.517908][T19966] FAULT_INJECTION: forcing a failure. [ 1065.517908][T19966] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1065.543979][T19966] CPU: 1 UID: 0 PID: 19966 Comm: syz.4.2820 Tainted: G U syzkaller #0 PREEMPT(full) [ 1065.544030][T19966] Tainted: [U]=USER [ 1065.544041][T19966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1065.544061][T19966] Call Trace: [ 1065.544072][T19966] [ 1065.544084][T19966] dump_stack_lvl+0x16c/0x1f0 [ 1065.544130][T19966] should_fail_ex+0x512/0x640 [ 1065.544180][T19966] should_fail_alloc_page+0xe7/0x130 [ 1065.544226][T19966] prepare_alloc_pages+0x3c2/0x610 [ 1065.544275][T19966] ? rcu_is_watching+0x12/0xc0 [ 1065.544310][T19966] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1065.544355][T19966] ? __cgroup_account_cputime+0xcc/0x120 [ 1065.544394][T19966] ? __pick_eevdf+0x127/0x670 [ 1065.544432][T19966] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1065.544472][T19966] ? __schedule+0x3fef/0x5de0 [ 1065.544508][T19966] ? lock_release+0x201/0x2f0 [ 1065.544548][T19966] ? css_rstat_updated+0x1c2/0x510 [ 1065.544587][T19966] ? rcu_is_watching+0x12/0xc0 [ 1065.544619][T19966] ? lock_acquire+0x2cd/0x350 [ 1065.544662][T19966] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1065.544712][T19966] ? policy_nodemask+0xea/0x4e0 [ 1065.544756][T19966] alloc_pages_mpol+0x1fb/0x550 [ 1065.544799][T19966] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1065.544839][T19966] ? lock_release+0x201/0x2f0 [ 1065.544877][T19966] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1065.544921][T19966] vma_alloc_folio_noprof+0xed/0x1e0 [ 1065.544957][T19966] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1065.545012][T19966] ? rcu_is_watching+0x12/0xc0 [ 1065.545039][T19966] do_pte_missing+0x2230/0x3ba0 [ 1065.545068][T19966] __handle_mm_fault+0x152a/0x2a50 [ 1065.545096][T19966] ? __pfx___handle_mm_fault+0x10/0x10 [ 1065.545122][T19966] ? __pte_offset_map_lock+0x174/0x310 [ 1065.545161][T19966] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1065.545207][T19966] handle_mm_fault+0x589/0xd10 [ 1065.545244][T19966] __get_user_pages+0x551/0x34a0 [ 1065.545286][T19966] ? __pfx___get_user_pages+0x10/0x10 [ 1065.545324][T19966] ? __pfx___might_resched+0x10/0x10 [ 1065.545349][T19966] ? cap_capable+0xb3/0x250 [ 1065.545375][T19966] populate_vma_page_range+0x267/0x3f0 [ 1065.545416][T19966] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1065.545456][T19966] ? __pfx_find_vma_intersection+0x10/0x10 [ 1065.545492][T19966] ? do_mmap+0x69c/0x1210 [ 1065.545528][T19966] __mm_populate+0x1d8/0x380 [ 1065.545568][T19966] ? __pfx___mm_populate+0x10/0x10 [ 1065.545608][T19966] ? up_write+0x1b2/0x520 [ 1065.545646][T19966] vm_mmap_pgoff+0x37f/0x470 [ 1065.545682][T19966] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1065.545720][T19966] ? __x64_sys_futex+0x1e0/0x4c0 [ 1065.545751][T19966] ? __x64_sys_futex+0x1e9/0x4c0 [ 1065.545784][T19966] ksys_mmap_pgoff+0x7d/0x5c0 [ 1065.545818][T19966] ? xfd_validate_state+0x61/0x180 [ 1065.545856][T19966] ? __pfx_do_writev+0x10/0x10 [ 1065.545919][T19966] __x64_sys_mmap+0x125/0x190 [ 1065.545971][T19966] do_syscall_64+0xcd/0x490 [ 1065.546016][T19966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.546048][T19966] RIP: 0033:0x7f6e9dd8ebe9 [ 1065.546073][T19966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1065.546125][T19966] RSP: 002b:00007f6e9eba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1065.546157][T19966] RAX: ffffffffffffffda RBX: 00007f6e9dfb6090 RCX: 00007f6e9dd8ebe9 [ 1065.546180][T19966] RDX: 00000000000000df RSI: 0000000000400005 RDI: 0000000000000000 [ 1065.546200][T19966] RBP: 00007f6e9de11e19 R08: ffffffffffffffff R09: 0000000000008000 [ 1065.546221][T19966] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1065.546241][T19966] R13: 00007f6e9dfb6128 R14: 00007f6e9dfb6090 R15: 00007ffe46e755e8 [ 1065.546274][T19966] [ 1066.437287][T19963] vhci_hcd: invalid port number 16 [ 1066.442460][T19963] vhci_hcd: invalid port number 16 [ 1066.526386][T19982] FAULT_INJECTION: forcing a failure. [ 1066.526386][T19982] name failslab, interval 1, probability 0, space 0, times 0 [ 1066.542707][T19982] CPU: 1 UID: 0 PID: 19982 Comm: syz.2.2822 Tainted: G U syzkaller #0 PREEMPT(full) [ 1066.542744][T19982] Tainted: [U]=USER [ 1066.542752][T19982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1066.542768][T19982] Call Trace: [ 1066.542777][T19982] [ 1066.542786][T19982] dump_stack_lvl+0x16c/0x1f0 [ 1066.542820][T19982] should_fail_ex+0x512/0x640 [ 1066.542855][T19982] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1066.542890][T19982] should_failslab+0xc2/0x120 [ 1066.542920][T19982] __kmalloc_noprof+0xd2/0x510 [ 1066.542946][T19982] ? __pfx_try_to_wake_up+0x10/0x10 [ 1066.542970][T19982] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1066.543004][T19982] ? tomoyo_profile+0x47/0x60 [ 1066.543025][T19982] tomoyo_path_number_perm+0x245/0x580 [ 1066.543053][T19982] ? tomoyo_path_number_perm+0x237/0x580 [ 1066.543081][T19982] ? task_work_cancel_func+0x14/0x30 [ 1066.543118][T19982] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1066.543159][T19982] ? rcu_is_watching+0x12/0xc0 [ 1066.543183][T19982] ? __fget_files+0x204/0x3c0 [ 1066.543207][T19982] ? hook_file_ioctl_common+0x145/0x410 [ 1066.543237][T19982] ? lock_release+0x201/0x2f0 [ 1066.543277][T19982] ? __fget_files+0x20e/0x3c0 [ 1066.543304][T19982] security_file_ioctl+0x9b/0x240 [ 1066.543334][T19982] __x64_sys_ioctl+0xb7/0x210 [ 1066.543372][T19982] do_syscall_64+0xcd/0x490 [ 1066.543404][T19982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1066.543429][T19982] RIP: 0033:0x7f944338ebe9 [ 1066.543452][T19982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1066.543489][T19982] RSP: 002b:00007f9444174038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1066.543524][T19982] RAX: ffffffffffffffda RBX: 00007f94435b6180 RCX: 00007f944338ebe9 [ 1066.543550][T19982] RDX: 0000000000000000 RSI: 0000000000005408 RDI: 0000000000000004 [ 1066.543585][T19982] RBP: 00007f9444174090 R08: 0000000000000000 R09: 0000000000000000 [ 1066.543609][T19982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1066.543631][T19982] R13: 00007f94435b6218 R14: 00007f94435b6180 R15: 00007fff0c377ae8 [ 1066.543661][T19982] [ 1066.543670][T19982] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1067.398504][T19984] ptrace attach of "./syz-executor exec"[19996] was attempted by "./syz-executor exec"[19984] [ 1069.497512][T20038] netlink: 'syz.5.2835': attribute type 1 has an invalid length. [ 1069.497839][T20039] FAULT_INJECTION: forcing a failure. [ 1069.497839][T20039] name failslab, interval 1, probability 0, space 0, times 0 [ 1069.587642][T20039] CPU: 0 UID: 0 PID: 20039 Comm: syz.0.2833 Tainted: G U syzkaller #0 PREEMPT(full) [ 1069.587695][T20039] Tainted: [U]=USER [ 1069.587705][T20039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1069.587724][T20039] Call Trace: [ 1069.587734][T20039] [ 1069.587746][T20039] dump_stack_lvl+0x16c/0x1f0 [ 1069.587792][T20039] should_fail_ex+0x512/0x640 [ 1069.587839][T20039] should_failslab+0xc2/0x120 [ 1069.587881][T20039] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1069.587920][T20039] ? __alloc_skb+0x2b2/0x380 [ 1069.587960][T20039] __alloc_skb+0x2b2/0x380 [ 1069.587996][T20039] ? __pfx___alloc_skb+0x10/0x10 [ 1069.588033][T20039] ? rcu_is_watching+0x12/0xc0 [ 1069.588070][T20039] __ip6_append_data+0x2b74/0x4750 [ 1069.588111][T20039] ? __pfx_raw6_getfrag+0x10/0x10 [ 1069.588164][T20039] ? rcu_is_watching+0x12/0xc0 [ 1069.588199][T20039] ? lock_release+0x201/0x2f0 [ 1069.588242][T20039] ? __pfx___ip6_append_data+0x10/0x10 [ 1069.588277][T20039] ? __pfx_ip6_mtu+0x10/0x10 [ 1069.588316][T20039] ? ip6_setup_cork+0xc51/0x1530 [ 1069.588351][T20039] ip6_append_data+0x1bd/0x4c0 [ 1069.588410][T20039] ? __pfx_raw6_getfrag+0x10/0x10 [ 1069.588464][T20039] rawv6_sendmsg+0x163d/0x4820 [ 1069.588506][T20039] ? aa_label_sk_perm+0x195/0x600 [ 1069.588545][T20039] ? up_write+0x1b2/0x520 [ 1069.588592][T20039] ? aa_profile_af_perm+0x310/0x3a0 [ 1069.588634][T20039] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1069.588669][T20039] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1069.588713][T20039] ? rcu_is_watching+0x12/0xc0 [ 1069.588761][T20039] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1069.588791][T20039] ? inet_sendmsg+0x11c/0x140 [ 1069.588820][T20039] inet_sendmsg+0x11c/0x140 [ 1069.588851][T20039] ____sys_sendmsg+0x973/0xc70 [ 1069.588906][T20039] ? copy_msghdr_from_user+0x10a/0x160 [ 1069.588945][T20039] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1069.588996][T20039] ? kfree+0x24f/0x4d0 [ 1069.589022][T20039] ? __pfx__kstrtoull+0x10/0x10 [ 1069.589081][T20039] ___sys_sendmsg+0x134/0x1d0 [ 1069.589121][T20039] ? __pfx____sys_sendmsg+0x10/0x10 [ 1069.589171][T20039] ? rcu_is_watching+0x12/0xc0 [ 1069.589212][T20039] ? __pfx___might_resched+0x10/0x10 [ 1069.589249][T20039] __sys_sendmmsg+0x200/0x420 [ 1069.589293][T20039] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1069.589334][T20039] ? lock_release+0x201/0x2f0 [ 1069.589389][T20039] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1069.589457][T20039] ? fput+0x9b/0xd0 [ 1069.589498][T20039] ? ksys_write+0x1ac/0x250 [ 1069.589533][T20039] ? __pfx_ksys_write+0x10/0x10 [ 1069.589572][T20039] __x64_sys_sendmmsg+0x9c/0x100 [ 1069.589613][T20039] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1069.589663][T20039] do_syscall_64+0xcd/0x490 [ 1069.589705][T20039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1069.589737][T20039] RIP: 0033:0x7f3dd058ebe9 [ 1069.589761][T20039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1069.589793][T20039] RSP: 002b:00007f3dd1460038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1069.589823][T20039] RAX: ffffffffffffffda RBX: 00007f3dd07b6090 RCX: 00007f3dd058ebe9 [ 1069.589844][T20039] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1069.589864][T20039] RBP: 00007f3dd1460090 R08: 0000000000000000 R09: 0000000000000000 [ 1069.589883][T20039] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1069.589902][T20039] R13: 00007f3dd07b6128 R14: 00007f3dd07b6090 R15: 00007ffd58acbd98 [ 1069.589933][T20039] [ 1070.008768][T20048] FAULT_INJECTION: forcing a failure. [ 1070.008768][T20048] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1070.049760][T20044] FAULT_INJECTION: forcing a failure. [ 1070.049760][T20044] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1070.077965][T20048] CPU: 1 UID: 0 PID: 20048 Comm: syz.5.2838 Tainted: G U syzkaller #0 PREEMPT(full) [ 1070.078003][T20048] Tainted: [U]=USER [ 1070.078011][T20048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1070.078026][T20048] Call Trace: [ 1070.078035][T20048] [ 1070.078043][T20048] dump_stack_lvl+0x16c/0x1f0 [ 1070.078079][T20048] should_fail_ex+0x512/0x640 [ 1070.078117][T20048] should_fail_alloc_page+0xe7/0x130 [ 1070.078153][T20048] prepare_alloc_pages+0x3c2/0x610 [ 1070.078189][T20048] ? rcu_is_watching+0x12/0xc0 [ 1070.078217][T20048] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1070.078247][T20048] ? rcu_is_watching+0x12/0xc0 [ 1070.078271][T20048] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1070.078309][T20048] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 1070.078347][T20048] ? xas_alloc+0x34f/0x460 [ 1070.078397][T20048] ? xas_alloc+0x27c/0x460 [ 1070.078440][T20048] ? css_rstat_updated+0x1c2/0x510 [ 1070.078477][T20048] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1070.078506][T20048] ? do_raw_spin_lock+0x12c/0x2b0 [ 1070.078542][T20048] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1070.078582][T20048] ? do_raw_spin_unlock+0x172/0x230 [ 1070.078618][T20048] ? _raw_spin_unlock+0x28/0x50 [ 1070.078642][T20048] ? __dquot_alloc_space+0x520/0xe20 [ 1070.078673][T20048] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1070.078708][T20048] ? policy_nodemask+0xea/0x4e0 [ 1070.078739][T20048] alloc_pages_mpol+0x1fb/0x550 [ 1070.078770][T20048] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1070.078801][T20048] ? __folio_batch_add_and_move+0x602/0xc90 [ 1070.078832][T20048] ? rcu_is_watching+0x12/0xc0 [ 1070.078855][T20048] ? lock_release+0x201/0x2f0 [ 1070.078886][T20048] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1070.078923][T20048] shmem_alloc_folio+0x135/0x160 [ 1070.078960][T20048] shmem_alloc_and_add_folio+0x499/0xc20 [ 1070.078990][T20048] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1070.079018][T20048] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1070.079048][T20048] shmem_get_folio_gfp+0x67f/0x1600 [ 1070.079077][T20048] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1070.079104][T20048] ? __pfx_timestamp_truncate+0x10/0x10 [ 1070.079131][T20048] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1070.079170][T20048] shmem_fault+0x1fe/0xa30 [ 1070.079195][T20048] ? current_time+0x11d/0x1a0 [ 1070.079222][T20048] ? __pfx_shmem_fault+0x10/0x10 [ 1070.079248][T20048] ? __up_read+0x1f8/0x750 [ 1070.079282][T20048] ? __pfx___up_read+0x10/0x10 [ 1070.079315][T20048] ? fault_dirty_shared_page+0x573/0x6c0 [ 1070.079347][T20048] ? inode_to_bdi+0x9e/0x160 [ 1070.079399][T20048] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 1070.079442][T20048] ? __pfx_filemap_map_pages+0x10/0x10 [ 1070.079471][T20048] __do_fault+0x10d/0x490 [ 1070.079497][T20048] ? lock_acquire+0x2cd/0x350 [ 1070.079527][T20048] ? __pfx_filemap_map_pages+0x10/0x10 [ 1070.079555][T20048] do_pte_missing+0x1a6/0x3ba0 [ 1070.079578][T20048] ? __handle_mm_fault+0x14fd/0x2a50 [ 1070.079600][T20048] ? rcu_is_watching+0x12/0xc0 [ 1070.079622][T20048] ? lock_release+0x201/0x2f0 [ 1070.079653][T20048] __handle_mm_fault+0x152a/0x2a50 [ 1070.079680][T20048] ? __pfx___handle_mm_fault+0x10/0x10 [ 1070.079704][T20048] ? __pte_offset_map_lock+0x174/0x310 [ 1070.079742][T20048] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1070.079782][T20048] handle_mm_fault+0x589/0xd10 [ 1070.079807][T20048] __get_user_pages+0x551/0x34a0 [ 