last executing test programs: 3m19.944744791s ago: executing program 2 (id=543): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082cbd7000fedbdf250300000008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f00000008000400010000880a0011"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x9, 0x400008) r0 = socket(0xa, 0x2, 0x88) setsockopt$auto(r0, 0x11, 0xa, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x3, 0x5e61) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3m18.985019998s ago: executing program 2 (id=547): close_range$auto(0x0, 0xffffeffe, 0x2) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd15/queue/scheduler\x00', 0x103a42, 0x0) syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000100), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000100), 0xffffffffffffffff) fanotify_mark$auto(0xffffffffffffffff, 0x72d, 0x800, 0xffffffffffffffff, 0x0) (async) fanotify_mark$auto(0xffffffffffffffff, 0x72d, 0x800, 0xffffffffffffffff, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x0, 0x0) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/fail_io_timeout/probability\x00', 0x20000, 0x0) read$auto(r0, 0x0, 0x2) (async) read$auto(r0, 0x0, 0x2) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x40009, 0x9, 0x9b72, 0x7, 0x28000) connect$auto(0x3, 0x0, 0x54) r1 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto(r1, 0x0, 0x9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) (async) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) 3m18.652378837s ago: executing program 2 (id=549): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80000, 0x0) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000e00)={0x1110, r2, 0x403, 0x70bd2d, 0x25dbdbf9, {}, [@HWSIM_ATTR_PMSR_RESULT={0x10fc, 0x1c, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x10f8, 0x5, 0x0, 0x1, [{0x10f4, 0x0, 0x0, 0x1, [@NL80211_PMSR_PEER_ATTR_ADDR={0x1004, 0x1, "a9647cf083276d21f547d6ec29a362089095aa9ace17528e7af6c18a70e5a73575e29f9d908102abda0a9d7f45f3852da6a8fc0db86bf180c5208c888eee8dafdb5d423b386bfd17b6bcfd0e03ca7aa6c1d3b648740d64df0826ac5b8c6e696cc4149b702229eca3e126bd9025f1dd3b319c8870dfaabb526a5b6ded0297a14ddeb83df653a7ddaf3963c3eb41ab33aff7d0a005b46e2f9fe80b74e4ef61d1651acd5d626909c2e92baac86e93de85d993350d972e1ae945d65cebc4c3cbd3b0c113f56a530fe67bf8afd076c96032c7d0daebd78fd54ce97d5619fd85a71991bf0a5734beefab3f95f02cd43e23da1d5b9b8e4ec5f8c5469818866656818c16a4fee1742c3d0d1e21040cda8b1e2d64e6cd322a9f05e73d2a89b657810421e3a6f52cb4a09b818aed784b865e775e16d13c4af0a549a743e772bfbd7e7b18bc5181f2d891cf7aa7017e1b1a471e409b2a0f1f0345e58b7a83db238b1243035ef798d161c831f0a3207b0e5b50b7ef4c7e36fe198534435c534794850b964623df7c1302fae2479c38f224af1f997de33b03ff6279c0524b22e3e1d9cdcce48b6013532a40f92888162b47fe57a3fe63129e244eb3332e27de689a61818de10638bae6acf494fe6dd9df55cf56c262d09176d9fe7f8603d92010b4e849b00e7b067664ffb3de944d7f24fc27e6234fc1770df9437b99a6b7256d3aaa6de33e5dcafd94aed373768dea45929b13ab431cb8b004a50a3af281996da9323f48a79ccaf94b2830fb3fda9c332df22eaf139f97c414df926bb2919a7255780a9ed697d33bdafb4b87a61118815232302c1fb09923043e837d854cbe93df4f2dfef3ea00a6ffa32bb30681c259c74c2e754c93f3a2339f781bc06a99e2067e40f8ed652e1dd48f9b88e01e67f1c6da7990c4edccdc89cb6dec630cbcc57ab39eac4858407e3e37ce77d8080720f2e4a44773a65f165bc737a4d830afc286d46cc00fc277ad0f47779fd6104d9bf9bf525fc913a2c12ac657afe669c847cd5867f7104189ce6c2da65d363c3ce4fcf5937c5f054ba77b186ee37e7d58f309eb88b8886a8fd46f634c3d82d261eddbcd88f3bdd292d895c2c8bcb84cead50a5567e65b052fae1b58b5f0b6eb306ae4739271107776b5d0dafd7de5bd30b630b29a4741d3aaeff8d2cf3dab4781c746939be4bb32336189a0f310ce3f2a9fe7a9b4bd42c3ae7a97317c909ca650cb6e6b6d5b62dab732d19fa813f0310b79b048505059f2891f56d33bfaa6ade2e56964f59f0fbfa1790e7ad842ccc79027ae4556924d156ebfb41b9be793648bd7e0c2d1de4873686081841d59f25be32bab0428a7a66a3f307723f92748f9acbd1dd78c5c0d8ef976c7957bbafb2a57e22104569883a890b6c325a89f4c1f5bedf6edf1e4db4b458831e6eef8a858201ebdc9c27808bf199fd1bc12966b94a8a0f2608e861b9b09b32323967b64603bfc4e5d5b6af9f68c78858a56c72a922c3fa56118c9b7ec7b09ad9adeb9cad6fce4532d23a1ed16eddbb583b992ca64e12ddd16d6e908b9e0a432736b76f5d0b5bc71b477da428630c8105d14699eb885bc3afa54f7d9fb74b220a26c6f113614fafdadb314f72cd3025a029ae8ed8d64386bdef864f0f0b69dffe93eed8b4020375d7303cc37e2fb7c7459027f54e448e259df717542e73872fe3799203452f86a270dc0c5c848196803ad3723dbb4b4ab78da79743b9a0d72d0f03fb991e2dcb23b5ecf79c13baccd05621d5bd9631b1ebd9b951b865084198131110bac08e5d6a095993a3d1cca83c0ff5dc601b07912026111351e67d574660961ebc61a572f745e219e48934818fa9ac26c8bb2fc34bba1bd247e9bb7b73fdd3a3d30f2d9fa980c59290b40bbe83653f714f506baf8dae6aa82a738bd68f32466370f2358ea1965cf5f54978e50087eb0ed4856bd9189faa735add45fc58ad91accb6888e9011a1e0affc09aa900ad592225a42a1f86d901fc38c6ee2a4dd577f7fa51e4395eb06263a379adfaf70cf26ea350d0767cbf958bffe6b44851d6869d0bf7e832f8b0d9db438f061cfa37ac735c7851d66d69569229f807aea07abc02855e72e65f3c82ad267c4ba64450ceae56774c8451731fedf3962b5ba48dea5e922698ac963132de330f40f39351c19a47037e0c6987273e2ada67c4b08dd595021e5db24172b09b7a05d984c986031a9e572d7750600bb2e2c410a0fad7655be97e2951e39123a41cd0e517bdce77c865d8cdfcfe789f1347550c9ecce254ca06d162578c19c5eb241c0d88f2406bad2ccb7c44a4ba8eceafa5d4bb1739ef9154e84530cefe565a02c394de550e1a0445ee2c833f12a6b989c7812572ae98e5df95627f42690320cda7949982797ea4ae4864c21acc1f02ff3173f1122db461bbaebc9791b43d39a462f3354e231d10889443bbd2adf0577afada3827110e9d96cdb7f1b138aaa604f7283d5eda294aeb6b91f9a44ec2d1ac31d62ba4d84fa762687ac26b91bfe35c234df29134a5efacd6b4be4a9d58870ca69660d70ce3d4df768a208d459373c2ac70e7ff93f003405d69053fe919f4551add0683cd71ac28bc12513d4d67a7c69d90f1071cad22e21b20052b9ce2dc0915128d3acedf3288f4363806581c42f503fd489eb2ceb4d50e72927dad2d17d1916353f9885f181ec23e738a96c47357e4275464b350b84c84ab80eadac0ae33ce3f18cc28a1fd13737dc60404a5376d9576049ab22fe8463b34e01dad013d94598e13dbc8ecef96e3c7166877b2044c781674790d3c98f72787c5373c379816fa5f5be2efdfd879017d44c5f0a8f0280593dae570432441c0dd3ecab334d36ce3216602c6c2239cdfa4f0aa06b2664b5a2ccd28a746f2f832eee781f12dafda006b9fc917d1a1d78509ad7f24689c0612c390a88380404d214ce789d3d7bd6bda5b2162bb968561b333b841c296407090c11157427bc813754073d44d2b5b4df1f9357ee17b4f497ac7c6465e7b25eb4a08b5defc592635f6f09fcf2d86371d5cd8adc66447c0c332b0b4052e38971dbb163cd9fca2fd6f3c399ed39649b7477885123bda1f3a2675d69f121e8edd7f28e5fcd743e107d5e1707c4e9317ec8c7a2442f6ef8c26c9b882c0f9e3982549a1d27064377609ab13286bd0f73661aa11332dbe68ae91713c5856b38d964a5bbbc8b45a0cf425c6a584bc577caa32c7a93b16897e6612b9a4401fa7ddd3f28af18ca3ef717b706c01a1bfbcc909b1a7cf5b4efadd08f2a1b4ca70abbf3ac202cd35b9c2e6385a361b40ec5b7f7bd396e04aeaa1a721270df522fe202479dcb49407a9fb8bf681e0f3bcd8070494427246bc65f9a6f9de308e37ac158430778e8be48a6a24d11815fe390253aed577cc71baefc2b2c1289cb0277de552a158d39e44d841c677981e2c37e0ad1f229db1fab1aa0a4b98cbb9819d66dc4b4e0054d8698c3ee8fcf145568b023c04fa87f291a620bba67679fc1c1976c45ad60cf079b2b2f5b59451253c4b006e26fb79c6bcf5cc08c34f84dbe986b2f2a57a9e45d175a7e10f10fb162cbd4331842bca189ac494dcfbfa0799347b88b0fca417c83dadd5d8a956bc5dfe946dcca90b784c0915587cdc61025423280a277edd5629be43d44c2775f02a297a01bcd35741cc62191899a2ceb15bb36016dd047f93e93abb206af4cb72f7eb33fdb15507d6cfd60a1a70cdbf936185f466deb97adfac9f13d50d3099e2111f75b99d33240a87ea2bbda24bc6a8ad2fabb826cc4aeb8a9002537342f31e59e9a7a151bd101d233ebfa783e84bd95b41e489a3335f932e830c18fc7613bc40fa0561b3f7a68c024e0de87dba28467c0d1cd150a72ad5c1fb47851d04dcac70fcbbe8a45a81f359c92789274d866793e5e0403ea6ce1924dce9dfc8abc0beb105886a594c5cb206caf3a171f0394760fcbbdf61b061aaf2fe879bd8cdf3dfe909b0ba2bc8e93081fc8094b554d02064e0bf9e4164ce552a2e89898fe2e61c158c9ef8f16dd087676cebf23ceac8e72c82803d9f431da2fd851663258dc88556e06fc7837737373d145134aed117852737fadbcb855782d84c89e98bec3e1b950335a12fe86b12aef7de1eb206334ba6eb801178d7f536c7cd93fea3ea960cc3ee1bf737a29fd1cbd57ab40aa47a01037cd7d7d5cb99c4a12ad8bb338a6a2cdd0829eb8e4775d1e9eae905bfe654543a88961af5e47f2517f6d8780d4ec24e44b51f7070362ee7477ceb0a37ee3d696c987a913b45b365919e91694faed59493dbc68d6f61348003e686e42b51777a405e7c54a5975cb19a7057328a7ef18e9dfbfee7d45c38543ca91f33424f47ffec0280850501d5d9ba44bf865a59b6055caff12db54cde95022fea924cdf67b205ac3f91ae6bfc1658dd04dd014dd5ef13e9c5b1c1bb1d264db229f36f1f9561c9c26910b4379f0f74eaea29ee058d7573bb95c784d70da39beda506c5fcee924ebd0d6d100d4e94d0e2cc2a4638066d6520ed4cf4d029c1a8d0e63da1629bf1c023f4e8fba736791c8705e5b8d61771ec476a893ceda259aaab355978e32dcbb2c16f08a4f91712610dcff63659d86563a032334e29fef70f33b47ab3d3f76f6df07d363ccb11b98759d05e5d3afc87431449cc5e5b52d694414625418b8820e6785579c0cf0463031fff836a3f0dc87445c0305c4c135effa858c4eca2b57d9baacd5f9eff220a5f842e3c481efbb8ec97fb24df86f52fa2e1cdd6c3d0c149eb4cf03fd473560361ebffa34e1d9e28c78e0698ddfb2df2e14c8e86dd4a9546dbcfb9276233660024c55df2b162ff8e7b8a7c84e9ad7820fbf58faf8ece25f2563349e72c533c37c2156724e9ac09041eddb60edae084a5f1bce4f9050f1f22eff55e7c8002731746bf440bcb69f7e2d22ffb886032ee739d6dcba4b6c05b3ea9e723361e94707aa63494c135b70eb2def8729ef1000bc61a4f1c81fc79958f40f3c1bb1b4350b6c4a332585559e0bb5d79f7a4e8ccaced8ef20ddaf2d74c0ff42aec2f97e82004017d0c89bfbbb855390063d3b13690fe4dfc15bf79ce8348411a60b624cb713b55c8106603aee0fa22bb2b4d85cde679773a9e562a757858515729267a82fc86ce344b0d75a9655515b1da6f9108f359e9f8d01b04b597ee7733d2bc202abcc873387f08f5cec92332dab78d73aa87a2a9440890320952db90fc0f8186bf872265ab7bda0934c372a247510f23fae83e57aca7b404515e1eb05e6f547ad706ed830689e646eaee230cb5a720379d38c0d960b2a32b50dbb1a54b40afbfff32536e8787b9aa4435deea4faea80d2c380c584b3b5ace24494d7fec55929c3fa4dca8e67962b9f2d70aa03e30b69b3504f987aae0d3bae15ba0ef4262e34c1f45b96484e7b6a11a4928575eb4290d3a41caaf46c6756cdd876b26981918dcd85901fc1de25c195223f6f8835daed013c2707f0a42d44a0b1e5eea9ff1581897776dc35798eb9126fccb7cab238781dd6990d814699c990dda5bdd6b3b9b2e957c0669e98c4a5a128e0c2437742f084389ac60cc0d5bbbbb4c64de002a568ca5a4e726c78040af3db24f738c20ef088bdf2a0433824faaca8ebecfa28725827a0e5a2a475fe5c1a28a259cc6e73d5fa8d9f83a119d6720dc31c9f2c5dd19539dad6d86376374061adf473c21d02a5d28202e58ee370677c0369c023426cb0b3953fa11cf7024f6d738681b35fb308320e596998def8e61c925b7000eaab0c91e5c5bb8dba"}, @NL80211_PMSR_PEER_ATTR_RESP={0x28, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_HOST_TIME={0xc, 0x3, 0x100000000}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x7}, @NL80211_PMSR_RESP_ATTR_STATUS={0x8, 0x2, 0x5}, @NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_RESP={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_RESP_ATTR_FINAL={0x4}]}, @NL80211_PMSR_PEER_ATTR_ADDR={0x29, 0x1, "82e2ab66bd8d244da24b585066fc1229bb2dd36f0f668cabb6fa1d17b0de49e19484153036"}, @NL80211_PMSR_PEER_ATTR_ADDR={0x90, 0x1, "608ed6acf1694fda8fa797edf747132110a9ca57f2ff95db014631f2c21b52daab6278613a6acb29b720512ad5e5f4107e9002f94609a02183e85d3f8430a6264ab698101597f7317680c614d30b91a8325fa0f6494aa4350b3eb3046b18ec7a57d58f660433ba366d9d45a85d9d4b8404b4b42d8e363434ac5e377aba6c983848654e5e8b67a9a66079a0e7"}]}]}]}]}, 0x1110}, 0x1, 0x0, 0x0, 0x80}, 0x8000) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sysfs$auto(0x2, 0x10000000000002a, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) fcntl$auto(0x3, 0x4, 0xa553) write$auto(0x3, 0x0, 0xfdef) r3 = socket(0x10, 0x2, 0xc) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) ioctl$auto(r3, 0x1, r1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40180, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) r5 = gettid() socket(0x1e, 0x1, 0x0) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) kill$auto(r5, 0x11) sendfile$auto(r4, r4, 0x0, 0x5) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 3m16.482554057s ago: executing program 2 (id=556): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) msgctl$auto_IPC_INFO(0x3, 0x3, &(0x7f0000000180)={{0x80000001, 0x0, 0xffffffffffffffff, 0x5, 0x2, 0xff, 0x2}, 0x0, 0x0, 0x1, 0x1000, 0x94, 0x8, 0x2, 0x31, 0x100, 0x3, @inferred=0x0, @inferred=0xffffffffffffffff}) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) r3 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r3, 0x0, 0x400) sendmsg$auto_OVS_DP_CMD_NEW(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000680)=ANY=[@ANYBLOB="2400bd670882f4825dd54c35e5ca0000450d39c421ce95961f9d3509000000cdce0084140ea5114d5038dda58e36b0f424bf4bf3d35bc9c7a4b14c3bf8915e1714ec3e0e970000d30f6fb5c63a068245e961f6ab8d27676ea89f55866d981257536b118c0c7cc6762bf57ad4c045cb119fcf7f8700396ad3ea8d4257e500dff42a793e405ac7825a29aee3b7b3e25fca372b36b11c32e9420417e1a5750eccc4befe68dda25d38d1e0281fd839b897c2e4dad5af70904e89e9e3a8d490efa8d002ba00b497296c2b2112a1479c8971aeb9fb1d3fc9bebf894ffd08db70e48814bb2af1330356694efa85214f05f2ec3669b8a6a80ed9fab195c10bb2ceaec7dc1afb00002e90d9c147370188e980b78a000000000000", @ANYRESHEX=r1, @ANYRESDEC=r3, @ANYRES32=r2, @ANYRESHEX=r2, @ANYBLOB="0c9b42185020a2cf760a7a3fd5723199ea0980e6d5d364355331df33d600e8d22146565239ed7a3eac9647430c9dbe138a91288989de795d77fbf84d820d087886fc5f0d67b69ab038bb21b6002be0776c3209bb90bf64395acc3955707fffb671004369d203e213156319098530581ae9f7b317223d8fb6d9b8d2ad39b4", @ANYRESDEC=r0], 0x24}, 0x1, 0x0, 0x0, 0x20000804}, 0x880) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x3, 0x100) (async) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='U'], 0x1ac}}, 0x4004) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) 3m16.283467111s ago: executing program 2 (id=557): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x40000, 0x0) socket(0x2a, 0x5, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129800, 0x0) ppoll$auto(&(0x7f0000000200)={r0, 0x6, 0x6}, 0x8, 0x0, 0x0, 0x8) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdb, 0x9b72, 0x2, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) shmctl$auto_IPC_INFO(0x28, 0x3, 0x0) read$auto_proc_auxv_operations_base(0xffffffffffffffff, 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfffffdef) fcntl$auto_F_ADD_SEALS(0xffffffffffffffff, 0x409, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x7, &(0x7f0000000180)='\xa1\x00\x16\x12\xf8\x98\x00\x00\x00\x00I}T\x99\xb4\xd8S]\xbb\f\xdaY\xae\xf1\xa2\x98s3\xfe@\v\xc2\x90X\x81\xa3r\xfdH\xb2\x0f\x01\xfb\xf4\x84\xbd\xf8\xe9+>e?&\x1c\xd2kj7\xba\xe6\xd3zkL\xa8s\x8ccT=\xac\'\x00\x00n\xf3\x8f\x1d9+\x04\x85\x9b\x8f\x1f\x0e\xeb%\xd4l\xfcfQ=\x10z%\x16Y\xc9\xe5\x9c\xe2\x1c\xdd+\x1e\xde\x0f\x9deB\xb3\xb2\xed\xa2:H\'', 0x4) sendfile$auto(r1, r1, 0x0, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) msync$auto(0x7, 0x76, 0x81) sendfile$auto(r2, r2, 0x0, 0x2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x40841, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) socket(0xa, 0x3, 0x73) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0xa, 0x8000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0xa, 0x5, 0x0) getsockopt$auto(r3, 0x84, 0x8, 0x0, 0x0) 3m15.110369615s ago: executing program 2 (id=560): r0 = socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x3) mmap$auto(0x0, 0x2020009, 0x7fff, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) access$auto(0x0, 0x5) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) (async) r1 = socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(r0, 0x0, 0x5c8) close_range$auto(r1, 0xfffffffffffff000, 0x4000000000002) (async) close_range$auto(r1, 0xfffffffffffff000, 0x4000000000002) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) (async) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8000, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x8, 0xff, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyt2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) (async) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) socketpair$auto(0x5b, 0x2, 0x420000, 0x0) (async) socketpair$auto(0x5b, 0x2, 0x420000, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) (async) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) 3m0.00263444s ago: executing program 32 (id=560): r0 = socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x3) mmap$auto(0x0, 0x2020009, 0x7fff, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) access$auto(0x0, 0x5) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) (async) r1 = socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(r0, 0x0, 0x5c8) close_range$auto(r1, 0xfffffffffffff000, 0x4000000000002) (async) close_range$auto(r1, 0xfffffffffffff000, 0x4000000000002) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) (async) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8000, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x8, 0xff, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyt2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) (async) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) socketpair$auto(0x5b, 0x2, 0x420000, 0x0) (async) socketpair$auto(0x5b, 0x2, 0x420000, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) (async) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) 39.431812098s ago: executing program 0 (id=1172): sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f00000002c0)=ANY=[@ANYBLOB="000091dd014db56941fea721978152bb6be8f235165c97c7136f48e280fd4ada8e79f20fcc5dc208cc40a01da1164fa2d2ae305e6626ff00000098e316dd4cdc44eadb02e9b7b3d3b291c2684f748d67a5e52fcbbf6902b38b6a2a2d84395e6c5806a1e99208bc29250b3e20bbd7d408c011e668a64dc1b9f21599dbbbeb12d3cb8dc40eaa100dcc839905aeb8ca642423537b26c2d0c81a594f4afa8667bd8fa807201f955999a6fd2b2bb2255f48739ce7f6230460315961f070bc86d5df2ad092e9c39c4ae40ffced6e69c1995f586fbbf15c143f478b97281a56266188a527dcf009c6c907b02f30bdb986126310607ffed6ef65604bfb9e8e3f9efc", @ANYRES16=0x0, @ANYBLOB="210026bd7000fedbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x80) socket(0x10, 0x2, 0x4) (async) r0 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000440), r0) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, r1, 0x100, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_RX_PUSH={0x5, 0xe, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8880}, 0x8b1058a2eb0d0d05) shmctl$auto_IPC_SET(0x800, 0x1, &(0x7f00000001c0)={{0x4, 0xffffffffffffffff, 0xee00, 0xfffffff8, 0x4, 0x6, 0xc8}, 0x9, 0x8, 0x3, 0x4, @raw=0x4, @inferred=0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000080)="13077fdedf58e4bb43a441118d9762136e814d6876f6e78d6f9ad889763817f737cb8df6674ecfe56e23f4b698df4b6bd9db370dda82548ebe4336bba2e2d3a90ec01a22bf33716f762c", &(0x7f0000000100)="9fd4ae93803682eab46f66472e79f1c4f892869a7fa62bb5a74d2c44c523a95f2c046ba0ffc70c6dab0b07f580157f"}) quotactl_fd$auto(r0, 0x5, r2, &(0x7f0000000240)="6446605165392184da5a99e120dc1865b302b6ea522e2c7ae45459c3dcdd64aaed8094becf69dd80be08002f142ee2825d53627c847f91be0a1883af0464fb765d41f9880344c0b1f24a541374e0dc0f8d96c7ec69b098d1a77e0c1d0f") mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x8, 0x4, 0xffff0054, 0x0) (async) socketpair$auto(0x8, 0x4, 0xffff0054, 0x0) r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0xa0440, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r3, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x6) (async) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x6) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0) (async) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) (async) socket(0x1e, 0x5, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) (async) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) (async) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x541b, 0x10000000000402) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x7fffffff) socket(0x29, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) (async) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r5, 0x8000) (async) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r5, 0x8000) ioctl$auto_BLKRRPART(r5, 0x125f, 0x0) 37.783367684s ago: executing program 0 (id=1178): openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0) select$auto(0x4, 0x0, &(0x7f0000000100)={[0x9, 0x7, 0xfffffffffffffff9, 0x9, 0x7ff, 0x3, 0x6, 0x2, 0x9, 0xffff, 0x1ff, 0x10, 0x3, 0x0, 0x5, 0x6]}, 0x0, 0x0) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x2) pread64$auto(0xffffffffffffffff, 0x0, 0x201, 0xc000) lseek$auto(0xffffffffffffffff, 0xe, 0x0) ioctl$auto_USB_RAW_IOCTL_EPS_INFO(0xffffffffffffffff, 0x83c0550b, 0x0) socket(0x10, 0x2, 0x4) ioctl$auto(0x3, 0x89e0, 0x91) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r0) open(&(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x103040, 0xd1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.3/usb4/urbnum\x00', 0xa0420, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/15, 0xf) 37.147584383s ago: executing program 0 (id=1181): write$auto_event_trigger_fops_trace(0xffffffffffffffff, &(0x7f0000000240)="3ddbe3ef3ae377e52805d0d65510d0e6c36ee41a693aca3d49", 0x19) r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) write$auto(r0, 0x0, 0x7) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x50}, 0x2000c090) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000180), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 36.903234956s ago: executing program 0 (id=1182): r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty57\x00', 0x40000, 0x0) ioctl$auto(r1, 0x4b32, 0x7) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_vlan/seg6_require_hmac\x00', 0x44e42, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x12d981, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x1, 0x4, 0x5f, 0x10, 0xffffffffffffffff, 0x400) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x50400, 0x0) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) r3 = socket$nl_generic(0x10, 0x3, 0x10) pwritev2$auto(r3, &(0x7f00000003c0)={0x0, 0x5}, 0x8000000000000004, 0xffffffffffffffff, 0x9, 0xb) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rpc/nfs4.idtoname/channel\x00', 0x100, 0x0) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x3a, 0x1, 0x89) socket(0x10, 0x2, 0x0) socket(0x2, 0x1, 0x0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8, @ANYBLOB="01"], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r4, &(0x7f0000000000)='- ', 0xfdef) r5 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zram0\x00', 0x0, 0x0) getsockopt$auto(0xffffffffffffffff, 0x4000, 0x7, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x3b72, 0x0) mmap$auto(0x0, 0x2020005, 0xfffffffffffffffb, 0x4eb1, 0xfffffffffffffffa, 0x8000000008000) getsockopt$auto(0xffffffffffffffff, 0x40000000113, 0x1, 0xfffffffffffffffc, 