last executing test programs: 10.377897509s ago: executing program 3 (id=1176): write$auto_split_huge_pages_fops_huge_memory(0xffffffffffffffff, &(0x7f0000000040), 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = socket(0x10, 0x2, 0x6) r2 = syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x28, r2, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_COORDINATOR={0x14, 0x1e, 0x0, 0x1, [@nested={0x10, 0x122, 0x0, 0x1, [@nested={0xa, 0x10, 0x0, 0x1, [@generic='\x00\x00\x00*O{']}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/netdevsim2/hop_limit\x00', 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) symlink$auto(&(0x7f0000000240)='./file0\x00', &(0x7f0000000500)='./file0\x00') mmap$auto(0x7, 0xfffffffffffffffd, 0xdf, 0xe13f, 0xffffffffffffffff, 0x81) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, &(0x7f0000000080)) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) write$auto_mousedev_fops_mousedev(r3, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) r4 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_NVRAM_INIT(r4, 0x7040, 0x0) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/sockstat\x00', 0xc0880, 0x0) read$auto(r5, &(0x7f0000000040)='/proc/self/net/icmp\x00', 0x80000001) openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/ieee80211/phy4/netdev:wlan1/stations/08:02:11:00:00:00/rc_stats_csv\x00', 0x604241, 0x0) 9.295382806s ago: executing program 3 (id=1179): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948f, 0x803, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r2, 0x80045010, &(0x7f0000004440)) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0)=0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r3, 0x8000) r4 = open_by_handle_at$auto(r1, &(0x7f00000002c0)={0x1a, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b"}, 0x7d) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x63af, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x80000008000000a, 0x40000402, 0x6, 0x7, 0xffffffff80000004, 0x8000000002009, 0x6, 0x2400001000ff}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r5 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) setsockopt$auto(r4, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) geteuid() sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f0000001ac0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001a80)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040840}, 0x200000c0) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r6, @ANYBLOB="010025bd7000fedbdf257e000000000066004e21000000002680000002000400000000000200000000000000010009000000000001000400000000000200070000000000980006000000000014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1cb162ef14fb7ab2ee731fdc7f0fc553a3c07226a2160d350ed7f30000360103e17d2b53cce133a6674f5b8600a49a8403c6bdfd3e0c464ed8a2fe254a5939fb09cb1dc350c9230c189febda65557207893e11deb595e622008d945c914692afa24b99bf04b003881b9fc35a628e8a1f7dd36490920c7ce2dbffcf61124f39b5329db3d8f56f48af0b3b31b588771b14d045e0ea69404cf54596db22abd3d35b4f3d484faa4ac1eca1bbbe82ed861aee4715f465c010e98899929b521dea88b03c97f8d005000000987004d3b262d91b7e4b6d005ebb201517953c89225c186080b4836ccb358d624f4b134a11c7ec39e49d80d2c40312c250508a0e8c0969f1fe6830e50c3f2623b31882a5409300737b3fe096e8da90fa050194db696c605c6f82e18f9fc334aa232483df49ed13478a9bd48a"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) 9.219216795s ago: executing program 0 (id=1180): openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, 0x0) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, 0x0, 0x0, 0x33}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x40}, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x30b140, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x40000, 0x0) pread64$auto(r1, &(0x7f0000000040)='/dev/tty0\x00', 0x3, 0x9) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe2180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) unshare$auto(0x40000080) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, &(0x7f0000000040)=0x5) fcntl$auto(0x3, 0x4, 0xa553) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000002c0)={{@inferred, 0x5, 0x9, 0xdcbf, "4941aa833e2fc65b6b3cf7cec76d6778ad8eac3cda35ba9c2b2d43eeb0dc59c8dd3500f11581916caa0d3053"}, 0x4, 0xfffffff9, 0x1, @raw=0x2, @enumerated={0xffff, 0xffe, "4bd04167d52dbe3758dcb7641f58661870525adcaedaa5deaa336a58b7382f979a0ff0b3d9583c08610104000049d9f994ef5578e78507d4f25cd03a4c4b5700", 0x9, 0x3fd}, "6cc1888a6393f1b4285854c5368de438f8cc142ef6df1259b05b1bc7955610c61c329794e5311121c760cb8211c78e6947a99807bcc100"}) 7.994877925s ago: executing program 0 (id=1182): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x0) r1 = socket(0x11, 0x3, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) socket(0x2c, 0x8180b, 0x67) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000180)="e9fa89a53e03ac7aa286", 0x5ea}, 0x5, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x140) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffff70001, 0x1) shmctl$auto_SHM_UNLOCK(0x40a03811, 0xc, 0x0) preadv$auto(0x40000000000003, 0x0, 0x6, 0x3f, 0x5) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) msgctl$auto_IPC_RMID(0x8, 0x0, &(0x7f00000001c0)={{0xffffff7f, 0xffffffffffffffff, 0xee01, 0x5, 0x101, 0x8, 0x1}, &(0x7f0000000140), &(0x7f0000000180)=0x6, 0x4d5, 0xffffffff, 0x67f4, 0x407, 0xa, 0x40, 0xd, 0xc, @inferred=0xffffffffffffffff, @raw=0x7}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6gre0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_STATION(r0, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x70, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_WIPHY_NAME={0x27, 0x2, './cgroup.cpu/memory.limit_in_bytes\x00'}, @NL80211_ATTR_MBSSID_ELEMS={0x20, 0x133, 0x0, 0x1, [@typed={0x4, 0x109}, @typed={0x8, 0x13, 0x0, 0x0, @u32}, @nested={0x10, 0x133, 0x0, 0x1, [@typed={0x8, 0x90, 0x0, 0x0, @uid=r3}, @nested={0x4, 0x109}]}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x70}, 0x1, 0x0, 0x0, 0x24000080}, 0x20000040) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) signalfd4$auto(0xffffffffffffffff, &(0x7f00000003c0)={0x2}, 0x2, 0xd) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) 6.626869765s ago: executing program 3 (id=1183): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') setresuid$auto(0x2, 0x7, 0x8080) ioctl$auto(r0, 0x4020940c, r0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/devices\x00', 0x600, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card0/pcm0c/sub5/status\x00', 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x400000b0, 0x20002, 0xf43, 0x1, 0x2) mbind$auto(0x0, 0x7, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x110c230000, 0x1, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0x181f82, 0x0) mmap$auto(0x0, 0x20009, 0xe0, 0xeb1, 0xffffffffffffffff, 0x4) write$auto(r1, 0x0, 0x8000000000000001) readv$auto(r2, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f00000041c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fbdbdf25020000000800"/26, @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x80) madvise$auto(0x0, 0xffffffffffff0005, 0x17) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) socket(0x2, 0x1, 0x106) write$auto(0x3, 0x0, 0xffd8) r4 = getpid() r5 = gettid() rt_tgsigqueueinfo$auto(r5, r5, 0x16, &(0x7f0000000400)={@siginfo_0_0={0xfffeffff, 0x0, 0x2, @_sigpoll={0x8}}}) tgkill$auto_SIGCONT(r4, r4, 0x12) 6.371808182s ago: executing program 1 (id=1184): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948f, 0x803, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r2, 0x80045010, &(0x7f0000004440)) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0)=0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r3, 0x8000) r4 = open_by_handle_at$auto(r1, &(0x7f00000002c0)={0x1a, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b"}, 0x7d) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x63af, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x80000008000000a, 0x40000402, 0x6, 0x7, 0xffffffff80000004, 0x8000000002009, 0x6, 0x2400001000ff}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r5 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) setsockopt$auto(r4, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) geteuid() sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f0000001ac0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001a80)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040840}, 0x200000c0) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r6 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r7, @ANYBLOB="010025bd7000fedbdf257e000000000066004e21000000002680000002000400000000000200000000000000010009000000000001000400000000000200070000000000980006000000000014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1cb162ef14fb7ab2ee731fdc7f0fc553a3c07226a2160d350ed7f30000360103e17d2b53cce133a6674f5b8600a49a8403c6bdfd3e0c464ed8a2fe254a5939fb09cb1dc350c9230c189febda65557207893e11deb595e622008d945c914692afa24b99bf04b003881b9fc35a628e8a1f7dd36490920c7ce2dbffcf61124f39b5329db3d8f56f48af0b3b31b588771b14d045e0ea69404cf54596db22abd3d35b4f3d484faa4ac1eca1bbbe82ed861aee4715f465c010e98899929b521dea88b03c97f8d005000000987004d3b262d91b7e4b6d005ebb201517953c89225c186080b4836ccb358d624f4b134a11c7ec39e49d80d2c40312c250508a0e8c0969f1fe6830e50c3f2623b31882a5409300737b3fe096e8da90fa050194db696c605c6f82e18f9fc334aa232483df49ed13478a9bd48a"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) sendmsg$auto_NL80211_CMD_GET_KEY(r3, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRESDEC=r2, @ANYRESOCT=r6], 0x1c}, 0x1, 0x0, 0x0, 0x21}, 0x51) 6.288996413s ago: executing program 3 (id=1185): r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x74, r0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x58, 0x1, 0x0, 0x1, [@nested={0x8, 0x10, 0x0, 0x1, [@nested={0x4, 0x8}]}, @typed={0x49, 0xfb, 0x0, 0x0, @binary="d96eace761aa77010174f8c364f60a3674ad86718a800a928d4377ee069ab4d56041948a36dcd6a622aac24c8c801c8bd39a19f9d90230d2a306a8a43116c21260a0514d63"}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x74}, 0x1, 0x0, 0x0, 0x24040071}, 0x44800) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x141241, 0x0) sendfile$auto(r4, 0xffffffffffffffff, 0x0, 0x2) r5 = socket(0x2b, 0x1, 0x1) ioctl$auto(r5, 0x8941, 0x4) sendfile$auto(r2, r3, 0x0, 0x3) acct$auto(&(0x7f00000000c0)='/dev/vcs1\x00') r6 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DEP_LINK_UP(r1, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f00000004c0)={0x122c, r6, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@NFC_ATTR_SE_APDU={0xec, 