1070.079849][T20048] ? down_read_killable+0x220/0x4b0 [ 1070.079902][T20048] ? __pfx___futex_wait+0x10/0x10 [ 1070.079938][T20048] ? __pfx___get_user_pages+0x10/0x10 [ 1070.079976][T20048] ? __pfx_futex_wake_mark+0x10/0x10 [ 1070.080013][T20048] faultin_page_range+0x338/0x940 [ 1070.080053][T20048] madvise_do_behavior+0x34c/0x530 [ 1070.080090][T20048] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1070.080126][T20048] ? down_read+0x13d/0x480 [ 1070.080165][T20048] do_madvise+0x176/0x240 [ 1070.080198][T20048] ? __pfx_do_madvise+0x10/0x10 [ 1070.080232][T20048] ? do_futex+0x122/0x350 [ 1070.080270][T20048] ? xfd_validate_state+0x61/0x180 [ 1070.080306][T20048] ? __pfx_ksys_read+0x10/0x10 [ 1070.080336][T20048] __x64_sys_madvise+0xa9/0x110 [ 1070.080370][T20048] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1070.080426][T20048] do_syscall_64+0xcd/0x490 [ 1070.080469][T20048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.080503][T20048] RIP: 0033:0x7fdeb2b8ebe9 [ 1070.080527][T20048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1070.080560][T20048] RSP: 002b:00007fdeb3ad7038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1070.080591][T20048] RAX: ffffffffffffffda RBX: 00007fdeb2db5fa0 RCX: 00007fdeb2b8ebe9 [ 1070.080613][T20048] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1070.080636][T20048] RBP: 00007fdeb2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1070.080653][T20048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1070.080673][T20048] R13: 00007fdeb2db6038 R14: 00007fdeb2db5fa0 R15: 00007ffe2de92508 [ 1070.080704][T20048] [ 1070.605970][T20044] CPU: 0 UID: 0 PID: 20044 Comm: syz.4.2836 Tainted: G U syzkaller #0 PREEMPT(full) [ 1070.606020][T20044] Tainted: [U]=USER [ 1070.606031][T20044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1070.606050][T20044] Call Trace: [ 1070.606060][T20044] [ 1070.606071][T20044] dump_stack_lvl+0x16c/0x1f0 [ 1070.606115][T20044] should_fail_ex+0x512/0x640 [ 1070.606162][T20044] should_fail_alloc_page+0xe7/0x130 [ 1070.606206][T20044] prepare_alloc_pages+0x3c2/0x610 [ 1070.606251][T20044] ? rcu_is_watching+0x12/0xc0 [ 1070.606285][T20044] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1070.606322][T20044] ? rcu_is_watching+0x12/0xc0 [ 1070.606352][T20044] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1070.606400][T20044] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 1070.606438][T20044] ? xas_alloc+0x34f/0x460 [ 1070.606476][T20044] ? xas_alloc+0x27c/0x460 [ 1070.606512][T20044] ? css_rstat_updated+0x1c2/0x510 [ 1070.606543][T20044] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1070.606581][T20044] ? do_raw_spin_lock+0x12c/0x2b0 [ 1070.606666][T20044] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1070.606719][T20044] ? do_raw_spin_unlock+0x172/0x230 [ 1070.606767][T20044] ? _raw_spin_unlock+0x28/0x50 [ 1070.606801][T20044] ? __dquot_alloc_space+0x520/0xe20 [ 1070.606843][T20044] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1070.606891][T20044] ? policy_nodemask+0xea/0x4e0 [ 1070.606934][T20044] alloc_pages_mpol+0x1fb/0x550 [ 1070.606975][T20044] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1070.607017][T20044] ? __folio_batch_add_and_move+0x602/0xc90 [ 1070.607075][T20044] ? rcu_is_watching+0x12/0xc0 [ 1070.607118][T20044] ? lock_release+0x201/0x2f0 [ 1070.607162][T20044] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1070.607211][T20044] shmem_alloc_folio+0x135/0x160 [ 1070.607263][T20044] shmem_alloc_and_add_folio+0x499/0xc20 [ 1070.607302][T20044] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1070.607340][T20044] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1070.607380][T20044] shmem_get_folio_gfp+0x67f/0x1600 [ 1070.607421][T20044] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1070.607459][T20044] ? __pfx_timestamp_truncate+0x10/0x10 [ 1070.607495][T20044] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1070.607548][T20044] shmem_fault+0x1fe/0xa30 [ 1070.607582][T20044] ? current_time+0x11d/0x1a0 [ 1070.607627][T20044] ? __pfx_shmem_fault+0x10/0x10 [ 1070.607664][T20044] ? __up_read+0x1f8/0x750 [ 1070.607711][T20044] ? __pfx___up_read+0x10/0x10 [ 1070.607757][T20044] ? fault_dirty_shared_page+0x573/0x6c0 [ 1070.607802][T20044] ? inode_to_bdi+0x9e/0x160 [ 1070.607844][T20044] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 1070.607901][T20044] ? __pfx_filemap_map_pages+0x10/0x10 [ 1070.607938][T20044] __do_fault+0x10d/0x490 [ 1070.607974][T20044] ? lock_acquire+0x2cd/0x350 [ 1070.608015][T20044] ? __pfx_filemap_map_pages+0x10/0x10 [ 1070.608051][T20044] do_pte_missing+0x1a6/0x3ba0 [ 1070.608085][T20044] ? __handle_mm_fault+0x14fd/0x2a50 [ 1070.608115][T20044] ? rcu_is_watching+0x12/0xc0 [ 1070.608147][T20044] ? lock_release+0x201/0x2f0 [ 1070.608189][T20044] __handle_mm_fault+0x152a/0x2a50 [ 1070.608228][T20044] ? __pfx___handle_mm_fault+0x10/0x10 [ 1070.608262][T20044] ? __pte_offset_map_lock+0x174/0x310 [ 1070.608313][T20044] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1070.608366][T20044] handle_mm_fault+0x589/0xd10 [ 1070.608402][T20044] __get_user_pages+0x551/0x34a0 [ 1070.608456][T20044] ? down_read_killable+0x220/0x4b0 [ 1070.608504][T20044] ? __pfx___get_user_pages+0x10/0x10 [ 1070.608558][T20044] faultin_page_range+0x338/0x940 [ 1070.608622][T20044] madvise_do_behavior+0x34c/0x530 [ 1070.608670][T20044] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1070.608717][T20044] ? down_read+0x13d/0x480 [ 1070.608764][T20044] ? preempt_count_add+0x76/0x150 [ 1070.608812][T20044] do_madvise+0x176/0x240 [ 1070.608856][T20044] ? __pfx_do_madvise+0x10/0x10 [ 1070.608900][T20044] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1070.608948][T20044] ? __fget_files+0x20e/0x3c0 [ 1070.608999][T20044] ? __pfx_ksys_write+0x10/0x10 [ 1070.609039][T20044] __x64_sys_madvise+0xa9/0x110 [ 1070.609083][T20044] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1070.609131][T20044] do_syscall_64+0xcd/0x490 [ 1070.609171][T20044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.609204][T20044] RIP: 0033:0x7f6e9dd8ebe9 [ 1070.609228][T20044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1070.609260][T20044] RSP: 002b:00007f6e9ebca038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1070.609290][T20044] RAX: ffffffffffffffda RBX: 00007f6e9dfb5fa0 RCX: 00007f6e9dd8ebe9 [ 1070.609310][T20044] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1070.609329][T20044] RBP: 00007f6e9ebca090 R08: 0000000000000000 R09: 0000000000000000 [ 1070.609349][T20044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1070.609368][T20044] R13: 00007f6e9dfb6038 R14: 00007f6e9dfb5fa0 R15: 00007ffe46e755e8 [ 1070.609399][T20044] [ 1070.614231][T20054] Process accounting resumed [ 1072.312098][T20059] ptrace attach of "./syz-executor exec"[20081] was attempted by "./syz-executor exec"[20059] [ 1072.326734][T20059] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1073.012941][T20092] netlink: 'syz.4.2849': attribute type 4 has an invalid length. [ 1073.029478][T20092] netlink: 314 bytes leftover after parsing attributes in process `syz.4.2849'. [ 1073.040095][T20092] netlink: 'syz.4.2849': attribute type 4 has an invalid length. [ 1073.055981][T20092] netlink: 314 bytes leftover after parsing attributes in process `syz.4.2849'. [ 1075.069029][T20143] FAULT_INJECTION: forcing a failure. [ 1075.069029][T20143] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1075.186074][T20143] CPU: 1 UID: 0 PID: 20143 Comm: syz.4.2859 Tainted: G U syzkaller #0 PREEMPT(full) [ 1075.186121][T20143] Tainted: [U]=USER [ 1075.186132][T20143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1075.186151][T20143] Call Trace: [ 1075.186161][T20143] [ 1075.186173][T20143] dump_stack_lvl+0x16c/0x1f0 [ 1075.186216][T20143] should_fail_ex+0x512/0x640 [ 1075.186269][T20143] should_fail_alloc_page+0xe7/0x130 [ 1075.186314][T20143] prepare_alloc_pages+0x3c2/0x610 [ 1075.186358][T20143] ? rcu_is_watching+0x12/0xc0 [ 1075.186391][T20143] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1075.186430][T20143] ? rcu_is_watching+0x12/0xc0 [ 1075.186460][T20143] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1075.186503][T20143] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 1075.186541][T20143] ? xas_alloc+0x34f/0x460 [ 1075.186581][T20143] ? xas_alloc+0x27c/0x460 [ 1075.186615][T20143] ? css_rstat_updated+0x1c2/0x510 [ 1075.186647][T20143] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1075.186684][T20143] ? do_raw_spin_lock+0x12c/0x2b0 [ 1075.186732][T20143] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1075.186784][T20143] ? do_raw_spin_unlock+0x172/0x230 [ 1075.186823][T20143] ? _raw_spin_unlock+0x28/0x50 [ 1075.186846][T20143] ? __dquot_alloc_space+0x520/0xe20 [ 1075.186876][T20143] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1075.186910][T20143] ? policy_nodemask+0xea/0x4e0 [ 1075.186959][T20143] alloc_pages_mpol+0x1fb/0x550 [ 1075.186990][T20143] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1075.187021][T20143] ? __folio_batch_add_and_move+0x602/0xc90 [ 1075.187058][T20143] ? rcu_is_watching+0x12/0xc0 [ 1075.187080][T20143] ? lock_release+0x201/0x2f0 [ 1075.187112][T20143] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1075.187148][T20143] shmem_alloc_folio+0x135/0x160 [ 1075.187186][T20143] shmem_alloc_and_add_folio+0x499/0xc20 [ 1075.187215][T20143] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1075.187249][T20143] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1075.187279][T20143] shmem_get_folio_gfp+0x67f/0x1600 [ 1075.187309][T20143] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1075.187336][T20143] ? __pfx_timestamp_truncate+0x10/0x10 [ 1075.187364][T20143] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1075.187403][T20143] shmem_fault+0x1fe/0xa30 [ 1075.187429][T20143] ? current_time+0x11d/0x1a0 [ 1075.187456][T20143] ? __pfx_shmem_fault+0x10/0x10 [ 1075.187482][T20143] ? __up_read+0x1f8/0x750 [ 1075.187516][T20143] ? __pfx___up_read+0x10/0x10 [ 1075.187550][T20143] ? fault_dirty_shared_page+0x573/0x6c0 [ 1075.187582][T20143] ? inode_to_bdi+0x9e/0x160 [ 1075.187611][T20143] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 1075.187653][T20143] ? __pfx_filemap_map_pages+0x10/0x10 [ 1075.187681][T20143] __do_fault+0x10d/0x490 [ 1075.187707][T20143] ? lock_acquire+0x2cd/0x350 [ 1075.187738][T20143] ? __pfx_filemap_map_pages+0x10/0x10 [ 1075.187766][T20143] do_pte_missing+0x1a6/0x3ba0 [ 1075.187790][T20143] ? __handle_mm_fault+0x14fd/0x2a50 [ 1075.187812][T20143] ? rcu_is_watching+0x12/0xc0 [ 1075.187835][T20143] ? lock_release+0x201/0x2f0 [ 1075.187866][T20143] __handle_mm_fault+0x152a/0x2a50 [ 1075.187893][T20143] ? __pfx___handle_mm_fault+0x10/0x10 [ 1075.187918][T20143] ? __pte_offset_map_lock+0x174/0x310 [ 1075.187957][T20143] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1075.187997][T20143] handle_mm_fault+0x589/0xd10 [ 1075.188023][T20143] __get_user_pages+0x551/0x34a0 [ 1075.188062][T20143] ? down_read_killable+0x220/0x4b0 [ 1075.188098][T20143] ? __pfx___get_user_pages+0x10/0x10 [ 1075.188136][T20143] faultin_page_range+0x338/0x940 [ 1075.188177][T20143] madvise_do_behavior+0x34c/0x530 [ 1075.188213][T20143] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1075.188255][T20143] ? down_read+0x13d/0x480 [ 1075.188290][T20143] ? preempt_count_add+0x76/0x150 [ 1075.188327][T20143] do_madvise+0x176/0x240 [ 1075.188360][T20143] ? __pfx_do_madvise+0x10/0x10 [ 1075.188392][T20143] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1075.188428][T20143] ? __fget_files+0x20e/0x3c0 [ 1075.188457][T20143] ? __pfx_ksys_write+0x10/0x10 [ 1075.188487][T20143] __x64_sys_madvise+0xa9/0x110 [ 1075.188520][T20143] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1075.188557][T20143] do_syscall_64+0xcd/0x490 [ 1075.188589][T20143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1075.188612][T20143] RIP: 0033:0x7f6e9dd8ebe9 [ 1075.188630][T20143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1075.188655][T20143] RSP: 002b:00007f6e9ebca038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1075.188678][T20143] RAX: ffffffffffffffda RBX: 00007f6e9dfb5fa0 RCX: 00007f6e9dd8ebe9 [ 1075.188695][T20143] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1075.188710][T20143] RBP: 00007f6e9ebca090 R08: 0000000000000000 R09: 0000000000000000 [ 1075.188725][T20143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1075.188740][T20143] R13: 00007f6e9dfb6038 R14: 00007f6e9dfb5fa0 R15: 00007ffe46e755e8 [ 1075.188763][T20143] [ 1076.639258][T20160] FAULT_INJECTION: forcing a failure. [ 1076.639258][T20160] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1076.652763][T20125] ptrace attach of "./syz-executor exec"[20162] was attempted by "./syz-executor exec"[20125] [ 1076.676309][T20160] CPU: 1 UID: 0 PID: 20160 Comm: syz.5.2862 Tainted: G U syzkaller #0 PREEMPT(full) [ 1076.676357][T20160] Tainted: [U]=USER [ 1076.676369][T20160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1076.676389][T20160] Call Trace: [ 1076.676400][T20160] [ 1076.676412][T20160] dump_stack_lvl+0x16c/0x1f0 [ 1076.676457][T20160] should_fail_ex+0x512/0x640 [ 1076.676506][T20160] _copy_from_user+0x2e/0xd0 [ 1076.676557][T20160] user_termio_to_kernel_termios+0x97/0x250 [ 1076.676595][T20160] ? __pfx_user_termio_to_kernel_termios+0x10/0x10 [ 1076.676636][T20160] ? lock_release+0x201/0x2f0 [ 1076.676689][T20160] set_termios+0x5b2/0x880 [ 1076.676724][T20160] ? uart_ioctl+0x1ac3/0x2d30 [ 1076.676769][T20160] ? rcu_is_watching+0x12/0xc0 [ 1076.676807][T20160] ? __pfx_set_termios+0x10/0x10 [ 1076.676860][T20160] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1076.676921][T20160] tty_mode_ioctl+0x15e/0xd30 [ 1076.676959][T20160] ? __pfx_tty_mode_ioctl+0x10/0x10 [ 1076.677001][T20160] ? __pfx_uart_ioctl+0x10/0x10 [ 1076.677052][T20160] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 1076.677105][T20160] ? task_work_cancel_func+0x14/0x30 [ 1076.677161][T20160] ? __pfx_n_tty_ioctl+0x10/0x10 [ 