0x0) ioctl$auto_MON_IOCX_GET(r0, 0x40189206, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x0, 0x0) 36.518622158s ago: executing program 0 (id=1184): mmap$auto(0x0, 0x4020008, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) r1 = open(0x0, 0x261c2, 0x84) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000002c0)={'syz_tun\x00'}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r3 = fanotify_init$auto(0x1ff, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0xffffffffffffffff) bpf$auto(0x2, &(0x7f00000001c0)=@bpf_attr_11={0xc, 0x4143, 0x9, 0x2, 0x2, 0x101, 0x2, r0}, 0x8) bpf$auto(0x1, &(0x7f0000000380)=@raw_tracepoint={0x5, r1, 0x0, 0x6}, 0xc) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/dvb_usb_af9015/parameters/adapter_nr\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0x91f5}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000100)="837c43558323d5db424689e75a7e33a493a0cc9074c1fc5e017524", 0x1ffffffff}, 0x6, 0x0) sendmsg$auto_NL80211_CMD_ADD_LINK(r2, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000526bd7000ffdbc608f92c0000240081800500010009001c039fcf0100ff00000005000100080000000500010008f1000000000000000400200500d20006000000"], 0x48}, 0x1, 0x0, 0x0, 0xc008014}, 0x4000001) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0x4040ae79, r5) mmap$auto(0xffffffff, 0x20009, 0x4000000000df, 0x100eb1, 0x8, 0x5) sendmsg$auto_NL80211_CMD_SET_INTERFACE(r3, &(0x7f00000006c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f0000000700)=ANY=[], 0x11c}, 0x1, 0x0, 0x0, 0x44}, 0x20040814) io_uring_setup$auto(0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) wait4$auto(0x0, 0x0, 0x96d, 0x0) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(0xffffffffffffffff, &(0x7f0000003240)=""/4118, 0x1016) 36.119004686s ago: executing program 0 (id=1185): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_setup$auto(0x2, 0x0) mlockall$auto(0x7) (async) mlockall$auto(0x7) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) mmap$auto(0xfffffffffffff25c, 0x3, 0x121, 0x16, r0, 0x8) (async) mmap$auto(0xfffffffffffff25c, 0x3, 0x121, 0x16, r0, 0x8) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000100)={{@raw=0x2, 0x85, 0x20e, 0x1, "669cbbd9e9756f22fdffa199e0f106000000000000000b2f4ab8633824f0d2252ca5f200", @raw=0x8}, 0x0, @integer=@value=[0x0, 0x4, 0xf, 0x80000001, 0xfffffffffffffff7, 0x4, 0xc, 0x3, 0x8f, 0x2, 0x3, 0xa4f, 0x101, 0x5, 0x0, 0x8, 0x1, 0x6, 0x3, 0x2, 0x2, 0x1, 0x8, 0x4, 0x2, 0x0, 0x7, 0xfb, 0xf, 0x100000000, 0x10, 0x6, 0x10da, 0x7, 0x8000000000000008, 0x81, 0x8, 0x6, 0x6, 0x4, 0x6, 0x1, 0x7, 0x0, 0x7, 0xc, 0x9, 0x5, 0x800, 0x3, 0x2, 0x25489d7a, 0x2, 0x90000000000000, 0x9, 0xfffffffffffffff8, 0x2d, 0x7, 0xffff, 0x6, 0x400000000000005, 0x3, 0xc69, 0x95, 0x7, 0x5, 0x2, 0x2, 0xfffffffffffffffd, 0x4, 0x4, 0xb000000000, 0x6, 0x80000001, 0x1, 0x8, 0x4, 0x14, 0xd8, 0xa, 0x443, 0x7, 0x1, 0x4, 0x3, 0x9, 0xc, 0x1, 0x5, 0x80, 0x1, 0x3, 0x20000010001, 0x1, 0x8, 0xfffffffffffffffe, 0x2, 0xfffffffffffffff9, 0x5, 0x3, 0xfffffffffffffff8, 0xffffffff7fffffff, 0x6, 0x4, 0x1, 0x100000000, 0x51a, 0x1, 0x6, 0x4, 0x2d4, 0x40e9, 0x5, 0x5, 0xffffffffffffffff, 0x0, 0x1, 0x2, 0x7fffffffffffffff, 0x550, 0x3a1, 0x1, 0x1, 0x9, 0x8, 0x2, 0xcf82], "282f77b07e718e11749a346177741dc299a28a585e87e0d908e2c8e50de501951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c8500"}) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x4c4ac3, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x183941, 0x0) write$auto(0x3, 0x0, 0x100082) (async) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) (async) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0) write$auto(r1, 0x0, 0xc70) (async) write$auto(r1, 0x0, 0xc70) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x503100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) io_uring_setup$auto(0x6, 0x0) r2 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r2, 0x29, 0x40, 0x0, 0x110) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) socket$nl_generic(0x10, 0x3, 0x10) 21.010388386s ago: executing program 33 (id=1185): rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_setup$auto(0x2, 0x0) mlockall$auto(0x7) (async) mlockall$auto(0x7) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) mmap$auto(0xfffffffffffff25c, 0x3, 0x121, 0x16, r0, 0x8) (async) mmap$auto(0xfffffffffffff25c, 0x3, 0x121, 0x16, r0, 0x8) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000100)={{@raw=0x2, 0x85, 0x20e, 0x1, "669cbbd9e9756f22fdffa199e0f106000000000000000b2f4ab8633824f0d2252ca5f200", @raw=0x8}, 0x0, @integer=@value=[0x0, 0x4, 0xf, 0x80000001, 0xfffffffffffffff7, 0x4, 0xc, 0x3, 0x8f, 0x2, 0x3, 0xa4f, 0x101, 0x5, 0x0, 0x8, 0x1, 0x6, 0x3, 0x2, 0x2, 0x1, 0x8, 0x4, 0x2, 0x0, 0x7, 0xfb, 0xf, 0x100000000, 0x10, 0x6, 0x10da, 0x7, 0x8000000000000008, 0x81, 0x8, 0x6, 0x6, 0x4, 0x6, 0x1, 0x7, 0x0, 0x7, 0xc, 0x9, 0x5, 0x800, 0x3, 0x2, 0x25489d7a, 0x2, 0x90000000000000, 0x9, 0xfffffffffffffff8, 0x2d, 0x7, 0xffff, 0x6, 0x400000000000005, 0x3, 0xc69, 0x95, 0x7, 0x5, 0x2, 0x2, 0xfffffffffffffffd, 0x4, 0x4, 0xb000000000, 0x6, 0x80000001, 0x1, 0x8, 0x4, 0x14, 0xd8, 0xa, 0x443, 0x7, 0x1, 0x4, 0x3, 0x9, 0xc, 0x1, 0x5, 0x80, 0x1, 0x3, 0x20000010001, 0x1, 0x8, 0xfffffffffffffffe, 0x2, 0xfffffffffffffff9, 0x5, 0x3, 0xfffffffffffffff8, 0xffffffff7fffffff, 0x6, 0x4, 0x1, 0x100000000, 0x51a, 0x1, 0x6, 0x4, 0x2d4, 0x40e9, 0x5, 0x5, 0xffffffffffffffff, 0x0, 0x1, 0x2, 0x7fffffffffffffff, 0x550, 0x3a1, 0x1, 0x1, 0x9, 0x8, 0x2, 0xcf82], "282f77b07e718e11749a346177741dc299a28a585e87e0d908e2c8e50de501951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c8500"}) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x4c4ac3, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x183941, 0x0) write$auto(0x3, 0x0, 0x100082) (async) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fff) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) (async) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/ports/3/pp_hold\x00', 0xc0b02, 0x0) write$auto(r1, 0x0, 0xc70) (async) write$auto(r1, 0x0, 0xc70) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x503100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) io_uring_setup$auto(0x6, 0x0) r2 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r2, 0x29, 0x40, 0x0, 0x110) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) socket$nl_generic(0x10, 0x3, 0x10) 4.605982934s ago: executing program 1 (id=1282): mmap$auto(0x0, 0x2000004020009, 0xdf, 0x14, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = io_uring_setup$auto(0x0, 0x0) r1 = openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_marker\x00', 0x341, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto_tracing_mark_fops_trace(r1, 0x0, 0x0) (async) write$auto_tracing_mark_fops_trace(r1, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) (async) write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) r3 = open(&(0x7f0000000800)='./file1\x00', 0x163ac1, 0x82) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r0, 0x28000) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r0, 0x28000) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) (async) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x106) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x400, 0x1, 0x0, 0x1, 0x7) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sysfs$auto(0x2, 0x23, 0x0) r5 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r5, 0x0, 0x4) (async) write$auto(r5, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) (async) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0x4a, &(0x7f00000002c0)={&(0x7f00000005c0)=ANY=[@ANYRES32=r0, @ANYRES16=r4, @ANYBLOB="020029bd7000fcdbdf25010000000400cc007c005b00bea0b3ec708bcbd1c708f07fa26e05d7a1194b36c0d6f3eb94b8eb8649124f784bdf279aa317f5b7de9b30c2d65021ecb8dbdfe9447bd165dcba52185ae9aa477490d3a17d63423a775e8c1df7187542d9d866cd884488074ed67cc757c3278db0a3a86dbfd5dad14850b33705a3b79a1c5c2ee96f12fa120500c20007000000f400210024014d4f75c1346659506b5be8b62248e562cdb5f7adfa26a66a417b39bfcc6bc6594c09ea9366a352bc4beccb7777edbefa05db347f028a932d3e39b5b0a56192712ac22431d1403c56681c71e823bc743673cb0443d17e5c812cffbcc52c6b01a7779cf74ec0511d4f156dda15612628618ccb8d7ee87c840cb160076ba053e33933aaabe44bdc9373b6de5d652ef10eb002ace1848df30745f8e75dd868f428d59e7399a369f2172b4c69cd269ad0e812967aea2b354b8c05a2a8dd459aa075c343a8436c187af14a24b83018c9b1b3b75d05be80346376ea2a41c3082f6d534e7b08e040554f179c4f8500d4a2640500f2001f00000008000b0108000000"], 0x1a0}, 0x1, 0x0, 0x0, 0x4040004}, 0x24048000) 4.020182827s ago: executing program 4 (id=1285): r0 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/020/001\x00', 0x80000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x14, 0x0, 0x8) mknod$auto(0x0, 0x1001, 0x804) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0xa8200, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS1\x00', 0x8000, 0x0) ioctl$auto_TCSBRK2(r1, 0x5409, &(0x7f0000000380)="3867514f3620b8d1788863564dc260e2bc3348c2cfa7a796029a11d55977d0fe0b189c1b587d039e1bf10aea840f7baa79293bbf7806ba7f95b9402d053d730ed9165c7392894d9efc81ba44d56fa691a19f79ac1d9d363f3a9077fdb99f388a620bbb3ccf09d54afeec58f6f449efef12aa437eb92bab1d4f8aac86afe0b167e77f45a03f0189c5196d9bbb3a886556d3dc5878ea6efa3c7ba3064e91172423fde6") ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r2 = socket(0x1d, 0x2, 0x7) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='./cgroup.net/blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) bind$auto(r2, &(0x7f0000000000)=@can={0x1d, r4}, 0x6a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r5}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x687ca0b, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0xb}, 0x7}, 0x3, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x801ffde, 0x1, 0x2000000000000006, 0x3, 0x8, 0x5, 0x6, 0x7, 0x1, 0x9, 0x2, 0x3, 0x5, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x3bc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000, 0x0, 0x200, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]}, 0x5, 0x2) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0xffffff9e}, 0x40000) pwrite64$auto(r0, 0x0, 0x400000, 0xc) close_range$auto(0x2, 0x8, 0x0) 2.947722514s ago: executing program 4 (id=1286): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x40044) write$auto(0xca, &(0x7f00000004c0)='\x04>2\x18!\xe2\x00\x94\xf2\xa2\x00\x00\x8d\xa9p\xcc\xccV\xf9ozi\xb2:\x19\x92r\xcc9\x99f\xc5BV\xb1\x92l\xed\x84fe\x8a\x8c\xd3*\xfe\x1dE\xa1W8\x03\xcb\t\x13K\xb4\x893\xf3Q\x7f\xd1|\xefp\xb1\xb3\xcer8\b=\xa4y\xd4\x88\xbcn\x8d\xf3\f\xbe\x9f\xed\xc1k\xcf\x0f`6\xe0\xd1\x03\x108a\x90KG,\xf8\v\x88\xe2+\xcb\xf2v\x8bL\xa6\xaa}*\xce\xd8\x98\xc9\\f\xccT\xa1\x05\x14\x84\xbb\aF,\xc8\xc7u\x93\xe8?\x92\t\xa9`\xff\x93l\x93\xac\n\xdd\xa4\n\x8e\xec\x14\x02|\xf7\xc4\x8e\x06h\xc0\x8f\x04\xceB\x03\xda\x89\x8f\xf3g\x1a\xb8\x1a\x18\xf2\x93DRSO\x97\xb1\xc3\xa8Q\xa2\xb2\xa8\xc3\xd3\xf9\xd4Y\x8d\x8d\xad\x8f[\xbe\xe5\xf1\x9f\x01s\x8eg\x05\xe8\xf9\x8f\xa6g\vu\xc9\xef\x0f\xbd(y8@\xca\xec(\xe8\x91\xf8$<\x81\x85\xac\xd7\x878\xd9\xce%\xcf\xab\xdb\xaf{\x82\x83\x8d\xce\xc0\r\xb6\xe4$\xd0<\xf8\xeay \xf1\x19\xb3Ta~*&\xd8\xc8\x00%\xdc\xbc;\x9f\xcf\xf0\xd8\xd7 \xa5\x8b\x10o \x13s}{\xe5\xb2\xd9;_\xec\xdef\xb1<\x18qg\x1e{\xba\xb0\xf7\xbb\xca\x00'/323, 0x7f) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326"], 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='\"'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10, 0x70bd2c, 0x25dfdbfe, {0xa, 0x0, 0xa00}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.609908678s ago: executing program 4 (id=1287): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x34, r1, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_UPCALL_PID={0x8}, @OVS_DP_ATTR_NAME={0xd, 0x1, '&#:@\\]\\-\x00'}]}, 0x34}, 0x1, 0x300, 0x0, 0x801}, 0x0) 2.259685044s ago: executing program 4 (id=1289): socket(0xa, 0x2, 0x3a) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/003/001\x00', 0x109240, 0x0) r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = socket(0x10, 0x80002, 0x8) close_range$auto(r1, r1, 0x0) pipe$auto(0x0) splice$auto(r1, 0x0, r0, 0x0, 0x3fb, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) mmap$auto(0x10000, 0x773b, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8) setsockopt$auto(0xffffffffffffffff, 0x101, 0x2, 0x0, 0xfb3) mmap$auto(0x0, 0x2, 0x5, 0xeb1, 0xffffffffffffffff, 0x0) getresuid$auto(0xfffffffffffffffc, 0xfffffffffffffffe, 0xfffffffffffffffc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x80802, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.000724162s ago: executing program 3 (id=1290): waitid$auto(0x9, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000001c0)={{0x4, 0x4000008000002}, {0x3}, 0xffffffffffffff74, 0x3ff, 0x4, 0x3, 0x4, 0x3, 0x7c3, 0x6, 0x1, 0xab4a, 0x8, 0x2, 0x9, 0x200}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x200000000000, 0x2020009, 0x0, 0xeb1, 0xffffffffffffffff, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x8d3e, 0x1, 0x948b, 0xe4, 0x95f4da0a, 0xfffffffffff7ffff, 0x3, 0x62, 0x80000001, 0xa, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) gettid() mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_ifindex, r0, 0x9c, 0x0, 0x1, @relative_fd=r0, 0x80}, 0x96) close_range$auto(0x2, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mq_open$auto(0x0, 0x7e, 0x9, 0x0) rseq$auto(&(0x7f0000000040)={0x5, 0x8, 0x80000001, 0x806, 0x4, 0x2}, 0x8005, 0x0, 0x8000006) pread64$auto(0xffffffffffffffff, 0x0, 0x3ef, 0x9) mmap$auto(0x9, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, 0x0, 0x84000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x5, 0x3, 0x2) madvise$auto(0x0, 0x1010001, 0x100000003) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x1ff000, 0x8, 0x843, 0x3, 0xfffff000) 1.652024898s ago: executing program 5 (id=1244): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) socket(0x21, 0x2, 0x2) (async) r1 = epoll_create$auto(0x8800001) epoll_ctl$auto(r1, 0x1, r0, 0x0) (async) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x40, 0x0) ioctl$auto_CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000040)={0x6, 0x3, 0x7, 0x2, 0x2, 0x7fffffff, "8ba089084142725d970d93348ea57466", 0xb, 0x5, 0x7, 0x5, 0x2, 0x4, 0x2}) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 1.528137959s ago: executing program 1 (id=1291): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x81, 0x0) write$auto(r0, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d) socket(0x2a, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0xc008aeb0, 0x0) 1.206802797s ago: executing program 5 (id=1292): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x4f) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sysinfo$auto(0x0) setsockopt$auto(0x3, 0x0, 0xc, 0x0, 0x10000) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket(0x2, 0x3, 0x100) getsockopt$auto_SO_NO_CHECK(r2, 0x0, 0xb, &(0x7f0000000040)='/dev/usbmon7\x00', &(0x7f0000000080)=0x2) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x14, r1, 0x400, 0x70bd25, 0x25dfdbf8}, 0x14}, 0x1, 0x300, 0x0, 0x8080}, 0x40) prctl$auto_PR_SET_MM(0x23, 0x1000, r0, 0x8, 0xe8a7) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f00000000c0), 0x200000, 0x0) mmap$auto(0x7, 0x2020009, 0x3, 0xfffffffffffff811, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r3) sendmsg$auto_NL80211_CMD_NEW_STATION(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="18000000", @ANYRES16=r4, @ANYBLOB="000329bd7000fbdbdff30ef2909c37f75e00245a73f6ff961844d66a00b0253e5486eacbe8a8ddad06a21e8a09000ee1616589b9418269c937272b7b"], 0x18}, 0x1, 0x0, 0x0, 0x20000080}, 0x4) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x2b, 0x1, 0x0) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01012bbd7000fd000000"], 0x20}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r6 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r6, @ANYRES8=r6], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r5, &(0x7f0000000000)='-\x00', 0xfdef) creat$auto(0x0, 0xc) 1.206569839s ago: executing program 1 (id=1293): write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mq_getsetattr$auto(0xd, &(0x7f0000000200)={0x0, 0x5, 0x7f, 0x10}, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_7={@link_id=0x1, 0x3, 0x3}, 0x6f3) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x3, 0x6) socket(0x11, 0x80003, 0x300) socket(0x10, 0x2, 0x0) socket(0x2, 0x3, 0x2) socket(0x2, 0x3, 0x104) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x200, &(0x7f00000001c0)) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xf7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) statmount$auto(&(0x7f0000000100)={0xb, @raw, 0x2, 0x1, 0x7}, 0x0, 0x3, 0x9) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)={0x14, r3, 0x1, 0x70bd31, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4051}, 0x24048004) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000240), 0xffffffffffffffff) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000b00), 0x40042, 0x0) 1.138030239s ago: executing program 3 (id=1294): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x6a1, 0x2000000000002) socket(0x26, 0x80805, 0x0) r0 = socket(0x25, 0x1, 0x4) socket(0x1, 0x1, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000840)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_DEL_PMK(r1, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="01002cbd7000fbdbdf259700000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x48880}, 0x80) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x18, r2, 0x300, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_HANDLE_DFS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x10}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) msgget$auto(0xc, 0x77d9) 1.098192695s ago: executing program 4 (id=1295): r0 = ioctl$auto_NS_GET_USERNS(0xffffffffffffffff, 0xb701, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000400)={&(0x7f0000000000), 0xc, &(0x7f00000003c0)={&(0x7f0000000080)={0x338, r1, 0x400, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_SAE_PASSWORD={0x7d, 0x115, "46c70b7a6b87da9746f4195d083ed6bfee4d5dac3f8d708d14c23636f7b22819fe3aa231c6c3287c127a61dcc53a54f35361824da85f228461fcebb6a01a1bad5e7908ca288f06294e219ab553906936941496e557e1026a2448932aa70d11a065bad0f483881319af96d440efb147000cad4e5194cc6c0c6e"}, @NL80211_ATTR_STA_WME={0x14, 0x81, 0x0, 0x1, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x3}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x1}]}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x7ffa}, @NL80211_ATTR_FRAME={0x280, 0x33, "44a30f692891a6cb0c2bc202034dc4ec24b8aade0caaad591b96c946dec8b484352ffafbd5f21e17292c6b4fa4842ad745db9f65b538a0a105b1c45c6ba10d2129641b6c627c58c99877d0a89d7a768c452324cff0f1373b0c41ec770af94cf2f693ffc89be9b72e65120919289a1591bedf31cabcf1d1af901d6f3533a1d46611b75bc1b7dc9e1df8cf6345c3426d6f3cf8bfc3bdf14e5d319521487a53879220014ebd450509cb49c04b589bcbf3af624afc7d680fea5db06768f6200cb1fc9982e66db371fd8e25222aa92ed805327da968fc2b1eece861895459eba04bf160c0433595526679c8fb1975d160ac180ad17ed5c909a8ab71d4793e075103bbb810d8caee9bfaf6d38eb301021e2989bfedcb7af3023c4c08ecc0e75efa3e4bcf8623684803520e6d98f27ec44c0cb7335fef579ca6b3f36d6005b6016f86fce41ae6aec84ac8698bf3372632b08b664c9d98e43bc23d1139a1543d61e9c113ea2aee779fe7a0ac98370cdaea9ff7534584c27fee8de53aaa71707c775ad91ec7d2142057c4400cd615d9d5a2c588ff8db60b860eded9ef9d658eb6a8114adf774e5dccf7a5105452252db3bb11ecc89fc866c05bf59d9b32c78e7cd28f12bbbbddb68458ff56de760e6fa6cde0faff5a45c274dd4185c0c55c19dcd248d640d4ae6f2c25a73166493e4e8faedef4ac74ae69a2581ab363647e9c33907ebe2620d4fa0edcf358ca4527270aa73de517519d67bacd59c0428afd36c112a383e459b471548d0cb2d22048db712f5e07eb9a211bf0d554725f7b291c0f385ae1e4af14349db0b77f54f5a8a0c0e4311056b443753e7a02045f0059bf9f451413cf095c06c175e18d493cfba4588b26d5e6cb9408fa214d41bb42627eea"}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x10}]}, 0x338}, 0x1, 0x0, 0x0, 0x4000}, 0x40045) io_uring_register$auto_IORING_UNREGISTER_RING_FDS(r0, 0x15, &(0x7f0000000440)="71666d0d2b311f9d90029b1e4dbe2ee11c963f9c38ad0704e35b9e9002aa122403ad3ce0b617e821d09beda873752aaee6fce643a347a1470cb7b50779507c5e7e9028a2dd1e40b7133894722c1d730562fc6a87c9e2367114adc36caea861e6fd23b0d738ff842e21711c52621ec7500931ae1d4816593a7f9a380b1a2bcae7e664b4a7649a18d6008dc2b19c727af4135b74a2c7127a5067acdd57b0423cce3a5b949eee70e572", 0xfffffff9) r2 = ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000500)=0x1) rt_tgsigqueueinfo$auto(r2, 0x0, 0x2, &(0x7f0000000540)={@_si_pad}) ioctl$auto_SNDCTL_SEQ_CTRLRATE(r0, 0xc0045103, &(0x7f00000005c0)="0252c972a46ceffc51fe745cae5435e04237af56578d72971c3f2500126f6cccc184889f173ae01501142161f13af5c0a4f502163350fc8e5e313f78e113baab6f14f23288baf013be355fdb7954a21a87d8a55a49681e1e7e908f4dce741db95811f006e9a3af0dff37b63684fcd5bce668d0a1d5c2c33b1558296cfce31edf4aee681f2e61966169d22dc858872a1e42dacffe10dc1483c7a345fc18c4b12ca9c8113fe9ff28a0ab6174a5c717a155eb29115994c45dace95bb18bad427e907aac7058abaffdefd644a3e13e52aa0451a50627c4161580afcbf69f33b9f7c82f6c2e") getpgid(r2) (async) ioctl$auto_XFS_IOC_EXCHANGE_RANGE(r0, 0x40285881, &(0x7f00000006c0)={0xffffffffffffffff, 0x0, 0xfffffffffffffff8, 0x1, 0x8, 0x6}) mmap$auto(0x8, 0x9, 0x2940d3000000000, 0x13, r3, 0x10000) (async) r4 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000740), r3) sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(r3, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x14, r4, 0x20, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4020000}, 0x20000010) pidfd_send_signal$auto(r0, 0x3ff, &(0x7f0000000840)={@_si_pad}, 0xfffffff6) r5 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000900), r0) sendmsg$auto_NBD_CMD_RECONFIGURE(r0, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000980)={&(0x7f0000000940)={0x1c, r5, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000) sendmsg$auto_NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000b40)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a40)={0x94, r1, 0x0, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_IE={0x7e, 0x2a, "7eb013135b8d42095557369a91e81f76997672e773a5a5811b377c880f863c41e0ba39ca9cdefb8ae0c281d8818cb2c161ea1c38210e74ab2f6c775fb5ff0f054a3556bfb6a137b0a365a2b83e98e05e44e16814f804fdef6f16a6bc537557db8ef5655181b56e55beb2c0ba6500078e45ed1915eaa968256f53"}]}, 0x94}}, 0x80) (async) msync$auto(0xffffffffffff0001, 