0x19, "ce8153d4fb5c1a2984161db156fce018a4af4fbe1c3f75339a1497de62d8ee66cae443dfef3bfa8ac9b96d196f1eaa7c5de2d0b1863fcf12b643dcb6fd0c8eba75a309dbe2bd9f6229e0b28e47c38985fdf4ba2fc7002ba6c0a7f8420818ff95278da266032002c4ebcb88a74e02ba9b21075e382837147676573514a7db150f0bac5055b6b4826bd14f94104dc85d3f84235138dcf656c7d2d9bccdc3a3a9a3e6d6190de44486a32d524b67f2cde18f8bb6910f058654a5dafdd6dd9ff65c5b235786db455ff890cc77343a511d0f7a32523c847905b8d1fa7c8efe09668cf470ef87683a3cfb83"}, @NFC_ATTR_SE_APDU={0xe9, 0x19, "3f112a330f3ea376df9cd0e822f8754cfa8df7dfdeed761e6860ba1addc42f48c5435449ad5e8d90289c8df144039f8a08a8acc12d127d907f4327ef032884760ea92447287ade826ccac811b78ec9d077effdd277ec038e07006179d68e90b06a1d21320fdafea8b1e05732079176e2b43f6411d781dca5d42a95bd868d325fb9245409e10265dc331eeef7a91155dfdba2fc0a0a4f0097d01845eeea3c0ead3660d1edad893c7f1f1dae5cd50a848f5f81e79146d258056ba233541b81323a0ba06a0b28c46e4f89462073d549a8d3ab8f0e4cc78f7c9ae6cfeab46c82c501a0d45d24cc"}, @NFC_ATTR_VENDOR_DATA={0x1004, 0x1f, "4125baabdc9e1a0dbf96b472809f6ca65bbe23894042629b929a49b4c6bc180f2e95522c38e76fe4ce3ab8e2d58da2ae31897345d916a875e372c1eeee5b0031338ee2ce897806e00d32037ddc606cfd08c4c6ee5b4572d7dd6b37b62bf3dfe37ecb908e1343d7c410cd8497e29fc1eaf6be140abaffd7fd1e4f658af32e698dbc95653c3c99389e75070a3619d236f775e45d8e56fa58efb3d0f3c051d96e3f2d9ce96521c6830897e8d13e6066fdd85b111830ff5c3884cdbb918fcfa9875c21a5e8499d68ab04dbc99047dbe148fd61eb1dce0d155c76a2c00dd283ac2b492c96249931d0332e0d722be571137512a81b244b626ecc966c84efc791115c261fc8135ddb11ac80ae798334201527525c517283081b223e5ef873aac9477246632981c632e32939b5a07e8e3b6aea6a5a9687200ec7732575dd403f377b67a0850e296aa2353900fbbeb820e67f2878656ee0ffde04aa591c91ac0936ae5be88c07ce2c7a4fb6625e46a574b1ae4ed91cb12a75cd246d0bd44e71fa777f70aa0def33610548f6b7dc0bc684f254e9836b80c5ad027fed824bd3959b5eb55f273b7884e796ffa6191cc64e844095005d4255215f74caeacb3112c753ab2b2f0f8feadbe8a7ef5a0bfcb9bf1f96d00b0032af3698b3ba89de13b5c838f8bc397a04f261ff824d796e4e239cb2a6ae41e9d0b9c8835256243d1010d807188f016dbbba700427046bd6a1bb858697aa564b105cd7c1943ce29a2e37b602533ec3832766d602e28a03b384315178156b7bc661e45bbbd2d34e3562790ece18828b5d40a33e5acb9dd5bfed055adb2507661b0c08d32a0a76925ecc7b5c6276e947699d2019bc9df8116aefd0042ca8a355b7a6af900e6fddeb48fca8fb6b30c9be7c6e6ede635d3d093c468c304787192ea13381350d77aebdd9299efab4e0f2851d124d4e4f26095ffbb54f5171fbcbb368ec0266df2d09d68484547d7a771f787f29d3e435a34c8efa99b5a9aaf36c1526cda4f595e87fec785a6243b34e005dc89597ec7232eb58ffe61eece10a2eb4ae5e6280b8f9db3c2d3f42e4ee8b14ed6e86b91fe949d65ebb26e14e396e16685d7ed4ea70605f893892324a54301e0677f1f8a574294040bd63be7e91e49b3c256f4435e4183f00a5749203d52441b5a85c857e8d8c06015ca78d5e7fe18d94347864efa1c998344244dcccecec822d86e42065af3bb7f640d850af7d779e3ba3ba0fa322d8bf367063637bcd741be9b8e02775c2f29917a0e87a3736d61a341812f68fec2ad0637e1986cc68c2efb9b3b05cebd742b1aeb998e2bee034086aeb8bf24c2c53d0637c8c6158872056b33f6fba2fe12fe36b35ca29c82e29c5f994305348b259115763490aaf2029631623150105fadede36c98420e635073783c8485a45eff21f6da3d27bb94b966a55ef27e24a16b7a0f459f48ec625838c7230c4a71993b434a18fcdee35fa649e26f7485abd925fba6b86f15252e1253c1e38272791582eb21e54732bf6774e1d164117d044b73191ae4ec91045aa83652b86612509d0e4b044126c7f95770fe3fa50eee96816a5346fd5fec963649642ce3ee2bce1faeb1e5124788e5202bb3b22630a911186acdb73bba2b4db9139efe24b9d3ce3489541ce791af7494fb8617874bb51515a8a009050847461f16f280bc6bb8487f64dd40f7b34f44435ca7b72080ca4aeea25653b534c908d012a750e5aeeffc99fbe1a2c67dec695f8f8e74268030eb7a6f0624d9df07a51363a57054aa44b0e7da89bb860677fd5c7288c54951697a96bf8521a22f224edb41649d242f28ec278208e2479ad71083d44fc0b9c03a9dcbce0432f3a45779828667ac4f39c3df0a5114c33c5e83505a0e18204b4d0139ac34487b204725f0d01a502cc75a497893e926ebfed90aeffd1bf71d4b13f810f52a6436c6bf4bbb8048e77417924d95ac8762f6c0108491e94839cbabf3787310a3a2cdcb4e2f61f379ef86091a83f752ac5ac80e74ea589ffd2ef983fd01bca6f4f979d750778772add4d95f1d8abf21af3bf43d42d51604d749daef0e72133c3ad4415e7cbe472bcd4061e2d17b0c786aa5cd69eb6c85e021c142eee8264c2bb38d5bb15e215fc6c132cff545e92fbe17753e16724bce21425f40bb5a68f22502f57555042266009cf9378df8863c4fd3c5bcea7844bab0d0bc98842fc226ff15c8bc3efa275a031033d913cf04c5b36cd37a67845f498c28c7d9ddaf5a238ce844816b8e5cf6a0cd8654b4d0f16028ce3b22b84802caaa46cfbf2f458eeae40de87c8b37b56d3835d32a198595815c38748d23a5929b61da2b46f8ad4e16cba83e1b55e545a2a43d0a1d5e1e7c9e060bd58814fe0d96d6e54b5397862ecf6a7bb73fb4af893500d65fd75f964daecae2093aa0af59cf0870ed89d84da40c1984e6295419e91b5f79042db90acc81b1fe1fe688d751ee72ef8f66928be293673611d187852915997f2fe5fcb2a65ac58fd064fd50d2b65b5cd8ba0bba6afed86e207a465db85ae523c30bac6392e8670253ed28a45875c2a84419b8484364dea6378ae1b38124cd68319247741c6c12e0b88f2a1b5386e981945a5944aa7f34b991ad596f2962ad21a91c84226031fe06a3ca87d38bb9693992cfb61e4b982fbdefed41ea86de0c1ee3f3de5821a67cecf030075248394177f69cea5423615f506b68218b1f2521c9767a80bc7c4867d06b7a69e9359fb0cc6d556a6f5818c24e76f5df4aeeedb1370212add10eb2a89157b618cf8f7640f7e3aafb47b742d93f18cfe9ec6aea17eff5051c25e350937c8ba649d8abc2538944a021318ddd3554bbeb34b8495558626598711673353fc20e204661edc912b868a3d30e7f5d5fbf09a7c564e84564203637c796699c9e14525dcd1b73cd323efeb20a1e76df133b43a269e6eb7443030a36fb3344bbdf7463a1665e3961468eab108a6db0482fa03c79ed4b7b2a482c5189a042746896a9f7b82f953d5ab50c625476ed248534f37c08deba498c46626120c83c4a9b7bf57ada65969547bec8b77813a07f10cc35a93f3a3ebc4b5975510a5bef29e6de22cad2fc70c49b4de9a34429dadff930bc51c708c6dfe66d371112266bdf80e70d613f4de205992480e631583ccbf2c0910dd2edce2cb7bc24120d2080d9037b4dbc4c757c77ccb43336eda26a4caef8d197d18b8f8b500f6da692ce9dcf83e90aecd0d9425f103aa3b5fd1e9fe5eda0f701b2cfdf96ee9f729fb83a20ad3a3f58f9aa572f33e0c641aa0e757ba28311743db677a626c336465cb7bcd6a028cd3311cc89bbd56e53c269acb2ddc6bbf1e145fb269f63c2e0667497d330c875c7f00539cab001c68720e66d440b315cd6b7143e15d7f0128e78181ec809d58b8798d0a4ad37300c348a8c29690b912931a3706c9de6bb62bfe06afeec200c81f184b4c34a9db595dcfdcfaa5f065e5ea06fd0244215e371ccf70627668a0cde0fe486e9aa947049100ff6c73071f3ff3ed6fab319d4b011a80874c48989d338efb0c1053536077e3fa2b0fc6153e22853e6a5ddc794a1a9962abdb7aa2ea2b48f545bf1cac12f4c1c6cb3110226b681c26000bc1bc82010474cc663de2d528e8f08bd1a725f55e7e6831d8b0ff16376694828d386b2094bd0bb56c63468cc360f9d2a878f13788a5c7ae68de94ab3d58d791e5684c3112dc0c96aeab33603067df0119c5d1458868b490a57a6428e1834c197da9ea2f565e6bd58bdf3bd97df613914d14989a522417d2a223d3ed8e8b6cb4b3a9b98ab731f3eb1775cbdc7709da544d6bac757f1f16b00e55c9c782c223dfe921ec5b80dc22e876ffcd37ee4f89827ffb97f70987e3f4b7d149b1f41c18bed5593f410c6ab8120cef38b0d6fe4a9a15049bf2c7eda5f708864f89a9f6e88e00b33e18160e380bd1ceb8b3ab05b2ec9a25e8c2fff83397ee7928a17e360d12b64c89aa78c732d7ee97cd1a79d9f339f4e9e115144913d7e2e909a10231f8ceb9ae8af07021bf8804e0be8f4eec41594ae500e7ecd8f0798f9207107b517977eb6071a6377f8031db51ba8de9ce06a49f798e3e34bc176b6898aa923b40d8fb2e16bf402f7f92b014478437cbd712e7bfef9c283bbb780cbde299630b953aeef8c77705cdb68ae24e6f8ed67a62bd897c4f660f70f4578eb74452379b961e3907b661e9a38686602d4161512301c3767b952108c3f2ea89bcb7b2e2045ac1cc63dd7a991ff10964e0386ea1696eaa2308a8cc400454127aa99ca94a43f1365163f46f511dc5f355e6cb8617a9c14234c3a98f9875e5eb33b0c1349e9db203b430bb8420dfce68960e561af6827c7e7cad5f948d3b79c79f4bf5b60d0d66489e6b9235e23094d05f1f7a863c2ffd3e09210d0f02d36a4ccf4e191fe1158d579f35c32f1a814f84ccf4317d32597196399497726568fd4bb141fdbd23aa0fce12665bfb8f43a8897da94a6dd27a2bcba9a3530b1dbe97b06a61135ebc9d605aa01f2a1031e64670e56f036f5dc30567e267eaff00aa9465f2c1e31bcb2e51f4a2f2c88078eb7c8a053aeba5839e7b9737fed9fcea5258162bda916943d5701b412066c478672fc77568f7902fd917ec0fe1fc77cdbd37c3ab88b426fd2dd6225eccc1338471f8402af0757920531e4683bc1069ef70337502aaaf9208dacda12c56b0050f7598cd62327ef823ee263583b0c7b38da8c2c31f6857070f139a3a53d5eca0a0f8f38bd38e83a58d0b58005da20684fdd0d68cd9e56e043033178c3ebd602525110c761e9e06cccbe7c879f1c51e862e13b5e672461dd3fb6866844d851e41eb2c9ad439490f1736fc9d49c3fc47710fd856806b66b2ec6f0473f985582d447c3e7e1fb44b1fa3aca8dfb9a4852012fd09d6c000777614ebae3c7d5343d891367f2bc641447b70049a35f6931b8007b53503e8f29de47de0c37776c54ebe192b69e4092a735ec8341ae757da30bc8f0033e03b8458025b9cc41306e4d759014583481a121b168ba060ea609fae32d1a478c986f86e43ac14b671574d3a1ef90c75f793a3430c01b60a9d431cc178b8c9015f228a19e560fd7eaff398612a60d37eb127a358d7f9717dbebe43fca22ca5f50b6e357038cde97f42a964521258a1c2c42b72a46c86aef2754c50e74df99b0bfc3f27e0d2a5697eea7da9ad493e65fd7c4bf5c960135677e6e331ac1aac7d64f4391f2e001c259c453bb455312aa2a4a9b69fe5edef1c6d427c1b92673018e68b4d6ece6a01b839ff7fee67b53b944c8da3b531f4a96d5c457511ebb53ef933cadc073e019f1a1469475def17104a5ebe81913d0bb6f70c8f2119195adbd7c31a4e6b3dd11b66957588770541ed7547a4c5aa88c75f1fa12cf66dcfd659acdae93bdbf536e2baf2548d53682fabbd2003cec0e314c64b8f4ea9562737084c658c226e34ad50d62626de638386f020f8c9d48a82aa1439146abed494d9f71e0a425caf587ed42648a01c8a0430279d9d36355fabe9592007c5c66674bb02c9d538c6d6223775607b93a1a300ec5c6e34d95f72a5d9f69390b36e2d7160d6e627c09cb34cd17027f0b13ab81e4dbba471f0c8c8a3d48d287e9da3debbd92efb7830829c0ee91e2234fa813a7cb88d41245daaec759a36e881b2f0440dede44f4932ffe9d205ef11d4e192fb2f2ca16b940804251756389bb75e2d43a46026e9a0de2ae843297abb6a061479475dd61a55e2cf9a8be17dc3464e190e97183ef74b08a43c219db2"}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0xffffffff}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x9}, @NFC_ATTR_FIRMWARE_NAME={0xf, 0x14, ',#^([,-[\xbe,-'}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x8}, @NFC_ATTR_LLC_SDP={0x4}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x5}, @NFC_ATTR_RF_MODE={0x5, 0xb, 0xe}]}, 0x122c}, 0x1, 0x0, 0x0, 0x44}, 0x800) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r7) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r7, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)={0x14, r8, 0x1, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r7) sendfile$auto(r9, r9, 0x0, 0x3) mseal$auto(0xb, 0x5, 0x7fffffffffffffff) 6.271253456s ago: executing program 0 (id=1186): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x5, 0x4000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810008, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000040)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x4008080) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) msync$auto(0x1ffff000, 0x1800000ff000d00, 0x400000004) bind$auto(0xffffffffffffffff, 0x0, 0x80) socket(0xf, 0xa, 0x5) ioperm$auto(0x7, 0x75, 0x4) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) 5.686641372s ago: executing program 3 (id=1187): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948f, 0x803, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r2, 0x80045010, &(0x7f0000004440)) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0)=0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r3, 0x8000) r4 = open_by_handle_at$auto(r1, &(0x7f00000002c0)={0x1a, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b"}, 0x7d) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x63af, 0x63, 0x0, 0x0, 0x0, 0x0, 