1076.677209][T20160] n_tty_ioctl_helper+0x4b/0x2b0 [ 1076.677246][T20160] n_tty_ioctl+0x7f/0x370 [ 1076.677296][T20160] ? __pfx_n_tty_ioctl+0x10/0x10 [ 1076.677344][T20160] tty_ioctl+0x700/0x1680 [ 1076.677387][T20160] ? __pfx_tty_ioctl+0x10/0x10 [ 1076.677444][T20160] ? rcu_is_watching+0x12/0xc0 [ 1076.677477][T20160] ? __fget_files+0x204/0x3c0 [ 1076.677511][T20160] ? hook_file_ioctl_common+0x145/0x410 [ 1076.677555][T20160] ? __fget_files+0x20e/0x3c0 [ 1076.677592][T20160] ? __pfx_tty_ioctl+0x10/0x10 [ 1076.677634][T20160] __x64_sys_ioctl+0x18e/0x210 [ 1076.677686][T20160] do_syscall_64+0xcd/0x490 [ 1076.677727][T20160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1076.677760][T20160] RIP: 0033:0x7fdeb2b8ebe9 [ 1076.677784][T20160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1076.677816][T20160] RSP: 002b:00007fdeb3a95038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1076.677853][T20160] RAX: ffffffffffffffda RBX: 00007fdeb2db6180 RCX: 00007fdeb2b8ebe9 [ 1076.677877][T20160] RDX: 0000000000000000 RSI: 0000000000005408 RDI: 0000000000000004 [ 1076.677900][T20160] RBP: 00007fdeb3a95090 R08: 0000000000000000 R09: 0000000000000000 [ 1076.677924][T20160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1076.677948][T20160] R13: 00007fdeb2db6218 R14: 00007fdeb2db6180 R15: 00007ffe2de92508 [ 1076.677983][T20160] [ 1076.989046][T20125] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1078.347733][T20205] FAULT_INJECTION: forcing a failure. [ 1078.347733][T20205] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1078.449873][T20205] CPU: 1 UID: 0 PID: 20205 Comm: syz.4.2872 Tainted: G U syzkaller #0 PREEMPT(full) [ 1078.449909][T20205] Tainted: [U]=USER [ 1078.449917][T20205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1078.449930][T20205] Call Trace: [ 1078.449938][T20205] [ 1078.449946][T20205] dump_stack_lvl+0x16c/0x1f0 [ 1078.449978][T20205] should_fail_ex+0x512/0x640 [ 1078.450019][T20205] _copy_from_user+0x2e/0xd0 [ 1078.450055][T20205] copy_msghdr_from_user+0x98/0x160 [ 1078.450085][T20205] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1078.450117][T20205] ? kfree+0x24f/0x4d0 [ 1078.450137][T20205] ? __pfx__kstrtoull+0x10/0x10 [ 1078.450166][T20205] ___sys_sendmsg+0xfe/0x1d0 [ 1078.450195][T20205] ? __pfx____sys_sendmsg+0x10/0x10 [ 1078.450229][T20205] ? rcu_is_watching+0x12/0xc0 [ 1078.450258][T20205] ? __pfx___might_resched+0x10/0x10 [ 1078.450285][T20205] __sys_sendmmsg+0x200/0x420 [ 1078.450316][T20205] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1078.450345][T20205] ? lock_release+0x201/0x2f0 [ 1078.450378][T20205] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1078.450435][T20205] ? fput+0x9b/0xd0 [ 1078.450466][T20205] ? ksys_write+0x1ac/0x250 [ 1078.450491][T20205] ? __pfx_ksys_write+0x10/0x10 [ 1078.450519][T20205] __x64_sys_sendmmsg+0x9c/0x100 [ 1078.450548][T20205] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1078.450584][T20205] do_syscall_64+0xcd/0x490 [ 1078.450615][T20205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1078.450639][T20205] RIP: 0033:0x7f6e9dd8ebe9 [ 1078.450655][T20205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1078.450679][T20205] RSP: 002b:00007f6e9eba9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1078.450701][T20205] RAX: ffffffffffffffda RBX: 00007f6e9dfb6090 RCX: 00007f6e9dd8ebe9 [ 1078.450716][T20205] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1078.450730][T20205] RBP: 00007f6e9eba9090 R08: 0000000000000000 R09: 0000000000000000 [ 1078.450745][T20205] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1078.450761][T20205] R13: 00007f6e9dfb6128 R14: 00007f6e9dfb6090 R15: 00007ffe46e755e8 [ 1078.450783][T20205] [ 1079.985172][T20231] FAULT_INJECTION: forcing a failure. [ 1079.985172][T20231] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1080.009908][T20231] CPU: 1 UID: 0 PID: 20231 Comm: syz.2.2877 Tainted: G U syzkaller #0 PREEMPT(full) [ 1080.009962][T20231] Tainted: [U]=USER [ 1080.009973][T20231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1080.010003][T20231] Call Trace: [ 1080.010013][T20231] [ 1080.010024][T20231] dump_stack_lvl+0x16c/0x1f0 [ 1080.010067][T20231] should_fail_ex+0x512/0x640 [ 1080.010111][T20231] should_fail_alloc_page+0xe7/0x130 [ 1080.010155][T20231] prepare_alloc_pages+0x3c2/0x610 [ 1080.010202][T20231] ? rcu_is_watching+0x12/0xc0 [ 1080.010235][T20231] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1080.010273][T20231] ? rcu_is_watching+0x12/0xc0 [ 1080.010304][T20231] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1080.010351][T20231] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 1080.010389][T20231] ? xas_alloc+0x34f/0x460 [ 1080.010429][T20231] ? xas_alloc+0x27c/0x460 [ 1080.010464][T20231] ? css_rstat_updated+0x1c2/0x510 [ 1080.010513][T20231] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1080.010552][T20231] ? do_raw_spin_lock+0x12c/0x2b0 [ 1080.010599][T20231] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1080.010638][T20231] ? do_raw_spin_unlock+0x172/0x230 [ 1080.010677][T20231] ? _raw_spin_unlock+0x28/0x50 [ 1080.010703][T20231] ? __dquot_alloc_space+0x520/0xe20 [ 1080.010734][T20231] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1080.010770][T20231] ? policy_nodemask+0xea/0x4e0 [ 1080.010801][T20231] alloc_pages_mpol+0x1fb/0x550 [ 1080.010832][T20231] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1080.010864][T20231] ? __folio_batch_add_and_move+0x602/0xc90 [ 1080.010895][T20231] ? rcu_is_watching+0x12/0xc0 [ 1080.010925][T20231] ? lock_release+0x201/0x2f0 [ 1080.010957][T20231] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1080.010994][T20231] shmem_alloc_folio+0x135/0x160 [ 1080.011032][T20231] shmem_alloc_and_add_folio+0x499/0xc20 [ 1080.011062][T20231] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1080.011090][T20231] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1080.011120][T20231] shmem_get_folio_gfp+0x67f/0x1600 [ 1080.011150][T20231] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1080.011191][T20231] ? __pfx_timestamp_truncate+0x10/0x10 [ 1080.011218][T20231] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1080.011256][T20231] shmem_fault+0x1fe/0xa30 [ 1080.011280][T20231] ? current_time+0x11d/0x1a0 [ 1080.011306][T20231] ? __pfx_shmem_fault+0x10/0x10 [ 1080.011331][T20231] ? __up_read+0x1f8/0x750 [ 1080.011365][T20231] ? __pfx___up_read+0x10/0x10 [ 1080.011396][T20231] ? fault_dirty_shared_page+0x573/0x6c0 [ 1080.011427][T20231] ? inode_to_bdi+0x9e/0x160 [ 1080.011456][T20231] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 1080.011496][T20231] ? __pfx_filemap_map_pages+0x10/0x10 [ 1080.011560][T20231] __do_fault+0x10d/0x490 [ 1080.011594][T20231] ? lock_acquire+0x2cd/0x350 [ 1080.011626][T20231] ? __pfx_filemap_map_pages+0x10/0x10 [ 1080.011653][T20231] do_pte_missing+0x1a6/0x3ba0 [ 1080.011681][T20231] ? __handle_mm_fault+0x14fd/0x2a50 [ 1080.011704][T20231] ? rcu_is_watching+0x12/0xc0 [ 1080.011727][T20231] ? lock_release+0x201/0x2f0 [ 1080.011758][T20231] __handle_mm_fault+0x152a/0x2a50 [ 1080.011785][T20231] ? __pfx___handle_mm_fault+0x10/0x10 [ 1080.011810][T20231] ? __pte_offset_map_lock+0x174/0x310 [ 1080.011848][T20231] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1080.011888][T20231] handle_mm_fault+0x589/0xd10 [ 1080.011914][T20231] __get_user_pages+0x551/0x34a0 [ 1080.011962][T20231] ? down_read_killable+0x220/0x4b0 [ 1080.011996][T20231] ? __pfx___get_user_pages+0x10/0x10 [ 1080.012035][T20231] faultin_page_range+0x338/0x940 [ 1080.012075][T20231] madvise_do_behavior+0x34c/0x530 [ 1080.012110][T20231] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1080.012146][T20231] ? down_read+0x13d/0x480 [ 1080.012185][T20231] ? preempt_count_add+0x76/0x150 [ 1080.012222][T20231] do_madvise+0x176/0x240 [ 1080.012255][T20231] ? __pfx_do_madvise+0x10/0x10 [ 1080.012288][T20231] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1080.012323][T20231] ? __fget_files+0x20e/0x3c0 [ 1080.012353][T20231] ? __pfx_ksys_write+0x10/0x10 [ 1080.012383][T20231] __x64_sys_madvise+0xa9/0x110 [ 1080.012416][T20231] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1080.012453][T20231] do_syscall_64+0xcd/0x490 [ 1080.012484][T20231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.012508][T20231] RIP: 0033:0x7f944338ebe9 [ 1080.012526][T20231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1080.012550][T20231] RSP: 002b:00007f94441b6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1080.012573][T20231] RAX: ffffffffffffffda RBX: 00007f94435b5fa0 RCX: 00007f944338ebe9 [ 1080.012589][T20231] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1080.012603][T20231] RBP: 00007f94441b6090 R08: 0000000000000000 R09: 0000000000000000 [ 1080.012618][T20231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1080.012632][T20231] R13: 00007f94435b6038 R14: 00007f94435b5fa0 R15: 00007fff0c377ae8 [ 1080.012654][T20231] [ 1080.915230][T20216] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1082.290366][T20248] ptrace attach of "./syz-executor exec"[20267] was attempted by "./syz-executor exec"[20248] [ 1082.318799][T20248] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1083.006093][ T5869] Bluetooth: hci3: command 0x0406 tx timeout [ 1083.526204][T20290] FAULT_INJECTION: forcing a failure. [ 1083.526204][T20290] name failslab, interval 1, probability 0, space 0, times 0 [ 1083.634826][T20290] CPU: 0 UID: 0 PID: 20290 Comm: syz.5.2890 Tainted: G U syzkaller #0 PREEMPT(full) [ 1083.634879][T20290] Tainted: [U]=USER [ 1083.634890][T20290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1083.634909][T20290] Call Trace: [ 1083.634920][T20290] [ 1083.634932][T20290] dump_stack_lvl+0x16c/0x1f0 [ 1083.634977][T20290] should_fail_ex+0x512/0x640 [ 1083.635026][T20290] should_failslab+0xc2/0x120 [ 1083.635069][T20290] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1083.635109][T20290] ? __alloc_skb+0x2b2/0x380 [ 1083.635150][T20290] __alloc_skb+0x2b2/0x380 [ 1083.635187][T20290] ? __pfx___alloc_skb+0x10/0x10 [ 1083.635227][T20290] ? rcu_is_watching+0x12/0xc0 [ 1083.635264][T20290] __ip6_append_data+0x2b74/0x4750 [ 1083.635306][T20290] ? __pfx_raw6_getfrag+0x10/0x10 [ 1083.635358][T20290] ? rcu_is_watching+0x12/0xc0 [ 1083.635393][T20290] ? lock_release+0x201/0x2f0 [ 1083.635436][T20290] ? __pfx___ip6_append_data+0x10/0x10 [ 1083.635473][T20290] ? __pfx_ip6_mtu+0x10/0x10 [ 1083.635500][T20290] ? ip6_setup_cork+0xc51/0x1530 [ 1083.635536][T20290] ip6_append_data+0x1bd/0x4c0 [ 1083.635572][T20290] ? __pfx_raw6_getfrag+0x10/0x10 [ 1083.635624][T20290] rawv6_sendmsg+0x163d/0x4820 [ 1083.635663][T20290] ? aa_label_sk_perm+0x195/0x600 [ 1083.635706][T20290] ? up_write+0x1b2/0x520 [ 1083.635763][T20290] ? aa_profile_af_perm+0x310/0x3a0 [ 1083.635804][T20290] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1083.635838][T20290] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1083.635886][T20290] ? rcu_is_watching+0x12/0xc0 [ 1083.635933][T20290] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1083.635965][T20290] ? inet_sendmsg+0x11c/0x140 [ 1083.635994][T20290] inet_sendmsg+0x11c/0x140 [ 1083.636025][T20290] ____sys_sendmsg+0x973/0xc70 [ 1083.636076][T20290] ? copy_msghdr_from_user+0x10a/0x160 [ 1083.636107][T20290] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1083.636144][T20290] ? kfree+0x24f/0x4d0 [ 1083.636164][T20290] ? __pfx__kstrtoull+0x10/0x10 [ 1083.636194][T20290] ___sys_sendmsg+0x134/0x1d0 [ 1083.636223][T20290] ? __pfx____sys_sendmsg+0x10/0x10 [ 1083.636277][T20290] ? rcu_is_watching+0x12/0xc0 [ 1083.636306][T20290] ? __pfx___might_resched+0x10/0x10 [ 1083.636333][T20290] __sys_sendmmsg+0x200/0x420 [ 1083.636364][T20290] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1083.636398][T20290] ? lock_release+0x201/0x2f0 [ 1083.636432][T20290] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1083.636470][T20290] ? fput+0x9b/0xd0 [ 1083.636502][T20290] ? ksys_write+0x1ac/0x250 [ 1083.636528][T20290] ? __pfx_ksys_write+0x10/0x10 [ 1083.636557][T20290] __x64_sys_sendmmsg+0x9c/0x100 [ 1083.636586][T20290] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1083.636624][T20290] do_syscall_64+0xcd/0x490 [ 1083.636662][T20290] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1083.636685][T20290] RIP: 0033:0x7fdeb2b8ebe9 [ 1083.636703][T20290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1083.636731][T20290] RSP: 002b:00007fdeb3ab6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1083.636761][T20290] RAX: ffffffffffffffda RBX: 00007fdeb2db6090 RCX: 00007fdeb2b8ebe9 [ 1083.636784][T20290] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1083.636804][T20290] RBP: 00007fdeb3ab6090 R08: 0000000000000000 R09: 0000000000000000 [ 1083.636825][T20290] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1083.636845][T20290] R13: 00007fdeb2db6128 R14: 00007fdeb2db6090 R15: 00007ffe2de92508 [ 1083.636876][T20290] [ 1084.492145][T20302] FAULT_INJECTION: forcing a failure. [ 1084.492145][T20302] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1084.518556][T20302] CPU: 0 UID: 0 PID: 20302 Comm: syz.4.2893 Tainted: G U syzkaller #0 PREEMPT(full) [ 1084.518608][T20302] Tainted: [U]=USER [ 1084.518620][T20302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1084.518639][T20302] Call Trace: [ 1084.518651][T20302] [ 1084.518663][T20302] dump_stack_lvl+0x16c/0x1f0 [ 1084.518707][T20302] should_fail_ex+0x512/0x640 [ 1084.518756][T20302] should_fail_alloc_page+0xe7/0x130 [ 1084.518802][T20302] prepare_alloc_pages+0x3c2/0x610 [ 1084.518851][T20302] ? rcu_is_watching+0x12/0xc0 [ 1084.518887][T20302] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1084.518926][T20302] ? rcu_is_watching+0x12/0xc0 [ 1084.518958][T20302] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1084.519006][T20302] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 1084.519046][T20302] ? xas_alloc+0x34f/0x460 [ 1084.519087][T20302] ? xas_alloc+0x27c/0x460 [ 1084.519125][T20302] ? css_rstat_updated+0x1c2/0x510 [ 