0x6, 0x7ff) (async) r6 = fsmount$auto(r0, 0x7, 0x4) (async) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000bc0), r3) sendmsg$auto_NL80211_CMD_GET_WOWLAN(r6, &(0x7f0000000cc0)={&(0x7f0000000b80)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000c80)={&(0x7f0000000c00)={0x48, r7, 0x20, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_FILS_ERP_USERNAME={0x14, 0xf9, "d2b6133ab52f4a17d993e627a18afc3a"}, @NL80211_ATTR_DISABLE_HE={0x4}, @NL80211_ATTR_DISABLE_EHT={0x4}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x3f8}, @NL80211_ATTR_BSS_SHORT_SLOT_TIME={0x5, 0x1e, 0x2}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x44) (async, rerun: 64) r8 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000d40), r0) (rerun: 64) sendmsg$auto_GTP_CMD_ECHOREQ(r3, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)={0x40, r8, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@GTPA_MS_ADDR6={0x14, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @GTPA_O_TEI={0x8, 0x9, 0x9}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_LINK={0x8, 0x1, 0xc0000000}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x40) (async) ioctl$auto_VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000e40)=0x8084) (async) rseq$auto(&(0x7f0000000e80)={0x74, 0x0, 0x8950, 0x6, 0x5, 0x5, "dc5cdc7af4fac9f7bd44972361034ba072ca00b4c5939ed7fdf133c5c605c55d30c2a5200383c699d70ffa5e660bc122af85723bb26b94642d69e0d765ff392330b8b71f5cdc54cbe0bacd5bf7426793852bd5b87b3b4aae34c152ff06cd1fc1fe554c28a9f576b1990470271207b65a59469de4b5fdad5a"}, 0x8000, 0x0, 0x3) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000f40), 0x41e441, 0x0) r9 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000fc0), r0) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r6, &(0x7f00000010c0)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x200400}, 0xc, &(0x7f0000001080)={&(0x7f0000001000)={0x54, r9, 0x20, 0x70bd2d, 0x25dfdbff, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0xf8}, @SEG6_ATTR_HMACINFO={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x62, 0x0, 0x0, @uid=0xffffffffffffffff}]}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xf7}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xfffffffe}, @SEG6_ATTR_DST={0x14, 0x1, @private0}]}, 0x54}, 0x1, 0x0, 0x0, 0xc080}, 0x4000) (async) sendfile$auto(r0, r3, &(0x7f0000001100)=0x7, 0x8) (async) open(&(0x7f0000001140)='./file0\x00', 0x7c802, 0x140) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000001440)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001400)={&(0x7f00000011c0)={0x224, r1, 0x2, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x9}, @NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6}, @NL80211_ATTR_S1G_CAPABILITY={0xfd, 0x128, "60e18ab5605b0d5e95106924735952e142d43801aeac967d533dc403122aef533747423af2b5ea7d9d392fded64bc52d3de6dc458529894e8dd6ff2d7ece8875812038dfb5dd326c7ba4bedb4f94eff3e38f8a4bfdd3d8d4825929a5d01e3a0a4feeb6da27e696015c32de4a8809898804ca835327416b7af75013cdfad7a15a8c3f88fea0d048e2c093e7a91040692b4b452e0838d56c0aa473179d858b51a38ac0b377e0378710403579ccc095017242c6d2b9a1a11fbff0fb2d901b477a740b2b09c8b3b65c4d2fcf87d4ae72eef7d8543b1864f38165f8eaeb21ea6eda8f6a07f043047214a3f3e4bccd9c43b0c8fd19c00f16616129dc"}, @NL80211_ATTR_NAN_FUNC={0xfd, 0xf0, 0x0, 0x1, [@generic="dc868aeb2b2d5837f13471c57ea8709648599e8b1a9e29fa306f41cd7df6d99eea28bb1c2d633f1fb20b431a119af540307649e89f2a2acb74fc122a8f61a54248f842196ccf61dc87a0aa924eec976c7b00cf59875e1f41d7c8b471120d6b34a98202115953fadad057ffc75769c6f20ca16de40bad1d5338846aed57dd94af1acea8be266c562c03e22c5b7262e0ec61398b008c6520869417686e441274948f9841796c0bd0ec6da9036092c7f5c9ca56909b5324e7b7463dd051193b53183911993020cf7816795fe1d07387198b40cb244b02d91937e7ac0377d4f9d5f41ee8ef81ebd15ba68674190c833777935c74ed18a91fe6ef57"]}]}, 0x224}, 0x1, 0x0, 0x0, 0x40800}, 0x48000) 867.121826ms ago: executing program 1 (id=1296): r0 = timerfd_create$auto_CLOCK_REALTIME(0x0, 0x7) mmap$auto(0x8, 0xb, 0x10000, 0x12, r0, 0x400000000) mmap$auto(0x40000400, 0x4020006, 0xdf, 0x1f, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0xa, 0x2, 0x73) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000040), r1) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 839.598758ms ago: executing program 3 (id=1297): inotify_add_watch$auto(0xffffffffffffffff, 0x0, 0x1000e6e) (async) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (async) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) (async) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) (async) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRES16=r0, @ANYRES16=r2, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES64=r0], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r3) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) (async) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810) (async) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) socket(0x29, 0x6, 0x0) (async) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe98, 0x0, 0x0, &(0x7f0000000040)={[0x54a, 0x10000000000205, 0x7f, 0x9, 0x4, 0x5, 0x3396, 0x0, 0x3, 0xf, 0xffffffff, 0x8, 0x3, 0x4, 0x4, 0xfffffffffffffffb]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x7fffffff, 0x8fb, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000000000000005, 0x62, 0x8000001f, 0x4, 0x2, 0x9, 0x2, 0x6]}, 0x0) (async) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x7ffd) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x4) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/scsi/sg/debug\x00', 0x400e42, 0x0) pread64$auto(r4, 0x0, 0x80000006, 0x3) 508.193252ms ago: executing program 4 (id=1298): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0x202000c, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) (async) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0xa, 0x0) (async) r0 = socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, r0, 0x6) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) (async) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) (async) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) (async) sysfs$auto(0x2, 0x20, 0x0) fsopen$auto(0x0, 0x1) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) (async) shmget$auto(0x8, 0x10563, 0x568d1af2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) bpf$auto(0x14, &(0x7f00000000c0)=@enable_stats={0x1}, 0x7) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) 506.876635ms ago: executing program 3 (id=1299): waitid$auto(0x9, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000001c0)={{0x4, 0x4000008000002}, {0x3}, 0xffffffffffffff74, 0x3ff, 0x4, 0x3, 0x4, 0x3, 0x101, 0x6, 0x1, 0x8001, 0x8, 0x2, 0x9, 0x200}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/logsyscall\x00', 0x262b42, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) r0 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000580), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r0, 0xfffffff7effffd05, &(0x7f00000001c0)) 433.410119ms ago: executing program 1 (id=1300): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.3/usb4/urbnum\x00', 0xa0420, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x40000000002547, 0xdf, 0xeb0, 0x401, 0x7) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/perf_event_max_contexts_per_stack\x00', 0x202, 0x0) sendfile$auto(r0, r0, 0x0, 0x7fffe000) 241.063066ms ago: executing program 3 (id=1301): r0 = socket(0x848000000015, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000180), r0) 166.23366ms ago: executing program 1 (id=1302): openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/fail_page_alloc/space\x00', 0x2, 0x0) write$auto(0x3, 0x0, 0x1000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x8000, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r2) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14010000", @ANYRES16, @ANYBLOB="20002abd7000fbdbdf2503000000000101800c00f600feffffffffffffff18a921a660a3672dd99574fe5c0400d38037d64c5e9a032824b36054bd37b6f7d6482c48b96da06c90805bdd84a082b9da96a3e8ad6236c65375e29bafd96b4201db8aa94ebacc3a0168d706fbdd93efa1c230d0859b1fa788d18deeeb"], 0x114}, 0x1, 0x0, 0x0, 0x101}, 0x15) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x89e2, 0x91) ioctl$auto(0x3, 0x89e1, 0x91) ioctl$auto_KVM_GET_MSRS(r1, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) 0s ago: executing program 3 (id=1303): quotactl$auto(0x9, 0x0, 0x62a0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0xe31, 0x40000000000a5, 0x8000) inotify_init1$auto(0x7fff) r0 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000100), 0xffffffffffffffff) openat$auto_supply_map_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x201, 0x0) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x800, 0x0) ioctl$auto_SG_NEXT_CMD_LEN(r2, 0x2283, &(0x7f0000000080)="351547") r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r3, &(0x7f000000ca40)={0x0, 0x0, &(0x7f000000ca00)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r1, @ANYRES16=r0, @ANYBLOB="067abfd25f426bbdd77768dd3d35a54e6744b83983fa007b67f64d3b4d4e93d3f2e4bfa5dc76e060f4f52593530e49d0859d31d299f896fc84a3f37e7e4595"], 0x14}, 0x1, 0x0, 0x0, 0x851}, 0x4) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r4 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D0c\x00', 0x20000, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_DROP2(r4, 0x4143, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) lseek$auto(r1, 0x7, 0x401) write$auto(0xffffffffffffffff, 0x0, 0x81) unshare$auto(0x40000085) madvise$auto(0x0, 0x2003f0, 0x17) kernel console output (not intermixed with test programs): [ 318.848304][ T8972] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 318.848355][ T8972] __memcg_slab_post_alloc_hook+0x133/0x880 [ 318.848419][ T8972] ? kasan_save_track+0x14/0x30 [ 318.848468][ T8972] kmem_cache_alloc_lru_noprof+0x58f/0x770 [ 318.848512][ T8972] ? __d_alloc+0x35/0xa80 [ 318.848546][ T8972] ? __pfx_mqueue_fill_super+0x10/0x10 [ 318.848601][ T8972] ? __d_alloc+0x35/0xa80 [ 318.848629][ T8972] __d_alloc+0x35/0xa80 [ 318.848666][ T8972] ? mqueue_get_inode+0x285/0xdd0 [ 318.848721][ T8972] ? __pfx_mqueue_fill_super+0x10/0x10 [ 318.848773][ T8972] d_make_root+0x3e/0x90 [ 318.848804][ T8972] mqueue_fill_super+0x175/0x260 [ 318.848857][ T8972] get_tree_nodev+0xdd/0x190 [ 318.848908][ T8972] mqueue_get_tree+0xf1/0x130 [ 318.848961][ T8972] vfs_get_tree+0x8e/0x330 [ 318.848999][ T8972] fc_mount_longterm+0x1a/0x270 [ 318.849043][ T8972] mq_init_ns+0x482/0x810 [ 318.849082][ T8972] copy_ipcs+0x3db/0x7d0 [ 318.849122][ T8972] create_new_namespaces+0x20a/0xab0 [ 318.849170][ T8972] ? security_capable+0x7e/0x260 [ 318.849229][ T8972] copy_namespaces+0x468/0x570 [ 318.849278][ T8972] copy_process+0x2a70/0x7430 [ 318.849353][ T8972] ? __pfx_copy_process+0x10/0x10 [ 318.849411][ T8972] ? _copy_from_user+0x59/0xd0 [ 318.849453][ T8972] kernel_clone+0xfc/0x910 [ 318.849509][ T8972] ? __pfx_kernel_clone+0x10/0x10 [ 318.849555][ T8972] ? futex_private_hash_put+0x160/0x1b0 [ 318.849599][ T8972] ? __pfx_futex_wait+0x10/0x10 [ 318.849664][ T8972] __do_sys_clone3+0x212/0x290 [ 318.849718][ T8972] ? __pfx___do_sys_clone3+0x10/0x10 [ 318.849790][ T8972] ? find_held_lock+0x2b/0x80 [ 318.849866][ T8972] do_syscall_64+0xcd/0xf80 [ 318.849921][ T8972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.849956][ T8972] RIP: 0033:0x7f4385b8f7c9 [ 318.849983][ T8972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 318.850019][ T8972] RSP: 002b:00007f4383df5f08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 318.850053][ T8972] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f4385b8f7c9 [ 318.850074][ T8972] RDX: 00007f4383df5f20 RSI: 0000000000000058 RDI: 00007f4383df5f20 [ 318.850095][ T8972] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000058 [ 318.850115][ T8972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.850134][ T8972] R13: 00007f4385de6038 R14: 00007f4385de5fa0 R15: 00007ffd5df6d8e8 [ 318.850179][ T8972] [ 320.032183][ T8991] zswap: compressor  not available [ 320.161483][ T5830] Bluetooth: hci4: command tx timeout [ 321.546343][ T6961] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 321.837096][ T6961] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.146830][ T9032] vhci_hcd vhci_hcd.3: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 322.249524][ T6961] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.433561][ T9043] FAULT_INJECTION: forcing a failure. [ 322.433561][ T9043] name failslab, interval 1, probability 0, space 0, times 0 [ 322.450798][ T9043] CPU: 1 UID: 0 PID: 9043 Comm: syz.1.643 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 322.450880][ T9043] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 322.450902][ T9043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 322.450924][ T9043] Call Trace: [ 322.450935][ T9043] [ 322.450948][ T9043] dump_stack_lvl+0x16c/0x1f0 [ 322.451011][ T9043] should_fail_ex+0x512/0x640 [ 322.451050][ T9043] ? __kmalloc_noprof+0xca/0x910 [ 322.451095][ T9043] should_failslab+0xc2/0x120 [ 322.451166][ T9043] __kmalloc_noprof+0xeb/0x910 [ 322.451207][ T9043] ? __register_sysctl_table+0xb3/0x1900 [ 322.451266][ T9043] ? __register_sysctl_table+0xb3/0x1900 [ 322.451316][ T9043] __register_sysctl_table+0xb3/0x1900 [ 322.451377][ T9043] ? is_module_address+0x5f/0xf0 [ 322.451425][ T9043] ? __pfx___register_sysctl_table+0x10/0x10 [ 322.451474][ T9043] ? is_module_address+0x69/0xf0 [ 322.451510][ T9043] ? register_net_sysctl_sz+0x222/0x450 [ 322.451543][ T9043] ? __asan_memset+0x40/0x50 [ 322.451580][ T9043] ? kmemdup_noprof+0x49/0x60 [ 322.451623][ T9043] ipv6_sysctl_net_init+0x136/0x2b0 [ 322.451658][ T9043] ? __pfx_ipv6_sysctl_net_init+0x10/0x10 [ 322.451690][ T9043] ops_init+0x1e2/0x5f0 [ 322.451736][ T9043] setup_net+0x11d/0x3a0 [ 322.451780][ T9043] ? __pfx_setup_net+0x10/0x10 [ 322.451820][ T9043] ? lockdep_init_map_type+0x5c/0x270 [ 322.451853][ T9043] ? mutex_init_lockep+0x110/0x150 [ 322.451889][ T9043] copy_net_ns+0x351/0x7c0 [ 322.451939][ T9043] create_new_namespaces+0x3ea/0xab0 [ 322.451990][ T9043] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 322.452037][ T9043] ksys_unshare+0x45b/0xa40 [ 322.452087][ T9043] ? __pfx_ksys_unshare+0x10/0x10 [ 322.452138][ T9043] ? xfd_validate_state+0x61/0x180 [ 322.452178][ T9043] __x64_sys_unshare+0x31/0x40 [ 322.452227][ T9043] do_syscall_64+0xcd/0xf80 [ 322.452282][ T9043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.452313][ T9043] RIP: 0033:0x7f4385b8f7c9 [ 322.452338][ T9043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.452376][ T9043] RSP: 002b:00007f4383df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 322.452406][ T9043] RAX: ffffffffffffffda RBX: 00007f4385de5fa0 RCX: 00007f4385b8f7c9 [ 322.452427][ T9043] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 322.452446][ T9043] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 322.452465][ T9043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.452483][ T9043] R13: 00007f4385de6038 R14: 00007f4385de5fa0 R15: 00007ffd5df6d8e8 [ 322.452524][ T9043] [ 322.773651][ T6961] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.882037][ T6961] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.149663][ T6961] batadv0: left allmulticast mode [ 323.178781][ T6961] batadv0: left promiscuous mode [ 323.212822][ T6961] bridge0: port 4(batadv0) entered disabled state [ 323.381523][ T6961] gretap0: left allmulticast mode [ 323.386786][ T6961] gretap0: left promiscuous mode [ 323.410092][ T6961] bridge0: port 3(gretap0) entered disabled state [ 323.458156][ T6961] bridge_slave_1: left allmulticast mode [ 323.474029][ T6961] bridge_slave_1: left promiscuous mode [ 323.494484][ T6961] bridge0: port 2(bridge_slave_1) entered disabled state [ 323.637994][ T6961] bridge_slave_0: left allmulticast mode [ 323.668845][ T6961] bridge_slave_0: left promiscuous mode [ 323.674950][ T6961] bridge0: port 1(bridge_slave_0) entered disabled state [ 324.167799][ T9065] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 324.698494][ T6961] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 324.718248][ T6961] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 324.734386][ T6961] bond0 (unregistering): Released all slaves [ 325.159743][ T30] audit: type=1800 audit(1767423644.423:60): pid=9085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.654" name="dbroot" dev="configfs" ino=25359 res=0 errno=0 [ 325.768696][ T6961] hsr_slave_0: left promiscuous mode [ 325.822543][ T6961] hsr_slave_1: left promiscuous mode [ 325.836314][ T6961] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 325.936403][ T6961] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 326.025943][ T9099] Invalid ELF header magic: != ELF [ 326.036682][ T6961] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 326.083255][ T6961] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 326.371169][ T6961] veth1_macvtap: left promiscuous mode [ 326.402847][ T6961] veth0_macvtap: left promiscuous mode [ 326.408610][ T6961] veth1_vlan: left promiscuous mode [ 326.470164][ T6961] veth0_vlan: left promiscuous mode [ 327.602984][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.649545][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.899705][ T9140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.663'. [ 328.911391][ T6961] team0 (unregistering): Port device team_slave_1 removed [ 328.998995][ T6961] team0 (unregistering): Port device team_slave_0 removed [ 331.776719][ T9186] zswap: compressor  not available [ 332.697591][ T9232] FAULT_INJECTION: forcing a failure. [ 332.697591][ T9232] name failslab, interval 1, probability 0, space 0, times 0 [ 332.713088][ T9232] CPU: 0 UID: 0 PID: 9232 Comm: syz.0.679 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 332.713163][ T9232] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 332.713182][ T9232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 332.713203][ T9232] Call Trace: [ 332.713213][ T9232] [ 332.713226][ T9232] dump_stack_lvl+0x16c/0x1f0 [ 332.713284][ T9232] should_fail_ex+0x512/0x640 [ 332.713321][ T9232] ? kmem_cache_alloc_noprof+0x62/0x770 [ 332.713369][ T9232] should_failslab+0xc2/0x120 [ 332.713422][ T9232] kmem_cache_alloc_noprof+0x83/0x770 [ 332.713465][ T9232] ? __proc_create+0x2c8/0x8d0 [ 332.713528][ T9232] ? __proc_create+0x2c8/0x8d0 [ 332.713571][ T9232] __proc_create+0x2c8/0x8d0 [ 332.713617][ T9232] ? __pfx___proc_create+0x10/0x10 [ 332.713669][ T9232] ? _raw_write_unlock+0x28/0x50 [ 332.713718][ T9232] ? proc_register+0x559/0x8b0 [ 332.713767][ T9232] proc_create_reg+0x7d/0x180 [ 332.713818][ T9232] proc_create_seq_private+0x8e/0x180 [ 332.713869][ T9232] ? __pfx_proc_create_seq_private+0x10/0x10 [ 332.713935][ T9232] xt_proto_init+0x5b8/0xc10 [ 332.713975][ T9232] ? __pfx_xt_proto_init+0x10/0x10 [ 332.714006][ T9232] ? net_generic+0xea/0x2a0 [ 332.714058][ T9232] ? net_generic+0xf4/0x2a0 [ 332.714109][ T9232] ? __pfx_ip6_tables_net_init+0x10/0x10 [ 332.714144][ T9232] ops_init+0x1e2/0x5f0 [ 332.714193][ T9232] setup_net+0x11d/0x3a0 [ 332.714237][ T9232] ? __pfx_setup_net+0x10/0x10 [ 332.714279][ T9232] ? lockdep_init_map_type+0x5c/0x270 [ 332.714314][ T9232] ? mutex_init_lockep+0x110/0x150 [ 332.714356][ T9232] copy_net_ns+0x351/0x7c0 [ 332.714411][ T9232] create_new_namespaces+0x3ea/0xab0 [ 332.714467][ T9232] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 332.714593][ T9232] ksys_unshare+0x45b/0xa40 [ 332.714650][ T9232] ? __pfx_ksys_unshare+0x10/0x10 [ 332.714707][ T9232] ? xfd_validate_state+0x61/0x180 [ 332.714751][ T9232] __x64_sys_unshare+0x31/0x40 [ 332.714804][ T9232] do_syscall_64+0xcd/0xf80 [ 332.714857][ T9232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.714889][ T9232] RIP: 0033:0x7fec85f8f7c9 [ 332.714916][ T9232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.714952][ T9232] RSP: 002b:00007fec86e55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 332.714984][ T9232] RAX: ffffffffffffffda RBX: 00007fec861e5fa0 RCX: 00007fec85f8f7c9 [ 332.715004][ T9232] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 332.715023][ T9232] RBP: 00007fec86013f91 R08: 0000000000000000 R09: 0000000000000000 [ 332.715043][ T9232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.715062][ T9232] R13: 00007fec861e6038 R14: 00007fec861e5fa0 R15: 00007ffcf2b7ae98 [ 332.715105][ T9232] [ 334.293392][ T9262] FAULT_INJECTION: forcing a failure. [ 334.293392][ T9262] name failslab, interval 1, probability 0, space 0, times 0 [ 334.360498][ T9262] CPU: 0 UID: 0 PID: 9262 Comm: syz.1.685 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 334.360553][ T9262] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 334.360567][ T9262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 334.360581][ T9262] Call Trace: [ 334.360589][ T9262] [ 334.360599][ T9262] dump_stack_lvl+0x16c/0x1f0 [ 334.360650][ T9262] should_fail_ex+0x512/0x640 [ 334.360679][ T9262] ? __kmalloc_cache_noprof+0x5f/0x800 [ 334.360712][ T9262] should_failslab+0xc2/0x120 [ 334.360751][ T9262] __kmalloc_cache_noprof+0x80/0x800 [ 334.360781][ T9262] ? newque+0xa3/0x680 [ 334.360823][ T9262] ? newque+0xa3/0x680 [ 334.360859][ T9262] newque+0xa3/0x680 [ 334.360898][ T9262] ipcget+0xf6/0xfa0 [ 334.360931][ T9262] ? do_futex+0x122/0x350 [ 334.360961][ T9262] ? __pfx_do_futex+0x10/0x10 [ 334.360992][ T9262] ? find_held_lock+0x2b/0x80 [ 334.361026][ T9262] ? __pfx_ipcget+0x10/0x10 [ 334.361060][ T9262] ? __x64_sys_futex+0x1e0/0x4c0 [ 334.361088][ T9262] ? __x64_sys_futex+0x1e9/0x4c0 [ 334.361122][ T9262] __x64_sys_msgget+0x125/0x1a0 [ 334.361161][ T9262] ? xfd_validate_state+0x61/0x180 [ 334.361184][ T9262] ? __pfx___x64_sys_msgget+0x10/0x10 [ 334.361227][ T9262] ? rcu_is_watching+0x12/0xc0 [ 334.361324][ T9262] do_syscall_64+0xcd/0xf80 [ 334.361378][ T9262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.361415][ T9262] RIP: 0033:0x7f4385b8f7c9 [ 334.361443][ T9262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.361467][ T9262] RSP: 002b:00007f4383db4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000044 [ 334.361516][ T9262] RAX: ffffffffffffffda RBX: 00007f4385de6180 RCX: 00007f4385b8f7c9 [ 334.361537][ T9262] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000000 [ 334.361557][ T9262] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 