0x8, 0x80000008000000a, 0x40000402, 0x6, 0x7, 0xffffffff80000004, 0x8000000002009, 0x6, 0x2400001000ff}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, 0x0, 0x4) r5 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) setsockopt$auto(r4, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) geteuid() sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f0000001ac0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001a80)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040840}, 0x200000c0) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r6, @ANYBLOB="010025bd7000fedbdf257e000000000066004e21000000002680000002000400000000000200000000000000010009000000000001000400000000000200070000000000980006000000000014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1cb162ef14fb7ab2ee731fdc7f0fc553a3c07226a2160d350ed7f30000360103e17d2b53cce133a6674f5b8600a49a8403c6bdfd3e0c464ed8a2fe254a5939fb09cb1dc350c9230c189febda65557207893e11deb595e622008d945c914692afa24b99bf04b003881b9fc35a628e8a1f7dd36490920c7ce2dbffcf61124f39b5329db3d8f56f48af0b3b31b588771b14d045e0ea69404cf54596db22abd3d35b4f3d484faa4ac1eca1bbbe82ed861aee4715f465c010e98899929b521dea88b03c97f8d005000000987004d3b262d91b7e4b6d005ebb201517953c89225c186080b4836ccb358d624f4b134a11c7ec39e49d80d2c40312c250508a0e8c0969f1fe6830e50c3f2623b31882a5409300737b3fe096e8da90fa050194db696c605c6f82e18f9fc334aa232483df49ed13478a9bd48a"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) 4.540518268s ago: executing program 1 (id=1188): write$auto_split_huge_pages_fops_huge_memory(0xffffffffffffffff, &(0x7f0000000040), 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = socket(0x10, 0x2, 0x6) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r1, 0x0, 0x8044) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/netdevsim2/hop_limit\x00', 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) symlink$auto(&(0x7f0000000240)='./file0\x00', &(0x7f0000000500)='./file0\x00') mmap$auto(0x7, 0xfffffffffffffffd, 0xdf, 0xe13f, 0xffffffffffffffff, 0x81) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, &(0x7f0000000080)) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/sockstat\x00', 0xc0880, 0x0) read$auto(r4, &(0x7f0000000040)='/proc/self/net/icmp\x00', 0x80000001) openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/ieee80211/phy4/netdev:wlan1/stations/08:02:11:00:00:00/rc_stats_csv\x00', 0x604241, 0x0) 3.845629969s ago: executing program 0 (id=1189): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto_HDIO_GETGEO(r3, 0x301, &(0x7f00000001c0)) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB="810b25bd7080fbdbdf250100"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/pci0000:00/pci_bus/0000:00/cpulistaffinity\x00', 0xc0200, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = socket(0x2b, 0x1, 0x1) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) setresuid$auto(0x0, 0x7, 0x8080) recvmmsg$auto(r6, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x15, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) recvmmsg$auto(r5, &(0x7f00000002c0)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0xc}, 0x801}, 0x3, 0x6, 0x0) setsockopt$auto(r4, 0x29, 0x20, 0x0, 0x20) recvmmsg$auto(r1, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x5, 0x6}, 0x803}, 0x10a, 0x6, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r7 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x201, 0x0) ioctl$auto_PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x0, 0x2}) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x101000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) 3.841952696s ago: executing program 2 (id=1190): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9) io_uring_setup$auto(0x1, 0x0) connect$auto(0x3, 0x0, 0x55) socket(0x3, 0x3, 0x9b) connect$auto(0x3, 0x0, 0x58) r0 = socket(0x2, 0x801, 0x106) setsockopt$auto(r0, 0x6, 0x21, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) 3.549975197s ago: executing program 1 (id=1191): r0 = gettid() tkill$auto(r0, 0x0) kcmp$auto_KCMP_FILES(0xffffffffffffffff, r0, 0x2, 0x7fffffff, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000300)={0x200aa, 0x5, 0x0, 0x400, 0x9a, "077c1315ff06c9cc9ff4956913870ef95ebcd43e985b110210346f7f05f8bd5d8b4458e71254da2aab17208e518d2a9b3c20bd53a710ce119b1b61b0"}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40091}, 0x40040) r1 = socket(0x10, 0x5, 0xfffffffe) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0xb8}, 0x7, 0x4008) mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0xffffffffffffffff, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) semctl$auto_IPC_INFO(0x10, 0x3, 0x3, 0x1) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xffeb, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e22, @multicast2}, 0x19) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r2 = socket(0x2, 0x1, 0x106) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) setsockopt$auto(r2, 0x1, 0x12, 0x0, 0xeb66) r3 = gettid() kill$auto(r3, 0x11) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x0, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r4, 0x41015500, &(0x7f0000000140)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5ce72a9af15390e93a8760df83859e16320e8d0b1161f13d12afae66b1d900a49586aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89e90c932b8859c767780d65e849700", "e600d778e82f8b8db7e27a036e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184c0d300c13be6047a70685ce029fb2385ae6e132c1c6adbcfbd873a3b925d397a08e8733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb", 0x3}) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) r7 = openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x46800, 0x0) fchmod$auto(r7, 0x1) r8 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x443c2, 0x0) ioctl$auto_PROCMAP_QUERY(r8, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x9, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9}) sendfile$auto(r5, r6, 0x0, 0x1000200) tkill$auto(r3, 0x80006) 3.271027019s ago: executing program 2 (id=1192): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1e, 0x5, 0x4000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x23bb, 0x810008, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000040)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x4008080) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) bind$auto(0xffffffffffffffff, 0x0, 0x80) socket(0xf, 0xa, 0x5) ioperm$auto(0x7, 0x75, 0x4) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) close_range$auto(0x2, 0xa, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) 3.049526434s ago: executing program 3 (id=1193): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket(0x29, 0x5, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x83, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x2001, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) getsockopt$auto(0x100000006, 0x0, 0x13, 0xfffffffffffffffe, 0x0) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x8b0f, 0x24) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) ioctl$auto_tracing_buffers_fops_trace(r2, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x5b, &(0x7f0000000080)={0x7fffffff, 0xd, 0x10000, 0x7, 0x3, 0x7ffffffd, 0xffffffffffffffff, [], {0x6, 0x1ff, 0x8c48, 0x2a2, 0x100, 0x7ffffffb, 0x101, 0x6, 0x3}, {0x100, 0x1, 0x0, 0x5, 0x3, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8300f000) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram7/trace/act_mask\x00', 0x80002, 0x0) semctl$auto_IPC_INFO(0x7, 0x8, 0x3, 0x40) sendfile$auto(r3, r4, 0x0, 0x3) 2.726926234s ago: executing program 1 (id=1194): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/conf/default/tag\x00', 0x163041, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) (async) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x0, 0xffffeffe, 0x2) socket$nl_generic(0x10, 0x3, 0x10) (async) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) io_uring_setup$auto(0x2, 0x0) socketpair$auto(0x8, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) (async) socket(0x2, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r2) (async) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) (async) fsopen$auto(0x0, 0x1) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) (async) r3 = openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/ports/1/bpf_xdpoffload_accept\x00', 0x1c9040, 0x0) sendmmsg$auto(r3, &(0x7f0000000300)={{&(0x7f0000000100)="0b88acc5d06e68fbd01e24a6159e113d0d9a156388e34e81aac2cb6545eaf2164fa4561ba65d4310d32b93dd1f187c318de49febd865016841f5c6b7e0e15ee6e0543ea3daf71af77fb16f5824cc1f43249f2db161e93e203e26189c57499b39ca0ae696fe5c45192d153dacedb43fa1df39612810fade873b0f3df975f9285a305cd0b380aac1f03ba8605ad376b965e4481e2df076db8f9c7a8ed8cff60459dd68fe8f04a9d7980ae5e6bc348fd772890ecd75780ab3f4fab7a9d4af4779f18c635a3a72b30ebb0bb080ba2d5ff379f3bcaa9c77e02b721d8ec9aa9338e06b", 0x5c58, &(0x7f0000000080)={&(0x7f0000000200)="04d38260e4cc04fd0d7c280720e44a3f205b08e775dae712cd31c3f28d37a4b25598447ee2d96054dd392f121ae09356bcffb930bffe6b1a4d8702ea84897e09a95dbe0252468cf3ae6b27ac784c7166e4e877607406fda004da3c2aaf9740270efa96e47496c393de5e47240bbeb5fa7a62e6eedd0dec6e15dda63a39238becf17728ddee2ae2ff6708e2f3a1fb32ceb196128668062393617c543cee1096035627d05ee330f9e6", 0x7fffffffffffffff}, 0x4, &(0x7f00000002c0)="1dedeebdd51c50d739fc476d774ad10e557c2328103e0c486f205063c546ee19e81acd45acc3e4b7abdf95553dc80bca5ad6416748d1e044c251949c2e57", 0x0, 0x9}, 0x9}, 0xf8b2, 0xc) (async) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 1.874108387s ago: executing program 1 (id=1195): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x0) r1 = socket(0x11, 0x3, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) socket(0x2c, 0x8180b, 0x67) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000180)="e9fa89a53e03ac7aa286", 0x5ea}, 0x5, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x140) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xfffffffffff70001, 0x1) shmctl$auto_SHM_UNLOCK(0x40a03811, 0xc, 0x0) preadv$auto(0x40000000000003, 0x0, 0x6, 0x3f, 0x5) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) msgctl$auto_IPC_RMID(0x8, 0x0, &(0x7f00000001c0)={{0xffffff7f, 0xffffffffffffffff, 0xee01, 0x5, 0x101, 0x8, 0x1}, &(0x7f0000000140), &(0x7f0000000180)=0x6, 0x4d5, 0xffffffff, 0x67f4, 0x407, 0xa, 0x40, 0xd, 0xc, @inferred=0xffffffffffffffff, @raw=0x7}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'ip6gre0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_STATION(r0, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x70, r2, 0x1, 0x70bd29, 0x25dfdbff, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_WIPHY_NAME={0x27, 0x2, './cgroup.cpu/memory.limit_in_bytes\x00'}, @NL80211_ATTR_MBSSID_ELEMS={0x20, 0x133, 0x0, 0x1, [@typed={0x4, 0x109}, @typed={0x8, 