1084.519159][T20302] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1084.519200][T20302] ? do_raw_spin_lock+0x12c/0x2b0 [ 1084.519253][T20302] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1084.519308][T20302] ? do_raw_spin_unlock+0x172/0x230 [ 1084.519366][T20302] ? _raw_spin_unlock+0x28/0x50 [ 1084.519400][T20302] ? __dquot_alloc_space+0x520/0xe20 [ 1084.519444][T20302] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1084.519494][T20302] ? policy_nodemask+0xea/0x4e0 [ 1084.519538][T20302] alloc_pages_mpol+0x1fb/0x550 [ 1084.519583][T20302] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1084.519628][T20302] ? __folio_batch_add_and_move+0x602/0xc90 [ 1084.519672][T20302] ? rcu_is_watching+0x12/0xc0 [ 1084.519705][T20302] ? lock_release+0x201/0x2f0 [ 1084.519749][T20302] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1084.519801][T20302] shmem_alloc_folio+0x135/0x160 [ 1084.519856][T20302] shmem_alloc_and_add_folio+0x499/0xc20 [ 1084.519897][T20302] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1084.519938][T20302] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1084.519981][T20302] shmem_get_folio_gfp+0x67f/0x1600 [ 1084.520024][T20302] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1084.520063][T20302] ? __pfx_timestamp_truncate+0x10/0x10 [ 1084.520103][T20302] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1084.520158][T20302] shmem_fault+0x1fe/0xa30 [ 1084.520194][T20302] ? current_time+0x11d/0x1a0 [ 1084.520231][T20302] ? __pfx_shmem_fault+0x10/0x10 [ 1084.520268][T20302] ? __up_read+0x1f8/0x750 [ 1084.520317][T20302] ? __pfx___up_read+0x10/0x10 [ 1084.520372][T20302] ? fault_dirty_shared_page+0x573/0x6c0 [ 1084.520417][T20302] ? inode_to_bdi+0x9e/0x160 [ 1084.520459][T20302] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 1084.520518][T20302] ? __pfx_filemap_map_pages+0x10/0x10 [ 1084.520558][T20302] __do_fault+0x10d/0x490 [ 1084.520596][T20302] ? lock_acquire+0x2cd/0x350 [ 1084.520640][T20302] ? __pfx_filemap_map_pages+0x10/0x10 [ 1084.520679][T20302] do_pte_missing+0x1a6/0x3ba0 [ 1084.520713][T20302] ? __handle_mm_fault+0x14fd/0x2a50 [ 1084.520745][T20302] ? rcu_is_watching+0x12/0xc0 [ 1084.520778][T20302] ? lock_release+0x201/0x2f0 [ 1084.520823][T20302] __handle_mm_fault+0x152a/0x2a50 [ 1084.520862][T20302] ? __pfx___handle_mm_fault+0x10/0x10 [ 1084.520897][T20302] ? __pte_offset_map_lock+0x174/0x310 [ 1084.520951][T20302] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1084.521008][T20302] handle_mm_fault+0x589/0xd10 [ 1084.521045][T20302] __get_user_pages+0x551/0x34a0 [ 1084.521100][T20302] ? down_read_killable+0x220/0x4b0 [ 1084.521150][T20302] ? __pfx___get_user_pages+0x10/0x10 [ 1084.521205][T20302] faultin_page_range+0x338/0x940 [ 1084.521262][T20302] madvise_do_behavior+0x34c/0x530 [ 1084.521340][T20302] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1084.521397][T20302] ? down_read+0x13d/0x480 [ 1084.521446][T20302] ? preempt_count_add+0x76/0x150 [ 1084.521498][T20302] do_madvise+0x176/0x240 [ 1084.521543][T20302] ? __pfx_do_madvise+0x10/0x10 [ 1084.521588][T20302] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1084.521639][T20302] ? __fget_files+0x20e/0x3c0 [ 1084.521680][T20302] ? __pfx_ksys_write+0x10/0x10 [ 1084.521723][T20302] __x64_sys_madvise+0xa9/0x110 [ 1084.521771][T20302] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1084.521823][T20302] do_syscall_64+0xcd/0x490 [ 1084.521868][T20302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1084.521902][T20302] RIP: 0033:0x7f6e9dd8ebe9 [ 1084.521927][T20302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1084.521959][T20302] RSP: 002b:00007f6e9ebca038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1084.521990][T20302] RAX: ffffffffffffffda RBX: 00007f6e9dfb5fa0 RCX: 00007f6e9dd8ebe9 [ 1084.522013][T20302] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1084.522034][T20302] RBP: 00007f6e9ebca090 R08: 0000000000000000 R09: 0000000000000000 [ 1084.522054][T20302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1084.522075][T20302] R13: 00007f6e9dfb6038 R14: 00007f6e9dfb5fa0 R15: 00007ffe46e755e8 [ 1084.522107][T20302] [ 1084.900467][T20293] FAULT_INJECTION: forcing a failure. [ 1084.900467][T20293] name failslab, interval 1, probability 0, space 0, times 0 [ 1085.116128][T20293] CPU: 0 UID: 0 PID: 20293 Comm: syz.2.2891 Tainted: G U syzkaller #0 PREEMPT(full) [ 1085.116182][T20293] Tainted: [U]=USER [ 1085.116194][T20293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1085.116215][T20293] Call Trace: [ 1085.116227][T20293] [ 1085.116239][T20293] dump_stack_lvl+0x16c/0x1f0 [ 1085.116288][T20293] should_fail_ex+0x512/0x640 [ 1085.116339][T20293] should_failslab+0xc2/0x120 [ 1085.116385][T20293] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1085.116419][T20293] ? rcu_is_watching+0x12/0xc0 [ 1085.116452][T20293] ? snd_pcm_oss_open+0x5eb/0x1400 [ 1085.116509][T20293] snd_pcm_oss_open+0x5eb/0x1400 [ 1085.116579][T20293] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 1085.116636][T20293] ? tomoyo_check_open_permission+0x20e/0x3c0 [ 1085.116701][T20293] ? __pfx_default_wake_function+0x10/0x10 [ 1085.116738][T20293] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1085.116786][T20293] ? do_raw_spin_lock+0x12c/0x2b0 [ 1085.116840][T20293] ? rcu_is_watching+0x12/0xc0 [ 1085.116875][T20293] ? lock_release+0x201/0x2f0 [ 1085.116920][T20293] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 1085.116975][T20293] soundcore_open+0x409/0x580 [ 1085.117024][T20293] ? __pfx_soundcore_open+0x10/0x10 [ 1085.117070][T20293] chrdev_open+0x231/0x6a0 [ 1085.117114][T20293] ? __pfx_apparmor_file_open+0x10/0x10 [ 1085.117153][T20293] ? __pfx_chrdev_open+0x10/0x10 [ 1085.117198][T20293] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1085.117242][T20293] do_dentry_open+0x97f/0x1530 [ 1085.117285][T20293] ? __pfx_chrdev_open+0x10/0x10 [ 1085.117332][T20293] vfs_open+0x82/0x3f0 [ 1085.117383][T20293] path_openat+0x1de4/0x2cb0 [ 1085.117430][T20293] ? __pfx_path_openat+0x10/0x10 [ 1085.117475][T20293] do_filp_open+0x20b/0x470 [ 1085.117515][T20293] ? __pfx_do_filp_open+0x10/0x10 [ 1085.117577][T20293] ? alloc_fd+0x471/0x7d0 [ 1085.117618][T20293] do_sys_openat2+0x11b/0x1d0 [ 1085.117670][T20293] ? __pfx_do_sys_openat2+0x10/0x10 [ 1085.117730][T20293] __x64_sys_openat+0x174/0x210 [ 1085.117784][T20293] ? __pfx___x64_sys_openat+0x10/0x10 [ 1085.117847][T20293] do_syscall_64+0xcd/0x490 [ 1085.117894][T20293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1085.117929][T20293] RIP: 0033:0x7f944338ebe9 [ 1085.117954][T20293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1085.117989][T20293] RSP: 002b:00007f94441b6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1085.118022][T20293] RAX: ffffffffffffffda RBX: 00007f94435b5fa0 RCX: 00007f944338ebe9 [ 1085.118046][T20293] RDX: 0000000000000801 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1085.118069][T20293] RBP: 00007f9443411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1085.118091][T20293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1085.118112][T20293] R13: 00007f94435b6038 R14: 00007f94435b5fa0 R15: 00007fff0c377ae8 [ 1085.118145][T20293] [ 1086.513098][T20325] FAULT_INJECTION: forcing a failure. [ 1086.513098][T20325] name failslab, interval 1, probability 0, space 0, times 0 [ 1086.576112][T20325] CPU: 0 UID: 0 PID: 20325 Comm: syz.4.2897 Tainted: G U syzkaller #0 PREEMPT(full) [ 1086.576170][T20325] Tainted: [U]=USER [ 1086.576183][T20325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1086.576205][T20325] Call Trace: [ 1086.576216][T20325] [ 1086.576229][T20325] dump_stack_lvl+0x16c/0x1f0 [ 1086.576278][T20325] should_fail_ex+0x512/0x640 [ 1086.576329][T20325] should_failslab+0xc2/0x120 [ 1086.576374][T20325] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1086.576410][T20325] ? percpu_ref_init+0xec/0x410 [ 1086.576471][T20325] ? __pfx_free_ioctx_users+0x10/0x10 [ 1086.576510][T20325] percpu_ref_init+0xec/0x410 [ 1086.576558][T20325] ? __init_waitqueue_head+0xca/0x150 [ 1086.576616][T20325] ioctx_alloc+0x2db/0x2120 [ 1086.576659][T20325] ? rcu_is_watching+0x12/0xc0 [ 1086.576698][T20325] ? __might_fault+0xe3/0x190 [ 1086.576738][T20325] ? __pfx_ioctx_alloc+0x10/0x10 [ 1086.576775][T20325] ? __might_fault+0xe3/0x190 [ 1086.576810][T20325] ? lock_release+0x201/0x2f0 [ 1086.576862][T20325] __x64_sys_io_setup+0xc9/0x210 [ 1086.576900][T20325] do_syscall_64+0xcd/0x490 [ 1086.576944][T20325] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1086.576978][T20325] RIP: 0033:0x7f6e9dd8ebe9 [ 1086.577003][T20325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1086.577038][T20325] RSP: 002b:00007f6e9eb88038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1086.577070][T20325] RAX: ffffffffffffffda RBX: 00007f6e9dfb6180 RCX: 00007f6e9dd8ebe9 [ 1086.577094][T20325] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1086.577115][T20325] RBP: 00007f6e9de11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1086.577136][T20325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1086.577157][T20325] R13: 00007f6e9dfb6218 R14: 00007f6e9dfb6180 R15: 00007ffe46e755e8 [ 1086.577188][T20325] [ 1087.222577][T20322] ptrace attach of "./syz-executor exec"[20338] was attempted by "./syz-executor exec"[20322] [ 1087.325383][T20326] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1089.464138][T20385] random: crng reseeded on system resumption [ 1089.761401][T20392] FAULT_INJECTION: forcing a failure. [ 1089.761401][T20392] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1089.779073][T20392] CPU: 1 UID: 0 PID: 20392 Comm: syz.0.2911 Tainted: G U syzkaller #0 PREEMPT(full) [ 1089.779110][T20392] Tainted: [U]=USER [ 1089.779118][T20392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1089.779132][T20392] Call Trace: [ 1089.779139][T20392] [ 1089.779147][T20392] dump_stack_lvl+0x16c/0x1f0 [ 1089.779180][T20392] should_fail_ex+0x512/0x640 [ 1089.779220][T20392] should_fail_alloc_page+0xe7/0x130 [ 1089.779253][T20392] prepare_alloc_pages+0x3c2/0x610 [ 1089.779287][T20392] ? rcu_is_watching+0x12/0xc0 [ 1089.779312][T20392] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1089.779340][T20392] ? rcu_is_watching+0x12/0xc0 [ 1089.779363][T20392] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1089.779397][T20392] ? kmem_cache_alloc_lru_noprof+0x223/0x3b0 [ 1089.779425][T20392] ? xas_alloc+0x34f/0x460 [ 1089.779454][T20392] ? xas_alloc+0x27c/0x460 [ 1089.779480][T20392] ? css_rstat_updated+0x1c2/0x510 [ 1089.779503][T20392] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1089.779531][T20392] ? do_raw_spin_lock+0x12c/0x2b0 [ 1089.779566][T20392] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1089.779604][T20392] ? do_raw_spin_unlock+0x172/0x230 [ 1089.779639][T20392] ? _raw_spin_unlock+0x28/0x50 [ 1089.779663][T20392] ? __dquot_alloc_space+0x520/0xe20 [ 1089.779693][T20392] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1089.779731][T20392] ? policy_nodemask+0xea/0x4e0 [ 1089.779762][T20392] alloc_pages_mpol+0x1fb/0x550 [ 1089.779792][T20392] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1089.779821][T20392] ? __folio_batch_add_and_move+0x602/0xc90 [ 1089.779852][T20392] ? rcu_is_watching+0x12/0xc0 [ 1089.779873][T20392] ? lock_release+0x201/0x2f0 [ 1089.779904][T20392] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1089.779939][T20392] shmem_alloc_folio+0x135/0x160 [ 1089.779976][T20392] shmem_alloc_and_add_folio+0x499/0xc20 [ 1089.780004][T20392] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1089.780031][T20392] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 1089.780060][T20392] shmem_get_folio_gfp+0x67f/0x1600 [ 1089.780095][T20392] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1089.780121][T20392] ? __pfx_timestamp_truncate+0x10/0x10 [ 1089.780148][T20392] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1089.780187][T20392] shmem_fault+0x1fe/0xa30 [ 1089.780218][T20392] ? current_time+0x11d/0x1a0 [ 1089.780244][T20392] ? __pfx_shmem_fault+0x10/0x10 [ 1089.780269][T20392] ? __up_read+0x1f8/0x750 [ 1089.780302][T20392] ? __pfx___up_read+0x10/0x10 [ 1089.780334][T20392] ? fault_dirty_shared_page+0x573/0x6c0 [ 1089.780365][T20392] ? inode_to_bdi+0x9e/0x160 [ 1089.780394][T20392] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 1089.780434][T20392] ? __pfx_filemap_map_pages+0x10/0x10 [ 1089.780461][T20392] __do_fault+0x10d/0x490 [ 1089.780486][T20392] ? lock_acquire+0x2cd/0x350 [ 1089.780516][T20392] ? __pfx_filemap_map_pages+0x10/0x10 [ 1089.780542][T20392] do_pte_missing+0x1a6/0x3ba0 [ 1089.780565][T20392] ? __handle_mm_fault+0x14fd/0x2a50 [ 1089.780587][T20392] ? rcu_is_watching+0x12/0xc0 [ 1089.780609][T20392] ? lock_release+0x201/0x2f0 [ 1089.780639][T20392] __handle_mm_fault+0x152a/0x2a50 [ 1089.780665][T20392] ? __pfx___handle_mm_fault+0x10/0x10 [ 1089.780689][T20392] ? __pte_offset_map_lock+0x174/0x310 [ 1089.780726][T20392] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 1089.780765][T20392] handle_mm_fault+0x589/0xd10 [ 1089.780790][T20392] __get_user_pages+0x551/0x34a0 [ 1089.780828][T20392] ? down_read_killable+0x220/0x4b0 [ 1089.780861][T20392] ? __pfx___get_user_pages+0x10/0x10 [ 1089.780899][T20392] faultin_page_range+0x338/0x940 [ 1089.780938][T20392] madvise_do_behavior+0x34c/0x530 [ 1089.781007][T20392] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1089.781042][T20392] ? down_read+0x13d/0x480 [ 1089.781077][T20392] ? preempt_count_add+0x76/0x150 [ 1089.781114][T20392] do_madvise+0x176/0x240 [ 1089.781147][T20392] ? __pfx_do_madvise+0x10/0x10 [ 1089.781180][T20392] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1089.781221][T20392] ? __fget_files+0x20e/0x3c0 [ 1089.781250][T20392] ? __pfx_ksys_write+0x10/0x10 [ 1089.781280][T20392] __x64_sys_madvise+0xa9/0x110 [ 1089.781314][T20392] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1089.781352][T20392] do_syscall_64+0xcd/0x490 [ 1089.781384][T20392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1089.781408][T20392] RIP: 0033:0x7f3dd058ebe9 [ 