334.361576][ T9262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.361599][ T9262] R13: 00007f4385de6218 R14: 00007f4385de6180 R15: 00007ffd5df6d8e8 [ 334.361637][ T9262] [ 335.028220][ T5830] Bluetooth: hci1: unexpected event 0x3e length: 508 > 260 [ 335.028266][ T5830] Bluetooth: hci1: unexpected subevent 0x02 length: 507 > 260 [ 335.045119][ T5830] Bluetooth: hci1: Dropping invalid advertising data [ 335.052684][ T5830] Bluetooth: hci1: unknown advertising packet type: 0xe9 [ 335.052727][ T5830] Bluetooth: hci1: Dropping invalid advertising data [ 335.067823][ T5830] Bluetooth: hci1: Malformed LE Event: 0x02 [ 335.309132][ T9282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.690'. [ 335.900362][ T9301] netlink: 13 bytes leftover after parsing attributes in process `syz.0.690'. [ 336.806922][ T9315] &#$@\]\-: entered promiscuous mode [ 337.119270][ T9327] netlink: 28 bytes leftover after parsing attributes in process `syz.3.698'. [ 337.224353][ T9327] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.469944][ T9327] bridge_slave_1 (unregistering): left allmulticast mode [ 337.489468][ T9327] bridge_slave_1 (unregistering): left promiscuous mode [ 337.503038][ T9327] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.801900][ T9358] FAULT_INJECTION: forcing a failure. [ 338.801900][ T9358] name failslab, interval 1, probability 0, space 0, times 0 [ 338.901168][ T9358] CPU: 1 UID: 0 PID: 9358 Comm: syz.0.703 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 338.901222][ T9358] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 338.901236][ T9358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 338.901253][ T9358] Call Trace: [ 338.901261][ T9358] [ 338.901270][ T9358] dump_stack_lvl+0x16c/0x1f0 [ 338.901313][ T9358] should_fail_ex+0x512/0x640 [ 338.901341][ T9358] ? kmem_cache_alloc_noprof+0x62/0x770 [ 338.901375][ T9358] should_failslab+0xc2/0x120 [ 338.901414][ T9358] kmem_cache_alloc_noprof+0x83/0x770 [ 338.901448][ T9358] ? vm_area_alloc+0x1f/0x160 [ 338.901478][ T9358] ? vm_area_alloc+0x1f/0x160 [ 338.901500][ T9358] vm_area_alloc+0x1f/0x160 [ 338.901525][ T9358] __mmap_region+0x107a/0x2a00 [ 338.901556][ T9358] ? __lock_acquire+0x436/0x2890 [ 338.901578][ T9358] ? __pfx___mmap_region+0x10/0x10 [ 338.901616][ T9358] ? lock_acquire+0x179/0x330 [ 338.901649][ T9358] ? finish_task_switch.isra.0+0x207/0xbd0 [ 338.901740][ T9358] ? rcu_is_watching+0x12/0xc0 [ 338.901783][ T9358] mmap_region+0x1ab/0x3f0 [ 338.901813][ T9358] ? __get_unmapped_area+0x267/0x3f0 [ 338.901853][ T9358] do_mmap+0xa3e/0x1210 [ 338.901894][ T9358] ? __pfx_do_mmap+0x10/0x10 [ 338.901931][ T9358] ? __pfx_down_write_killable+0x10/0x10 [ 338.901962][ T9358] vm_mmap_pgoff+0x29e/0x470 [ 338.902010][ T9358] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 338.902053][ T9358] ? __x64_sys_futex+0x1e0/0x4c0 [ 338.902081][ T9358] ? __x64_sys_futex+0x1e9/0x4c0 [ 338.902113][ T9358] ksys_mmap_pgoff+0x7d/0x5c0 [ 338.902147][ T9358] ? xfd_validate_state+0x61/0x180 [ 338.902175][ T9358] __x64_sys_mmap+0x125/0x190 [ 338.902203][ T9358] do_syscall_64+0xcd/0xf80 [ 338.902242][ T9358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.902270][ T9358] RIP: 0033:0x7fec85f8f7c9 [ 338.902290][ T9358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.902314][ T9358] RSP: 002b:00007fec86e55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 338.902337][ T9358] RAX: ffffffffffffffda RBX: 00007fec861e5fa0 RCX: 00007fec85f8f7c9 [ 338.902353][ T9358] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 338.902368][ T9358] RBP: 00007fec86013f91 R08: 0000000000000002 R09: 0000000000008000 [ 338.902383][ T9358] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 338.902398][ T9358] R13: 00007fec861e6038 R14: 00007fec861e5fa0 R15: 00007ffcf2b7ae98 [ 338.902429][ T9358] [ 340.201249][ T9385] zswap: compressor not available [ 341.571158][ T9418] FAULT_INJECTION: forcing a failure. [ 341.571158][ T9418] name failslab, interval 1, probability 0, space 0, times 0 [ 341.620279][ T9418] CPU: 1 UID: 0 PID: 9418 Comm: syz.1.716 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 341.620335][ T9418] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 341.620349][ T9418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 341.620364][ T9418] Call Trace: [ 341.620372][ T9418] [ 341.620381][ T9418] dump_stack_lvl+0x16c/0x1f0 [ 341.620422][ T9418] should_fail_ex+0x512/0x640 [ 341.620450][ T9418] ? __kmalloc_noprof+0xca/0x910 [ 341.620479][ T9418] should_failslab+0xc2/0x120 [ 341.620518][ T9418] __kmalloc_noprof+0xeb/0x910 [ 341.620545][ T9418] ? process_preds+0x48b/0x1c50 [ 341.620582][ T9418] ? process_preds+0x48b/0x1c50 [ 341.620613][ T9418] process_preds+0x48b/0x1c50 [ 341.620651][ T9418] ? create_filter_start.constprop.0+0x56/0x300 [ 341.620698][ T9418] create_filter+0x140/0x210 [ 341.620735][ T9418] ? __pfx_create_filter+0x10/0x10 [ 341.620768][ T9418] ? __pfx___mutex_lock+0x10/0x10 [ 341.620809][ T9418] ? find_held_lock+0x2b/0x80 [ 341.620856][ T9418] apply_event_filter+0x220/0x500 [ 341.620890][ T9418] ? __pfx_apply_event_filter+0x10/0x10 [ 341.620933][ T9418] event_filter_write+0x16d/0x290 [ 341.620958][ T9418] ? __pfx_event_filter_write+0x10/0x10 [ 341.620981][ T9418] vfs_write+0x2a0/0x11d0 [ 341.621019][ T9418] ? __pfx___mutex_lock+0x10/0x10 [ 341.621060][ T9418] ? __pfx_vfs_write+0x10/0x10 [ 341.621106][ T9418] ? __fget_files+0x20e/0x3c0 [ 341.621149][ T9418] ksys_write+0x12a/0x250 [ 341.621184][ T9418] ? __pfx_ksys_write+0x10/0x10 [ 341.621228][ T9418] do_syscall_64+0xcd/0xf80 [ 341.621268][ T9418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.621293][ T9418] RIP: 0033:0x7f4385b8f7c9 [ 341.621313][ T9418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.621337][ T9418] RSP: 002b:00007f4383dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 341.621360][ T9418] RAX: ffffffffffffffda RBX: 00007f4385de6090 RCX: 00007f4385b8f7c9 [ 341.621376][ T9418] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 341.621391][ T9418] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 341.621406][ T9418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.621420][ T9418] R13: 00007f4385de6128 R14: 00007f4385de6090 R15: 00007ffd5df6d8e8 [ 341.621452][ T9418] [ 342.302327][ T9438] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 342.967089][ T9466] nfs: Unknown parameter 'w`_' [ 342.976200][ T9466] usb usb33: usbfs: process 9466 (syz.1.726) did not claim interface 0 before use [ 343.084478][ T9468] sd 0:0:1:0: device reset [ 344.247526][ T9493] FAULT_INJECTION: forcing a failure. [ 344.247526][ T9493] name failslab, interval 1, probability 0, space 0, times 0 [ 344.319329][ T9493] CPU: 0 UID: 0 PID: 9493 Comm: syz.3.733 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 344.319434][ T9493] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 344.319449][ T9493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 344.319464][ T9493] Call Trace: [ 344.319472][ T9493] [ 344.319481][ T9493] dump_stack_lvl+0x16c/0x1f0 [ 344.319523][ T9493] should_fail_ex+0x512/0x640 [ 344.319551][ T9493] ? __kmalloc_cache_noprof+0x5f/0x800 [ 344.319583][ T9493] should_failslab+0xc2/0x120 [ 344.319622][ T9493] __kmalloc_cache_noprof+0x80/0x800 [ 344.319652][ T9493] ? trace_parse_run_command+0x58/0x400 [ 344.319695][ T9493] ? trace_parse_run_command+0x58/0x400 [ 344.319732][ T9493] trace_parse_run_command+0x58/0x400 [ 344.319769][ T9493] ? __pfx_create_dyn_event+0x10/0x10 [ 344.319798][ T9493] ? __pfx_dyn_event_write+0x10/0x10 [ 344.319822][ T9493] vfs_write+0x2a0/0x11d0 [ 344.319859][ T9493] ? __pfx___mutex_lock+0x10/0x10 [ 344.319907][ T9493] ? __pfx_vfs_write+0x10/0x10 [ 344.319951][ T9493] ? __fget_files+0x20e/0x3c0 [ 344.319995][ T9493] ksys_write+0x12a/0x250 [ 344.320031][ T9493] ? __pfx_ksys_write+0x10/0x10 [ 344.320075][ T9493] do_syscall_64+0xcd/0xf80 [ 344.320117][ T9493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.320142][ T9493] RIP: 0033:0x7f9eda18f7c9 [ 344.320161][ T9493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 344.320185][ T9493] RSP: 002b:00007f9edb05d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 344.320208][ T9493] RAX: ffffffffffffffda RBX: 00007f9eda3e6180 RCX: 00007f9eda18f7c9 [ 344.320224][ T9493] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 0000000000000008 [ 344.320239][ T9493] RBP: 00007f9eda213f91 R08: 0000000000000000 R09: 0000000000000000 [ 344.320253][ T9493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 344.320268][ T9493] R13: 00007f9eda3e6218 R14: 00007f9eda3e6180 R15: 00007ffd5f1677b8 [ 344.320299][ T9493] [ 344.532336][ T9492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78004 [ 344.590376][ T9492] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 344.621748][ T9492] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 344.669744][ T9492] page_type: f5(slab) [ 344.673864][ T9492] raw: 00fff00000000040 ffff88813ff30c80 ffffea0000ceb480 dead000000000002 [ 344.719969][ T9492] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 344.728810][ T9492] head: 00fff00000000040 ffff88813ff30c80 ffffea0000ceb480 dead000000000002 [ 344.738070][ T9492] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 344.747674][ T9492] head: 00fff00000000001 ffffea0001e00101 00000000ffffffff 00000000ffffffff [ 344.759283][ T9492] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 344.841142][ T9492] page dumped because: unmovable page [ 344.884430][ T9492] page_owner tracks the page as allocated [ 344.926434][ T9492] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5360, tgid 5360 (v4l_id), ts 56052194033, free_ts 52119411673 [ 344.998672][ T9492] post_alloc_hook+0x1af/0x220 [ 345.008186][ T9492] get_page_from_freelist+0xd0b/0x31a0 [ 345.029616][ T9492] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 345.035783][ T9492] alloc_pages_mpol+0x1fb/0x550 [ 345.051030][ T9492] new_slab+0x2c3/0x430 [ 345.055256][ T9492] ___slab_alloc+0xe18/0x1c90 [ 345.060094][ T9492] __kmem_cache_alloc_bulk+0x1fb/0x6c0 [ 345.066797][ T9492] __prefill_sheaf_pfmemalloc+0x42/0x90 [ 345.072571][ T9492] kmem_cache_prefill_sheaf+0x1ba/0x410 [ 345.078308][ T9492] mas_alloc_nodes+0x2be/0x380 [ 345.083392][ T9492] mas_preallocate+0x5e3/0xee0 [ 345.088228][ T9492] __split_vma+0x34a/0x1050 [ 345.093163][ T9492] vma_modify+0x1069/0x2310 [ 345.098719][ T9492] vma_modify_flags+0x235/0x3a0 [ 345.108909][ T9492] mprotect_fixup+0x3a1/0xb80 [ 345.117577][ T9492] do_mprotect_pkey+0x9bc/0xd40 [ 345.128585][ T9492] page last free pid 5208 tgid 5208 stack trace: [ 345.135107][ T9492] __free_frozen_pages+0x7df/0x1170 [ 345.140428][ T9492] __put_partials+0x130/0x170 [ 345.145358][ T9492] qlist_free_all+0x4c/0xf0 [ 345.150037][ T9492] kasan_quarantine_reduce+0x195/0x1e0 [ 345.155811][ T9492] __kasan_slab_alloc+0x69/0x90 [ 345.160831][ T9492] kmem_cache_alloc_noprof+0x25e/0x770 [ 345.167779][ T9492] getname_flags.part.0+0x4c/0x550 [ 345.173141][ T9492] getname_flags+0x93/0xf0 [ 345.177716][ T9492] do_sys_openat2+0xb9/0x290 [ 345.182548][ T9492] __x64_sys_openat+0x174/0x210 [ 345.187558][ T9492] do_syscall_64+0xcd/0xf80 [ 345.192209][ T9492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.198939][ T9496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78004 [ 345.276891][ T9496] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 345.334264][ T9496] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 345.350466][ T9496] page_type: f5(slab) [ 345.386547][ T9496] raw: 00fff00000000040 ffff88813ff30c80 ffffea0000ceb480 dead000000000002 [ 345.552233][ T9496] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 345.584881][ T9496] head: 00fff00000000040 ffff88813ff30c80 ffffea0000ceb480 dead000000000002 [ 345.609460][ T9496] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 345.655475][ T9496] head: 00fff00000000001 ffffea0001e00101 00000000ffffffff 00000000ffffffff [ 345.679925][ T9496] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 345.719527][ T9496] page dumped because: unmovable page [ 345.743767][ T9496] page_owner tracks the page as allocated [ 345.773024][ T9496] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5360, tgid 5360 (v4l_id), ts 56052194033, free_ts 52119411673 [ 345.801104][ T9496] post_alloc_hook+0x1af/0x220 [ 345.808054][ T9496] get_page_from_freelist+0xd0b/0x31a0 [ 345.928381][ T9496] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 345.999531][ T9496] alloc_pages_mpol+0x1fb/0x550 [ 346.004519][ T9496] new_slab+0x2c3/0x430 [ 346.008741][ T9496] ___slab_alloc+0xe18/0x1c90 [ 346.049693][ T9496] __kmem_cache_alloc_bulk+0x1fb/0x6c0 [ 346.055264][ T9496] __prefill_sheaf_pfmemalloc+0x42/0x90 [ 346.181909][ T9496] kmem_cache_prefill_sheaf+0x1ba/0x410 [ 346.199469][ T9496] mas_alloc_nodes+0x2be/0x380 [ 346.204377][ T9496] mas_preallocate+0x5e3/0xee0 [ 346.213271][ T9496] __split_vma+0x34a/0x1050 [ 346.217890][ T9496] vma_modify+0x1069/0x2310 [ 346.223831][ T9496] vma_modify_flags+0x235/0x3a0 [ 346.229186][ T9496] mprotect_fixup+0x3a1/0xb80 [ 346.234641][ T9496] do_mprotect_pkey+0x9bc/0xd40 [ 346.241563][ T9496] page last free pid 5208 tgid 5208 stack trace: [ 346.260425][ T9496] __free_frozen_pages+0x7df/0x1170 [ 346.265821][ T9496] __put_partials+0x130/0x170 [ 346.272814][ T9496] qlist_free_all+0x4c/0xf0 [ 346.277414][ T9496] kasan_quarantine_reduce+0x195/0x1e0 [ 346.283373][ T9496] __kasan_slab_alloc+0x69/0x90 [ 346.288320][ T9496] kmem_cache_alloc_noprof+0x25e/0x770 [ 346.296857][ T9496] getname_flags.part.0+0x4c/0x550 [ 346.306843][ T9496] getname_flags+0x93/0xf0 [ 346.315405][ T9531] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 346.324432][ T9531] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 346.333548][ T9496] do_sys_openat2+0xb9/0x290 [ 346.338317][ T9496] __x64_sys_openat+0x174/0x210 [ 346.354736][ T9496] do_syscall_64+0xcd/0xf80 [ 346.359683][ T9496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.532257][ T9529] FAULT_INJECTION: forcing a failure. [ 346.532257][ T9529] name fail_futex, interval 1, probability 0, space 0, times 1 [ 346.560773][ T9529] CPU: 1 UID: 0 PID: 9529 Comm: syz.4.739 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 346.560845][ T9529] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 346.560864][ T9529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 346.560884][ T9529] Call Trace: [ 346.560894][ T9529] [ 346.560907][ T9529] dump_stack_lvl+0x16c/0x1f0 [ 346.560965][ T9529] should_fail_ex+0x512/0x640 [ 346.561011][ T9529] get_futex_key+0x1d0/0x15f0 [ 346.561053][ T9529] ? __pfx_get_futex_key+0x10/0x10 [ 346.561102][ T9529] futex_wake+0xea/0x530 [ 346.561148][ T9529] ? kasan_quarantine_put+0x10a/0x240 [ 346.561193][ T9529] ? __pfx_futex_wake+0x10/0x10 [ 346.561244][ T9529] ? putname+0xf5/0x1a0 [ 346.561283][ T9529] do_futex+0x1e3/0x350 [ 346.561322][ T9529] ? __pfx_do_futex+0x10/0x10 [ 346.561385][ T9529] __x64_sys_futex+0x1e0/0x4c0 [ 346.561430][ T9529] ? __x64_sys_openat+0x174/0x210 [ 346.561468][ T9529] ? __pfx___x64_sys_futex+0x10/0x10 [ 346.561511][ T9529] ? fput+0x70/0xf0 [ 346.561549][ T9529] do_syscall_64+0xcd/0xf80 [ 346.561603][ T9529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.561639][ T9529] RIP: 0033:0x7fe6d8d8f7c9 [ 346.561665][ T9529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.561698][ T9529] RSP: 002b:00007fe6d9ce20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 346.561729][ T9529] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa8 RCX: 00007fe6d8d8f7c9 [ 346.561752][ T9529] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe6d8fe5fac [ 346.561772][ T9529] RBP: 00007fe6d8fe5fa0 R08: 00007fe6d9ce3000 R09: 0000000000000000 [ 346.561793][ T9529] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 346.561813][ T9529] R13: 00007fe6d8fe6038 R14: 00007ffe36793b10 R15: 00007ffe36793bf8 [ 346.561856][ T9529] [ 350.594537][ T9641] netlink: 28 bytes leftover after parsing attributes in process `syz.0.763'. [ 352.417649][ T5830] Bluetooth: hci2: ISO packet too small [ 352.778149][ T9687] cgroup: fork rejected by pids controller in /syz4 [ 353.180357][ T9848] capability: warning: `syz.1.773' uses 32-bit capabilities (legacy support in use) [ 353.288645][ T9736] zswap: compressor not available syzkaller syzkaller login: [ 355.995649][ T9939] FAULT_INJECTION: forcing a failure. [ 355.995649][ T9939] name fail_futex, interval 1, probability 0, space 0, times 0 [ 356.272659][ T9939] CPU: 1 UID: 0 PID: 9939 Comm: syz.4.782 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 356.272711][ T9939] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 356.272724][ T9939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 356.272738][ T9939] Call Trace: [ 356.272746][ T9939] [ 356.272755][ T9939] dump_stack_lvl+0x16c/0x1f0 [ 356.272796][ T9939] should_fail_ex+0x512/0x640 [ 356.272827][ T9939] get_futex_key+0x1d0/0x15f0 [ 356.272855][ T9939] ? __pfx_get_futex_key+0x10/0x10 [ 356.272882][ T9939] ? __sys_bpf+0x175/0x4980 [ 356.272915][ T9939] futex_wake+0xea/0x530 [ 356.272946][ T9939] ? __pfx___sys_bpf+0x10/0x10 [ 356.272968][ T9939] ? __pfx_futex_wait+0x10/0x10 [ 356.273003][ T9939] ? __pfx_futex_wake+0x10/0x10 [ 356.273056][ T9939] do_futex+0x1e3/0x350 [ 356.273084][ T9939] ? __pfx_do_futex+0x10/0x10 [ 356.273120][ T9939] __x64_sys_futex+0x1e0/0x4c0 [ 356.273150][ T9939] ? fput+0x70/0xf0 [ 356.273174][ T9939] ? __pfx___x64_sys_futex+0x10/0x10 [ 356.273202][ T9939] ? xfd_validate_state+0x61/0x180 [ 356.273224][ T9939] ? __pfx_do_writev+0x10/0x10 [ 356.273265][ T9939] do_syscall_64+0xcd/0xf80 [ 356.273304][ T9939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.273329][ T9939] RIP: 0033:0x7fe6d8d8f7c9 [ 356.273348][ T9939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 356.273372][ T9939] RSP: 002b:00007fe6d9ce20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 356.273394][ T9939] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa8 RCX: 00007fe6d8d8f7c9 [ 356.273410][ T9939] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe6d8fe5fac [ 356.273425][ T9939] RBP: 00007fe6d8fe5fa0 R08: 00007fe6d9ce3000 R09: 0000000000000000 [ 356.273460][ T9939] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 356.273475][ T9939] R13: 00007fe6d8fe6038 R14: 00007ffe36793b10 R15: 00007ffe36793bf8 [ 356.273507][ T9939] [ 356.828090][ T9958] FAULT_INJECTION: forcing a failure. [ 356.828090][ T9958] name failslab, interval 1, probability 0, space 0, times 0 [ 356.900425][ T9958] CPU: 0 UID: 0 PID: 9958 Comm: syz.1.787 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 356.900499][ T9958] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 356.900518][ T9958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 356.900539][ T9958] Call Trace: [ 356.900550][ T9958] [ 356.900563][ T9958] dump_stack_lvl+0x16c/0x1f0 [ 356.900619][ T9958] should_fail_ex+0x512/0x640 [ 356.900658][ T9958] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 356.900708][ T9958] should_failslab+0xc2/0x120 [ 356.900763][ T9958] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 356.900809][ T9958] ? __d_alloc+0x35/0xa80 [ 356.900846][ T9958] ? __d_alloc+0x35/0xa80 [ 356.900882][ T9958] __d_alloc+0x35/0xa80 [ 356.900917][ T9958] d_alloc_pseudo+0x1c/0xc0 [ 356.900958][ T9958] alloc_file_pseudo+0xcf/0x230 [ 356.900999][ T9958] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 356.901037][ T9958] ? alloc_fd+0x471/0x7d0 [ 356.901093][ T9958] sock_alloc_file+0x50/0x210 [ 356.901141][ T9958] __sys_socket+0x1c0/0x260 [ 356.901171][ T9958] ? fput+0x70/0xf0 [ 356.901201][ T9958] ? __pfx___sys_socket+0x10/0x10 [ 356.901234][ T9958] ? xfd_validate_state+0x61/0x180 [ 356.901263][ T9958] ? __pfx_ksys_write+0x10/0x10 [ 356.901321][ T9958] __x64_sys_socket+0x72/0xb0 [ 356.901352][ T9958] ? lockdep_hardirqs_on+0x7c/0x110 [ 356.901401][ T9958] do_syscall_64+0xcd/0xf80 [ 356.901455][ T9958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.901490][ T9958] RIP: 0033:0x7f4385b8f7c9 [ 356.901516][ T9958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 356.901550][ T9958] RSP: 002b:00007f4383df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 356.901582][ T9958] RAX: ffffffffffffffda RBX: 00007f4385de5fa0 RCX: 00007f4385b8f7c9 [ 356.901604][ T9958] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000010 [ 356.901624][ T9958] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 356.901643][ T9958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.901662][ T9958] R13: 00007f4385de6038 R14: 00007f4385de5fa0 R15: 00007ffd5df6d8e8 [ 356.901705][ T9958] [ 357.855750][ T9972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.790'. [ 361.335059][T10031] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 364.341060][T10069] netlink: 334 bytes leftover after parsing attributes in process `syz.0.806'. [ 366.142838][T10100] FAULT_INJECTION: forcing a failure. [ 366.142838][T10100] name fail_futex, interval 1, probability 0, space 0, times 0 [ 366.212020][T10100] CPU: 0 UID: 0 PID: 10100 Comm: syz.1.817 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 366.212094][T10100] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 366.212113][T10100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 366.212133][T10100] Call Trace: [ 366.212144][T10100] [ 366.212157][T10100] dump_stack_lvl+0x16c/0x1f0 [ 366.212212][T10100] should_fail_ex+0x512/0x640 [ 366.212255][T10100] get_futex_key+0x1d0/0x15f0 [ 366.212304][T10100] ? __pfx_get_futex_key+0x10/0x10 [ 366.212337][T10100] ? find_held_lock+0x2b/0x80 [ 366.212394][T10100] futex_wake+0xea/0x530 [ 366.212443][T10100] ? __pfx_futex_wake+0x10/0x10 [ 366.212496][T10100] ? do_raw_spin_lock+0x12c/0x2b0 [ 366.212535][T10100] ? find_held_lock+0x2b/0x80 [ 366.212582][T10100] do_futex+0x1e3/0x350 [ 366.212620][T10100] ? __pfx_do_futex+0x10/0x10 [ 366.212678][T10100] ? _raw_spin_unlock_irq+0x2e/0x50 [ 366.212726][T10100] ? sigprocmask+0xef/0x330 [ 366.212762][T10100] ? __pfx_sigprocmask+0x10/0x10 [ 366.212813][T10100] __x64_sys_futex+0x1e0/0x4c0 [ 366.212855][T10100] ? __x64_sys_rt_sigprocmask+0x1fd/0x290 [ 366.212898][T10100] ? __pfx___x64_sys_futex+0x10/0x10 [ 366.212937][T10100] ? xfd_validate_state+0x61/0x180 [ 366.212982][T10100] do_syscall_64+0xcd/0xf80 [ 366.213034][T10100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.213070][T10100] RIP: 0033:0x7f4385b8f7c9 [ 366.213097][T10100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 366.213129][T10100] RSP: 002b:00007ffd5df6d9c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 366.213160][T10100] RAX: ffffffffffffffda RBX: 00007f4385de6360 RCX: 00007f4385b8f7c9 [ 366.213181][T10100] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4385de636c [ 366.213201][T10100] RBP: 00007f4385de6360 R08: 000000000000000f R09: 00007f4385de6190 [ 366.213221][T10100] R10: 00007f4385de5fa0 R11: 0000000000000246 R12: 00007f4385de5fa0 [ 366.213242][T10100] R13: 00007f4385de6360 R14: 0000000000000ef4 R15: 0000000000000003 [ 366.213284][T10100] [ 367.113065][T10120] FAULT_INJECTION: forcing a failure. [ 367.113065][T10120] name fail_futex, interval 1, probability 0, space 0, times 0 [ 367.126052][T10120] CPU: 1 UID: 0 PID: 10120 Comm: syz.3.819 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 367.126121][T10120] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 367.126141][T10120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 367.126161][T10120] Call Trace: [ 367.126172][T10120] [ 367.126183][T10120] dump_stack_lvl+0x16c/0x1f0 [ 367.126242][T10120] should_fail_ex+0x512/0x640 [ 367.126285][T10120] get_futex_key+0x1d0/0x15f0 [ 367.126326][T10120] ? __pfx_get_futex_key+0x10/0x10 [ 367.126360][T10120] ? find_held_lock+0x2b/0x80 [ 367.126415][T10120] futex_wake+0xea/0x530 [ 367.126457][T10120] ? __lock_acquire+0x436/0x2890 [ 367.126492][T10120] ? __pfx_futex_wake+0x10/0x10 [ 367.126555][T10120] do_futex+0x1e3/0x350 [ 367.126595][T10120] ? __pfx_do_futex+0x10/0x10 [ 367.126636][T10120] ? lookup_ioctx+0x18a/0x820 [ 367.126674][T10120] __x64_sys_futex+0x1e0/0x4c0 [ 367.126719][T10120] ? __pfx___x64_sys_futex+0x10/0x10 [ 367.126774][T10120] do_syscall_64+0xcd/0xf80 [ 367.126840][T10120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.126875][T10120] RIP: 0033:0x7f9eda18f7c9 [ 367.126902][T10120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 367.126937][T10120] RSP: 002b:00007f9edb07e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 367.126969][T10120] RAX: ffffffffffffffda RBX: 00007f9eda3e6098 RCX: 00007f9eda18f7c9 [ 367.126990][T10120] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9eda3e609c [ 367.127010][T10120] RBP: 00007f9eda3e6090 R08: 00007f9edb0a0000 R09: 0000000000000000 [ 367.127030][T10120] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 367.127051][T10120] R13: 00007f9eda3e6128 R14: 00007ffd5f1676d0 R15: 00007ffd5f1677b8 [ 367.127100][T10120] [ 368.224078][T10131] sp0: Synchronizing with TNC [ 368.939718][T10145] netlink: 130 bytes leftover after parsing attributes in process `syz.1.824'. [ 369.095976][T10144] Process accounting resumed [ 370.115378][ T30] audit: type=1804 audit(8277292035.100:61): pid=10166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.830" name="/newroot/191/file0" dev="tmpfs" ino=1023 res=1 errno=0 [ 371.031093][T10187] zswap: compressor not available [ 371.471413][T10194] FAULT_INJECTION: forcing a failure. [ 371.471413][T10194] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 371.555778][ T5910] smpboot: CPU 1 is now offline [ 371.590596][T10194] CPU: 0 UID: 0 PID: 10194 Comm: syz.1.837 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 371.590651][T10194] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 371.590665][T10194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 371.590680][T10194] Call Trace: [ 371.590688][T10194] [ 371.590697][T10194] dump_stack_lvl+0x16c/0x1f0 [ 371.590738][T10194] should_fail_ex+0x512/0x640 [ 371.590770][T10194] _copy_from_user+0x2e/0xd0 [ 371.590798][T10194] snd_rawmidi_kernel_write1+0x50a/0x8a0 [ 371.590838][T10194] snd_rawmidi_write+0x26e/0xc10 [ 371.590908][T10194] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 371.590935][T10194] ? common_file_perm+0x1b1/0x500 [ 371.590965][T10194] ? __pfx_default_wake_function+0x10/0x10 [ 371.591001][T10194] ? bpf_lsm_file_permission+0x9/0x10 [ 371.591043][T10194] ? security_file_permission+0x71/0x210 [ 371.591076][T10194] ? rw_verify_area+0xcf/0x6c0 [ 371.591109][T10194] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 371.591135][T10194] vfs_write+0x2a0/0x11d0 [ 371.591176][T10194] ? __pfx_vfs_write+0x10/0x10 [ 371.591209][T10194] ? find_held_lock+0x2b/0x80 [ 371.591241][T10194] ? __fget_files+0x204/0x3c0 [ 371.591281][T10194] ? __fget_files+0x20e/0x3c0 [ 371.591324][T10194] ksys_write+0x1f8/0x250 [ 371.591367][T10194] ? __pfx_ksys_write+0x10/0x10 [ 371.591412][T10194] do_syscall_64+0xcd/0xf80 [ 371.591466][T10194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.591492][T10194] RIP: 0033:0x7f4385b8f7c9 [ 371.591511][T10194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.591549][T10194] RSP: 002b:00007f4383df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 371.591572][T10194] RAX: ffffffffffffffda RBX: 00007f4385de5fa0 RCX: 00007f4385b8f7c9 [ 371.591590][T10194] RDX: 000000100000a3d9 RSI: 0000200000000400 RDI: 000000000000000b [ 371.591616][T10194] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 371.591647][T10194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.591662][T10194] R13: 00007f4385de6038 R14: 00007f4385de5fa0 R15: 00007ffd5df6d8e8 [ 371.591695][T10194] [ 374.890165][T10230] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 376.355727][T10264] netlink: 146 bytes leftover after parsing attributes in process `syz.3.852'. [ 377.075339][T10277] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 378.533239][T10307] sp0: Synchronizing with TNC [ 379.091986][T10326] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 380.041472][T10350] Invalid ELF header magic: != ELF [ 380.581208][T10363] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 380.609821][T10351] FAULT_INJECTION: forcing a failure. [ 380.609821][T10351] name failslab, interval 1, probability 0, space 0, times 0 [ 380.828310][T10351] CPU: 0 UID: 0 PID: 10351 Comm: syz.1.873 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 380.828368][T10351] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 380.828383][T10351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 380.828399][T10351] Call Trace: [ 380.828406][T10351] [ 380.828416][T10351] dump_stack_lvl+0x16c/0x1f0 [ 380.828459][T10351] should_fail_ex+0x512/0x640 [ 380.828488][T10351] ? kmem_cache_alloc_noprof+0x62/0x770 [ 380.828522][T10351] should_failslab+0xc2/0x120 [ 380.828562][T10351] kmem_cache_alloc_noprof+0x83/0x770 [ 380.828600][T10351] ? security_file_alloc+0x34/0x2b0 [ 380.828642][T10351] ? security_file_alloc+0x34/0x2b0 [ 380.828673][T10351] security_file_alloc+0x34/0x2b0 [ 380.828706][T10351] init_file+0x93/0x4c0 [ 380.828732][T10351] alloc_empty_file+0x73/0x1e0 [ 380.828760][T10351] alloc_file_clone+0x5f/0x110 [ 380.828789][T10351] create_pipe_files+0x41b/0x9a0 [ 380.828834][T10351] do_pipe2+0xaf/0x1c0 [ 380.828872][T10351] ? __pfx_do_pipe2+0x10/0x10 [ 380.828912][T10351] ? xfd_validate_state+0x61/0x180 [ 380.828934][T10351] ? __pfx_do_writev+0x10/0x10 [ 380.828975][T10351] __x64_sys_pipe+0x33/0x50 [ 380.829015][T10351] do_syscall_64+0xcd/0xf80 [ 380.829056][T10351] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.829082][T10351] RIP: 0033:0x7f4385b8f7c9 [ 380.829101][T10351] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 380.829126][T10351] RSP: 002b:00007f4383991038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 380.829150][T10351] RAX: ffffffffffffffda RBX: 00007f4385de6270 RCX: 00007f4385b8f7c9 [ 380.829167][T10351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 380.829181][T10351] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 380.829197][T10351] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 380.829212][T10351] R13: 00007f4385de6308 R14: 00007f4385de6270 R15: 00007ffd5df6d8e8 [ 380.829244][T10351] [ 383.517073][T10422] netlink: 206 bytes leftover after parsing attributes in process `syz.3.895'. [ 387.196962][T10490] [U] [ 387.200030][T10490] [U] [ 387.202751][T10490] [U] [ 387.205489][T10490] [U] [ 387.273132][T10490] [U] [ 387.275888][T10490] [U] [ 387.278617][T10490] [U] [ 387.281339][T10490] [U] [ 387.341233][T10490] [U] [ 387.344041][T10490] [U] [ 387.346785][T10490] [U] [ 387.349505][T10490] [U] [ 387.446942][T10490] [U] [ 388.181621][T10516] ubi0: attaching mtd1 [ 388.266097][T10516] ubi0: scanning is finished [ 388.353818][T10516] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 388.843643][T10516] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd1, error -22 [ 389.064624][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.074880][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 392.457851][T10569] binder: BINDER_SET_CONTEXT_MGR already set [ 392.482243][T10569] binder: 10566:10569 ioctl 4018620d 9 returned -16 [ 393.927895][T10590] FAULT_INJECTION: forcing a failure. [ 393.927895][T10590] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 393.960061][T10584] zswap: compressor not available [ 394.039789][T10590] CPU: 0 UID: 0 PID: 10590 Comm: syz.1.934 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 394.039844][T10590] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 394.039858][T10590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 394.039873][T10590] Call Trace: [ 394.039881][T10590] [ 394.039890][T10590] dump_stack_lvl+0x16c/0x1f0 [ 394.039949][T10590] should_fail_ex+0x512/0x640 [ 394.039982][T10590] should_fail_alloc_page+0xe7/0x130 [ 394.040023][T10590] prepare_alloc_pages+0x401/0x670 [ 394.040063][T10590] ? rcu_is_watching+0x12/0xc0 [ 394.040101][T10590] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 394.040133][T10590] ? cpa_flush+0x19b/0x980 [ 394.040165][T10590] ? __pfx_cpa_flush+0x10/0x10 [ 394.040195][T10590] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 394.040234][T10590] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 394.040279][T10590] ? interleave_nodes+0x164/0x410 [ 394.040321][T10590] ? policy_nodemask+0xea/0x4e0 [ 394.040360][T10590] alloc_pages_mpol+0x1fb/0x550 [ 394.040399][T10590] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 394.040445][T10590] alloc_pages_noprof+0x131/0x390 [ 394.040485][T10590] kimage_alloc_pages+0x74/0x350 [ 394.040525][T10590] kimage_alloc_page+0x14b/0x920 [ 394.040571][T10590] kimage_load_segment+0x78e/0xdd0 [ 394.040628][T10590] do_kexec_load+0x69e/0x860 [ 394.040652][T10590] ? __pfx_do_kexec_load+0x10/0x10 [ 394.040678][T10590] ? _copy_from_user+0x59/0xd0 [ 394.040708][T10590] __x64_sys_kexec_load+0x1bf/0x230 [ 394.040734][T10590] do_syscall_64+0xcd/0xf80 [ 394.040773][T10590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.040798][T10590] RIP: 0033:0x7f4385b8f7c9 [ 394.040818][T10590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.040842][T10590] RSP: 002b:00007f4383db4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 394.040865][T10590] RAX: ffffffffffffffda RBX: 00007f4385de6180 RCX: 00007f4385b8f7c9 [ 394.040882][T10590] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 394.040896][T10590] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 394.040911][T10590] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 394.040925][T10590] R13: 00007f4385de6218 R14: 00007f4385de6180 R15: 00007ffd5df6d8e8 [ 394.040956][T10590] [ 394.586783][T10584] FAULT_INJECTION: forcing a failure. [ 394.586783][T10584] name failslab, interval 1, probability 0, space 0, times 0 [ 394.618933][T10584] CPU: 0 UID: 0 PID: 10584 Comm: syz.4.933 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 394.618989][T10584] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 394.619002][T10584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 394.619017][T10584] Call Trace: [ 394.619026][T10584] [ 394.619035][T10584] dump_stack_lvl+0x16c/0x1f0 [ 394.619077][T10584] should_fail_ex+0x512/0x640 [ 394.619104][T10584] ? __kmalloc_noprof+0xca/0x910 [ 394.619134][T10584] should_failslab+0xc2/0x120 [ 394.619174][T10584] __kmalloc_noprof+0xeb/0x910 [ 394.619200][T10584] ? sk_prot_alloc+0x1a8/0x2a0 [ 394.619243][T10584] ? sk_prot_alloc+0x1a8/0x2a0 [ 394.619297][T10584] sk_prot_alloc+0x1a8/0x2a0 [ 394.619340][T10584] sk_alloc+0x36/0xe30 [ 394.619370][T10584] __netlink_create+0x5e/0x2c0 [ 394.619403][T10584] __netlink_kernel_create+0xed/0x750 [ 394.619441][T10584] ? __pfx___netlink_kernel_create+0x10/0x10 [ 394.619487][T10584] uevent_net_init+0xf8/0x350 [ 394.619513][T10584] ? __pfx_uevent_net_init+0x10/0x10 [ 394.619546][T10584] ? rcu_is_watching+0x12/0xc0 [ 394.619581][T10584] ? __pfx_uevent_net_rcv+0x10/0x10 [ 394.619609][T10584] ? ops_init+0x77/0x5f0 [ 394.619645][T10584] ? __pfx_uevent_net_init+0x10/0x10 [ 394.619670][T10584] ops_init+0x1e2/0x5f0 [ 394.619706][T10584] setup_net+0x11d/0x3a0 [ 394.619740][T10584] ? __pfx_setup_net+0x10/0x10 [ 394.619771][T10584] ? lockdep_init_map_type+0x5c/0x270 [ 394.619797][T10584] ? mutex_init_lockep+0x110/0x150 [ 394.619826][T10584] copy_net_ns+0x351/0x7c0 [ 394.619866][T10584] create_new_namespaces+0x3ea/0xab0 [ 394.619906][T10584] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 394.619944][T10584] ksys_unshare+0x45b/0xa40 [ 394.619984][T10584] ? __pfx_ksys_unshare+0x10/0x10 [ 394.620026][T10584] ? do_user_addr_fault+0x843/0x1370 [ 394.620062][T10584] __x64_sys_unshare+0x31/0x40 [ 394.620102][T10584] do_syscall_64+0xcd/0xf80 [ 394.620141][T10584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.620166][T10584] RIP: 0033:0x7fe6d8d8f7c9 [ 394.620186][T10584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.620210][T10584] RSP: 002b:00007fe6d9ce2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 394.620232][T10584] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa0 RCX: 00007fe6d8d8f7c9 [ 394.620249][T10584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 394.620264][T10584] RBP: 00007fe6d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 394.620278][T10584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 394.620293][T10584] R13: 00007fe6d8fe6038 R14: 00007fe6d8fe5fa0 R15: 00007ffe36793bf8 [ 394.620324][T10584] [ 396.029975][T10584] kobject_uevent: unable to create netlink socket! [ 397.307483][T10637] __vm_enough_memory: pid: 10637, comm: syz.4.944, bytes: 4398046511104 not enough memory for the allocation [ 397.493437][T10647] netlink: 28 bytes leftover after parsing attributes in process `syz.1.945'. [ 397.641396][T10647] hsr_slave_0: left promiscuous mode [ 397.673165][T10647] FAULT_INJECTION: forcing a failure. [ 397.673165][T10647] name failslab, interval 1, probability 0, space 0, times 0 [ 397.718563][T10647] CPU: 0 UID: 0 PID: 10647 Comm: syz.1.945 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 397.718620][T10647] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 397.718634][T10647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 397.718650][T10647] Call Trace: [ 397.718658][T10647] [ 397.718667][T10647] dump_stack_lvl+0x16c/0x1f0 [ 397.718711][T10647] should_fail_ex+0x512/0x640 [ 397.718738][T10647] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 397.718774][T10647] should_failslab+0xc2/0x120 [ 397.718814][T10647] kmem_cache_alloc_node_noprof+0x86/0x800 [ 397.718845][T10647] ? __alloc_skb+0x156/0x410 [ 397.718879][T10647] ? __alloc_skb+0x156/0x410 [ 397.718904][T10647] __alloc_skb+0x156/0x410 [ 397.718930][T10647] ? __alloc_skb+0x35d/0x410 [ 397.718957][T10647] ? __pfx___alloc_skb+0x10/0x10 [ 397.718985][T10647] ? rtnl_prop_list_size+0x295/0x2d0 [ 397.719022][T10647] ? if_nlmsg_size+0x4a7/0xb30 [ 397.719061][T10647] rtmsg_ifinfo_build_skb+0x81/0x280 [ 397.719107][T10647] rtnetlink_event+0xf3/0x1f0 [ 397.719149][T10647] notifier_call_chain+0xbc/0x3e0 [ 397.719189][T10647] ? __pfx_rtnetlink_event+0x10/0x10 [ 397.719256][T10647] call_netdevice_notifiers_info+0xbe/0x110 [ 397.719299][T10647] __netdev_upper_dev_unlink+0x210/0x510 [ 397.719331][T10647] ? __pfx___netdev_upper_dev_unlink+0x10/0x10 [ 397.719370][T10647] netdev_upper_dev_unlink+0x83/0xb0 [ 397.719394][T10647] ? __pfx_netdev_upper_dev_unlink+0x10/0x10 [ 397.719422][T10647] ? dev_set_promiscuity+0x19f/0x260 [ 397.719461][T10647] hsr_del_port+0x260/0x3e0 [ 397.719492][T10647] hsr_del_ports+0x30/0xb0 [ 397.719517][T10647] hsr_dellink+0x5a/0x90 [ 397.719542][T10647] rtnl_dellink+0x44e/0xad0 [ 397.719572][T10647] ? __pfx_hsr_dellink+0x10/0x10 [ 397.719597][T10647] ? kmem_cache_free+0x2d8/0x770 [ 397.719627][T10647] ? kfree_skbmem+0x1a4/0x1f0 [ 397.719646][T10647] ? consume_skb+0xcc/0x100 [ 397.719678][T10647] ? nlmon_xmit+0xa5/0xe0 [ 397.719711][T10647] ? __pfx_rtnl_dellink+0x10/0x10 [ 397.719742][T10647] ? netlink_unicast+0x64c/0x870 [ 397.719776][T10647] ? netlink_sendmsg+0x8c8/0xdd0 [ 397.719810][T10647] ? ____sys_sendmsg+0xa5d/0xc30 [ 397.719848][T10647] ? __x64_sys_sendmmsg+0x9c/0x100 [ 397.719879][T10647] ? do_syscall_64+0xcd/0xf80 [ 397.719964][T10647] ? __lock_acquire+0x436/0x2890 [ 397.719990][T10647] ? find_held_lock+0x2b/0x80 [ 397.720021][T10647] ? __dev_queue_xmit+0x782/0x46b0 [ 397.720055][T10647] ? find_held_lock+0x2b/0x80 [ 397.720084][T10647] ? __pfx_rtnl_dellink+0x10/0x10 [ 397.720116][T10647] ? __pfx_rtnl_dellink+0x10/0x10 [ 397.720147][T10647] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 397.720183][T10647] ? __pfx_rtnl_dellink+0x10/0x10 [ 397.720216][T10647] rtnetlink_rcv_msg+0x95e/0xe90 [ 397.720259][T10647] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 397.720302][T10647] ? ref_tracker_free+0x37c/0x830 [ 397.720336][T10647] netlink_rcv_skb+0x158/0x420 [ 397.720372][T10647] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 397.720409][T10647] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 397.720456][T10647] ? netlink_deliver_tap+0x1ae/0xd30 [ 397.720496][T10647] netlink_unicast+0x5aa/0x870 [ 397.720536][T10647] ? __pfx_netlink_unicast+0x10/0x10 [ 397.720572][T10647] ? __pfx___might_resched+0x10/0x10 [ 397.720606][T10647] ? __lock_acquire+0x436/0x2890 [ 397.720635][T10647] netlink_sendmsg+0x8c8/0xdd0 [ 397.720676][T10647] ? __pfx_netlink_sendmsg+0x10/0x10 [ 397.720716][T10647] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 397.720764][T10647] ____sys_sendmsg+0xa5d/0xc30 [ 397.720803][T10647] ? copy_msghdr_from_user+0x10a/0x160 [ 397.720835][T10647] ? __pfx_____sys_sendmsg+0x10/0x10 [ 397.720878][T10647] ? find_held_lock+0x2b/0x80 [ 397.720916][T10647] ___sys_sendmsg+0x134/0x1d0 [ 397.720950][T10647] ? __pfx____sys_sendmsg+0x10/0x10 [ 397.721008][T10647] ? __pfx___might_resched+0x10/0x10 [ 397.721048][T10647] __sys_sendmmsg+0x200/0x420 [ 397.721084][T10647] ? __pfx___sys_sendmmsg+0x10/0x10 [ 397.721124][T10647] ? __pfx_do_futex+0x10/0x10 [ 397.721163][T10647] ? __sys_socket+0xac/0x260 [ 397.721188][T10647] ? xfd_validate_state+0x61/0x180 [ 397.721217][T10647] __x64_sys_sendmmsg+0x9c/0x100 [ 397.721253][T10647] ? lockdep_hardirqs_on+0x7c/0x110 [ 397.721291][T10647] do_syscall_64+0xcd/0xf80 [ 397.721349][T10647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 397.721373][T10647] RIP: 0033:0x7f4385b8f7c9 [ 397.721392][T10647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 397.721417][T10647] RSP: 002b:00007f4383dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 397.721440][T10647] RAX: ffffffffffffffda RBX: 00007f4385de6090 RCX: 00007f4385b8f7c9 [ 397.721456][T10647] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000009 [ 397.721472][T10647] RBP: 00007f4385c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 397.721487][T10647] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000000 [ 397.721501][T10647] R13: 00007f4385de6128 R14: 00007f4385de6090 R15: 00007ffd5df6d8e8 [ 397.721533][T10647] [ 398.710183][T10656] FAULT_INJECTION: forcing a failure. [ 398.710183][T10656] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 398.724405][T10656] CPU: 0 UID: 0 PID: 10656 Comm: syz.0.946 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 398.724458][T10656] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 398.724472][T10656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 398.724486][T10656] Call Trace: [ 398.724494][T10656] [ 398.724502][T10656] dump_stack_lvl+0x16c/0x1f0 [ 398.724544][T10656] should_fail_ex+0x512/0x640 [ 398.724576][T10656] _copy_from_user+0x2e/0xd0 [ 398.724603][T10656] kimage_load_segment+0x98d/0xdd0 [ 398.724650][T10656] do_kexec_load+0x69e/0x860 [ 398.724674][T10656] ? __pfx_do_kexec_load+0x10/0x10 [ 398.724699][T10656] ? _copy_from_user+0x59/0xd0 [ 398.724729][T10656] __x64_sys_kexec_load+0x1bf/0x230 [ 398.724755][T10656] do_syscall_64+0xcd/0xf80 [ 398.724794][T10656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.724818][T10656] RIP: 0033:0x7fec85f8f7c9 [ 398.724837][T10656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.724861][T10656] RSP: 002b:00007fec86e13038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 398.724883][T10656] RAX: ffffffffffffffda RBX: 00007fec861e6180 RCX: 00007fec85f8f7c9 [ 398.724899][T10656] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 398.724914][T10656] RBP: 00007fec86013f91 R08: 0000000000000000 R09: 0000000000000000 [ 398.724929][T10656] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 398.724943][T10656] R13: 00007fec861e6218 R14: 00007fec861e6180 R15: 00007ffcf2b7ae98 [ 398.724974][T10656] [ 399.087302][T10647] hsr_slave_1: left promiscuous mode [ 399.257473][T10647] Process accounting paused [ 399.875587][T10682] FAULT_INJECTION: forcing a failure. [ 399.875587][T10682] name failslab, interval 1, probability 0, space 0, times 0 [ 399.968761][T10682] CPU: 0 UID: 0 PID: 10682 Comm: syz.4.954 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 399.968816][T10682] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 399.968830][T10682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 399.968846][T10682] Call Trace: [ 399.968853][T10682] [ 399.968863][T10682] dump_stack_lvl+0x16c/0x1f0 [ 399.968906][T10682] should_fail_ex+0x512/0x640 [ 399.968935][T10682] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 399.968990][T10682] should_failslab+0xc2/0x120 [ 399.969035][T10682] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 399.969065][T10682] ? find_held_lock+0x2b/0x80 [ 399.969097][T10682] ? __d_alloc+0x35/0xa80 [ 399.969123][T10682] ? __d_alloc+0x35/0xa80 [ 399.969143][T10682] __d_alloc+0x35/0xa80 [ 399.969179][T10682] d_alloc_pseudo+0x1c/0xc0 [ 399.969209][T10682] alloc_file_pseudo+0xcf/0x230 [ 