0x13, 0x0, 0x0, @u32}, @nested={0x10, 0x133, 0x0, 0x1, [@typed={0x8, 0x90, 0x0, 0x0, @uid=r3}, @nested={0x4, 0x109}]}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x70}, 0x1, 0x0, 0x0, 0x24000080}, 0x20000040) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) signalfd4$auto(0xffffffffffffffff, &(0x7f00000003c0)={0x2}, 0x2, 0xd) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) 1.747732613s ago: executing program 2 (id=1196): mmap$auto(0x3dfffffffffffd, 0xfffffffffffffffc, 0xdd, 0x1b72, 0x2, 0x6) (async, rerun: 64) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) (async) r0 = open(0x0, 0x22240, 0x155) mmap$auto(0x0, 0x0, 0x4000000000df, 0x40eb4, r0, 0x300000000000) (async) r1 = socket(0x2b, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0xce22, @multicast1}, 0x6a) (async) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) futex$auto(0x0, 0x6, 0x80000001, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x4001, 0x43, 0x0, 0x7) sendto$auto(0x3, 0x0, 0xfdef, 0x101, 0x0, 0x1c) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio\x00', 0xc0502, 0x0) (async) socketpair$auto(0x1f, 0x4, 0x1, 0x0) (async) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000200)='/dev/fb0\x00', 0x0, 0x0) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) ioctl$auto_IMDELTIMER(0xffffffffffffffff, 0x80044941, &(0x7f00000001c0)=0x1000) (async) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) open(0x0, 0x22240, 0x55) (rerun: 32) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 64) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x40c01, 0x0) (async, rerun: 64) writev$auto(r2, &(0x7f0000000180)={0x0, 0x2}, 0xc000) r3 = socket(0x2, 0x3, 0xa) setsockopt$auto(r3, 0x0, 0x7, 0x0, 0x8) (async, rerun: 32) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x52) (async, rerun: 32) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_intel/parameters/enable_shadow_vmcs\x00', 0x80000, 0x0) (async) r4 = socket(0x10, 0x2, 0x14) sendmsg$auto_NLBL_MGMT_C_REMOVE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="030028fbfd003b88df2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x400000c) 1.704611175s ago: executing program 0 (id=1197): r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x40080, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) r1 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/ubifs/chk_fs\x00', 0x101000, 0x0) read$auto_dfs_global_fops_debug(r1, 0x0, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto_MADV_DODUMP(0x8, 0x5, 0x11) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) fadvise64$auto_POSIX_FADV_SEQUENTIAL(r0, 0x100, 0xba4, 0x2) getsockopt$auto_SO_NETNS_COOKIE(r2, 0x9, 0x47, 0x0, &(0x7f0000000580)) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r3, 0x4b32, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) 894.109757ms ago: executing program 2 (id=1198): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x5, 0x1ff, 0x7fa, 0x4, 0x9, 0x7, 0xffffffffffffffff, 0x20010180, 0xa}, 0x98) write$auto(0xca, &(0x7f0000000000)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4Cn\xb2./jn>9\xd2\xdb\x88\xf4\x1aVj\x13j\xe1\x96\xf7\xc2\xd3qm\xe6q\xf9\xa6u\x8eZ\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\xef\x87\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4', 0x9) 663.823903ms ago: executing program 0 (id=1199): openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, 0x0) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, 0x0, 0x0, 0x33}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x40}, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x109401, 0x0) ioctl$auto(r2, 0x540a, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x40002, 0x2a, 0xdd, 0x13, 0x1000, 0x28002) madvise$auto(0x2, 0x5c61fa2c, 0xf) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x40001, 0x0) quotactl$auto(0x9, 0x0, r1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x8c0, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0xe31, 0x40000000000a5, 0x8000) 519.023505ms ago: executing program 2 (id=1200): close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x3, 0xe) socket$nl_generic(0x10, 0x3, 0x10) rseq$auto(&(0x7f00000002c0)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0xfffffff4, 0x0, 0x7) ioperm$auto(0x3, 0xe, 0x2000000000000149) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000380), 0x101100, 0x0) r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_GET_TUNSRC(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fddbdf250400000014000100fc000000000000000000000000000001"], 0x28}, 0x1, 0x0, 0x0, 0x20000088}, 0x20000000) kcmp$auto(0x1, 0x100000001, 0x5, 0x8f0, 0x24000) unshare$auto(0x40000080) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="feff000022cd953b79c0ccdc79cf26e913daa7dcda7fcfbc5934601eab98aa64", @ANYRES16=r3, @ANYBLOB="e3b725bd7000fddbdf2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x48000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x100000400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x20) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) socket(0x29, 0x2, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r2, &(0x7f0000000640)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000600)={&(0x7f0000000ac0)={0x224, 0x0, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_FIRMWARE_NAME={0x4}, @NFC_ATTR_LLC_SDP={0x1be, 0x13, 0x0, 0x1, [@generic="f14180d0a8eb8ef0dd06de4b99c8faf61b713683e33309af21365f2bce7024eab042e44954b80585f081b95b86f06b23b0ae8cee3d0e5650d3afb1cb77b996e780b4a5", @typed={0x4, 0x4a}, @nested={0xdd, 0x88, 0x0, 0x1, [@generic="74c1940a70e4843b319d7b28c74c96df0f95bc3836f1c533dced7b436e55dbf568869aa27b0619b36ced25c8656e304a4edf5c3174b116c4c168f2c52ce185926dbe08640bfa8ec46d1673a718d0c0c33112177301cf3c6821fb2553d98924ad0264d49d80a50229c77be7525f7fac46926fba65d2564b0cc8ca2fab59a382a4b39b93a6f82458e278fc5b4d18caaced1a02323a3d351a7ccdb12bd4945e4416d9648e1a7dadf39ae87dc87c47c55a7e1b0af91f20f285c854283a83c6d955d0fae9dc82a159d36bf5b1fabb2edbe21d3c", @typed={0x8, 0x24, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}]}, @generic="43db9e0b02c647ccc9039a3446d96279280fe2c9d2220ce6750f967d8d19d658e880b030d69e7ba9d54c3df32fb6a848dd7f921afd504d73f20d430f996579d7ec1f5cd7f0e920a786f6f96abff3caeb4a6192317c40ea0a9947d4d9f0e9120632d219192f49fc6e67148dc958a0496e364d53f91964fe2839093c48fc35fe75f479c39dff55de3e546d3dff368ae5267f0cc3"]}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x40}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0xfff}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x1}, @NFC_ATTR_VENDOR_DATA={0x1b, 0x1f, "a6d7b432257d05dc3f0f38067ab96a683686731e7dacd3"}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0x7}, @NFC_ATTR_TM_PROTOCOLS={0x8}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x20}]}, 0x224}, 0x1, 0x0, 0x0, 0x240409c1}, 0x4000800) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="d53e", @ANYBLOB="5de1"], 0x1ac}}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f0000000140)="6ac828ac0eac8a3b502af1b2d404e0523692ffcc06e84141cc0eaa7b7708000000ce67703ddd36d40d", 0x7, 0xa505}, 0x804}, 0x7, 0x4008) preadv2$auto(0xffffffffffffffff, 0x0, 0x5, 0xffffffffffffffff, 0x4, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001480)='/sys/kernel/irq/12/hwirq\x00', 0x900, 0x0) read$auto(r5, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/self/fail-nth\x00', 0xc42, 0x0) 213.601212ms ago: executing program 1 (id=1201): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card0/pcm0p/sub3/status\x00', 0xe0042, 0x0) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1, 0x3fff}, 0x57) writev$auto(r0, &(0x7f0000000080)={&(0x7f00000000c0), 0x7114}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r1, 0x0, 0x1f40) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x22202, 0x0) read$auto_mon_fops_text_t_mon_text(r2, 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x20, r3, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@GTPA_TID={0xc, 0x3, 0x100000000}]}, 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x40) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0x0, 0x0) prctl$auto(0xe, 0x0, 0x3, 0x4, 0x400) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) write$auto(r4, &(0x7f0000000200)='\x00', 0xfff) keyctl$auto_KEYCTL_READ(0xb, 0x7, 0x5, 0x2, 0x5) 0s ago: executing program 2 (id=1202): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) listmount$auto(0x0, 0x0, 0xf4240, 0x0) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC1D1c\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r0, 0xc1004111, 0x0) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', 0x0) r1 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000140), 0x189000, 0x0) readv$auto(r1, &(0x7f00000018c0)={0x0, 0x1}, 0x9) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x40100000001) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) prctl$auto_PR_SET_MM_START_STACK(0x80000000, 0x5, 0x0, 0x2, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub5/status\x00', 0x0, 0x0) pread64$auto(r3, 0x0, 0x1ff, 0x5) socket(0x15, 0x5, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = open(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', 0x2c00, 0xb5d1af1605322df2) syz_clone3(&(0x7f00000003c0)={0x383201180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r4}}, 0x58) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_vlan\x00'}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) open(&(0x7f0000000080)='./cgroup\x00', 0x40001, 0x6) kernel console output (not intermixed with test programs): ] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000007 [ 320.781033][ T8543] RBP: 00007f6361a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 320.781052][ T8543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 320.781071][ T8543] R13: 00007f6361be6128 R14: 00007f6361be6090 R15: 00007ffcb80a73d8 [ 320.781115][ T8543] [ 320.781138][ T8543] tipc: Publication distribution failure [ 321.444628][ T8548] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 321.637471][ T8553] netlink: 4 bytes leftover after parsing attributes in process `syz.0.501'. [ 322.050775][ T8552] netlink: 28 bytes leftover after parsing attributes in process `syz.1.503'. [ 322.422863][ T8552] bond0: (slave bond_slave_1): Releasing backup interface [ 322.501823][ T8559] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 322.621102][ T8560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.505'. [ 323.790742][ T8580] block2mtd: parameter too long [ 326.158584][ T8606] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 326.316349][ T8609] netlink: 4 bytes leftover after parsing attributes in process `syz.3.514'. [ 326.799066][ T8617] FAULT_INJECTION: forcing a failure. [ 326.799066][ T8617] name failslab, interval 1, probability 0, space 