1089.781425][T20392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1089.781448][T20392] RSP: 002b:00007f3dd1481038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1089.781470][T20392] RAX: ffffffffffffffda RBX: 00007f3dd07b5fa0 RCX: 00007f3dd058ebe9 [ 1089.781485][T20392] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 1089.781500][T20392] RBP: 00007f3dd1481090 R08: 0000000000000000 R09: 0000000000000000 [ 1089.781514][T20392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1089.781532][T20392] R13: 00007f3dd07b6038 R14: 00007f3dd07b5fa0 R15: 00007ffd58acbd98 [ 1089.781554][T20392] [ 1092.233304][T20409] ptrace attach of ""[20419] was attempted by "./syz-executor exec"[20409] [ 1092.350685][T20409] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1092.415120][T20426] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1093.033573][T20439] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2918'. [ 1093.048112][T20439] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2918'. [ 1093.226890][T20439] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1093.828081][T20444] FAULT_INJECTION: forcing a failure. [ 1093.828081][T20444] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1093.968861][T20444] CPU: 1 UID: 0 PID: 20444 Comm: syz.0.2919 Tainted: G U syzkaller #0 PREEMPT(full) [ 1093.968900][T20444] Tainted: [U]=USER [ 1093.968907][T20444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1093.968922][T20444] Call Trace: [ 1093.968936][T20444] [ 1093.968944][T20444] dump_stack_lvl+0x16c/0x1f0 [ 1093.968991][T20444] should_fail_ex+0x512/0x640 [ 1093.969024][T20444] _copy_from_user+0x2e/0xd0 [ 1093.969059][T20444] copy_msghdr_from_user+0x98/0x160 [ 1093.969089][T20444] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1093.969121][T20444] ? kfree+0x24f/0x4d0 [ 1093.969140][T20444] ? __pfx__kstrtoull+0x10/0x10 [ 1093.969169][T20444] ___sys_sendmsg+0xfe/0x1d0 [ 1093.969197][T20444] ? __pfx____sys_sendmsg+0x10/0x10 [ 1093.969231][T20444] ? rcu_is_watching+0x12/0xc0 [ 1093.969259][T20444] ? __pfx___might_resched+0x10/0x10 [ 1093.969284][T20444] __sys_sendmmsg+0x200/0x420 [ 1093.969314][T20444] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1093.969342][T20444] ? lock_release+0x201/0x2f0 [ 1093.969375][T20444] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1093.969410][T20444] ? fput+0x9b/0xd0 [ 1093.969441][T20444] ? ksys_write+0x1ac/0x250 [ 1093.969466][T20444] ? __pfx_ksys_write+0x10/0x10 [ 1093.969494][T20444] __x64_sys_sendmmsg+0x9c/0x100 [ 1093.969522][T20444] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1093.969557][T20444] do_syscall_64+0xcd/0x490 [ 1093.969587][T20444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1093.969609][T20444] RIP: 0033:0x7f3dd058ebe9 [ 1093.969626][T20444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1093.969647][T20444] RSP: 002b:00007f3dd1460038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1093.969667][T20444] RAX: ffffffffffffffda RBX: 00007f3dd07b6090 RCX: 00007f3dd058ebe9 [ 1093.969684][T20444] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1093.969698][T20444] RBP: 00007f3dd1460090 R08: 0000000000000000 R09: 0000000000000000 [ 1093.969712][T20444] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1093.969726][T20444] R13: 00007f3dd07b6128 R14: 00007f3dd07b6090 R15: 00007ffd58acbd98 [ 1093.969748][T20444] [ 1095.383714][T20471] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1095.994961][T20489] FAULT_INJECTION: forcing a failure. [ 1095.994961][T20489] name failslab, interval 1, probability 0, space 0, times 0 [ 1096.017932][T20489] CPU: 1 UID: 0 PID: 20489 Comm: syz.0.2931 Tainted: G U syzkaller #0 PREEMPT(full) [ 1096.017984][T20489] Tainted: [U]=USER [ 1096.017995][T20489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1096.018015][T20489] Call Trace: [ 1096.018026][T20489] [ 1096.018038][T20489] dump_stack_lvl+0x16c/0x1f0 [ 1096.018084][T20489] should_fail_ex+0x512/0x640 [ 1096.018133][T20489] should_failslab+0xc2/0x120 [ 1096.018175][T20489] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1096.018215][T20489] ? __alloc_skb+0x2b2/0x380 [ 1096.018257][T20489] __alloc_skb+0x2b2/0x380 [ 1096.018294][T20489] ? __pfx___alloc_skb+0x10/0x10 [ 1096.018345][T20489] ? rcu_is_watching+0x12/0xc0 [ 1096.018379][T20489] __ip6_append_data+0x2b74/0x4750 [ 1096.018420][T20489] ? __pfx_raw6_getfrag+0x10/0x10 [ 1096.018471][T20489] ? rcu_is_watching+0x12/0xc0 [ 1096.018504][T20489] ? lock_release+0x201/0x2f0 [ 1096.018546][T20489] ? __pfx___ip6_append_data+0x10/0x10 [ 1096.018580][T20489] ? __pfx_ip6_mtu+0x10/0x10 [ 1096.018607][T20489] ? ip6_setup_cork+0xc51/0x1530 [ 1096.018641][T20489] ip6_append_data+0x1bd/0x4c0 [ 1096.018675][T20489] ? __pfx_raw6_getfrag+0x10/0x10 [ 1096.018726][T20489] rawv6_sendmsg+0x163d/0x4820 [ 1096.018756][T20489] ? aa_label_sk_perm+0x195/0x600 [ 1096.018795][T20489] ? up_write+0x1b2/0x520 [ 1096.018852][T20489] ? aa_profile_af_perm+0x310/0x3a0 [ 1096.018894][T20489] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1096.018928][T20489] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1096.018973][T20489] ? rcu_is_watching+0x12/0xc0 [ 1096.019020][T20489] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1096.019051][T20489] ? inet_sendmsg+0x11c/0x140 [ 1096.019097][T20489] inet_sendmsg+0x11c/0x140 [ 1096.019129][T20489] ____sys_sendmsg+0x973/0xc70 [ 1096.019194][T20489] ? copy_msghdr_from_user+0x10a/0x160 [ 1096.019234][T20489] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1096.019283][T20489] ? kfree+0x24f/0x4d0 [ 1096.019309][T20489] ? __pfx__kstrtoull+0x10/0x10 [ 1096.019350][T20489] ___sys_sendmsg+0x134/0x1d0 [ 1096.019409][T20489] ? __pfx____sys_sendmsg+0x10/0x10 [ 1096.019459][T20489] ? rcu_is_watching+0x12/0xc0 [ 1096.019500][T20489] ? __pfx___might_resched+0x10/0x10 [ 1096.019536][T20489] __sys_sendmmsg+0x200/0x420 [ 1096.019578][T20489] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1096.019620][T20489] ? lock_release+0x201/0x2f0 [ 1096.019667][T20489] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1096.019718][T20489] ? fput+0x9b/0xd0 [ 1096.019760][T20489] ? ksys_write+0x1ac/0x250 [ 1096.019795][T20489] ? __pfx_ksys_write+0x10/0x10 [ 1096.019842][T20489] __x64_sys_sendmmsg+0x9c/0x100 [ 1096.019884][T20489] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1096.019936][T20489] do_syscall_64+0xcd/0x490 [ 1096.019980][T20489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1096.020014][T20489] RIP: 0033:0x7f3dd058ebe9 [ 1096.020038][T20489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1096.020083][T20489] RSP: 002b:00007f3dd1481038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1096.020132][T20489] RAX: ffffffffffffffda RBX: 00007f3dd07b5fa0 RCX: 00007f3dd058ebe9 [ 1096.020155][T20489] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1096.020175][T20489] RBP: 00007f3dd1481090 R08: 0000000000000000 R09: 0000000000000000 [ 1096.020196][T20489] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1096.020217][T20489] R13: 00007f3dd07b6038 R14: 00007f3dd07b5fa0 R15: 00007ffd58acbd98 [ 1096.020248][T20489] [ 1097.233290][T20487] ptrace attach of "./syz-executor exec"[20509] was attempted by "./syz-executor exec"[20487] [ 1097.447500][T20487] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1098.099206][T20521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2936'. [ 1098.509089][T10574] smpboot: CPU 1 is now offline [ 1098.657363][T20527] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1099.288289][T20541] FAULT_INJECTION: forcing a failure. [ 1099.288289][T20541] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1099.368437][T20541] CPU: 0 UID: 0 PID: 20541 Comm: syz.0.2941 Tainted: G U syzkaller #0 PREEMPT(full) [ 1099.368474][T20541] Tainted: [U]=USER [ 1099.368481][T20541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1099.368496][T20541] Call Trace: [ 1099.368503][T20541] [ 1099.368511][T20541] dump_stack_lvl+0x16c/0x1f0 [ 1099.368546][T20541] should_fail_ex+0x512/0x640 [ 1099.368581][T20541] _copy_from_user+0x2e/0xd0 [ 1099.368619][T20541] copy_msghdr_from_user+0x98/0x160 [ 1099.368650][T20541] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1099.368683][T20541] ? kfree+0x24f/0x4d0 [ 1099.368703][T20541] ? __pfx__kstrtoull+0x10/0x10 [ 1099.368734][T20541] ___sys_sendmsg+0xfe/0x1d0 [ 1099.368763][T20541] ? __pfx____sys_sendmsg+0x10/0x10 [ 1099.368798][T20541] ? rcu_is_watching+0x12/0xc0 [ 1099.368828][T20541] ? __pfx___might_resched+0x10/0x10 [ 1099.368854][T20541] __sys_sendmmsg+0x200/0x420 [ 1099.368886][T20541] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1099.368915][T20541] ? lock_release+0x201/0x2f0 [ 1099.368949][T20541] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1099.368987][T20541] ? fput+0x9b/0xd0 [ 1099.369019][T20541] ? ksys_write+0x1ac/0x250 [ 1099.369045][T20541] ? __pfx_ksys_write+0x10/0x10 [ 1099.369074][T20541] __x64_sys_sendmmsg+0x9c/0x100 [ 1099.369104][T20541] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1099.369141][T20541] do_syscall_64+0xcd/0x490 [ 1099.369173][T20541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1099.369197][T20541] RIP: 0033:0x7f3dd058ebe9 [ 1099.369214][T20541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1099.369238][T20541] RSP: 002b:00007f3dd1460038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1099.369260][T20541] RAX: ffffffffffffffda RBX: 00007f3dd07b6090 RCX: 00007f3dd058ebe9 [ 1099.369276][T20541] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1099.369291][T20541] RBP: 00007f3dd1460090 R08: 0000000000000000 R09: 0000000000000000 [ 1099.369306][T20541] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1099.369329][T20541] R13: 00007f3dd07b6128 R14: 00007f3dd07b6090 R15: 00007ffd58acbd98 [ 1099.369353][T20541] [ 1099.591399][ C0] vkms_vblank_simulate: vblank timer overrun [ 1101.200708][T20581] FAULT_INJECTION: forcing a failure. [ 1101.200708][T20581] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1101.298736][T20581] CPU: 0 UID: 0 PID: 20581 Comm: syz.0.2950 Tainted: G U syzkaller #0 PREEMPT(full) [ 1101.298773][T20581] Tainted: [U]=USER [ 1101.298781][T20581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1101.298796][T20581] Call Trace: [ 1101.298803][T20581] [ 1101.298811][T20581] dump_stack_lvl+0x16c/0x1f0 [ 1101.298846][T20581] should_fail_ex+0x512/0x640 [ 1101.298881][T20581] _copy_from_user+0x2e/0xd0 [ 1101.298918][T20581] copy_msghdr_from_user+0x98/0x160 [ 1101.298950][T20581] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1101.298982][T20581] ? kfree+0x24f/0x4d0 [ 1101.299003][T20581] ? __pfx__kstrtoull+0x10/0x10 [ 1101.299034][T20581] ___sys_sendmsg+0xfe/0x1d0 [ 1101.299063][T20581] ? __pfx____sys_sendmsg+0x10/0x10 [ 1101.299098][T20581] ? rcu_is_watching+0x12/0xc0 [ 1101.299128][T20581] ? __pfx___might_resched+0x10/0x10 [ 1101.299156][T20581] __sys_sendmmsg+0x200/0x420 [ 1101.299194][T20581] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1101.299224][T20581] ? lock_release+0x201/0x2f0 [ 1101.299258][T20581] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1101.299296][T20581] ? fput+0x9b/0xd0 [ 1101.299328][T20581] ? ksys_write+0x1ac/0x250 [ 1101.299354][T20581] ? __pfx_ksys_write+0x10/0x10 [ 1101.299383][T20581] __x64_sys_sendmmsg+0x9c/0x100 [ 1101.299414][T20581] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1101.299457][T20581] do_syscall_64+0xcd/0x490 [ 1101.299490][T20581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1101.299513][T20581] RIP: 0033:0x7f3dd058ebe9 [ 1101.299531][T20581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1101.299556][T20581] RSP: 002b:00007f3dd1460038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1101.299579][T20581] RAX: ffffffffffffffda RBX: 00007f3dd07b6090 RCX: 00007f3dd058ebe9 [ 1101.299596][T20581] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1101.299611][T20581] RBP: 00007f3dd1460090 R08: 0000000000000000 R09: 0000000000000000 [ 1101.299626][T20581] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1101.299641][T20581] R13: 00007f3dd07b6128 R14: 00007f3dd07b6090 R15: 00007ffd58acbd98 [ 1101.299664][T20581] [ 1101.520945][ C0] vkms_vblank_simulate: vblank timer overrun [ 1101.779458][T20572] ptrace attach of "./syz-executor exec"[20587] was attempted by "./syz-executor exec"[20572] [ 1101.937333][T20567] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1102.630709][T20594] Process accounting paused [ 1103.239793][T20577] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1103.284424][T20577] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1103.376932][T20577] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1103.439927][T20577] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1103.610498][T20577] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1103.696107][T20577] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1103.841257][T20577] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1103.890804][T20577] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 1104.031609][T20577] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1104.086267][T20577] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1104.173322][T20582] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 1105.247222][T16130] Bluetooth: hci2: command 0x0406 tx timeout [ 1105.406892][T16130] Bluetooth: hci4: command 0x0406 tx timeout [ 1105.617707][T20644] FAULT_INJECTION: forcing a failure. [ 1105.617707][T20644] name failslab, interval 1, probability 0, space 0, times 0 [ 1105.656595][T16130] Bluetooth: hci1: command 0x0406 tx timeout [ 1105.806914][T20636] ptrace attach of "./syz-executor exec"[20649] was attempted by "./syz-executor exec"[20636] [ 1105.817448][T20644] CPU: 0 UID: 0 PID: 20644 Comm: syz.5.2961 Tainted: G U syzkaller #0 PREEMPT(full) [ 1105.817487][T20644] Tainted: [U]=USER [ 1105.817496][T20644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1105.817510][T20644] Call Trace: [ 1105.817518][T20644] [ 1105.817527][T20644] dump_stack_lvl+0x16c/0x1f0 [ 1105.817563][T20644] should_fail_ex+0x512/0x640 [ 1105.817600][T20644] should_failslab+0xc2/0x120 [ 1105.817632][T20644] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1105.817661][T20644] ? __alloc_skb+0x2b2/0x380 [ 1105.817692][T20644] __alloc_skb+0x2b2/0x380 [ 1105.817719][T20644] ? __pfx___alloc_skb+0x10/0x10 [ 1105.817748][T20644] ? rcu_is_watching+0x12/0xc0 [ 1105.817776][T20644] __ip6_append_data+0x2b74/0x4750 [ 1105.817807][T20644] ? __pfx_raw6_getfrag+0x10/0x10 [ 1105.817846][T20644] ? rcu_is_watching+0x12/0xc0 [ 1105.817871][T20644] ? lock_release+0x201/0x2f0 [ 1105.817903][T20644] ? __pfx___ip6_append_data+0x10/0x10 [ 1105.817928][T20644] ? __pfx_ip6_mtu+0x10/0x10 [ 1105.817948][T20644] ? ip6_setup_cork+0xc51/0x1530 [ 1105.817974][T20644] ip6_append_data+0x1bd/0x4c0 [ 1105.818000][T20644] ? __pfx_raw6_getfrag+0x10/0x10 [ 1105.818046][T20644] rawv6_sendmsg+0x163d/0x4820 [ 1105.818069][T20644] ? aa_label_sk_perm+0x195/0x600 [ 1105.818099][T20644] ? up_write+0x1b2/0x520 [ 1105.818134][T20644] ? aa_profile_af_perm+0x310/0x3a0 [ 1105.818166][T20644] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1105.818191][T20644] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1105.818225][T20644] ? rcu_is_watching+0x12/0xc0 [ 1105.818260][T20644] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1105.818284][T20644] ? inet_sendmsg+0x11c/0x140 [ 1105.818305][T20644] inet_sendmsg+0x11c/0x140 [ 1105.818329][T20644] ____sys_sendmsg+0x973/0xc70 [ 1105.818367][T20644] ? copy_msghdr_from_user+0x10a/0x160 [ 1105.818397][T20644] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1105.818437][T20644] ? kfree+0x24f/0x4d0 [ 1105.818456][T20644] ? __pfx__kstrtoull+0x10/0x10 [ 1105.818487][T20644] ___sys_sendmsg+0x134/0x1d0 [ 1105.818518][T20644] ? __pfx____sys_sendmsg+0x10/0x10 [ 1105.818553][T20644] ? rcu_is_watching+0x12/0xc0 [ 1105.818582][T20644] ? __pfx___might_resched+0x10/0x10 [ 1105.818609][T20644] __sys_sendmmsg+0x200/0x420 [ 1105.818642][T20644] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1105.818671][T20644] ? lock_release+0x201/0x2f0 [ 1105.818706][T20644] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1105.818744][T20644] ? fput+0x9b/0xd0 [ 1105.818777][T20644] ? ksys_write+0x1ac/0x250 [ 1105.818803][T20644] ? __pfx_ksys_write+0x10/0x10 [ 1105.818833][T20644] __x64_sys_sendmmsg+0x9c/0x100 [ 1105.818863][T20644] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1105.818901][T20644] do_syscall_64+0xcd/0x490 [ 1105.818933][T20644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1105.818958][T20644] RIP: 0033:0x7fdeb2b8ebe9 [ 1105.818977][T20644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1105.819002][T20644] RSP: 002b:00007fdeb3ab6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1105.819025][T20644] RAX: ffffffffffffffda RBX: 00007fdeb2db6090 RCX: 00007fdeb2b8ebe9 [ 1105.819048][T20644] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1105.819063][T20644] RBP: 00007fdeb3ab6090 R08: 0000000000000000 R09: 0000000000000000 [ 1105.819078][T20644] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1105.819092][T20644] R13: 00007fdeb2db6128 R14: 00007fdeb2db6090 R15: 00007ffe2de92508 [ 1105.819115][T20644] [ 1106.686799][T16130] Bluetooth: hci5: command 0x0406 tx timeout [ 1106.692876][T16130] Bluetooth: hci3: command 0x0406 tx timeout [ 1106.750397][T20642] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1107.349060][ T5869] Bluetooth: hci2: command 0x0406 tx timeout [ 1107.540693][T16130] Bluetooth: hci4: command 0x0406 tx timeout [ 1107.764093][T20682] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2966'. [ 1107.787469][T16130] Bluetooth: hci1: command 0x0406 tx timeout [ 1108.232216][T20692] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2967'. [ 1108.452604][T20694] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 1108.774152][T16130] Bluetooth: hci3: command 0x0406 tx timeout [ 1108.780295][ T5869] Bluetooth: hci5: command 0x0406 tx timeout [ 1109.551142][T20684] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1109.606580][T20684] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1109.757377][T20684] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1109.763417][T20684] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1109.856680][T20684] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1110.985241][T20726] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1111.566116][ T5869] Bluetooth: hci2: command 0x0406 tx timeout [ 1111.646555][ T5869] Bluetooth: hci4: command 0x0406 tx timeout [ 1111.806013][ T5869] Bluetooth: hci5: command 0x0406 tx timeout [ 1111.812116][T16130] Bluetooth: hci1: command 0x0406 tx timeout [ 1111.886076][ T5869] Bluetooth: hci3: command 0x0406 tx timeout [ 1112.568999][T20767] FAULT_INJECTION: forcing a failure. [ 1112.568999][T20767] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1112.640481][T20767] CPU: 0 UID: 0 PID: 20767 Comm: syz.5.2984 Tainted: G U syzkaller #0 PREEMPT(full) [ 1112.640520][T20767] Tainted: [U]=USER [ 1112.640528][T20767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1112.640542][T20767] Call Trace: [ 1112.640550][T20767] [ 1112.640559][T20767] dump_stack_lvl+0x16c/0x1f0 [ 1112.640596][T20767] should_fail_ex+0x512/0x640 [ 1112.640633][T20767] _copy_from_user+0x2e/0xd0 [ 1112.640671][T20767] copy_msghdr_from_user+0x98/0x160 [ 1112.640703][T20767] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1112.640736][T20767] ? kfree+0x24f/0x4d0 [ 1112.640758][T20767] ? __pfx__kstrtoull+0x10/0x10 [ 1112.640789][T20767] ___sys_sendmsg+0xfe/0x1d0 [ 1112.640819][T20767] ? __pfx____sys_sendmsg+0x10/0x10 [ 1112.640861][T20767] ? rcu_is_watching+0x12/0xc0 [ 1112.640892][T20767] ? __pfx___might_resched+0x10/0x10 [ 1112.640920][T20767] __sys_sendmmsg+0x200/0x420 [ 1112.640952][T20767] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1112.640981][T20767] ? lock_release+0x201/0x2f0 [ 1112.641017][T20767] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1112.641055][T20767] ? fput+0x9b/0xd0 [ 1112.641088][T20767] ? ksys_write+0x1ac/0x250 [ 1112.641114][T20767] ? __pfx_ksys_write+0x10/0x10 [ 1112.641144][T20767] __x64_sys_sendmmsg+0x9c/0x100 [ 1112.641174][T20767] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1112.641212][T20767] do_syscall_64+0xcd/0x490 [ 1112.641250][T20767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1112.641274][T20767] RIP: 0033:0x7fdeb2b8ebe9 [ 1112.641292][T20767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1112.641316][T20767] RSP: 002b:00007fdeb3ab6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1112.641338][T20767] RAX: ffffffffffffffda RBX: 00007fdeb2db6090 RCX: 00007fdeb2b8ebe9 [ 1112.641355][T20767] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1112.641370][T20767] RBP: 00007fdeb3ab6090 R08: 0000000000000000 R09: 0000000000000000 [ 1112.641384][T20767] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1112.641399][T20767] R13: 00007fdeb2db6128 R14: 00007fdeb2db6090 R15: 00007ffe2de92508 [ 1112.641428][T20767] [ 1114.400825][T20814] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1115.082514][T20832] FAULT_INJECTION: forcing a failure. [ 1115.082514][T20832] name failslab, interval 1, probability 0, space 0, times 0 [ 1115.181719][T20832] CPU: 0 UID: 0 PID: 20832 Comm: syz.0.2995 Tainted: G U syzkaller #0 PREEMPT(full) [ 1115.181774][T20832] Tainted: [U]=USER [ 1115.181782][T20832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1115.181797][T20832] Call Trace: [ 1115.181804][T20832] [ 1115.181813][T20832] dump_stack_lvl+0x16c/0x1f0 [ 1115.181846][T20832] should_fail_ex+0x512/0x640 [ 1115.181881][T20832] should_failslab+0xc2/0x120 [ 1115.181914][T20832] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1115.181943][T20832] ? __alloc_skb+0x2b2/0x380 [ 1115.181974][T20832] __alloc_skb+0x2b2/0x380 [ 1115.182000][T20832] ? __pfx___alloc_skb+0x10/0x10 [ 1115.182029][T20832] ? rcu_is_watching+0x12/0xc0 [ 1115.182061][T20832] __ip6_append_data+0x2b74/0x4750 [ 1115.182093][T20832] ? __pfx_raw6_getfrag+0x10/0x10 [ 1115.182135][T20832] ? rcu_is_watching+0x12/0xc0 [ 1115.182159][T20832] ? lock_release+0x201/0x2f0 [ 1115.182189][T20832] ? __pfx___ip6_append_data+0x10/0x10 [ 1115.182223][T20832] ? __pfx_ip6_mtu+0x10/0x10 [ 1115.182244][T20832] ? ip6_setup_cork+0xc51/0x1530 [ 1115.182269][T20832] ip6_append_data+0x1bd/0x4c0 [ 1115.182298][T20832] ? __pfx_raw6_getfrag+0x10/0x10 [ 1115.182336][T20832] rawv6_sendmsg+0x163d/0x4820 [ 1115.182359][T20832] ? aa_label_sk_perm+0x195/0x600 [ 1115.182390][T20832] ? up_write+0x1b2/0x520 [ 1115.182425][T20832] ? aa_profile_af_perm+0x310/0x3a0 [ 1115.182456][T20832] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1115.182482][T20832] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1115.182516][T20832] ? rcu_is_watching+0x12/0xc0 [ 1115.182554][T20832] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1115.182577][T20832] ? inet_sendmsg+0x11c/0x140 [ 1115.182600][T20832] inet_sendmsg+0x11c/0x140 [ 1115.182625][T20832] ____sys_sendmsg+0x973/0xc70 [ 1115.182664][T20832] ? copy_msghdr_from_user+0x10a/0x160 [ 1115.182695][T20832] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1115.182736][T20832] ? kfree+0x24f/0x4d0 [ 1115.182756][T20832] ? __pfx__kstrtoull+0x10/0x10 [ 1115.182787][T20832] ___sys_sendmsg+0x134/0x1d0 [ 1115.182818][T20832] ? __pfx____sys_sendmsg+0x10/0x10 [ 1115.182855][T20832] ? rcu_is_watching+0x12/0xc0 [ 1115.182885][T20832] ? __pfx___might_resched+0x10/0x10 [ 1115.182912][T20832] __sys_sendmmsg+0x200/0x420 [ 1115.182943][T20832] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1115.182975][T20832] ? lock_release+0x201/0x2f0 [ 1115.183012][T20832] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1115.183049][T20832] ? fput+0x9b/0xd0 [ 1115.183082][T20832] ? ksys_write+0x1ac/0x250 [ 1115.183108][T20832] ? __pfx_ksys_write+0x10/0x10 [ 1115.183137][T20832] __x64_sys_sendmmsg+0x9c/0x100 [ 1115.183167][T20832] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1115.183207][T20832] do_syscall_64+0xcd/0x490 [ 1115.183245][T20832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1115.183272][T20832] RIP: 0033:0x7f3dd058ebe9 [ 1115.183290][T20832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1115.183313][T20832] RSP: 002b:00007f3dd1460038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1115.183335][T20832] RAX: ffffffffffffffda RBX: 00007f3dd07b6090 RCX: 00007f3dd058ebe9 [ 1115.183350][T20832] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1115.183364][T20832] RBP: 00007f3dd1460090 R08: 0000000000000000 R09: 0000000000000000 [ 1115.183379][T20832] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000002 [ 1115.183393][T20832] R13: 00007f3dd07b6128 R14: 00007f3dd07b6090 R15: 00007ffd58acbd98 [ 1115.183418][T20832] [ 1116.099435][T20840] ptrace attach of "./syz-executor exec"[18296] was attempted by "Xⅇ_c :DS=ѢoV9Ku lهA{`>5xAT+!g?n\x07O`\x1bݖ]_\x0bxFzy-c]kt#d0u\x09ȗ%N\x22ѝh:&^֜\x09b&lE\x07\x07{\x0b>\x09B\x07=Yt:[_RPG5~`\x22gjE<5mHȅK\x09\x0cKqXS]FBs`` ^\x1bgGcdӋ!ENEbu^7:\x09Va|}\x1b&'euFquT$%fLI{C;5665|a>y\x0cPăN )P\x22>\x22#V'eٯciH@c//OYk4@rM~V\x22Mavk\x0andOL 2hNmz\x0byi_2h/Vv %8Oz8*f3ٹ2$΄%[v{?,p(;xk(Uг4T|\x0aŠO8U)6C_\x07'CJNuhyqRq)kjdQ-T>[G|p.~uHagRDYa(Pd$}Nj6V<|Km$xfNaQKۀ͋SNw|e\x0c{~Z\x09o\x0ay{dEB>پp\x07ȏ)NuVi{)_1K`7\x09:ݓ nVRu*%\x22nM p>,L$\x22A-5RA!ǭKsO{obf@5uY\x1b2' [ 1116.447559][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.551595][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.563881][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.576236][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.588621][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.600970][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.613296][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.625702][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.638032][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1116.650450][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.455950][ C0] net_ratelimit: 25723 callbacks suppressed [ 1121.455976][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.474236][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.486454][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.499141][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.511283][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.523463][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.535703][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.547985][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.560385][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.572570][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1121.595534][ T9599] sched: DL replenish lagged too much [ 1126.465928][ C0] net_ratelimit: 28577 callbacks suppressed [ 1126.465951][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.484156][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.496289][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.508399][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.520531][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.532692][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.544829][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.556907][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.569021][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1126.581141][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1127.986461][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1130.381547][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1131.475911][ C0] net_ratelimit: 27246 callbacks suppressed [ 1131.475933][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.494008][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.506446][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.518849][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.531005][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.543186][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.555387][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.567582][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.579727][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1131.591860][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.485868][ C0] net_ratelimit: 26690 callbacks suppressed [ 1136.485889][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.504187][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.516325][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.528547][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.540739][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.552993][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.565288][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.577468][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.589726][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1136.601961][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.495872][ C0] net_ratelimit: 27475 callbacks suppressed [ 1141.495894][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.514030][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.526152][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.538289][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.550500][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.562691][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.574796][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.586895][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.599002][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1141.611182][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.505876][ C0] net_ratelimit: 27277 callbacks suppressed [ 1146.505902][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.524143][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.536548][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.548717][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.560852][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.573094][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.585264][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.597540][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.609925][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1146.622215][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.515997][ C0] net_ratelimit: 27166 callbacks suppressed [ 1151.516023][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.534253][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.546388][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.558573][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.570726][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.583003][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.595788][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.608096][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.620279][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1151.632404][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.525957][ C0] net_ratelimit: 26271 callbacks suppressed [ 1156.525982][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.544087][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.556254][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.568422][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.580575][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.592861][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.605051][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.617224][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.629456][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1156.641761][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.536027][ C0] net_ratelimit: 26296 callbacks suppressed [ 1161.536053][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.554268][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.567250][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.579522][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.591748][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.604010][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.616219][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.628400][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.640656][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1161.653012][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.545990][ C0] net_ratelimit: 24963 callbacks suppressed [ 1166.546016][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.564223][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.576434][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.588726][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.600950][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.613173][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.625348][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.637688][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.649973][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1166.662252][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1171.555846][ C0] net_ratelimit: 27009 callbacks suppressed [ 1171.555869][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1171.574073][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1171.586304][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1171.598632][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1171.610892][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1171.623070][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1171.635381][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1171.647790][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1171.659950][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1171.672142][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1176.565979][ C0] net_ratelimit: 27263 callbacks suppressed [ 1176.566005][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1176.584295][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1176.596498][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1176.608777][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1176.623315][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1176.635548][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1176.648303][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1176.660574][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1176.673297][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1176.685583][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1181.575849][ C0] net_ratelimit: 27904 callbacks suppressed [ 1181.575876][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1181.594039][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1181.607287][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1181.619615][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1181.631807][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1181.644267][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1181.656438][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1181.668577][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1181.680760][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1181.692899][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1186.586143][ C0] net_ratelimit: 27954 callbacks suppressed [ 1186.586165][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1186.604457][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1186.616579][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1186.628718][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1186.640886][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1186.652986][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1186.665256][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1186.677443][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1186.689584][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1186.701716][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1191.595929][ C0] net_ratelimit: 28532 callbacks suppressed [ 1191.595951][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1191.614147][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1191.626283][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1191.638411][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1191.650653][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1191.662795][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1191.674939][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1191.687168][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1191.699278][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1191.711398][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1196.605845][ C0] net_ratelimit: 28297 callbacks suppressed [ 1196.605867][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1196.623951][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1196.636138][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1196.648349][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1196.660508][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1196.672682][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1196.684819][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1196.697111][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1196.709447][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1196.721658][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1197.428730][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1201.615984][ C0] net_ratelimit: 29349 callbacks suppressed [ 1201.616007][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1201.634398][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1201.646708][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1201.658947][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1201.671269][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1201.683498][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1201.695772][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1201.708072][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1201.720264][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1201.732543][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1205.650468][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1206.626006][ C0] net_ratelimit: 28232 callbacks suppressed [ 1206.626031][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1206.644524][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1206.656755][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1206.668967][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1206.681342][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1206.693635][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1206.705915][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1206.718273][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1206.730541][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1206.742809][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1211.635844][ C0] net_ratelimit: 27633 callbacks suppressed [ 1211.635871][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1211.654073][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1211.666294][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1211.678527][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1211.690722][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1211.703019][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1211.715376][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1211.727638][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1211.740384][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1211.752741][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1216.645849][ C0] net_ratelimit: 29574 callbacks suppressed [ 1216.645872][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.664059][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.676308][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1216.688508][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.700689][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.712929][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1216.725104][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.737377][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1216.749660][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1216.761972][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1220.935804][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1220.942787][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P20806/1:b..l [ 1220.950841][ C0] rcu: (detected by 0, t=10502 jiffies, g=83749, q=2626 ncpus=1) [ 1220.958646][ C0] task:syz.5.2991 state:R running task stack:25728 pid:20806 tgid:20799 ppid:16129 task_flags:0x400140 flags:0x00004002 [ 1220.972167][ C0] Call Trace: [ 1220.975448][ C0] [ 1220.978385][ C0] __schedule+0x1190/0x5de0 [ 1220.982933][ C0] ? __pfx_css_rstat_updated+0x10/0x10 [ 1220.988427][ C0] ? __pfx___schedule+0x10/0x10 [ 1220.993338][ C0] ? unwind_next_frame+0x3f4/0x20a0 [ 1220.998593][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.003393][ C0] ? is_bpf_text_address+0x8a/0x1a0 [ 1221.008615][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.013415][ C0] preempt_schedule_irq+0x51/0x90 [ 1221.018474][ C0] irqentry_exit+0x36/0x90 [ 1221.022927][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1221.028939][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x5a/0x70 [ 1221.035230][ C0] Code: 35 8b 82 3c 16 00 00 85 c0 74 2b 8b 82 18 16 00 00 83 f8 02 75 20 48 8b 8a 20 16 00 00 8b 92 1c 16 00 00 48 8b 01 48 83 c0 01 <48> 39 d0 73 07 48 89 01 48 89 34 c1 e9 55 72 d8 09 0f 1f 44 00 00 [ 1221.054880][ C0] RSP: 0018:ffffc9000bb17748 EFLAGS: 00000216 [ 1221.060966][ C0] RAX: 0000000000080000 RBX: 0000000000000000 RCX: ffffc9001b831000 [ 1221.068971][ C0] RDX: 0000000000080000 RSI: ffffffff820c0f82 RDI: 0000000000000005 [ 1221.076977][ C0] RBP: 000020000043a000 R08: 0000000000000005 R09: 0000000000000000 [ 1221.085222][ C0] R10: 0000000000000000 R11: 0000000000000000 R12: ffffc9000bb17868 [ 1221.093234][ C0] R13: ffff8880adb66010 R14: ffff88805d9db8c0 R15: 0000000000000000 [ 1221.101319][ C0] ? ___pte_offset_map+0x62/0x4f0 [ 1221.106376][ C0] ? ___pte_offset_map+0x54/0x4f0 [ 1221.111420][ C0] ___pte_offset_map+0x62/0x4f0 [ 1221.116453][ C0] pte_offset_map_rw_nolock+0x37/0x1a0 [ 1221.121947][ C0] __handle_mm_fault+0xd02/0x2a50 [ 1221.126997][ C0] ? mt_find+0x3ef/0xa30 [ 1221.131263][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 1221.136740][ C0] ? __pfx_mt_find+0x10/0x10 [ 1221.141366][ C0] ? find_vma+0xbf/0x140 [ 1221.145808][ C0] ? __pfx_find_vma+0x10/0x10 [ 1221.150506][ C0] handle_mm_fault+0x589/0xd10 [ 1221.155281][ C0] ? __bpf_trace_exceptions+0x1/0x40 [ 1221.160679][ C0] do_user_addr_fault+0x7a6/0x1370 [ 1221.165827][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.170615][ C0] exc_page_fault+0x5c/0xb0 [ 1221.175141][ C0] asm_exc_page_fault+0x26/0x30 [ 1221.180011][ C0] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 1221.185830][ C0] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 1221.205476][ C0] RSP: 0018:ffffc9000bb17b20 EFLAGS: 00050206 [ 1221.211562][ C0] RAX: 0000000000000001 RBX: 00002000004390c0 RCX: 00000000000000c0 [ 1221.219546][ C0] RDX: 0000000000000000 RSI: 000020000043a000 RDI: ffff88805c520f40 [ 1221.227533][ C0] RBP: 0000000000001000 R08: 0000000000000001 R09: ffffed100b8a41ff [ 1221.235605][ C0] R10: ffff88805c520fff R11: 0000000000000000 R12: 0000000000000000 [ 1221.243592][ C0] R13: ffff88805c520000 R14: dffffc0000000000 R15: 00002000004390c0 [ 1221.251590][ C0] _copy_from_user+0x98/0xd0 [ 1221.256212][ C0] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 1221.261873][ C0] snd_rawmidi_write+0x26e/0xc10 [ 1221.266861][ C0] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 1221.272397][ C0] ? __pfx_default_wake_function+0x10/0x10 [ 1221.278268][ C0] ? bpf_lsm_file_permission+0x9/0x10 [ 1221.283685][ C0] ? security_file_permission+0x71/0x210 [ 1221.289346][ C0] ? rw_verify_area+0xcf/0x6c0 [ 1221.294129][ C0] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 1221.299604][ C0] vfs_write+0x29d/0x11d0 [ 1221.303951][ C0] ? getname_flags.part.0+0x1c5/0x550 [ 1221.309351][ C0] ? __pfx_vfs_write+0x10/0x10 [ 1221.314129][ C0] ? __fget_files+0x204/0x3c0 [ 1221.318828][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.323617][ C0] ? lock_release+0x201/0x2f0 [ 1221.328316][ C0] ? __fget_files+0x20e/0x3c0 [ 1221.333097][ C0] ksys_write+0x1f8/0x250 [ 1221.337445][ C0] ? __pfx_ksys_write+0x10/0x10 [ 1221.342316][ C0] do_syscall_64+0xcd/0x490 [ 1221.346841][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1221.352745][ C0] RIP: 0033:0x7fdeb2b8ebe9 [ 1221.357166][ C0] RSP: 002b:00007fdeb3ab6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1221.365583][ C0] RAX: ffffffffffffffda RBX: 00007fdeb2db6090 RCX: 00007fdeb2b8ebe9 [ 1221.373652][ C0] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000005 [ 1221.381630][ C0] RBP: 00007fdeb2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1221.389602][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1221.400793][ C0] R13: 00007fdeb2db6128 R14: 00007fdeb2db6090 R15: 00007ffe2de92508 [ 1221.408916][ C0] [ 1221.411977][ C0] rcu: rcu_preempt kthread starved for 533 jiffies! g83749 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 1221.423011][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1221.432993][ C0] rcu: RCU grace-period kthread stack dump: [ 1221.438896][ C0] task:rcu_preempt state:R running task stack:27368 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00004000 [ 1221.452432][ C0] Call Trace: [ 1221.455739][ C0] [ 1221.458680][ C0] __schedule+0x1190/0x5de0 [ 1221.463224][ C0] ? __mod_timer+0x8ed/0xd30 [ 1221.467843][ C0] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1221.473875][ C0] ? __pfx___schedule+0x10/0x10 [ 1221.478779][ C0] ? __pfx___debug_object_init+0x10/0x10 [ 1221.484426][ C0] ? schedule+0x2d7/0x3a0 [ 1221.488773][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.493635][ C0] ? lock_release+0x201/0x2f0 [ 1221.498332][ C0] schedule+0xe7/0x3a0 [ 1221.502414][ C0] schedule_timeout+0x123/0x290 [ 1221.507283][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 1221.512660][ C0] ? __pfx_process_timeout+0x10/0x10 [ 1221.517962][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1221.523814][ C0] ? prepare_to_swait_event+0xf5/0x480 [ 1221.529307][ C0] rcu_gp_fqs_loop+0x1ea/0xb00 [ 1221.534098][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 1221.539417][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.544211][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 1221.549177][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.553956][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.558754][ C0] rcu_gp_kthread+0x270/0x380 [ 1221.563460][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1221.568688][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.573482][ C0] ? lockdep_hardirqs_on+0x7c/0x110 [ 1221.578814][ C0] ? __kthread_parkme+0x19e/0x250 [ 1221.583862][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1221.589079][ C0] kthread+0x3c5/0x780 [ 1221.593169][ C0] ? __pfx_kthread+0x10/0x10 [ 1221.597785][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.602561][ C0] ? __pfx_kthread+0x10/0x10 [ 1221.607169][ C0] ret_from_fork+0x5d4/0x6f0 [ 1221.611780][ C0] ? __pfx_kthread+0x10/0x10 [ 1221.616388][ C0] ret_from_fork_asm+0x1a/0x30 [ 1221.621179][ C0] [ 1221.624232][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 1221.630579][ C0] CPU: 0 UID: 0 PID: 16739 Comm: kworker/u8:37 Tainted: G U syzkaller #0 PREEMPT(full) [ 1221.641788][ C0] Tainted: [U]=USER [ 1221.645606][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1221.655687][ C0] Workqueue: bat_events batadv_tt_purge [ 1221.661274][ C0] RIP: 0010:unwind_next_frame+0x7d/0x20a0 [ 1221.667105][ C0] Code: 28 0a 48 b8 00 00 00 00 00 fc ff df 49 8d 6d 48 48 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 95 18 00 00 49 8b 45 48 48 89 44 24 08 <49> 8d 45 38 48 89 c2 48 89 04 24 48 b8 00 00 00 00 00 fc ff df 48 [ 1221.687254][ C0] RSP: 0018:ffffc90000007238 EFLAGS: 00000246 [ 1221.693343][ C0] RAX: ffffffff817c0a10 RBX: 0000000000000001 RCX: ffffffff9141cf3c [ 1221.701320][ C0] RDX: 1ffff92000000e5e RSI: ffffffff817c0a10 RDI: ffffc900000072a8 [ 1221.709304][ C0] RBP: ffffc900000072f0 R08: ffffffff9141cf40 R09: 0000000000000000 [ 1221.717410][ C0] R10: ffffc900000072a8 R11: 0000000000007c08 R12: ffffffff81a67470 [ 1221.725493][ C0] R13: ffffc900000072a8 R14: 0000000000000000 R15: ffff888068013c00 [ 1221.733489][ C0] FS: 0000000000000000(0000) GS:ffff8881246c4000(0000) knlGS:0000000000000000 [ 1221.742448][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1221.749044][ C0] CR2: 00007ffe46e7488c CR3: 000000000e380000 CR4: 00000000003526f0 [ 1221.757033][ C0] Call Trace: [ 1221.760319][ C0] [ 1221.763169][ C0] ? __local_bh_enable_ip+0x100/0x120 [ 1221.768561][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 1221.774986][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1221.781151][ C0] arch_stack_walk+0x94/0x100 [ 1221.785840][ C0] ? batadv_tt_local_purge+0x21c/0x3c0 [ 1221.791402][ C0] ? __local_bh_enable_ip+0x100/0x120 [ 1221.796792][ C0] stack_trace_save+0x8e/0xc0 [ 1221.801494][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 1221.806890][ C0] ? __pfx_br_forward_finish+0x10/0x10 [ 1221.812380][ C0] ? find_match+0xc8/0x15d0 [ 1221.816898][ C0] kasan_save_stack+0x33/0x60 [ 1221.821687][ C0] ? kasan_save_stack+0x33/0x60 [ 1221.826573][ C0] ? kasan_save_track+0x14/0x30 [ 1221.831431][ C0] ? __kasan_slab_alloc+0x89/0x90 [ 1221.836468][ C0] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 1221.842109][ C0] ? __skb_ext_alloc+0x1a/0x80 [ 1221.846873][ C0] ? skb_ext_add+0x232/0x7a0 [ 1221.851468][ C0] ? br_nf_pre_routing_ipv6+0xca/0x8c0 [ 1221.856966][ C0] ? br_nf_pre_routing+0x860/0x15b0 [ 1221.862217][ C0] ? br_handle_frame+0xad8/0x14b0 [ 1221.867274][ C0] ? __netif_receive_skb_core.constprop.0+0xa25/0x48c0 [ 1221.874156][ C0] ? __netif_receive_skb_one_core+0xb0/0x1e0 [ 1221.880188][ C0] ? __netif_receive_skb+0x1d/0x160 [ 1221.885407][ C0] ? process_backlog+0x442/0x15e0 [ 1221.890440][ C0] ? __napi_poll.constprop.0+0xba/0x550 [ 1221.896085][ C0] ? net_rx_action+0xa9f/0xfe0 [ 1221.900862][ C0] ? handle_softirqs+0x219/0x8e0 [ 1221.905814][ C0] ? do_softirq+0xb2/0xf0 [ 1221.910150][ C0] ? __local_bh_enable_ip+0x100/0x120 [ 1221.915548][ C0] kasan_save_track+0x14/0x30 [ 1221.920327][ C0] __kasan_slab_alloc+0x89/0x90 [ 1221.925290][ C0] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 1221.930772][ C0] ? __skb_ext_alloc+0x1a/0x80 [ 1221.935558][ C0] __skb_ext_alloc+0x1a/0x80 [ 1221.940159][ C0] skb_ext_add+0x232/0x7a0 [ 1221.944601][ C0] br_nf_pre_routing_ipv6+0xca/0x8c0 [ 1221.950003][ C0] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 1221.955933][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.960807][ C0] ? net_generic+0xea/0x2a0 [ 1221.965324][ C0] ? rcu_is_watching+0x12/0xc0 [ 1221.970304][ C0] ? lock_release+0x201/0x2f0 [ 1221.975000][ C0] br_nf_pre_routing+0x860/0x15b0 [ 1221.980069][ C0] br_handle_frame+0xad8/0x14b0 [ 1221.984992][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 1221.990338][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 1221.996261][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 1222.001570][ C0] __netif_receive_skb_core.constprop.0+0xa25/0x48c0 [ 1222.008354][ C0] ? trace_irq_enable.constprop.0+0xc0/0x120 [ 1222.014452][ C0] ? kmem_cache_free+0x2d1/0x4d0 [ 1222.019406][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 1222.024101][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 1222.031239][ C0] ? kfree_skbmem+0x1a4/0x1f0 [ 1222.035935][ C0] ? sk_skb_reason_drop+0x136/0x1a0 [ 1222.041155][ C0] ? ip6_mc_input+0x4f2/0xeb0 [ 1222.045860][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 1222.050969][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 1222.056202][ C0] ? process_backlog+0x3f0/0x15e0 [ 1222.061249][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 1222.067089][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 1222.073523][ C0] ? lock_acquire+0x2cd/0x350 [ 1222.078227][ C0] ? process_backlog+0x3f0/0x15e0 [ 1222.083270][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.088079][ C0] ? process_backlog+0x3f0/0x15e0 [ 1222.093127][ C0] __netif_receive_skb+0x1d/0x160 [ 1222.098197][ C0] process_backlog+0x442/0x15e0 [ 1222.103073][ C0] __napi_poll.constprop.0+0xba/0x550 [ 1222.108463][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.113249][ C0] net_rx_action+0xa9f/0xfe0 [ 1222.117883][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 1222.123022][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.127817][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.132621][ C0] ? tmigr_handle_remote+0x132/0x380 [ 1222.137959][ C0] ? run_timer_base+0x121/0x190 [ 1222.142872][ C0] handle_softirqs+0x219/0x8e0 [ 1222.147672][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 1222.153072][ C0] ? batadv_tt_local_purge+0x21c/0x3c0 [ 1222.158542][ C0] do_softirq+0xb2/0xf0 [ 1222.162709][ C0] [ 1222.165657][ C0] [ 1222.168589][ C0] __local_bh_enable_ip+0x100/0x120 [ 1222.173799][ C0] batadv_tt_local_purge+0x21c/0x3c0 [ 1222.179104][ C0] ? __pfx_batadv_tt_local_purge+0x10/0x10 [ 1222.184932][ C0] ? debug_object_deactivate+0x1ec/0x3a0 [ 1222.190659][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.195431][ C0] batadv_tt_purge+0x8b/0xb80 [ 1222.200215][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1222.206042][ C0] ? debug_object_deactivate+0x1ec/0x3a0 [ 1222.211683][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 1222.216983][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.221756][ C0] ? lock_acquire+0x2cd/0x350 [ 1222.226536][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.231311][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.236261][ C0] process_one_work+0x9cf/0x1b70 [ 1222.241243][ C0] ? __pfx_kfree_rcu_monitor+0x10/0x10 [ 1222.246731][ C0] ? __pfx_process_one_work+0x10/0x10 [ 1222.252147][ C0] ? assign_work+0x1a0/0x250 [ 1222.256758][ C0] worker_thread+0x6c8/0xf10 [ 1222.261360][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1222.266480][ C0] kthread+0x3c5/0x780 [ 1222.270568][ C0] ? __pfx_kthread+0x10/0x10 [ 1222.275173][ C0] ? ret_from_fork+0x25/0x6f0 [ 1222.279894][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.284688][ C0] ? rcu_is_watching+0x12/0xc0 [ 1222.289486][ C0] ? __pfx_kthread+0x10/0x10 [ 1222.294108][ C0] ret_from_fork+0x5d4/0x6f0 [ 1222.298729][ C0] ? __pfx_kthread+0x10/0x10 [ 1222.303335][ C0] ret_from_fork_asm+0x1a/0x30 [ 1222.308134][ C0] [ 1222.311389][ C0] net_ratelimit: 24966 callbacks suppressed [ 1222.311410][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1222.329677][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1222.341956][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1222.354381][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1222.366710][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1222.379003][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1222.391418][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1222.403683][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1222.415890][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1222.428133][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1227.315835][ C0] net_ratelimit: 27394 callbacks suppressed [ 1227.315861][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1227.334040][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1227.346234][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1227.358375][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1227.370544][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1227.382795][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1227.394957][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1227.407156][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 1227.419350][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 1227.431628][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)