399.969237][T10682] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 399.969265][T10682] ? alloc_fd+0x471/0x7d0 [ 399.969306][T10682] sock_alloc_file+0x50/0x210 [ 399.969342][T10682] __sys_socket+0x1c0/0x260 [ 399.969363][T10682] ? fput+0x70/0xf0 [ 399.969385][T10682] ? __pfx___sys_socket+0x10/0x10 [ 399.969408][T10682] ? xfd_validate_state+0x61/0x180 [ 399.969429][T10682] ? __pfx_ksys_write+0x10/0x10 [ 399.969471][T10682] __x64_sys_socket+0x72/0xb0 [ 399.969492][T10682] ? lockdep_hardirqs_on+0x7c/0x110 [ 399.969530][T10682] do_syscall_64+0xcd/0xf80 [ 399.969569][T10682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.969594][T10682] RIP: 0033:0x7fe6d8d8f7c9 [ 399.969614][T10682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 399.969638][T10682] RSP: 002b:00007fe6d9ce2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 399.969660][T10682] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa0 RCX: 00007fe6d8d8f7c9 [ 399.969676][T10682] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000002 [ 399.969691][T10682] RBP: 00007fe6d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 399.969706][T10682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 399.969720][T10682] R13: 00007fe6d8fe6038 R14: 00007fe6d8fe5fa0 R15: 00007ffe36793bf8 [ 399.969751][T10682] [ 400.354176][T10673] zswap: compressor not available [ 400.590193][T10693] futex_wake_op: syz.3.958 tries to shift op by -2048; fix this program [ 401.293232][T10706] futex_wake_op: syz.0.961 tries to shift op by -2048; fix this program [ 401.331816][T10710] FAULT_INJECTION: forcing a failure. [ 401.331816][T10710] name failslab, interval 1, probability 0, space 0, times 0 [ 401.377480][T10710] CPU: 0 UID: 0 PID: 10710 Comm: syz.1.962 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 401.377549][T10710] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 401.377570][T10710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 401.377587][T10710] Call Trace: [ 401.377596][T10710] [ 401.377606][T10710] dump_stack_lvl+0x16c/0x1f0 [ 401.377653][T10710] should_fail_ex+0x512/0x640 [ 401.377682][T10710] ? fs_reclaim_acquire+0xae/0x150 [ 401.377727][T10710] should_failslab+0xc2/0x120 [ 401.377769][T10710] __kmalloc_noprof+0xeb/0x910 [ 401.377799][T10710] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 401.377843][T10710] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 401.377888][T10710] tomoyo_realpath_from_path+0xc2/0x6e0 [ 401.377930][T10710] ? tomoyo_profile+0x47/0x60 [ 401.377974][T10710] tomoyo_path_number_perm+0x245/0x580 [ 401.378005][T10710] ? tomoyo_path_number_perm+0x237/0x580 [ 401.378039][T10710] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 401.378073][T10710] ? find_held_lock+0x2b/0x80 [ 401.378140][T10710] ? find_held_lock+0x2b/0x80 [ 401.378181][T10710] ? hook_file_ioctl_common+0x144/0x410 [ 401.378219][T10710] ? __fget_files+0x20e/0x3c0 [ 401.378261][T10710] security_file_ioctl+0x9b/0x240 [ 401.378294][T10710] __x64_sys_ioctl+0xb7/0x210 [ 401.378328][T10710] do_syscall_64+0xcd/0xf80 [ 401.378369][T10710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.378395][T10710] RIP: 0033:0x7f4385b8f7c9 [ 401.378414][T10710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 401.378439][T10710] RSP: 002b:00007f4383df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 401.378463][T10710] RAX: ffffffffffffffda RBX: 00007f4385de5fa0 RCX: 00007f4385b8f7c9 [ 401.378480][T10710] RDX: 0000000000000000 RSI: 0000000040189206 RDI: 0000000000000003 [ 401.378495][T10710] RBP: 00007f4383df6090 R08: 0000000000000000 R09: 0000000000000000 [ 401.378510][T10710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 401.378525][T10710] R13: 00007f4385de6038 R14: 00007f4385de5fa0 R15: 00007ffd5df6d8e8 [ 401.378559][T10710] [ 401.378569][T10710] ERROR: Out of memory at tomoyo_realpath_from_path. [ 401.886981][T10702] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 401.917085][T10702] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 401.939179][T10702] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 401.958094][T10702] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 401.986268][T10717] zswap: compressor not available [ 401.992247][T10702] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 402.002093][T10702] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 402.209181][T10726] random: crng reseeded on system resumption [ 403.279725][ T5150] Bluetooth: hci0: command 0x0c1a tx timeout [ 404.001824][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 404.008242][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 404.014360][ T5150] Bluetooth: hci2: command 0x0c1a tx timeout [ 404.047544][T10753] ubi0: attaching mtd0 [ 404.073782][T10753] ubi0 error: ubi_attach_mtd_dev: bad VID header (12288) or data offsets (12352) [ 406.079550][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout [ 406.353775][T10793] netlink: 4 bytes leftover after parsing attributes in process `syz.0.980'. [ 406.412993][T10795] netlink: 354 bytes leftover after parsing attributes in process `syz.0.980'. [ 406.685527][T10782] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 406.724749][T10788] dlm: plock device version mismatch: kernel (1.2.0), user (1489226698.240317300.1121487582) [ 406.897829][T10801] netlink: 16 bytes leftover after parsing attributes in process `syz.1.982'. [ 408.159734][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout [ 408.201030][T10827] FAULT_INJECTION: forcing a failure. [ 408.201030][T10827] name failslab, interval 1, probability 0, space 0, times 0 [ 408.317577][T10827] CPU: 0 UID: 0 PID: 10827 Comm: syz.3.988 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 408.317632][T10827] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 408.317646][T10827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 408.317661][T10827] Call Trace: [ 408.317669][T10827] [ 408.317679][T10827] dump_stack_lvl+0x16c/0x1f0 [ 408.317721][T10827] should_fail_ex+0x512/0x640 [ 408.317749][T10827] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 408.317784][T10827] should_failslab+0xc2/0x120 [ 408.317823][T10827] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 408.317852][T10827] ? find_held_lock+0x2b/0x80 [ 408.317885][T10827] ? __d_alloc+0x35/0xa80 [ 408.317911][T10827] ? __d_alloc+0x35/0xa80 [ 408.317930][T10827] __d_alloc+0x35/0xa80 [ 408.317954][T10827] d_alloc_pseudo+0x1c/0xc0 [ 408.317984][T10827] alloc_file_pseudo+0xcf/0x230 [ 408.318013][T10827] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 408.318040][T10827] ? alloc_fd+0x471/0x7d0 [ 408.318081][T10827] sock_alloc_file+0x50/0x210 [ 408.318117][T10827] __sys_socket+0x1c0/0x260 [ 408.318139][T10827] ? fput+0x70/0xf0 [ 408.318160][T10827] ? __pfx___sys_socket+0x10/0x10 [ 408.318183][T10827] ? xfd_validate_state+0x61/0x180 [ 408.318204][T10827] ? __pfx_ksys_write+0x10/0x10 [ 408.318246][T10827] __x64_sys_socket+0x72/0xb0 [ 408.318267][T10827] ? lockdep_hardirqs_on+0x7c/0x110 [ 408.318305][T10827] do_syscall_64+0xcd/0xf80 [ 408.318350][T10827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.318375][T10827] RIP: 0033:0x7f9eda18f7c9 [ 408.318394][T10827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.318425][T10827] RSP: 002b:00007f9edb09f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 408.318448][T10827] RAX: ffffffffffffffda RBX: 00007f9eda3e5fa0 RCX: 00007f9eda18f7c9 [ 408.318464][T10827] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 0000000000000002 [ 408.318479][T10827] RBP: 00007f9eda213f91 R08: 0000000000000000 R09: 0000000000000000 [ 408.318494][T10827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 408.318508][T10827] R13: 00007f9eda3e6038 R14: 00007f9eda3e5fa0 R15: 00007ffd5f1677b8 [ 408.318539][T10827] [ 408.981030][T10840] netlink: 338 bytes leftover after parsing attributes in process `syz.4.991'. [ 411.338216][T10887] futex_wake_op: syz.4.1002 tries to shift op by -2048; fix this program [ 411.685896][T10897] FAULT_INJECTION: forcing a failure. [ 411.685896][T10897] name failslab, interval 1, probability 0, space 0, times 0 [ 411.757416][T10897] CPU: 0 UID: 0 PID: 10897 Comm: syz.4.1005 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 411.757471][T10897] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 411.757485][T10897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 411.757499][T10897] Call Trace: [ 411.757507][T10897] [ 411.757516][T10897] dump_stack_lvl+0x16c/0x1f0 [ 411.757558][T10897] should_fail_ex+0x512/0x640 [ 411.757586][T10897] ? kmem_cache_alloc_noprof+0x62/0x770 [ 411.757619][T10897] should_failslab+0xc2/0x120 [ 411.757658][T10897] kmem_cache_alloc_noprof+0x83/0x770 [ 411.757687][T10897] ? stack_depot_save_flags+0x29/0x9b0 [ 411.757713][T10897] ? alloc_empty_file+0x55/0x1e0 [ 411.757744][T10897] ? alloc_empty_file+0x55/0x1e0 [ 411.757768][T10897] ? kasan_save_track+0x14/0x30 [ 411.757800][T10897] alloc_empty_file+0x55/0x1e0 [ 411.757827][T10897] path_openat+0xde/0x3140 [ 411.757862][T10897] ? do_syscall_64+0xcd/0xf80 [ 411.757898][T10897] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 411.757932][T10897] ? __pfx_path_openat+0x10/0x10 [ 411.757980][T10897] do_filp_open+0x20b/0x470 [ 411.758018][T10897] ? __pfx_do_filp_open+0x10/0x10 [ 411.758084][T10897] ? alloc_fd+0x471/0x7d0 [ 411.758129][T10897] do_sys_openat2+0x121/0x290 [ 411.758156][T10897] ? __pfx_do_sys_openat2+0x10/0x10 [ 411.758182][T10897] ? __sock_release+0x20b/0x270 [ 411.758226][T10897] __x64_sys_openat+0x174/0x210 [ 411.758255][T10897] ? __pfx___x64_sys_openat+0x10/0x10 [ 411.758294][T10897] do_syscall_64+0xcd/0xf80 [ 411.758333][T10897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 411.758358][T10897] RIP: 0033:0x7fe6d8d8f7c9 [ 411.758376][T10897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 411.758400][T10897] RSP: 002b:00007fe6d9ce2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 411.758423][T10897] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa0 RCX: 00007fe6d8d8f7c9 [ 411.758443][T10897] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 411.758459][T10897] RBP: 00007fe6d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 411.758473][T10897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 411.758488][T10897] R13: 00007fe6d8fe6038 R14: 00007fe6d8fe5fa0 R15: 00007ffe36793bf8 [ 411.758518][T10897] [ 412.332667][T10906] FAULT_INJECTION: forcing a failure. [ 412.332667][T10906] name fail_futex, interval 1, probability 0, space 0, times 0 [ 412.362089][T10906] CPU: 0 UID: 0 PID: 10906 Comm: syz.0.1006 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 412.362144][T10906] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 412.362158][T10906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 412.362172][T10906] Call Trace: [ 412.362180][T10906] [ 412.362190][T10906] dump_stack_lvl+0x16c/0x1f0 [ 412.362232][T10906] should_fail_ex+0x512/0x640 [ 412.362263][T10906] get_futex_key+0x1d0/0x15f0 [ 412.362293][T10906] ? __pfx_get_futex_key+0x10/0x10 [ 412.362322][T10906] ? __fget_files+0x204/0x3c0 [ 412.362366][T10906] futex_wake+0xea/0x530 [ 412.362402][T10906] ? __pfx_futex_wake+0x10/0x10 [ 412.362448][T10906] do_futex+0x1e3/0x350 [ 412.362477][T10906] ? __pfx_do_futex+0x10/0x10 [ 412.362505][T10906] ? set_user_sigmask+0x21b/0x2b0 [ 412.362540][T10906] __x64_sys_futex+0x1e0/0x4c0 [ 412.362572][T10906] ? __pfx___x64_sys_futex+0x10/0x10 [ 412.362602][T10906] ? __pfx___x64_sys_epoll_pwait2+0x10/0x10 [ 412.362635][T10906] do_syscall_64+0xcd/0xf80 [ 412.362675][T10906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.362699][T10906] RIP: 0033:0x7fec85f8f7c9 [ 412.362718][T10906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 412.362742][T10906] RSP: 002b:00007fec86e550e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 412.362765][T10906] RAX: ffffffffffffffda RBX: 00007fec861e5fa8 RCX: 00007fec85f8f7c9 [ 412.362781][T10906] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fec861e5fac [ 412.362796][T10906] RBP: 00007fec861e5fa0 R08: 00007fec86e56000 R09: 0000000000000000 [ 412.362812][T10906] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 412.362827][T10906] R13: 00007fec861e6038 R14: 00007ffcf2b7adb0 R15: 00007ffcf2b7ae98 [ 412.362858][T10906] [ 412.901920][T10915] netlink: 204 bytes leftover after parsing attributes in process `syz.0.1006'. [ 414.162057][T10937] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1012'. [ 414.192863][T10940] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(14) [ 414.215476][T10937] netlink: 354 bytes leftover after parsing attributes in process `syz.4.1012'. [ 414.521750][T10932] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1011'. [ 414.599761][T10948] futex_wake_op: syz.4.1015 tries to shift op by -2048; fix this program [ 415.110797][T10956] binder: BINDER_SET_CONTEXT_MGR already set [ 415.117600][T10956] binder: 10955:10956 ioctl 4018620d 9 returned -16 [ 415.265099][T10963] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1020'. [ 415.487311][T10968] vivid-007: ================= START STATUS ================= [ 415.520962][T10968] vivid-007: Generate PTS: true [ 415.535351][T10968] vivid-007: Generate SCR: true [ 415.563200][T10968] tpg source WxH: 320x240 (Y'CbCr) [ 415.598235][T10968] tpg field: 1 [ 415.607493][T10968] tpg crop: (0,0)/320x240 [ 415.622396][T10968] tpg compose: (0,0)/320x240 [ 415.627035][T10968] tpg colorspace: 8 [ 415.669775][T10968] tpg transfer function: 0/0 [ 415.674431][T10968] tpg Y'CbCr encoding: 0/0 [ 415.753588][T10968] tpg quantization: 0/0 [ 415.758256][T10968] tpg RGB range: 0/2 [ 415.809650][T10971] zswap: compressor not available [ 415.857951][T10968] vivid-007: ================== END STATUS ================== [ 416.215806][ T30] audit: type=1800 audit(4294967333.423:62): pid=10984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1022" name="lu_gp_id" dev="configfs" ino=35154 res=0 errno=0 [ 416.903439][T11003] FAULT_INJECTION: forcing a failure. [ 416.903439][T11003] name failslab, interval 1, probability 0, space 0, times 0 [ 416.963825][T11007] random: crng reseeded on system resumption [ 416.970021][T11003] CPU: 0 UID: 0 PID: 11003 Comm: syz.3.1028 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 416.970075][T11003] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 416.970088][T11003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 416.970103][T11003] Call Trace: [ 416.970112][T11003] [ 416.970120][T11003] dump_stack_lvl+0x16c/0x1f0 [ 416.970162][T11003] should_fail_ex+0x512/0x640 [ 416.970190][T11003] ? __kmalloc_noprof+0xca/0x910 [ 416.970219][T11003] should_failslab+0xc2/0x120 [ 416.970259][T11003] __kmalloc_noprof+0xeb/0x910 [ 416.970285][T11003] ? create_ruleset+0x21/0x140 [ 416.970314][T11003] ? create_ruleset+0x21/0x140 [ 416.970336][T11003] create_ruleset+0x21/0x140 [ 416.970360][T11003] landlock_merge_ruleset+0xbb/0x870 [ 416.970387][T11003] ? prepare_creds+0x5ea/0x940 [ 416.970419][T11003] __do_sys_landlock_restrict_self+0x2a1/0x910 [ 416.970449][T11003] do_syscall_64+0xcd/0xf80 [ 416.970487][T11003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.970512][T11003] RIP: 0033:0x7f9eda18f7c9 [ 416.970530][T11003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 416.970554][T11003] RSP: 002b:00007f9edb09f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 416.970577][T11003] RAX: ffffffffffffffda RBX: 00007f9eda3e5fa0 RCX: 00007f9eda18f7c9 [ 416.970593][T11003] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005 [ 416.970607][T11003] RBP: 00007f9eda213f91 R08: 0000000000000000 R09: 0000000000000000 [ 416.970623][T11003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 416.970637][T11003] R13: 00007f9eda3e6038 R14: 00007f9eda3e5fa0 R15: 00007ffd5f1677b8 [ 416.970668][T11003] [ 417.164534][T11009] busy [ 418.048355][ T5837] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 418.172692][ T5837] Bluetooth: hci4: Unable to find connection for big 0xd2 [ 418.524602][T11036] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1035'. [ 421.105634][T11093] input: f as /devices/virtual/input/input14 [ 421.219205][T11094] synth uevent: /devices/virtual/net/nr1: unknown uevent action string [ 421.292703][T11094] net nr1: uevent: failed to send synthetic uevent: -22 [ 422.274236][T11121] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1051'. [ 423.566919][T11134] netlink: 'syz.3.1056': attribute type 11 has an invalid length. [ 423.620325][T11134] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1056'. [ 423.826282][T11138] vivid-007: ================= START STATUS ================= [ 423.939452][T11138] vivid-007: Generate PTS: true [ 424.029073][T11138] vivid-007: Generate SCR: true [ 424.051222][T11138] tpg source WxH: 320x240 (Y'CbCr) [ 424.104731][T11138] tpg field: 1 [ 424.141961][T11138] tpg crop: (0,0)/320x240 [ 424.200419][T11138] tpg compose: (0,0)/320x240 [ 424.255025][T11138] tpg colorspace: 8 [ 424.279077][T11138] tpg transfer function: 0/0 [ 424.301508][T11138] tpg Y'CbCr encoding: 0/0 [ 424.329688][T11138] tpg quantization: 0/0 [ 424.349637][T11138] tpg RGB range: 0/2 [ 424.376386][T11138] vivid-007: ================== END STATUS ================== [ 424.755972][T11159] FAULT_INJECTION: forcing a failure. [ 424.755972][T11159] name failslab, interval 1, probability 0, space 0, times 0 [ 424.832852][T11159] CPU: 0 UID: 0 PID: 11159 Comm: syz.3.1058 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 424.832909][T11159] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 424.832923][T11159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 424.832939][T11159] Call Trace: [ 424.832946][T11159] [ 424.832956][T11159] dump_stack_lvl+0x16c/0x1f0 [ 424.833001][T11159] should_fail_ex+0x512/0x640 [ 424.833030][T11159] ? kmem_cache_alloc_noprof+0x62/0x770 [ 424.833071][T11159] should_failslab+0xc2/0x120 [ 424.833111][T11159] kmem_cache_alloc_noprof+0x83/0x770 [ 424.833141][T11159] ? __kernfs_new_node+0xd2/0x9b0 [ 424.833177][T11159] ? __kernfs_new_node+0xd2/0x9b0 [ 424.833205][T11159] __kernfs_new_node+0xd2/0x9b0 [ 424.833236][T11159] ? kernfs_add_one+0x14e/0x840 [ 424.833270][T11159] ? __pfx___kernfs_new_node+0x10/0x10 [ 424.833308][T11159] ? find_held_lock+0x2b/0x80 [ 424.833342][T11159] ? kernfs_root+0xee/0x2a0 [ 424.833377][T11159] kernfs_new_node+0x13c/0x1e0 [ 424.833417][T11159] kernfs_create_link+0xcc/0x240 [ 424.833461][T11159] sysfs_do_create_link_sd+0x90/0x140 [ 424.833493][T11159] sysfs_create_link+0x61/0xc0 [ 424.833521][T11159] device_add+0x530/0x1980 [ 424.833560][T11159] ? __pfx_device_add+0x10/0x10 [ 424.833596][T11159] ? lockdep_init_map_type+0x5c/0x270 [ 424.833622][T11159] ? __init_waitqueue_head+0xca/0x150 [ 424.833659][T11159] netdev_register_kobject+0x1a9/0x3d0 [ 424.833705][T11159] register_netdevice+0x13ac/0x21d0 [ 424.833749][T11159] ? __pfx_register_netdevice+0x10/0x10 [ 424.833796][T11159] ppp_dev_configure+0xa1e/0xd40 [ 424.833842][T11159] ppp_ioctl+0x170e/0x2880 [ 424.833887][T11159] ? find_held_lock+0x2b/0x80 [ 424.833919][T11159] ? __pfx_ppp_ioctl+0x10/0x10 [ 424.833963][T11159] ? __fget_files+0x20e/0x3c0 [ 424.834004][T11159] ? __pfx_ppp_ioctl+0x10/0x10 [ 424.834044][T11159] __x64_sys_ioctl+0x18e/0x210 [ 424.834083][T11159] do_syscall_64+0xcd/0xf80 [ 424.834124][T11159] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.834150][T11159] RIP: 0033:0x7f9eda18f7c9 [ 424.834170][T11159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 424.834195][T11159] RSP: 002b:00007f9edb05d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 424.834219][T11159] RAX: ffffffffffffffda RBX: 00007f9eda3e6180 RCX: 00007f9eda18f7c9 [ 424.834236][T11159] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000009 [ 424.834251][T11159] RBP: 00007f9eda213f91 R08: 0000000000000000 R09: 0000000000000000 [ 424.834267][T11159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 424.834282][T11159] R13: 00007f9eda3e6218 R14: 00007f9eda3e6180 R15: 00007ffd5f1677b8 [ 424.834315][T11159] [ 425.227252][T11164] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1062'. [ 425.298833][T11163] hub 8-0:1.0: USB hub found [ 425.305495][T11163] hub 8-0:1.0: 1 port detected [ 428.146363][T11212] netlink: 98 bytes leftover after parsing attributes in process `syz.1.1074'. [ 428.190201][T11212] netlink: 50 bytes leftover after parsing attributes in process `syz.1.1074'. [ 428.849305][T11224] FAULT_INJECTION: forcing a failure. [ 428.849305][T11224] name failslab, interval 1, probability 0, space 0, times 0 [ 428.899427][T11224] CPU: 0 UID: 0 PID: 11224 Comm: syz.4.1078 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 428.899482][T11224] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 428.899496][T11224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 428.899511][T11224] Call Trace: [ 428.899519][T11224] [ 428.899529][T11224] dump_stack_lvl+0x16c/0x1f0 [ 428.899572][T11224] should_fail_ex+0x512/0x640 [ 428.899598][T11224] ? __kmalloc_noprof+0xca/0x910 [ 428.899628][T11224] should_failslab+0xc2/0x120 [ 428.899673][T11224] __kmalloc_noprof+0xeb/0x910 [ 428.899701][T11224] ? memcg_list_lru_alloc+0x4e9/0x740 [ 428.899735][T11224] ? memcg_list_lru_alloc+0x4e9/0x740 [ 428.899764][T11224] memcg_list_lru_alloc+0x4e9/0x740 [ 428.899801][T11224] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 428.899839][T11224] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 428.899875][T11224] __memcg_slab_post_alloc_hook+0x133/0x880 [ 428.899922][T11224] ? kasan_save_track+0x14/0x30 [ 428.899958][T11224] kmem_cache_alloc_lru_noprof+0x58f/0x770 [ 428.899988][T11224] ? find_held_lock+0x2b/0x80 [ 428.900020][T11224] ? alloc_inode+0xc3/0x240 [ 428.900058][T11224] ? alloc_inode+0xc3/0x240 [ 428.900083][T11224] alloc_inode+0xc3/0x240 [ 428.900110][T11224] alloc_anon_inode+0x28/0x3e0 [ 428.900150][T11224] anon_inode_make_secure_inode+0x31/0x140 [ 428.900180][T11224] __do_sys_memfd_secret+0xd7/0x490 [ 428.900219][T11224] do_syscall_64+0xcd/0xf80 [ 428.900259][T11224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.900284][T11224] RIP: 0033:0x7fe6d8d8f7c9 [ 428.900303][T11224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 428.900327][T11224] RSP: 002b:00007fe6d9ce2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 428.900350][T11224] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa0 RCX: 00007fe6d8d8f7c9 [ 