0, times 0 [ 326.842313][ T8617] CPU: 1 UID: 0 PID: 8617 Comm: syz.0.517 Tainted: G U syzkaller #0 PREEMPT(full) [ 326.842368][ T8617] Tainted: [U]=USER [ 326.842380][ T8617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 326.842400][ T8617] Call Trace: [ 326.842411][ T8617] [ 326.842424][ T8617] dump_stack_lvl+0x16c/0x1f0 [ 326.842483][ T8617] should_fail_ex+0x512/0x640 [ 326.842536][ T8617] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 326.842577][ T8617] should_failslab+0xc2/0x120 [ 326.842625][ T8617] __kmalloc_cache_noprof+0x6a/0x3e0 [ 326.842663][ T8617] ? subflow_create_ctx+0x9b/0x2c0 [ 326.842719][ T8617] subflow_create_ctx+0x9b/0x2c0 [ 326.842767][ T8617] subflow_ulp_init+0xc3/0x4d0 [ 326.842806][ T8617] tcp_set_ulp+0x329/0x7f0 [ 326.842832][ T8617] mptcp_subflow_create_socket+0x361/0xed0 [ 326.842857][ T8617] ? futex_unqueue+0x133/0x2c0 [ 326.842885][ T8617] ? aa_label_sk_perm+0x195/0x600 [ 326.842919][ T8617] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 326.842946][ T8617] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 326.842979][ T8617] ? __futex_wait+0x24c/0x2f0 [ 326.843020][ T8617] __mptcp_nmpc_sk+0x182/0x890 [ 326.843049][ T8617] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 326.843086][ T8617] mptcp_connect+0x7e/0xae0 [ 326.843118][ T8617] __inet_stream_connect+0x914/0xf60 [ 326.843155][ T8617] ? __pfx___inet_stream_connect+0x10/0x10 [ 326.843184][ T8617] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 326.843236][ T8617] ? __pfx_inet_stream_connect+0x10/0x10 [ 326.843267][ T8617] ? __local_bh_enable_ip+0xa4/0x120 [ 326.843299][ T8617] ? __pfx_inet_stream_connect+0x10/0x10 [ 326.843327][ T8617] inet_stream_connect+0x57/0xa0 [ 326.843357][ T8617] __sys_connect_file+0x141/0x1a0 [ 326.843394][ T8617] __sys_connect+0x13b/0x160 [ 326.843425][ T8617] ? __pfx___sys_connect+0x10/0x10 [ 326.843467][ T8617] ? xfd_validate_state+0x61/0x180 [ 326.843502][ T8617] ? __pfx_do_writev+0x10/0x10 [ 326.843534][ T8617] __x64_sys_connect+0x72/0xb0 [ 326.843565][ T8617] ? lockdep_hardirqs_on+0x7c/0x110 [ 326.843600][ T8617] do_syscall_64+0xcd/0x4c0 [ 326.843640][ T8617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.843665][ T8617] RIP: 0033:0x7f4c5ad8eec9 [ 326.843685][ T8617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.843709][ T8617] RSP: 002b:00007f4c5bcad038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 326.843731][ T8617] RAX: ffffffffffffffda RBX: 00007f4c5afe5fa0 RCX: 00007f4c5ad8eec9 [ 326.843748][ T8617] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000003 [ 326.843762][ T8617] RBP: 00007f4c5ae11f91 R08: 0000000000000000 R09: 0000000000000000 [ 326.843776][ T8617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 326.843791][ T8617] R13: 00007f4c5afe6038 R14: 00007f4c5afe5fa0 R15: 00007ffdb34c9608 [ 326.843821][ T8617] [ 327.133231][ C1] vkms_vblank_simulate: vblank timer overrun [ 327.379406][ T8603] netlink: 186 bytes leftover after parsing attributes in process `syz.2.513'. [ 327.398243][ T8603] netlink: 186 bytes leftover after parsing attributes in process `syz.2.513'. [ 327.530674][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.537392][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.630797][ T8625] netlink: 186 bytes leftover after parsing attributes in process `syz.0.519'. [ 327.674972][ T8625] netlink: 186 bytes leftover after parsing attributes in process `syz.0.519'. [ 327.712467][ T8604] netlink: 268 bytes leftover after parsing attributes in process `syz.2.513'. [ 327.911024][ T8630] netlink: zone id is out of range [ 327.930699][ T8630] netlink: del zone limit has 4 unknown bytes [ 328.385762][ T8636] netlink: zone id is out of range [ 328.419106][ T8636] netlink: del zone limit has 4 unknown bytes [ 328.552193][ T8633] netlink: 268 bytes leftover after parsing attributes in process `syz.0.519'. [ 328.981173][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 328.989206][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 328.997519][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 329.005781][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 329.013954][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 329.022644][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 329.030455][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 329.126326][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 329.234380][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 329.329777][ T8651] netlink: 'syz.2.523': attribute type 11 has an invalid length. [ 330.036708][ T8662] netlink: 186 bytes leftover after parsing attributes in process `syz.1.526'. [ 330.047163][ T8662] netlink: 186 bytes leftover after parsing attributes in process `syz.1.526'. [ 330.471360][ T8675] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 330.614509][ T8678] netlink: 4 bytes leftover after parsing attributes in process `syz.2.528'. [ 330.686857][ T8679] block2mtd: parameter too long [ 332.387679][ T8693] block2mtd: parameter too long [ 332.680987][ T8695] netlink: zone id is out of range [ 332.725258][ T8695] netlink: del zone limit has 4 unknown bytes [ 334.540031][ T8730] block2mtd: parameter too long [ 336.798754][ T8744] FAULT_INJECTION: forcing a failure. [ 336.798754][ T8744] name failslab, interval 1, probability 0, space 0, times 0 [ 336.877883][ T8744] CPU: 1 UID: 0 PID: 8744 Comm: syz.2.544 Tainted: G U syzkaller #0 PREEMPT(full) [ 336.877938][ T8744] Tainted: [U]=USER [ 336.877950][ T8744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 336.877971][ T8744] Call Trace: [ 336.877982][ T8744] [ 336.877996][ T8744] dump_stack_lvl+0x16c/0x1f0 [ 336.878054][ T8744] should_fail_ex+0x512/0x640 [ 336.878108][ T8744] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 336.878149][ T8744] should_failslab+0xc2/0x120 [ 336.878195][ T8744] __kmalloc_cache_noprof+0x6a/0x3e0 [ 336.878239][ T8744] ? subflow_create_ctx+0x9b/0x2c0 [ 336.878299][ T8744] subflow_create_ctx+0x9b/0x2c0 [ 336.878355][ T8744] subflow_ulp_init+0xc3/0x4d0 [ 336.878411][ T8744] tcp_set_ulp+0x329/0x7f0 [ 336.878449][ T8744] mptcp_subflow_create_socket+0x361/0xed0 [ 336.878484][ T8744] ? futex_unqueue+0x133/0x2c0 [ 336.878522][ T8744] ? aa_label_sk_perm+0x195/0x600 [ 336.878572][ T8744] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 336.878610][ T8744] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 336.878655][ T8744] ? __futex_wait+0x24c/0x2f0 [ 336.878711][ T8744] __mptcp_nmpc_sk+0x182/0x890 [ 336.878752][ T8744] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 336.878806][ T8744] mptcp_connect+0x7e/0xae0 [ 336.878852][ T8744] __inet_stream_connect+0x914/0xf60 [ 336.878905][ T8744] ? __pfx___inet_stream_connect+0x10/0x10 [ 336.878946][ T8744] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 336.879001][ T8744] ? __pfx_inet_stream_connect+0x10/0x10 [ 336.879044][ T8744] ? __local_bh_enable_ip+0xa4/0x120 [ 336.879088][ T8744] ? __pfx_inet_stream_connect+0x10/0x10 [ 336.879126][ T8744] inet_stream_connect+0x57/0xa0 [ 336.879170][ T8744] __sys_connect_file+0x141/0x1a0 [ 336.879229][ T8744] __sys_connect+0x13b/0x160 [ 336.879275][ T8744] ? __pfx___sys_connect+0x10/0x10 [ 336.879337][ T8744] ? xfd_validate_state+0x61/0x180 [ 336.879388][ T8744] ? __pfx_do_writev+0x10/0x10 [ 336.879435][ T8744] __x64_sys_connect+0x72/0xb0 [ 336.879478][ T8744] ? lockdep_hardirqs_on+0x7c/0x110 [ 336.879527][ T8744] do_syscall_64+0xcd/0x4c0 [ 336.879582][ T8744] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.879617][ T8744] RIP: 0033:0x7f636198eec9 [ 336.879643][ T8744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.879677][ T8744] RSP: 002b:00007f63628df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 336.879709][ T8744] RAX: ffffffffffffffda RBX: 00007f6361be5fa0 RCX: 00007f636198eec9 [ 336.879732][ T8744] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000003 [ 336.879752][ T8744] RBP: 00007f6361a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 336.879773][ T8744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.879794][ T8744] R13: 00007f6361be6038 R14: 00007f6361be5fa0 R15: 00007ffcb80a73d8 [ 336.879839][ T8744] [ 337.287053][ T8739] netlink: 186 bytes leftover after parsing attributes in process `syz.1.545'. [ 337.297530][ T8739] netlink: 186 bytes leftover after parsing attributes in process `syz.1.545'. [ 337.413729][ T8739] netlink: 268 bytes leftover after parsing attributes in process `syz.1.545'. [ 343.219244][ T8832] netlink: 28 bytes leftover after parsing attributes in process `syz.3.563'. [ 344.229563][ T8844] netlink: zone id is out of range [ 344.238226][ T8844] netlink: del zone limit has 4 unknown bytes [ 345.961067][ T8868] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 346.028363][ T8876] random: crng reseeded on system resumption [ 346.102531][ T8877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.576'. [ 346.593647][ T8875] netlink: 28 bytes leftover after parsing attributes in process `syz.1.575'. [ 347.102733][ T8882] FAULT_INJECTION: forcing a failure. [ 347.102733][ T8882] name fail_futex, interval 1, probability 0, space 0, times 0 [ 347.172255][ T8882] CPU: 1 UID: 0 PID: 8882 Comm: syz.1.577 Tainted: G U syzkaller #0 PREEMPT(full) [ 347.172299][ T8882] Tainted: [U]=USER [ 347.172307][ T8882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 347.172322][ T8882] Call Trace: [ 347.172329][ T8882] [ 347.172338][ T8882] dump_stack_lvl+0x16c/0x1f0 [ 347.172381][ T8882] should_fail_ex+0x512/0x640 [ 347.172424][ T8882] get_futex_key+0x1d0/0x1560 [ 347.172457][ T8882] ? __pfx_get_futex_key+0x10/0x10 [ 347.172491][ T8882] ? mptcp_release_cb+0x746/0xa60 [ 347.172527][ T8882] futex_wake+0xea/0x530 [ 347.172559][ T8882] ? reacquire_held_locks+0xcd/0x1f0 [ 347.172596][ T8882] ? __pfx_futex_wake+0x10/0x10 [ 347.172644][ T8882] ? inet_stream_connect+0x79/0xa0 [ 347.172672][ T8882] ? rcu_is_watching+0x12/0xc0 [ 347.172696][ T8882] ? __local_bh_enable_ip+0xa4/0x120 [ 347.172729][ T8882] do_futex+0x1e3/0x350 [ 347.172760][ T8882] ? __pfx_do_futex+0x10/0x10 [ 347.172793][ T8882] ? __sys_connect+0xe0/0x160 [ 347.172828][ T8882] __x64_sys_futex+0x1e0/0x4c0 [ 347.172863][ T8882] ? __pfx___x64_sys_futex+0x10/0x10 [ 347.172894][ T8882] ? xfd_validate_state+0x61/0x180 [ 347.172929][ T8882] ? __pfx_do_writev+0x10/0x10 [ 347.172964][ T8882] do_syscall_64+0xcd/0x4c0 [ 347.173004][ T8882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.173028][ T8882] RIP: 0033:0x7fa7fa78eec9 [ 347.173047][ T8882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.173070][ T8882] RSP: 002b:00007fa7fb7010e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 347.173092][ T8882] RAX: ffffffffffffffda RBX: 00007fa7fa9e5fa8 RCX: 00007fa7fa78eec9 [ 347.173107][ T8882] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa7fa9e5fac [ 347.173128][ T8882] RBP: 00007fa7fa9e5fa0 R08: 00007fa7fb702000 R09: 0000000000000000 [ 347.173143][ T8882] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 347.173158][ T8882] R13: 00007fa7fa9e6038 R14: 00007ffe99514a50 R15: 00007ffe99514b38 [ 347.173188][ T8882] [ 347.625093][ T31] audit: type=1800 audit(4294967488.899:5): pid=8884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.578" name="features" dev="configfs" ino=20956 res=0 errno=0 [ 348.154058][ T8891] netlink: 28 bytes leftover after parsing attributes in process `syz.1.580'. [ 348.580511][ T8903] block2mtd: parameter too long [ 349.334044][ T8912] FAULT_INJECTION: forcing a failure. [ 349.334044][ T8912] name failslab, interval 1, probability 0, space 0, times 0 [ 349.407050][ T8912] CPU: 1 UID: 0 PID: 8912 Comm: syz.1.585 Tainted: G U syzkaller #0 PREEMPT(full) [ 349.407089][ T8912] Tainted: [U]=USER [ 349.407096][ T8912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 349.407112][ T8912] Call Trace: [ 349.407120][ T8912] [ 349.407129][ T8912] dump_stack_lvl+0x16c/0x1f0 [ 349.407170][ T8912] should_fail_ex+0x512/0x640 [ 349.407208][ T8912] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 349.407241][ T8912] should_failslab+0xc2/0x120 [ 349.407273][ T8912] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 349.407304][ T8912] ? __d_alloc+0x32/0xae0 [ 349.407338][ T8912] __d_alloc+0x32/0xae0 [ 349.407371][ T8912] d_alloc_pseudo+0x1c/0xc0 [ 349.407407][ T8912] alloc_file_pseudo+0xcf/0x230 [ 349.407446][ T8912] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 349.407483][ T8912] ? alloc_fd+0x471/0x7d0 [ 349.407513][ T8912] sock_alloc_file+0x50/0x210 [ 349.407537][ T8912] __sys_socket+0x1c0/0x260 [ 349.407566][ T8912] ? __pfx___sys_socket+0x10/0x10 [ 349.407594][ T8912] ? xfd_validate_state+0x61/0x180 [ 349.407629][ T8912] ? __pfx_ksys_write+0x10/0x10 [ 349.407663][ T8912] __x64_sys_socket+0x72/0xb0 [ 349.407690][ T8912] ? lockdep_hardirqs_on+0x7c/0x110 [ 349.407747][ T8912] do_syscall_64+0xcd/0x4c0 [ 349.407788][ T8912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.407813][ T8912] RIP: 0033:0x7fa7fa78eec9 [ 349.407832][ T8912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.407861][ T8912] RSP: 002b:00007fa7fb6e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 349.407884][ T8912] RAX: ffffffffffffffda RBX: 00007fa7fa9e6090 RCX: 00007fa7fa78eec9 [ 349.407900][ T8912] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 349.407914][ T8912] RBP: 00007fa7fa811f91 R08: 0000000000000000 R09: 0000000000000000 [ 349.407929][ T8912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 349.407942][ T8912] R13: 00007fa7fa9e6128 R14: 00007fa7fa9e6090 R15: 00007ffe99514b38 [ 349.407972][ T8912] [ 349.842977][ T8906] netlink: 186 bytes leftover after parsing attributes in process `syz.2.584'. [ 349.853262][ T8906] netlink: 186 bytes leftover after parsing attributes in process `syz.2.584'. [ 350.832342][ T8927] FAULT_INJECTION: forcing a failure. [ 350.832342][ T8927] name failslab, interval 1, probability 0, space 0, times 0 [ 350.845369][ T8927] CPU: 0 UID: 0 PID: 8927 Comm: syz.3.589 Tainted: G U syzkaller #0 PREEMPT(full) [ 350.845421][ T8927] Tainted: [U]=USER [ 350.845433][ T8927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 350.845453][ T8927] Call Trace: [ 350.845465][ T8927] [ 350.845477][ T8927] dump_stack_lvl+0x16c/0x1f0 [ 350.845537][ T8927] should_fail_ex+0x512/0x640 [ 350.845599][ T8927] should_failslab+0xc2/0x120 [ 350.845647][ T8927] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 350.845692][ T8927] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 350.845744][ T8927] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 350.845793][ T8927] idr_get_free+0x528/0xa30 [ 350.845859][ T8927] idr_alloc_u32+0x190/0x2f0 [ 350.845912][ T8927] ? __pfx_idr_alloc_u32+0x10/0x10 [ 350.845965][ T8927] ? lock_acquire+0x179/0x350 [ 350.846028][ T8927] idr_alloc_cyclic+0x10b/0x230 [ 350.846081][ T8927] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 350.846129][ T8927] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 350.846196][ T8927] map_create+0xae3/0x1f80 [ 350.846260][ T8927] ? __pfx_map_create+0x10/0x10 [ 350.846306][ T8927] ? __might_fault+0xe3/0x190 [ 350.846343][ T8927] ? __might_fault+0xe3/0x190 [ 350.846381][ T8927] ? __might_fault+0x13b/0x190 [ 350.846434][ T8927] __sys_bpf+0x44d2/0x4de0 [ 350.846492][ T8927] ? __pfx___sys_bpf+0x10/0x10 [ 350.846545][ T8927] ? ksys_write+0x190/0x250 [ 350.846594][ T8927] ? do_futex+0x122/0x350 [ 350.846640][ T8927] ? __pfx_do_futex+0x10/0x10 [ 350.846702][ T8927] ? fput+0x9b/0xd0 [ 350.846752][ T8927] ? xfd_validate_state+0x61/0x180 [ 350.846802][ T8927] ? __pfx_ksys_write+0x10/0x10 [ 350.846852][ T8927] __x64_sys_bpf+0x78/0xc0 [ 350.846902][ T8927] ? lockdep_hardirqs_on+0x7c/0x110 [ 350.846954][ T8927] do_syscall_64+0xcd/0x4c0 [ 350.847019][ T8927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.847054][ T8927] RIP: 0033:0x7f6f5258eec9 [ 350.847081][ T8927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.847116][ T8927] RSP: 002b:00007f6f507f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 350.847147][ T8927] RAX: ffffffffffffffda RBX: 00007f6f527e6090 RCX: 00007f6f5258eec9 [ 350.847171][ T8927] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 350.847193][ T8927] RBP: 00007f6f52611f91 R08: 0000000000000000 R09: 0000000000000000 [ 350.847214][ T8927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 350.847234][ T8927] R13: 00007f6f527e6128 R14: 00007f6f527e6090 R15: 00007ffdd0f872a8 [ 350.847280][ T8927] [ 352.020009][ T8933] kexec: Could not allocate control_code_buffer [ 354.642993][ T8980] netlink: 186 bytes leftover after parsing attributes in process `syz.0.599'. [ 354.662564][ T8980] netlink: 186 bytes leftover after parsing attributes in process `syz.0.599'. [ 355.317805][ T8980] netlink: 268 bytes leftover after parsing attributes in process `syz.0.599'. [ 355.385994][ T8983] netlink: 186 bytes leftover after parsing attributes in process `syz.2.598'. [ 355.469805][ T8983] netlink: 186 bytes leftover after parsing attributes in process `syz.2.598'. [ 356.031690][ T8998] CIFS: VFS: Invalid SecurityFlags: 0x00 [ 356.218050][ T8983] netlink: 268 bytes leftover after parsing attributes in process `syz.2.598'. [ 357.115584][ T9006] netlink: 4 bytes leftover after parsing attributes in process `syz.3.605'. [ 357.358515][ T9013] netlink: zone id is out of range [ 357.363946][ T9013] netlink: del zone limit has 4 unknown bytes [ 357.422367][ T9011] random: crng reseeded on system resumption [ 358.678790][ T9037] block2mtd: parameter too long [ 360.681128][ T9061] block nbd9: NBD_DISCONNECT [ 360.867924][ T9061] FAULT_INJECTION: forcing a failure. [ 360.867924][ T9061] name failslab, interval 1, probability 0, space 0, times 0 [ 360.968894][ T9061] CPU: 1 UID: 0 PID: 9061 Comm: syz.0.617 Tainted: G U syzkaller #0 PREEMPT(full) [ 360.968942][ T9061] Tainted: [U]=USER [ 360.968952][ T9061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 360.968970][ T9061] Call Trace: [ 360.968980][ T9061] [ 360.968991][ T9061] dump_stack_lvl+0x16c/0x1f0 [ 360.969045][ T9061] should_fail_ex+0x512/0x640 [ 360.969095][ T9061] ? __kmalloc_noprof+0xbf/0x510 [ 360.969142][ T9061] ? alloc_pipe_info+0x1ec/0x590 [ 360.969172][ T9061] should_failslab+0xc2/0x120 [ 360.969203][ T9061] __kmalloc_noprof+0xd2/0x510 [ 360.969237][ T9061] alloc_pipe_info+0x1ec/0x590 [ 360.969271][ T9061] splice_direct_to_actor+0x77d/0xa30 [ 360.969297][ T9061] ? __lock_acquire+0x62e/0x1ce0 [ 360.969327][ T9061] ? __pfx_direct_splice_actor+0x10/0x10 [ 360.969353][ T9061] ? __pfx_aa_file_perm+0x10/0x10 [ 360.969389][ T9061] ? find_held_lock+0x2b/0x80 [ 360.969411][ T9061] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 360.969434][ T9061] ? get_pid_task+0xfc/0x250 [ 360.969474][ T9061] do_splice_direct+0x174/0x240 [ 360.969499][ T9061] ? __pfx_do_splice_direct+0x10/0x10 [ 360.969524][ T9061] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 360.969552][ T9061] ? rw_verify_area+0xcf/0x6c0 [ 360.969579][ T9061] do_sendfile+0xb06/0xe50 [ 360.969610][ T9061] ? __pfx_do_sendfile+0x10/0x10 [ 360.969636][ T9061] ? __fget_files+0x20e/0x3c0 [ 360.969669][ T9061] __x64_sys_sendfile64+0x1d8/0x220 [ 360.969703][ T9061] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 360.969735][ T9061] ? syscall_user_dispatch+0x78/0x140 [ 360.969780][ T9061] do_syscall_64+0xcd/0x4c0 [ 360.969826][ T9061] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.969850][ T9061] RIP: 0033:0x7f4c5ad8eec9 [ 360.969867][ T9061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 360.969890][ T9061] RSP: 002b:00007f4c5bc8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 360.969912][ T9061] RAX: ffffffffffffffda RBX: 00007f4c5afe6090 RCX: 00007f4c5ad8eec9 [ 360.969927][ T9061] RDX: 0000000000000000 RSI: 000000000000000b RDI: 000000000000000b [ 360.969940][ T9061] RBP: 00007f4c5bc8c090 R08: 0000000000000000 R09: 0000000000000000 [ 360.969954][ T9061] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 360.969968][ T9061] R13: 00007f4c5afe6128 R14: 00007f4c5afe6090 R15: 00007ffdb34c9608 [ 360.969997][ T9061] [ 361.209956][ C1] vkms_vblank_simulate: vblank timer overrun [ 361.525117][ T9064] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 361.692416][ T9065] netlink: 4 bytes leftover after parsing attributes in process `syz.1.618'. [ 362.620166][ T9069] FAULT_INJECTION: forcing a failure. [ 362.620166][ T9069] name failslab, interval 1, probability 0, space 0, times 0 [ 362.632980][ T9069] CPU: 0 UID: 0 PID: 9069 Comm: syz.0.620 Tainted: G U syzkaller #0 PREEMPT(full) [ 362.633018][ T9069] Tainted: [U]=USER [ 362.633029][ T9069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 362.633043][ T9069] Call Trace: [ 362.633051][ T9069] [ 362.633060][ T9069] dump_stack_lvl+0x16c/0x1f0 [ 362.633101][ T9069] should_fail_ex+0x512/0x640 [ 362.633143][ T9069] should_failslab+0xc2/0x120 [ 362.633176][ T9069] __kmalloc_cache_noprof+0x6a/0x3e0 [ 362.633200][ T9069] ? __lock_acquire+0x62e/0x1ce0 [ 362.633232][ T9069] ? tipc_nametbl_insert_publ+0x5a/0x1720 [ 362.633279][ T9069] tipc_nametbl_insert_publ+0x5a/0x1720 [ 362.633318][ T9069] ? do_raw_spin_lock+0x12c/0x2b0 [ 362.633356][ T9069] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 362.633391][ T9069] ? net_generic+0xea/0x2a0 [ 362.633433][ T9069] tipc_nametbl_publish+0x137/0x280 [ 362.633475][ T9069] tipc_sk_publish+0x1d8/0x430 [ 362.633498][ T9069] ? __pfx_tipc_sk_publish+0x10/0x10 [ 362.633523][ T9069] ? __local_bh_enable_ip+0xa4/0x120 [ 362.633555][ T9069] tipc_sk_bind+0x16f/0x380 [ 362.633580][ T9069] tipc_bind+0x190/0x2a0 [ 362.633604][ T9069] __sys_bind+0x1a7/0x260 [ 