428.900366][T11224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 428.900381][T11224] RBP: 00007fe6d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 428.900396][T11224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.900410][T11224] R13: 00007fe6d8fe6038 R14: 00007fe6d8fe5fa0 R15: 00007ffe36793bf8 [ 428.900442][T11224] [ 431.593666][T11254] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 432.392110][T11273] FAULT_INJECTION: forcing a failure. [ 432.392110][T11273] name failslab, interval 1, probability 0, space 0, times 0 [ 432.469502][T11273] CPU: 0 UID: 0 PID: 11273 Comm: syz.4.1091 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 432.469554][T11273] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 432.469568][T11273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 432.469582][T11273] Call Trace: [ 432.469590][T11273] [ 432.469599][T11273] dump_stack_lvl+0x16c/0x1f0 [ 432.469640][T11273] should_fail_ex+0x512/0x640 [ 432.469666][T11273] ? kmem_cache_alloc_noprof+0x62/0x770 [ 432.469706][T11273] should_failslab+0xc2/0x120 [ 432.469744][T11273] kmem_cache_alloc_noprof+0x83/0x770 [ 432.469772][T11273] ? __anon_vma_prepare+0xae/0x5e0 [ 432.469804][T11273] ? __anon_vma_prepare+0xae/0x5e0 [ 432.469829][T11273] __anon_vma_prepare+0xae/0x5e0 [ 432.469853][T11273] ? do_raw_spin_lock+0x12c/0x2b0 [ 432.469884][T11273] __vmf_anon_prepare+0x11c/0x240 [ 432.469924][T11273] do_huge_pmd_anonymous_page+0x161/0x2200 [ 432.469958][T11273] ? __pmd_alloc+0x6aa/0x9c0 [ 432.469997][T11273] __handle_mm_fault+0x25ca/0x2bb0 [ 432.470030][T11273] ? __pfx___handle_mm_fault+0x10/0x10 [ 432.470080][T11273] handle_mm_fault+0x3fe/0xad0 [ 432.470110][T11273] __get_user_pages+0x54e/0x3590 [ 432.470159][T11273] ? __pfx___get_user_pages+0x10/0x10 [ 432.470204][T11273] populate_vma_page_range+0x267/0x3f0 [ 432.470245][T11273] ? __pfx_populate_vma_page_range+0x10/0x10 [ 432.470283][T11273] ? __pfx_find_vma_intersection+0x10/0x10 [ 432.470321][T11273] ? do_mmap+0x69c/0x1210 [ 432.470359][T11273] __mm_populate+0x1d8/0x380 [ 432.470399][T11273] ? __pfx___mm_populate+0x10/0x10 [ 432.470439][T11273] ? up_write+0x282/0x4e0 [ 432.470467][T11273] vm_mmap_pgoff+0x37f/0x470 [ 432.470505][T11273] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 432.470546][T11273] ? __x64_sys_futex+0x1e0/0x4c0 [ 432.470573][T11273] ? __x64_sys_futex+0x1e9/0x4c0 [ 432.470604][T11273] ksys_mmap_pgoff+0x7d/0x5c0 [ 432.470637][T11273] ? xfd_validate_state+0x61/0x180 [ 432.470658][T11273] ? __pfx_ksys_write+0x10/0x10 [ 432.470701][T11273] __x64_sys_mmap+0x125/0x190 [ 432.470729][T11273] do_syscall_64+0xcd/0xf80 [ 432.470768][T11273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.470793][T11273] RIP: 0033:0x7fe6d8d8f7c9 [ 432.470811][T11273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.470834][T11273] RSP: 002b:00007fe6d9ce2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 432.470857][T11273] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa0 RCX: 00007fe6d8d8f7c9 [ 432.470873][T11273] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 432.470887][T11273] RBP: 00007fe6d8e13f91 R08: 0000000000000002 R09: 0000000000008000 [ 432.470902][T11273] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 432.470917][T11273] R13: 00007fe6d8fe6038 R14: 00007fe6d8fe5fa0 R15: 00007ffe36793bf8 [ 432.470947][T11273] [ 433.175378][T11218] Process accounting resumed [ 433.424755][T11271] tipc: Started in network mode [ 433.522698][T11283] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1093'. [ 433.535726][T11271] tipc: Node identity ffffffff, cluster identity 4711 [ 433.632665][T11271] tipc: Node number set to 4294967295 [ 433.749643][T11281] &#$@\]\-: entered promiscuous mode [ 434.193401][T11290] &#$@\]\-: entered promiscuous mode [ 434.800117][T11302] Format for adding new port is "id [perm_addr]" (uint MAC). [ 436.315344][T11324] openvswitch: &#$@\]\-: Dropping previously announced user features [ 437.100170][T11334] openvswitch: &#$@\]\-: Dropping previously announced user features [ 437.858348][T11340] FAULT_INJECTION: forcing a failure. [ 437.858348][T11340] name failslab, interval 1, probability 0, space 0, times 0 [ 438.048580][T11340] CPU: 0 UID: 0 PID: 11340 Comm: syz.0.1110 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 438.048636][T11340] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 438.048650][T11340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 438.048665][T11340] Call Trace: [ 438.048672][T11340] [ 438.048681][T11340] dump_stack_lvl+0x16c/0x1f0 [ 438.048723][T11340] should_fail_ex+0x512/0x640 [ 438.048750][T11340] ? __kmalloc_cache_noprof+0x5f/0x800 [ 438.048782][T11340] should_failslab+0xc2/0x120 [ 438.048820][T11340] __kmalloc_cache_noprof+0x80/0x800 [ 438.048848][T11340] ? __pfx_sprintf+0x10/0x10 [ 438.048880][T11340] ? snd_seq_queue_alloc+0x56/0x5a0 [ 438.048917][T11340] ? snd_seq_queue_alloc+0x56/0x5a0 [ 438.048943][T11340] snd_seq_queue_alloc+0x56/0x5a0 [ 438.048973][T11340] snd_seq_ioctl_create_queue+0xa9/0x390 [ 438.049010][T11340] call_seq_client_ctl+0xa3/0x130 [ 438.049048][T11340] snd_seq_kernel_client_ctl+0x7a/0xc0 [ 438.049086][T11340] alloc_seq_queue+0xda/0x180 [ 438.049124][T11340] ? __pfx_alloc_seq_queue+0x10/0x10 [ 438.049177][T11340] ? mark_held_locks+0x49/0x80 [ 438.049199][T11340] ? _raw_spin_unlock_irq+0x23/0x50 [ 438.049233][T11340] ? lockdep_hardirqs_on+0x7c/0x110 [ 438.049273][T11340] snd_seq_oss_open+0x38c/0xa40 [ 438.049321][T11340] odev_open+0x79/0xc0 [ 438.049355][T11340] ? __pfx_odev_open+0x10/0x10 [ 438.049390][T11340] soundcore_open+0x40c/0x580 [ 438.049429][T11340] ? __pfx_soundcore_open+0x10/0x10 [ 438.049466][T11340] chrdev_open+0x234/0x6a0 [ 438.049504][T11340] ? __pfx_apparmor_file_open+0x10/0x10 [ 438.049530][T11340] ? __pfx_chrdev_open+0x10/0x10 [ 438.049569][T11340] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 438.049616][T11340] do_dentry_open+0x748/0x1590 [ 438.049652][T11340] ? __pfx_chrdev_open+0x10/0x10 [ 438.049698][T11340] vfs_open+0x82/0x3f0 [ 438.049727][T11340] path_openat+0x2078/0x3140 [ 438.049774][T11340] ? __pfx_path_openat+0x10/0x10 [ 438.049822][T11340] do_filp_open+0x20b/0x470 [ 438.049861][T11340] ? __pfx_do_filp_open+0x10/0x10 [ 438.049926][T11340] ? alloc_fd+0x471/0x7d0 [ 438.049970][T11340] do_sys_openat2+0x121/0x290 [ 438.049997][T11340] ? __pfx_do_sys_openat2+0x10/0x10 [ 438.050023][T11340] ? __pfx___might_resched+0x10/0x10 [ 438.050060][T11340] ? blkcg_maybe_throttle_current+0x650/0xf30 [ 438.050100][T11340] __x64_sys_openat+0x174/0x210 [ 438.050128][T11340] ? __pfx___x64_sys_openat+0x10/0x10 [ 438.050169][T11340] do_syscall_64+0xcd/0xf80 [ 438.050208][T11340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.050234][T11340] RIP: 0033:0x7fec85f8f7c9 [ 438.050253][T11340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 438.050278][T11340] RSP: 002b:00007fec86e55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 438.050300][T11340] RAX: ffffffffffffffda RBX: 00007fec861e5fa0 RCX: 00007fec85f8f7c9 [ 438.050317][T11340] RDX: 00000000001c8340 RSI: 0000200000000540 RDI: ffffffffffffff9c [ 438.050332][T11340] RBP: 00007fec86013f91 R08: 0000000000000000 R09: 0000000000000000 [ 438.050347][T11340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.050361][T11340] R13: 00007fec861e6038 R14: 00007fec861e5fa0 R15: 00007ffcf2b7ae98 [ 438.050393][T11340] [ 439.645089][T11360] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1115'. [ 439.988695][T11363] openvswitch: &#$@\]\-: Dropping previously announced user features [ 440.460459][T11367] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 440.560515][T11367] binder: BINDER_SET_CONTEXT_MGR already set [ 440.576844][T11367] binder: 11366:11367 ioctl 4018620d 9 returned -16 [ 440.871159][T11373] random: crng reseeded on system resumption [ 441.196135][T11378] Invalid ELF header magic: != ELF [ 441.789859][T11386] netlink: 326 bytes leftover after parsing attributes in process `'. [ 441.809815][T11389] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 441.860378][T11387] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1122'. [ 442.523396][T11395] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.572814][T11407] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4294967295.2147483647.134217730), cmd(5) [ 442.873470][T11413] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1130'. [ 443.637783][T11425] Invalid ELF header magic: != ELF [ 443.699706][T11426] random: crng reseeded on system resumption [ 444.016623][T11435] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 444.169519][T11435] CIFS mount error: No usable UNC path provided in device string! [ 444.169519][T11435] [ 444.232808][T11435] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 445.378508][T11459] vhci_hcd vhci_hcd.2: invalid port number 16 [ 445.397916][T11459] vhci_hcd vhci_hcd.2: invalid port number 16 [ 445.430805][T11459] FAULT_INJECTION: forcing a failure. [ 445.430805][T11459] name failslab, interval 1, probability 0, space 0, times 0 [ 445.476604][T11459] CPU: 0 UID: 0 PID: 11459 Comm: syz.4.1143 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 445.476658][T11459] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 445.476671][T11459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 445.476686][T11459] Call Trace: [ 445.476693][T11459] [ 445.476702][T11459] dump_stack_lvl+0x16c/0x1f0 [ 445.476743][T11459] should_fail_ex+0x512/0x640 [ 445.476770][T11459] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 445.476804][T11459] should_failslab+0xc2/0x120 [ 445.476841][T11459] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 445.476872][T11459] ? proc_alloc_inode+0x25/0x200 [ 445.476905][T11459] ? __pfx_proc_alloc_inode+0x10/0x10 [ 445.476933][T11459] ? proc_alloc_inode+0x25/0x200 [ 445.476958][T11459] proc_alloc_inode+0x25/0x200 [ 445.476986][T11459] alloc_inode+0x64/0x240 [ 445.477012][T11459] new_inode+0x22/0x1c0 [ 445.477036][T11459] ? proc_lookup_de+0x201/0x360 [ 445.477071][T11459] proc_get_inode+0x1d/0x780 [ 445.477102][T11459] proc_lookup_de+0x236/0x360 [ 445.477136][T11459] ? __pfx_proc_root_lookup+0x10/0x10 [ 445.477175][T11459] proc_lookup+0xcf/0x110 [ 445.477207][T11459] proc_root_lookup+0x3b/0x70 [ 445.477240][T11459] lookup_open.isra.0+0x4e2/0x1780 [ 445.477290][T11459] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 445.477341][T11459] ? mnt_get_write_access+0x1e9/0x2f0 [ 445.477373][T11459] path_openat+0x12bb/0x3140 [ 445.477419][T11459] ? __pfx_path_openat+0x10/0x10 [ 445.477465][T11459] do_filp_open+0x20b/0x470 [ 445.477503][T11459] ? __pfx_do_filp_open+0x10/0x10 [ 445.477560][T11459] ? alloc_fd+0x471/0x7d0 [ 445.477603][T11459] do_sys_openat2+0x121/0x290 [ 445.477630][T11459] ? __pfx_do_sys_openat2+0x10/0x10 [ 445.477668][T11459] __x64_sys_openat+0x174/0x210 [ 445.477696][T11459] ? __pfx___x64_sys_openat+0x10/0x10 [ 445.477735][T11459] do_syscall_64+0xcd/0xf80 [ 445.477774][T11459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.477798][T11459] RIP: 0033:0x7fe6d8d8f7c9 [ 445.477817][T11459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.477841][T11459] RSP: 002b:00007fe6d9ce2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 445.477864][T11459] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa0 RCX: 00007fe6d8d8f7c9 [ 445.477880][T11459] RDX: 000000000010b402 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 445.477896][T11459] RBP: 00007fe6d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 445.477911][T11459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 445.477925][T11459] R13: 00007fe6d8fe6038 R14: 00007fe6d8fe5fa0 R15: 00007ffe36793bf8 [ 445.477956][T11459] [ 445.748896][ C0] hrtimer: interrupt took 269597839 ns [ 446.439668][T11474] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1144'. [ 446.462716][T11474] ipvlan0: entered promiscuous mode [ 446.472555][T11474] ipvlan0: entered allmulticast mode [ 446.477898][T11474] veth0_vlan: entered allmulticast mode [ 446.697581][T11476] futex_wake_op: syz.1.1146 tries to shift op by -2048; fix this program [ 447.436059][T11489] HSR: entered promiscuous mode [ 447.637093][T11493] openvswitch: &#$@\]\-: Dropping previously announced user features [ 447.791199][T11497] openvswitch: &#$@\]\-: Dropping previously announced user features [ 448.033080][T11500] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1152'. [ 448.126881][T11500] FAULT_INJECTION: forcing a failure. [ 448.126881][T11500] name fail_futex, interval 1, probability 0, space 0, times 0 [ 448.149209][T11502] openvswitch: &#$@\]\-: Dropping previously announced user features [ 448.219460][T11500] CPU: 0 UID: 0 PID: 11500 Comm: syz.1.1152 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 448.219516][T11500] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 448.219530][T11500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 448.219545][T11500] Call Trace: [ 448.219554][T11500] [ 448.219564][T11500] dump_stack_lvl+0x16c/0x1f0 [ 448.219607][T11500] should_fail_ex+0x512/0x640 [ 448.219639][T11500] get_futex_key+0x1d0/0x15f0 [ 448.219670][T11500] ? __pfx_get_futex_key+0x10/0x10 [ 448.219695][T11500] ? copy_msghdr_from_user+0x10a/0x160 [ 448.219729][T11500] ? __pfx_____sys_sendmsg+0x10/0x10 [ 448.219767][T11500] ? trace_sched_set_need_resched_tp+0xf3/0x130 [ 448.219808][T11500] ? rcu_is_watching+0x12/0xc0 [ 448.219846][T11500] futex_wait_setup+0x9d/0x570 [ 448.219890][T11500] __futex_wait+0x193/0x2f0 [ 448.219925][T11500] ? __pfx___futex_wait+0x10/0x10 [ 448.219963][T11500] ? __pfx_futex_wake_mark+0x10/0x10 [ 448.220001][T11500] ? futex_hash+0x2c5/0x380 [ 448.220029][T11500] ? futex_private_hash_put+0x160/0x1b0 [ 448.220057][T11500] futex_wait+0xe8/0x380 [ 448.220090][T11500] ? __pfx_futex_wait+0x10/0x10 [ 448.220143][T11500] ? __pfx___sys_sendmmsg+0x10/0x10 [ 448.220180][T11500] do_futex+0x229/0x350 [ 448.220209][T11500] ? __pfx_do_futex+0x10/0x10 [ 448.220244][T11500] __x64_sys_futex+0x1e0/0x4c0 [ 448.220277][T11500] ? __pfx___x64_sys_futex+0x10/0x10 [ 448.220306][T11500] ? xfd_validate_state+0x61/0x180 [ 448.220338][T11500] do_syscall_64+0xcd/0xf80 [ 448.220378][T11500] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.220403][T11500] RIP: 0033:0x7f4385b8f7c9 [ 448.220422][T11500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.220446][T11500] RSP: 002b:00007f4383df60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 448.220469][T11500] RAX: ffffffffffffffda RBX: 00007f4385de5fa8 RCX: 00007f4385b8f7c9 [ 448.220485][T11500] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4385de5fa8 [ 448.220500][T11500] RBP: 00007f4385de5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 448.220515][T11500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.220529][T11500] R13: 00007f4385de6038 R14: 00007ffd5df6d800 R15: 00007ffd5df6d8e8 [ 448.220560][T11500] [ 448.810246][T11505] openvswitch: &#$@\]\-: Dropping previously announced user features [ 449.072937][T11509] futex_wake_op: syz.1.1156 tries to shift op by -2048; fix this program [ 449.361452][T11513] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 449.425782][T11516] FAULT_INJECTION: forcing a failure. [ 449.425782][T11516] name failslab, interval 1, probability 0, space 0, times 0 [ 449.499816][T11516] CPU: 0 UID: 0 PID: 11516 Comm: syz.4.1159 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 449.499871][T11516] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 449.499885][T11516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 449.499901][T11516] Call Trace: [ 449.499908][T11516] [ 449.499917][T11516] dump_stack_lvl+0x16c/0x1f0 [ 449.499967][T11516] should_fail_ex+0x512/0x640 [ 449.499995][T11516] ? __kmalloc_noprof+0xca/0x910 [ 449.500029][T11516] should_failslab+0xc2/0x120 [ 449.500068][T11516] __kmalloc_noprof+0xeb/0x910 [ 449.500095][T11516] ? sk_prot_alloc+0x1a8/0x2a0 [ 449.500137][T11516] ? sk_prot_alloc+0x1a8/0x2a0 [ 449.500173][T11516] sk_prot_alloc+0x1a8/0x2a0 [ 449.500214][T11516] sk_alloc+0x36/0xe30 [ 449.500244][T11516] __netlink_create+0x5e/0x2c0 [ 449.500272][T11516] ? __wake_up+0x3f/0x60 [ 449.500310][T11516] netlink_create+0x39e/0x620 [ 449.500341][T11516] ? __pfx_genl_bind+0x10/0x10 [ 449.500377][T11516] ? __pfx_genl_unbind+0x10/0x10 [ 449.500413][T11516] ? __pfx_genl_release+0x10/0x10 [ 449.500437][T11516] __sock_create+0x339/0x8a0 [ 449.500491][T11516] __sys_socket+0x14d/0x260 [ 449.500514][T11516] ? __pfx___sys_socket+0x10/0x10 [ 449.500538][T11516] ? xfd_validate_state+0x61/0x180 [ 449.500568][T11516] __x64_sys_socket+0x72/0xb0 [ 449.500590][T11516] ? lockdep_hardirqs_on+0x7c/0x110 [ 449.500628][T11516] do_syscall_64+0xcd/0xf80 [ 449.500668][T11516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.500692][T11516] RIP: 0033:0x7fe6d8d8f7c9 [ 449.500712][T11516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.500736][T11516] RSP: 002b:00007fe6d9ce2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 449.500758][T11516] RAX: ffffffffffffffda RBX: 00007fe6d8fe5fa0 RCX: 00007fe6d8d8f7c9 [ 449.500774][T11516] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 449.500789][T11516] RBP: 00007fe6d8e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 449.500803][T11516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 449.500818][T11516] R13: 00007fe6d8fe6038 R14: 00007fe6d8fe5fa0 R15: 00007ffe36793bf8 [ 449.500849][T11516] [ 450.347998][T11527] bond0: option all_slaves_active: invalid value () [ 450.358779][T11527] ecryptfs_miscdev_write: Invalid packet size [0] [ 450.596055][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 450.602869][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 451.234716][T11540] openvswitch: &#$@\]\-: Dropping previously announced user features [ 451.474713][T11543] &#$@\]\-: entered promiscuous mode [ 451.578090][T11546] futex_wake_op: syz.3.1166 tries to shift op by -2048; fix this program [ 451.683256][T11549] HfR: entered promiscuous mode [ 452.044142][T11555] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 453.571240][T11588] ima: policy update failed [ 453.608357][ T30] audit: type=1802 audit(4294967370.813:63): pid=11588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1175" res=0 errno=0 [ 453.637058][T11592] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1175'. [ 455.807028][T11638] netlink: 302 bytes leftover after parsing attributes in process `syz.1.1186'. [ 455.825679][T11600] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 458.883160][ T30] audit: type=1804 audit(4294967376.093:64): pid=11697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1196" name="/newroot/140/file0" dev="tmpfs" ino=757 res=1 errno=0 [ 458.953164][T11700] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 459.240435][T11704] futex_wake_op: syz.1.1198 tries to shift op by -2048; fix this program [ 459.948533][T11726] FAULT_INJECTION: forcing a failure. [ 459.948533][T11726] name failslab, interval 1, probability 0, space 0, times 0 [ 459.970671][T10197] Process accounting resumed [ 460.165671][T11726] CPU: 0 UID: 0 PID: 11726 Comm: syz.3.1204 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 460.165728][T11726] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 460.165741][T11726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 460.165756][T11726] Call Trace: [ 460.165764][T11726] [ 460.165773][T11726] dump_stack_lvl+0x16c/0x1f0 [ 460.165816][T11726] should_fail_ex+0x512/0x640 [ 460.165843][T11726] ? __kmalloc_noprof+0xca/0x910 [ 460.165872][T11726] should_failslab+0xc2/0x120 [ 460.165911][T11726] __kmalloc_noprof+0xeb/0x910 [ 460.165938][T11726] ? copy_splice_read+0x1a8/0xc20 [ 460.165978][T11726] ? copy_splice_read+0x1a8/0xc20 [ 460.166012][T11726] copy_splice_read+0x1a8/0xc20 [ 460.166055][T11726] ? __pfx_copy_splice_read+0x10/0x10 [ 460.166092][T11726] ? __mark_inode_dirty+0x943/0x1670 [ 460.166129][T11726] ? find_held_lock+0x2b/0x80 [ 460.166165][T11726] ? __pfx_copy_splice_read+0x10/0x10 [ 460.166207][T11726] do_splice_read+0x285/0x370 [ 460.166246][T11726] splice_direct_to_actor+0x2a1/0xa30 [ 460.166290][T11726] ? __pfx_direct_splice_actor+0x10/0x10 [ 460.166333][T11726] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 460.166369][T11726] ? do_raw_spin_lock+0x12c/0x2b0 [ 460.166405][T11726] do_splice_direct+0x174/0x240 [ 460.166442][T11726] ? __pfx_do_splice_direct+0x10/0x10 [ 460.166482][T11726] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 460.166523][T11726] ? rw_verify_area+0xcf/0x6c0 [ 460.166557][T11726] do_sendfile+0xb06/0xe50 [ 460.166595][T11726] ? __pfx_do_sendfile+0x10/0x10 [ 460.166628][T11726] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 460.166674][T11726] __x64_sys_sendfile64+0x1d8/0x220 [ 460.166698][T11726] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 460.166721][T11726] ? syscall_user_dispatch+0x78/0x140 [ 460.166760][T11726] do_syscall_64+0xcd/0xf80 [ 460.166800][T11726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.166825][T11726] RIP: 0033:0x7f9eda18f7c9 [ 460.166844][T11726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.166868][T11726] RSP: 002b:00007f9edb07e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 460.166891][T11726] RAX: ffffffffffffffda RBX: 00007f9eda3e6090 RCX: 00007f9eda18f7c9 [ 460.166907][T11726] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 460.166921][T11726] RBP: 00007f9eda213f91 R08: 0000000000000000 R09: 0000000000000000 [ 460.166936][T11726] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000000 [ 460.166951][T11726] R13: 00007f9eda3e6128 R14: 00007f9eda3e6090 R15: 00007ffd5f1677b8 [ 460.166982][T11726] [ 460.486275][T11726] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1204'. [ 461.059860][T11742] futex_wake_op: syz.3.1208 tries to shift op by -2048; fix this program [ 461.165138][T11745] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 463.076201][T11774] futex_wake_op: syz.1.1217 tries to shift op by -2048; fix this program [ 463.725243][T11788] ptp ptp0: only physical clock in use now [ 463.803853][T11788] ptp ptp0: only physical clock in use now [ 463.878212][T11788] ptp ptp0: only physical clock in use now [ 463.926038][T11788] ptp ptp0: only physical clock in use now [ 463.977718][T11788] ptp ptp0: only physical clock in use now [ 464.037849][T11788] ptp ptp0: only physical clock in use now [ 464.109601][T11788] ptp ptp0: only physical clock in use now [ 464.192223][T11788] ptp ptp0: only physical clock in use now [ 464.221465][T11788] ptp ptp0: only physical clock in use now [ 464.271010][T11788] ptp ptp0: only physical clock in use now [ 464.329965][T11788] ptp ptp0: only physical clock in use now [ 465.036476][T11807] futex_wake_op: syz.4.1227 tries to shift op by -2048; fix this program [ 467.371142][T11825] cgroup: fork rejected by pids controller in /syz1 [ 467.559931][T11865] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1236'. [ 467.627407][T11865] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(5.0.65535), cmd(5) [ 467.900851][T11872] FAULT_INJECTION: forcing a failure. [ 467.900851][T11872] name failslab, interval 1, probability 0, space 0, times 0 [ 467.979520][T11872] CPU: 0 UID: 0 PID: 11872 Comm: syz.3.1237 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 467.979576][T11872] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 467.979590][T11872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 467.979605][T11872] Call Trace: [ 467.979612][T11872] [ 467.979622][T11872] dump_stack_lvl+0x16c/0x1f0 [ 467.979664][T11872] should_fail_ex+0x512/0x640 [ 467.979692][T11872] ? __kmalloc_noprof+0xca/0x910 [ 467.979724][T11872] should_failslab+0xc2/0x120 [ 467.979764][T11872] __kmalloc_noprof+0xeb/0x910 [ 467.979789][T11872] ? __pfx_inc_ucount+0x10/0x10 [ 467.979811][T11872] ? net_alloc_generic+0x1e/0x70 [ 467.979849][T11872] ? net_alloc_generic+0x1e/0x70 [ 467.979881][T11872] net_alloc_generic+0x1e/0x70 [ 467.979915][T11872] copy_net_ns+0xc6/0x7c0 [ 467.979950][T11872] ? copy_cgroup_ns+0x71/0x980 [ 467.979977][T11872] create_new_namespaces+0x3ea/0xab0 [ 467.980017][T11872] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 467.980054][T11872] ksys_unshare+0x45b/0xa40 [ 467.980094][T11872] ? __pfx_ksys_unshare+0x10/0x10 [ 467.980135][T11872] ? xfd_validate_state+0x61/0x180 [ 467.980166][T11872] __x64_sys_unshare+0x31/0x40 [ 467.980204][T11872] do_syscall_64+0xcd/0xf80 [ 467.980244][T11872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.980269][T11872] RIP: 0033:0x7f9eda18f7c9 [ 467.980288][T11872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.980312][T11872] RSP: 002b:00007f9edb09f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 467.980335][T11872] RAX: ffffffffffffffda RBX: 00007f9eda3e5fa0 RCX: 00007f9eda18f7c9 [ 467.980351][T11872] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 467.980366][T11872] RBP: 00007f9eda213f91 R08: 0000000000000000 R09: 0000000000000000 [ 467.980381][T11872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 467.980396][T11872] R13: 00007f9eda3e6038 R14: 00007f9eda3e5fa0 R15: 00007ffd5f1677b8 [ 467.980427][T11872] [ 468.926908][T11893] futex_wake_op: syz.4.1239 tries to shift op by -2048; fix this program [ 471.057937][T10754] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 471.073347][T10754] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 471.081822][T10754] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 471.091090][T10754] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 471.100365][T10754] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 471.622134][T11929] mkiss: ax0: crc mode is auto. [ 472.882288][ T4227] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 473.024582][T11925] chnl_net:caif_netlink_parms(): no params data found [ 473.200988][T10754] Bluetooth: hci3: command tx timeout [ 473.247925][ T4227] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 473.299255][T11942] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1249'. [ 473.345369][T11942] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1249'. [ 473.521965][ T4227] bridge0: port 4(netdevsim1) entered disabled state [ 473.642209][ T4227] netdevsim netdevsim0 netdevsim1 (unregistering): left allmulticast mode [ 473.709540][ T4227] netdevsim netdevsim0 netdevsim1 (unregistering): left promiscuous mode [ 473.741121][ T4227] bridge0: port 4(netdevsim1) entered disabled state [ 473.862076][ T4227] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 474.180359][T11925] bridge0: port 1(bridge_slave_0) entered blocking state [ 474.211673][T11925] bridge0: port 1(bridge_slave_0) entered disabled state [ 474.252842][T11925] bridge_slave_0: entered allmulticast mode [ 474.285312][T11925] bridge_slave_0: entered promiscuous mode [ 474.350197][T11952] openvswitch: &#$@\]\-: Dropping previously announced user features [ 474.361152][T11925] bridge0: port 2(bridge_slave_1) entered blocking state [ 474.368320][T11925] bridge0: port 2(bridge_slave_1) entered disabled state [ 474.429538][T11925] bridge_slave_1: entered allmulticast mode [ 474.465621][T11925] bridge_slave_1: entered promiscuous mode [ 474.882003][T11925] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 475.082953][ T4227] batadv0: left allmulticast mode [ 475.107426][ T4227] batadv0: left promiscuous mode [ 475.135862][ T4227] bridge0: port 5(batadv0) entered disabled state [ 475.178351][T11957] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 475.238872][ T4227] gretap0: left allmulticast mode [ 475.257402][ T4227] gretap0: left promiscuous mode [ 475.275432][ T4227] bridge0: port 3(gretap0) entered disabled state [ 475.283815][T10754] Bluetooth: hci3: command tx timeout [ 475.309557][ T4227] bridge_slave_1: left allmulticast mode [ 475.333735][ T4227] bridge_slave_1: left promiscuous mode [ 475.356922][ T4227] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.390072][ T4227] bridge_slave_0: left allmulticast mode [ 475.409209][ T4227] bridge_slave_0: left promiscuous mode [ 475.428433][ T4227] bridge0: port 1(bridge_slave_0) entered disabled state [ 476.006626][ T4227] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 476.020641][ T4227] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 476.034095][ T4227] bond0 (unregistering): Released all slaves [ 476.051025][T11925] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 476.124360][ T4227] : left promiscuous mode [ 476.173777][ T4227] &#$@\]\-: left promiscuous mode [ 476.194918][T11925] team0: Port device team_slave_0 added [ 476.227366][T11925] team0: Port device team_slave_1 added [ 476.402940][T11925] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 476.446139][T11925] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 476.599394][T11925] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 476.714152][T11925] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 476.760716][T11925] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 476.912357][T11925] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 477.362591][ T5837] Bluetooth: hci3: command tx timeout [ 477.392905][T11925] hsr_slave_0: entered promiscuous mode [ 477.426344][T11925] hsr_slave_1: entered promiscuous mode [ 477.440605][ T30] audit: type=1800 audit(4294967394.653:65): pid=11988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1260" name="dbroot" dev="configfs" ino=41313 res=0 errno=0 [ 477.480937][T11925] debugfs: 'hsr0' already exists in 'hsr' [ 477.503263][T11925] Cannot create hsr debugfs directory [ 477.725112][T11994] device-mapper: ioctl: Unable to rename non-existent device,  to [ 477.810670][ T4227] hsr_slave_0: left promiscuous mode [ 477.862216][ T4227] hsr_slave_1: left promiscuous mode [ 477.887811][ T4227] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 477.919872][ T4227] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 477.966856][ T4227] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 477.998210][ T4227] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 478.098155][ T4227] veth1_macvtap: left promiscuous mode [ 478.149934][ T4227] veth0_macvtap: left promiscuous mode [ 478.165876][ T4227] veth1_vlan: left promiscuous mode [ 478.196129][ T4227] veth0_vlan: left promiscuous mode [ 478.550493][T12009] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 479.105394][T10754] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 479.105430][T10754] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 479.120557][T10754] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 479.120657][T10754] Bluetooth: hci2: adv larger than maximum supported [ 479.127992][T10754] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 479.136231][T10754] Bluetooth: hci2: adv larger than maximum supported [ 479.143386][T10754] Bluetooth: hci2: adv larger than maximum supported [ 479.150231][T10754] Bluetooth: hci2: Malformed LE Event: 0x0d [ 479.264575][T12018] netlink: 'syz.3.1266': attribute type 2 has an invalid length. [ 479.439395][T10754] Bluetooth: hci3: command tx timeout [ 479.542442][ T4227] team0 (unregistering): Port device team_slave_1 removed [ 479.624502][ T4227] team0 (unregistering): Port device team_slave_0 removed [ 480.836073][T12029] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1269'. [ 480.907782][T12029] FAULT_INJECTION: forcing a failure. [ 480.907782][T12029] name fail_futex, interval 1, probability 0, space 0, times 0 [ 481.149991][T12029] CPU: 0 UID: 0 PID: 12029 Comm: syz.3.1269 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 481.150046][T12029] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 481.150059][T12029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 481.150075][T12029] Call Trace: [ 481.150085][T12029] [ 481.150095][T12029] dump_stack_lvl+0x16c/0x1f0 [ 481.150137][T12029] should_fail_ex+0x512/0x640 [ 481.150164][T12029] ? __pfx___might_resched+0x10/0x10 [ 481.150203][T12029] get_futex_key+0x1d0/0x15f0 [ 481.150233][T12029] ? __pfx_get_futex_key+0x10/0x10 [ 481.150263][T12029] ? __pfx_netlink_sendmsg+0x10/0x10 [ 481.150304][T12029] futex_wait_setup+0x9d/0x570 [ 481.150347][T12029] __futex_wait+0x193/0x2f0 [ 481.150382][T12029] ? __pfx___futex_wait+0x10/0x10 [ 481.150415][T12029] ? rcu_is_watching+0x12/0xc0 [ 481.150454][T12029] ? __pfx_futex_wake_mark+0x10/0x10 [ 481.150492][T12029] ? futex_hash+0x2c5/0x380 [ 481.150520][T12029] ? futex_private_hash_put+0x160/0x1b0 [ 481.150548][T12029] futex_wait+0xe8/0x380 [ 481.150581][T12029] ? __pfx_futex_wait+0x10/0x10 [ 481.150631][T12029] do_futex+0x229/0x350 [ 481.150659][T12029] ? __pfx_do_futex+0x10/0x10 [ 481.150686][T12029] ? fput+0x70/0xf0 [ 481.150717][T12029] ? __sys_sendmsg+0x18c/0x220 [ 481.150752][T12029] __x64_sys_futex+0x1e0/0x4c0 [ 481.150785][T12029] ? __pfx___x64_sys_futex+0x10/0x10 [ 481.150813][T12029] ? xfd_validate_state+0x61/0x180 [ 481.150846][T12029] do_syscall_64+0xcd/0xf80 [ 481.150885][T12029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 481.150910][T12029] RIP: 0033:0x7f9eda18f7c9 [ 481.150929][T12029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 481.150953][T12029] RSP: 002b:00007f9edb07e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 481.150976][T12029] RAX: ffffffffffffffda RBX: 00007f9eda3e6098 RCX: 00007f9eda18f7c9 [ 481.150992][T12029] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9eda3e6098 [ 481.151007][T12029] RBP: 00007f9eda3e6090 R08: 0000000000000000 R09: 0000000000000000 [ 481.151022][T12029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 481.151037][T12029] R13: 00007f9eda3e6128 R14: 00007ffd5f1676d0 R15: 00007ffd5f1677b8 [ 481.151068][T12029] [ 482.594328][T11925] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 482.689249][T11925] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 482.740474][T12054] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1272'. [ 483.628323][T11925] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 483.750411][T12054] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode [ 483.818333][T12054] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 483.860087][T11925] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 484.315568][T11925] 8021q: adding VLAN 0 to HW filter on device bond0 [ 484.430016][T11925] 8021q: adding VLAN 0 to HW filter on device team0 [ 484.495351][ T6962] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.502640][ T6962] bridge0: port 1(bridge_slave_0) entered forwarding state [ 484.562358][T12080] binder: 12079:12080 ioctl 4020565a 38 returned -22 [ 484.615686][ T6962] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.622937][ T6962] bridge0: port 2(bridge_slave_1) entered forwarding state [ 486.355110][T11925] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 487.011646][T12127] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 487.154142][T12131] futex_wake_op: syz.4.1283 tries to shift op by -2048; fix this program [ 487.580562][T12143] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1284'. [ 487.818670][T12154] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1285'. [ 487.844230][T11925] veth0_vlan: entered promiscuous mode [ 487.950373][T12143] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode [ 487.997465][T12143] mac80211_hwsim hwsim7 wlan1: entered allmulticast mode [ 488.240603][T11925] veth1_vlan: entered promiscuous mode [ 488.406420][T11925] veth0_macvtap: entered promiscuous mode [ 488.464776][T11925] veth1_macvtap: entered promiscuous mode [ 488.569592][T11925] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 488.627537][T10754] Bluetooth: hci4: unexpected subevent 0x18 length: 123 > 19 [ 488.637412][T10754] Bluetooth: hci4: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 488.674236][T11925] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 488.771829][ T1316] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.815591][ T1316] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.870700][ T1316] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.963687][ T1316] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 489.274293][ T1316] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 489.327589][ T1316] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 489.453598][ T6601] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 489.499943][ T6601] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.011232][T12210] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 491.123306][T12193] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1292'. [ 491.180881][T12193] netlink: 25 bytes leftover after parsing attributes in process `syz.5.1292'. [ 491.489762][T10655] ------------[ cut here ]------------ [ 491.496269][T10655] ODEBUG: free active (active state 0) object: ffff888075779460 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 491.510073][T10655] WARNING: lib/debugobjects.c:612 at debug_print_object+0x18e/0x2a0, CPU#0: kworker/0:10/10655 [ 491.521342][T10655] Modules linked in: [ 491.525550][T10655] CPU: 0 UID: 0 PID: 10655 Comm: kworker/0:10 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 491.537294][T10655] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 491.547567][T10655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 491.558642][T10655] Workqueue: events devcd_del [ 491.563428][T10655] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 491.569372][T10655] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d f2 f2 df 0b 41 56 48 8b 14 dd e0 c6 f2 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 1c 7c d6 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 491.589248][T10655] RSP: 0018:ffffc900034777e8 EFLAGS: 00010246 [ 491.596313][T10655] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 491.605617][T10655] RDX: ffffffff8bf2c620 RSI: ffffffff8bf2c200 RDI: ffffffff90929320 [ 491.613834][T10655] RBP: 0000000000000001 R08: ffff888075779460 R09: ffffffff8b906c80 [ 491.622371][T10655] R10: ffffffff9088ebd7 R11: ffff88802561e6b0 R12: ffffffff8bf2c200 [ 491.630885][T10655] R13: ffffffff8b906cc0 R14: ffffffff8a7e12f0 R15: ffffc900034778e8 [ 491.638898][T10655] FS: 0000000000000000(0000) GS:ffff8881248fc000(0000) knlGS:0000000000000000 [ 491.647965][T10655] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 491.655076][T10655] CR2: 000000000000f038 CR3: 000000005a2f0000 CR4: 00000000003526f0 [ 491.663167][T10655] Call Trace: [ 491.666484][T10655] [ 491.669533][T10655] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 491.675030][T10655] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 491.680975][T10655] debug_check_no_obj_freed+0x4b7/0x600 [ 491.686562][T10655] ? find_held_lock+0x2b/0x80 [ 491.691344][T10655] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 491.698223][T10655] ? __page_table_check_zero+0x2f2/0x4a0 [ 491.704590][T10655] ? __pfx___page_table_check_zero+0x10/0x10 [ 491.710706][T10655] __free_frozen_pages+0x31a/0x1170 [ 491.715937][T10655] hci_release_dev+0x4ef/0x640 [ 491.720825][T10655] ? kfree+0x2f8/0x6e0 [ 491.725428][T10655] ? __pfx_hci_release_dev+0x10/0x10 [ 491.731362][T10655] ? rcu_is_watching+0x12/0xc0 [ 491.736168][T10655] ? kfree+0x27d/0x6e0 [ 491.740326][T10655] bt_host_release+0x6a/0xb0 [ 491.744949][T10655] ? __pfx_bt_host_release+0x10/0x10 [ 491.750325][T10655] device_release+0xa4/0x240 [ 491.754952][T10655] kobject_put+0x1ef/0x6f0 [ 491.759527][T10655] put_device+0x1f/0x30 [ 491.763764][T10655] devcd_dev_release+0x122/0x170 [ 491.768813][T10655] ? __pfx_devcd_dev_release+0x10/0x10 [ 491.774447][T10655] device_release+0xa4/0x240 [ 491.779158][T10655] kobject_put+0x1ef/0x6f0 [ 491.783666][T10655] put_device+0x1f/0x30 [ 491.787943][T10655] devcd_del+0xaa/0xd0 [ 491.792068][T10655] process_one_work+0x9ba/0x1b20 [ 491.797040][T10655] ? __pfx_process_one_work+0x10/0x10 [ 491.803295][T10655] ? assign_work+0x1a0/0x250 [ 491.807916][T10655] worker_thread+0x6c8/0xf10 [ 491.813224][T10655] ? __kthread_parkme+0x19e/0x250 [ 491.818285][T10655] ? __pfx_worker_thread+0x10/0x10 [ 491.823487][T10655] kthread+0x3c5/0x780 [ 491.828057][T10655] ? __pfx_kthread+0x10/0x10 [ 491.833169][T10655] ? rcu_is_watching+0x12/0xc0 [ 491.837966][T10655] ? __pfx_kthread+0x10/0x10 [ 491.843341][T10655] ret_from_fork+0x983/0xb10 [ 491.847987][T10655] ? __pfx_ret_from_fork+0x10/0x10 [ 491.853341][T10655] ? __switch_to+0x7af/0x10d0 [ 491.858047][T10655] ? __pfx_kthread+0x10/0x10 [ 491.862717][T10655] ret_from_fork_asm+0x1a/0x30 [ 491.867531][T10655] [ 491.870640][T10655] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 491.877940][T10655] CPU: 0 UID: 0 PID: 10655 Comm: kworker/0:10 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 491.889084][T10655] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 491.899148][T10655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 491.909230][T10655] Workqueue: events devcd_del [ 491.913943][T10655] Call Trace: [ 491.917240][T10655] [ 491.920190][T10655] dump_stack_lvl+0x3d/0x1f0 [ 491.924904][T10655] vpanic+0x640/0x6f0 [ 491.928914][T10655] ? debug_print_object+0x18e/0x2a0 [ 491.934136][T10655] panic+0xca/0xd0 [ 491.937890][T10655] ? __pfx_panic+0x10/0x10 [ 491.942389][T10655] ? check_panic_on_warn+0x1f/0xb0 [ 491.947543][T10655] check_panic_on_warn+0xab/0xb0 [ 491.952704][T10655] __warn+0x108/0x3c0 [ 491.956716][T10655] __report_bug+0x2a0/0x520 [ 491.961319][T10655] ? debug_print_object+0x18e/0x2a0 [ 491.966599][T10655] ? __pfx___report_bug+0x10/0x10 [ 491.971673][T10655] ? __lock_acquire+0x436/0x2890 [ 491.976661][T10655] report_bug_entry+0xe1/0x290 [ 491.981475][T10655] ? debug_print_object+0x19b/0x2a0 [ 491.986742][T10655] handle_bug+0x18a/0x260 [ 491.991113][T10655] exc_invalid_op+0x17/0x50 [ 491.995638][T10655] asm_exc_invalid_op+0x1a/0x20 [ 492.000525][T10655] RIP: 0010:debug_print_object+0x19b/0x2a0 [ 492.006400][T10655] Code: b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 4f 48 8d 3d f2 f2 df 0b 41 56 48 8b 14 dd e0 c6 f2 8b 4c 89 e6 <67> 48 0f b9 3a 58 83 05 1c 7c d6 0b 01 48 83 c4 18 5b 5d 41 5c 41 [ 492.026046][T10655] RSP: 0018:ffffc900034777e8 EFLAGS: 00010246 [ 492.032132][T10655] RAX: dffffc0000000000 RBX: 0000000000000003 RCX: 0000000000000000 [ 492.040114][T10655] RDX: ffffffff8bf2c620 RSI: ffffffff8bf2c200 RDI: ffffffff90929320 [ 492.048099][T10655] RBP: 0000000000000001 R08: ffff888075779460 R09: ffffffff8b906c80 [ 492.056089][T10655] R10: ffffffff9088ebd7 R11: ffff88802561e6b0 R12: ffffffff8bf2c200 [ 492.064081][T10655] R13: ffffffff8b906cc0 R14: ffffffff8a7e12f0 R15: ffffc900034778e8 [ 492.072069][T10655] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 492.077594][T10655] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 492.083070][T10655] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 492.088916][T10655] debug_check_no_obj_freed+0x4b7/0x600 [ 492.094515][T10655] ? find_held_lock+0x2b/0x80 [ 492.099249][T10655] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 492.105352][T10655] ? __page_table_check_zero+0x2f2/0x4a0 [ 492.111022][T10655] ? __pfx___page_table_check_zero+0x10/0x10 [ 492.117212][T10655] __free_frozen_pages+0x31a/0x1170 [ 492.122467][T10655] hci_release_dev+0x4ef/0x640 [ 492.127338][T10655] ? kfree+0x2f8/0x6e0 [ 492.131449][T10655] ? __pfx_hci_release_dev+0x10/0x10 [ 492.136751][T10655] ? rcu_is_watching+0x12/0xc0 [ 492.141567][T10655] ? kfree+0x27d/0x6e0 [ 492.145671][T10655] bt_host_release+0x6a/0xb0 [ 492.150379][T10655] ? __pfx_bt_host_release+0x10/0x10 [ 492.155692][T10655] device_release+0xa4/0x240 [ 492.160312][T10655] kobject_put+0x1ef/0x6f0 [ 492.164748][T10655] put_device+0x1f/0x30 [ 492.168978][T10655] devcd_dev_release+0x122/0x170 [ 492.174028][T10655] ? __pfx_devcd_dev_release+0x10/0x10 [ 492.179546][T10655] device_release+0xa4/0x240 [ 492.184165][T10655] kobject_put+0x1ef/0x6f0 [ 492.188612][T10655] put_device+0x1f/0x30 [ 492.192797][T10655] devcd_del+0xaa/0xd0 [ 492.196890][T10655] process_one_work+0x9ba/0x1b20 [ 492.201857][T10655] ? __pfx_process_one_work+0x10/0x10 [ 492.207344][T10655] ? assign_work+0x1a0/0x250 [ 492.211953][T10655] worker_thread+0x6c8/0xf10 [ 492.216750][T10655] ? __kthread_parkme+0x19e/0x250 [ 492.221910][T10655] ? __pfx_worker_thread+0x10/0x10 [ 492.227215][T10655] kthread+0x3c5/0x780 [ 492.231302][T10655] ? __pfx_kthread+0x10/0x10 [ 492.235909][T10655] ? rcu_is_watching+0x12/0xc0 [ 492.240701][T10655] ? __pfx_kthread+0x10/0x10 [ 492.245306][T10655] ret_from_fork+0x983/0xb10 [ 492.249914][T10655] ? __pfx_ret_from_fork+0x10/0x10 [ 492.255041][T10655] ? __switch_to+0x7af/0x10d0 [ 492.259742][T10655] ? __pfx_kthread+0x10/0x10 [ 492.264349][T10655] ret_from_fork_asm+0x1a/0x30 [ 492.269149][T10655] [ 492.272232][T10655] Kernel Offset: disabled [ 492.276562][T10655] Rebooting in 86400 seconds..