362.633635][ T9069] ? __pfx___sys_bind+0x10/0x10 [ 362.633675][ T9069] ? xfd_validate_state+0x61/0x180 [ 362.633718][ T9069] __x64_sys_bind+0x72/0xb0 [ 362.633770][ T9069] ? lockdep_hardirqs_on+0x7c/0x110 [ 362.633807][ T9069] do_syscall_64+0xcd/0x4c0 [ 362.633848][ T9069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.633872][ T9069] RIP: 0033:0x7f4c5ad8eec9 [ 362.633892][ T9069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.633915][ T9069] RSP: 002b:00007f4c5bc8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 362.633937][ T9069] RAX: ffffffffffffffda RBX: 00007f4c5afe6090 RCX: 00007f4c5ad8eec9 [ 362.633952][ T9069] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000006 [ 362.633967][ T9069] RBP: 00007f4c5ae11f91 R08: 0000000000000000 R09: 0000000000000000 [ 362.633981][ T9069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 362.633995][ T9069] R13: 00007f4c5afe6128 R14: 00007f4c5afe6090 R15: 00007ffdb34c9608 [ 362.634026][ T9069] [ 363.393778][ T9079] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 364.186998][ T9085] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input8 [ 364.450190][ T9093] netlink: 28 bytes leftover after parsing attributes in process `syz.0.627'. [ 364.956037][ T9110] block2mtd: parameter too long [ 366.765384][ T9127] netlink: 4 bytes leftover after parsing attributes in process `syz.3.633'. [ 367.831566][ T9137] kexec: Could not allocate control_code_buffer [ 368.362506][ T9149] netlink: zone id is out of range [ 368.367722][ T9149] netlink: del zone limit has 4 unknown bytes [ 369.659429][ T9163] netlink: 186 bytes leftover after parsing attributes in process `syz.3.640'. [ 369.706938][ T9163] netlink: 186 bytes leftover after parsing attributes in process `syz.3.640'. [ 369.846837][ T9173] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 370.031668][ T9176] netlink: 4 bytes leftover after parsing attributes in process `syz.1.643'. [ 370.408418][ T9160] netlink: 268 bytes leftover after parsing attributes in process `syz.3.640'. [ 371.135061][ T9188] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 371.292571][ T9190] netlink: 4 bytes leftover after parsing attributes in process `syz.3.646'. [ 372.000991][ T9198] netlink: 186 bytes leftover after parsing attributes in process `syz.2.649'. [ 372.044181][ T9198] netlink: 186 bytes leftover after parsing attributes in process `syz.2.649'. [ 372.472615][ T9199] syz.1.647 (9199): /proc/9191/oom_adj is deprecated, please use /proc/9191/oom_score_adj instead. [ 372.524658][ T9196] netlink: 268 bytes leftover after parsing attributes in process `syz.2.649'. [ 372.797943][ T9208] netlink: 186 bytes leftover after parsing attributes in process `syz.3.650'. [ 372.811168][ T9208] netlink: 186 bytes leftover after parsing attributes in process `syz.3.650'. [ 373.599929][ T9220] netlink: 4 bytes leftover after parsing attributes in process `syz.2.652'. [ 373.679435][ T9212] netlink: 186 bytes leftover after parsing attributes in process `syz.0.651'. [ 373.741888][ T9208] netlink: 268 bytes leftover after parsing attributes in process `syz.3.650'. [ 373.764407][ T9212] netlink: 186 bytes leftover after parsing attributes in process `syz.0.651'. [ 374.122852][ T9214] netlink: 268 bytes leftover after parsing attributes in process `syz.0.651'. [ 375.353330][ T9248] netlink: zone id is out of range [ 375.392213][ T9248] netlink: del zone limit has 4 unknown bytes [ 375.748904][ T9255] bond0: option all_slaves_active: invalid value () [ 377.367526][ T9267] __nla_validate_parse: 4 callbacks suppressed [ 377.367546][ T9267] netlink: 268 bytes leftover after parsing attributes in process `syz.2.661'. [ 378.114963][ T9296] block2mtd: parameter too long [ 379.360977][ T9321] block2mtd: parameter too long [ 380.896964][ T9341] netlink: 186 bytes leftover after parsing attributes in process `syz.3.674'. [ 380.908114][ T9341] netlink: 186 bytes leftover after parsing attributes in process `syz.3.674'. [ 381.617611][ T9338] netlink: 268 bytes leftover after parsing attributes in process `syz.3.674'. [ 382.462277][ T9360] netlink: zone id is out of range [ 382.476024][ T9360] netlink: del zone limit has 4 unknown bytes [ 382.896000][ T9369] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 384.329409][ T9385] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 385.002175][ T9391] netlink: 186 bytes leftover after parsing attributes in process `syz.1.688'. [ 386.271549][ T9389] netlink: 268 bytes leftover after parsing attributes in process `syz.1.688'. [ 386.853044][ T9417] netlink: 186 bytes leftover after parsing attributes in process `syz.0.694'. [ 386.925668][ T9417] netlink: 186 bytes leftover after parsing attributes in process `syz.0.694'. [ 387.036732][ T9415] netlink: 4 bytes leftover after parsing attributes in process `syz.3.693'. [ 387.376741][ T9424] vivid-007: ================= START STATUS ================= [ 387.385125][ T9417] netlink: 268 bytes leftover after parsing attributes in process `syz.0.694'. [ 387.424801][ T9424] vivid-007: Generate PTS: true [ 387.463237][ T9424] vivid-007: Generate SCR: true [ 387.482098][ T9424] tpg source WxH: 320x240 (Y'CbCr) [ 387.489511][ T9424] tpg field: 1 [ 387.502129][ T9424] tpg crop: (0,0)/320x240 [ 387.535179][ T9424] tpg compose: (0,0)/320x240 [ 387.539806][ T9424] tpg colorspace: 8 [ 387.589628][ T9424] tpg transfer function: 0/0 [ 387.599758][ T9424] tpg Y'CbCr encoding: 0/0 [ 387.604686][ T9424] tpg quantization: 0/0 [ 387.609907][ T9424] tpg RGB range: 0/2 [ 387.627643][ T9424] vivid-007: ================== END STATUS ================== [ 388.084007][ T9416] netlink: 186 bytes leftover after parsing attributes in process `syz.2.695'. [ 388.094394][ T9416] netlink: 186 bytes leftover after parsing attributes in process `syz.2.695'. [ 388.194018][ T9425] can: request_module (can-proto-3) failed. [ 388.617869][ T9416] netlink: 268 bytes leftover after parsing attributes in process `syz.2.695'. [ 388.967231][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.978736][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.468293][ T9450] netlink: 4 bytes leftover after parsing attributes in process `syz.1.702'. [ 391.055492][ T9479] block2mtd: parameter too long [ 391.669858][ T9473] netlink: 186 bytes leftover after parsing attributes in process `syz.3.705'. [ 392.033223][ T9473] netlink: 268 bytes leftover after parsing attributes in process `syz.3.705'. [ 393.578326][ T9516] netlink: 16 bytes leftover after parsing attributes in process `syz.3.714'. [ 393.769480][ T9507] netlink: 186 bytes leftover after parsing attributes in process `syz.2.712'. [ 393.794467][ T9507] netlink: 186 bytes leftover after parsing attributes in process `syz.2.712'. [ 394.446572][ T9507] netlink: 268 bytes leftover after parsing attributes in process `syz.2.712'. [ 394.865012][ T9534] netlink: zone id is out of range [ 394.870508][ T9534] netlink: del zone limit has 4 unknown bytes [ 395.391127][ T9531] netlink: 4 bytes leftover after parsing attributes in process `syz.1.716'. [ 395.672879][ T9547] netlink: 186 bytes leftover after parsing attributes in process `syz.2.720'. [ 396.081051][ T9544] netlink: 186 bytes leftover after parsing attributes in process `syz.3.721'. [ 396.256738][ T9546] netlink: 268 bytes leftover after parsing attributes in process `syz.3.721'. [ 397.417998][ T9569] block2mtd: parameter too long [ 398.965328][ T9588] netlink: zone id is out of range [ 398.985196][ T9588] netlink: del zone limit has 4 unknown bytes [ 399.793077][ T9596] __nla_validate_parse: 1 callbacks suppressed [ 399.793106][ T9596] netlink: 28 bytes leftover after parsing attributes in process `syz.3.729'. [ 401.223329][ T9602] netlink: 186 bytes leftover after parsing attributes in process `syz.2.731'. [ 401.233440][ T9602] netlink: 186 bytes leftover after parsing attributes in process `syz.2.731'. [ 401.654432][ T9604] netlink: 268 bytes leftover after parsing attributes in process `syz.2.731'. [ 401.784802][ T9603] netlink: 186 bytes leftover after parsing attributes in process `syz.3.732'. [ 402.019794][ T9606] netlink: 268 bytes leftover after parsing attributes in process `syz.3.732'. [ 402.763154][ T9626] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 404.194929][ T9642] netlink: 28 bytes leftover after parsing attributes in process `syz.0.740'. [ 405.651105][ T9673] netlink: 186 bytes leftover after parsing attributes in process `syz.2.744'. [ 405.751200][ T9669] netlink: 186 bytes leftover after parsing attributes in process `syz.2.744'. [ 406.610710][ T9665] netlink: 268 bytes leftover after parsing attributes in process `syz.2.744'. [ 407.141242][ T9690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.748'. [ 408.633604][ T9710] netlink: 186 bytes leftover after parsing attributes in process `syz.0.752'. [ 408.706238][ T9710] netlink: 186 bytes leftover after parsing attributes in process `syz.0.752'. [ 408.978646][ T9717] FAULT_INJECTION: forcing a failure. [ 408.978646][ T9717] name failslab, interval 1, probability 0, space 0, times 0 [ 409.051295][ T9717] CPU: 1 UID: 0 PID: 9717 Comm: syz.3.754 Tainted: G U syzkaller #0 PREEMPT(full) [ 409.051350][ T9717] Tainted: [U]=USER [ 409.051362][ T9717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 409.051382][ T9717] Call Trace: [ 409.051393][ T9717] [ 409.051406][ T9717] dump_stack_lvl+0x16c/0x1f0 [ 409.051463][ T9717] should_fail_ex+0x512/0x640 [ 409.051515][ T9717] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 409.051555][ T9717] should_failslab+0xc2/0x120 [ 409.051618][ T9717] __kmalloc_cache_noprof+0x6a/0x3e0 [ 409.051653][ T9717] ? __pfx_aa_file_perm+0x10/0x10 [ 409.051703][ T9717] ? ring_buffer_alloc_read_page+0x139/0x6e0 [ 409.051752][ T9717] ? __lock_acquire+0xb97/0x1ce0 [ 409.051800][ T9717] ring_buffer_alloc_read_page+0x139/0x6e0 [ 409.051851][ T9717] ? __pfx_ring_buffer_alloc_read_page+0x10/0x10 [ 409.051909][ T9717] ? __mutex_trylock_common+0xe9/0x250 [ 409.051958][ T9717] tracing_buffers_read+0x60d/0xb00 [ 409.052004][ T9717] ? rw_verify_area+0xcf/0x6c0 [ 409.052037][ T9717] ? __pfx_tracing_buffers_read+0x10/0x10 [ 409.052077][ T9717] vfs_read+0x1e4/0xcf0 [ 409.052120][ T9717] ? __pfx___mutex_lock+0x10/0x10 [ 409.052172][ T9717] ? __pfx_vfs_read+0x10/0x10 [ 409.052225][ T9717] ? __fget_files+0x20e/0x3c0 [ 409.052275][ T9717] ksys_read+0x12a/0x250 [ 409.052314][ T9717] ? __pfx_ksys_read+0x10/0x10 [ 409.052367][ T9717] do_syscall_64+0xcd/0x4c0 [ 409.052423][ T9717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.052458][ T9717] RIP: 0033:0x7f6f5258eec9 [ 409.052485][ T9717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 409.052519][ T9717] RSP: 002b:00007f6f507f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 409.052551][ T9717] RAX: ffffffffffffffda RBX: 00007f6f527e6090 RCX: 00007f6f5258eec9 [ 409.052574][ T9717] RDX: 000000000000006f RSI: 0000200000000040 RDI: 0000000000000007 [ 409.052607][ T9717] RBP: 00007f6f52611f91 R08: 0000000000000000 R09: 0000000000000000 [ 409.052629][ T9717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 409.052649][ T9717] R13: 00007f6f527e6128 R14: 00007f6f527e6090 R15: 00007ffdd0f872a8 [ 409.052693][ T9717] [ 409.270849][ C1] vkms_vblank_simulate: vblank timer overrun [ 409.310148][ T9719] FAULT_INJECTION: forcing a failure. [ 409.310148][ T9719] name failslab, interval 1, probability 0, space 0, times 0 [ 409.322858][ T9719] CPU: 1 UID: 0 PID: 9719 Comm: syz.1.755 Tainted: G U syzkaller #0 PREEMPT(full) [ 409.322896][ T9719] Tainted: [U]=USER [ 409.322903][ T9719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 409.322918][ T9719] Call Trace: [ 409.322927][ T9719] [ 409.322936][ T9719] dump_stack_lvl+0x16c/0x1f0 [ 409.322978][ T9719] should_fail_ex+0x512/0x640 [ 409.323015][ T9719] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 409.323044][ T9719] should_failslab+0xc2/0x120 [ 409.323076][ T9719] __kmalloc_cache_noprof+0x6a/0x3e0 [ 409.323103][ T9719] ? subflow_create_ctx+0x9b/0x2c0 [ 409.323144][ T9719] subflow_create_ctx+0x9b/0x2c0 [ 409.323184][ T9719] subflow_ulp_init+0xc3/0x4d0 [ 409.323222][ T9719] tcp_set_ulp+0x329/0x7f0 [ 409.323248][ T9719] mptcp_subflow_create_socket+0x361/0xed0 [ 409.323274][ T9719] ? futex_unqueue+0x133/0x2c0 [ 409.323301][ T9719] ? aa_label_sk_perm+0x195/0x600 [ 409.323336][ T9719] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 409.323363][ T9719] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 409.323394][ T9719] ? __futex_wait+0x24c/0x2f0 [ 409.323436][ T9719] __mptcp_nmpc_sk+0x182/0x890 [ 409.323465][ T9719] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 409.323502][ T9719] mptcp_connect+0x7e/0xae0 [ 409.323534][ T9719] __inet_stream_connect+0x914/0xf60 [ 409.323577][ T9719] ? __pfx___inet_stream_connect+0x10/0x10 [ 409.323606][ T9719] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 409.323648][ T9719] ? __pfx_inet_stream_connect+0x10/0x10 [ 409.323679][ T9719] ? __local_bh_enable_ip+0xa4/0x120 [ 409.323711][ T9719] ? __pfx_inet_stream_connect+0x10/0x10 [ 409.323738][ T9719] inet_stream_connect+0x57/0xa0 [ 409.323768][ T9719] __sys_connect_file+0x141/0x1a0 [ 409.323804][ T9719] __sys_connect+0x13b/0x160 [ 409.323835][ T9719] ? __pfx___sys_connect+0x10/0x10 [ 409.323876][ T9719] ? xfd_validate_state+0x61/0x180 [ 409.323912][ T9719] ? __pfx_do_writev+0x10/0x10 [ 409.323944][ T9719] __x64_sys_connect+0x72/0xb0 [ 409.323974][ T9719] ? lockdep_hardirqs_on+0x7c/0x110 [ 409.324010][ T9719] do_syscall_64+0xcd/0x4c0 [ 409.324049][ T9719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.324074][ T9719] RIP: 0033:0x7fa7fa78eec9 [ 409.324093][ T9719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 409.324117][ T9719] RSP: 002b:00007fa7fb701038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 409.324139][ T9719] RAX: ffffffffffffffda RBX: 00007fa7fa9e5fa0 RCX: 00007fa7fa78eec9 [ 409.324154][ T9719] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000003 [ 409.324169][ T9719] RBP: 00007fa7fa811f91 R08: 0000000000000000 R09: 0000000000000000 [ 409.324184][ T9719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 409.324198][ T9719] R13: 00007fa7fa9e6038 R14: 00007fa7fa9e5fa0 R15: 00007ffe99514b38 [ 409.324228][ T9719] [ 409.611673][ C1] vkms_vblank_simulate: vblank timer overrun [ 410.180244][ T9710] netlink: 268 bytes leftover after parsing attributes in process `syz.0.752'. [ 412.722282][ T9767] netlink: zone id is out of range [ 412.727491][ T9767] netlink: del zone limit has 4 unknown bytes [ 413.124124][ T9774] netlink: zone id is out of range [ 413.172135][ T9774] netlink: del zone limit has 4 unknown bytes [ 415.006928][ T9789] netlink: 4 bytes leftover after parsing attributes in process `syz.2.770'. [ 415.999242][ T9799] netlink: 186 bytes leftover after parsing attributes in process `syz.1.772'. [ 416.063792][ T9799] netlink: 186 bytes leftover after parsing attributes in process `syz.1.772'. [ 416.273849][ T9811] netlink: zone id is out of range [ 416.284923][ T9811] netlink: del zone limit has 4 unknown bytes [ 416.474064][ T9809] netlink: 268 bytes leftover after parsing attributes in process `syz.1.772'. [ 417.745217][ T9834] netlink: 186 bytes leftover after parsing attributes in process `syz.1.779'. [ 417.760461][ T9819] netlink: 186 bytes leftover after parsing attributes in process `syz.2.777'. [ 417.775743][ T9834] netlink: 186 bytes leftover after parsing attributes in process `syz.1.779'. [ 417.784435][ T9830] netlink: 186 bytes leftover after parsing attributes in process `syz.3.776'. [ 417.834129][ T9830] netlink: 186 bytes leftover after parsing attributes in process `syz.3.776'. [ 417.846287][ T9819] netlink: 186 bytes leftover after parsing attributes in process `syz.2.777'. [ 419.627451][ T9851] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 419.784510][ T9860] block2mtd: parameter too long [ 421.198427][ T9877] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 421.236831][ T9877] __nla_validate_parse: 8 callbacks suppressed [ 421.236849][ T9877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.789'. [ 421.596942][ T9882] netlink: 186 bytes leftover after parsing attributes in process `syz.1.788'. [ 421.662799][ T9882] netlink: 186 bytes leftover after parsing attributes in process `syz.1.788'. [ 421.750489][ T9889] random: crng reseeded on system resumption [ 422.073227][ T9889] Unrecognized hibernate image header format! [ 422.090784][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.119490][ T9889] Unrecognized hibernate image header format! [ 422.140028][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.163159][ T9889] Unrecognized hibernate image header format! [ 422.169256][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.176871][ T9889] Unrecognized hibernate image header format! [ 422.191828][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.199410][ T9889] Unrecognized hibernate image header format! [ 422.205574][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.262316][ T9889] Unrecognized hibernate image header format! [ 422.268456][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.451666][ T9880] netlink: 268 bytes leftover after parsing attributes in process `syz.1.788'. [ 422.471364][ T9889] Unrecognized hibernate image header format! [ 422.564291][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.577938][ T9889] Unrecognized hibernate image header format! [ 422.584474][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.592608][ T9889] Unrecognized hibernate image header format! [ 422.598822][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.606792][ T9889] Unrecognized hibernate image header format! [ 422.616150][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.670530][ T9889] Unrecognized hibernate image header format! [ 422.677066][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.684842][ T9889] Unrecognized hibernate image header format! [ 422.691057][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.712202][ T9889] Unrecognized hibernate image header format! [ 422.722035][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.730923][ T9889] Unrecognized hibernate image header format! [ 422.737193][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.755187][ T9889] Unrecognized hibernate image header format! [ 422.772746][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.872290][ T9889] Unrecognized hibernate image header format! [ 422.879442][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 422.955674][ T9894] Unrecognized hibernate image header format! [ 422.967055][ T9894] PM: hibernation: Image mismatch: architecture specific data [ 422.975612][ T9889] Unrecognized hibernate image header format! [ 423.011188][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.072375][ T9889] Unrecognized hibernate image header format! [ 423.188948][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.237827][ T9889] Unrecognized hibernate image header format! [ 423.262571][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.314218][ T9889] Unrecognized hibernate image header format! [ 423.320354][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.359020][ T9889] Unrecognized hibernate image header format! [ 423.376833][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.384690][ T9889] Unrecognized hibernate image header format! [ 423.392151][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.399680][ T9889] Unrecognized hibernate image header format! [ 423.406767][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.414525][ T9889] Unrecognized hibernate image header format! [ 423.420782][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.428692][ T9889] Unrecognized hibernate image header format! [ 423.435659][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.443551][ T9889] Unrecognized hibernate image header format! [ 423.452332][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.459900][ T9889] Unrecognized hibernate image header format! [ 423.465255][ T9915] netlink: zone id is out of range [ 423.475354][ T9915] netlink: del zone limit has 4 unknown bytes [ 423.521416][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.545143][ T9889] Unrecognized hibernate image header format! [ 423.551268][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.650129][ T9889] Unrecognized hibernate image header format! [ 423.659798][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.670816][ T9889] Unrecognized hibernate image header format! [ 423.677507][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.687906][ T9889] Unrecognized hibernate image header format! [ 423.696073][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.706145][ T9889] Unrecognized hibernate image header format! [ 423.721083][ T9889] PM: hibernation: Image mismatch: architecture specific data [ 423.853269][ T9912] netlink: 186 bytes leftover after parsing attributes in process `syz.1.793'. [ 423.925040][ T9912] netlink: 186 bytes leftover after parsing attributes in process `syz.1.793'. [ 424.414280][ T9912] netlink: 268 bytes leftover after parsing attributes in process `syz.1.793'. [ 425.193443][ T9931] FAULT_INJECTION: forcing a failure. [ 425.193443][ T9931] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 425.228161][ T9931] CPU: 1 UID: 0 PID: 9931 Comm: syz.3.797 Tainted: G U syzkaller #0 PREEMPT(full) [ 425.228212][ T9931] Tainted: [U]=USER [ 425.228223][ T9931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 425.228243][ T9931] Call Trace: [ 425.228253][ T9931] [ 425.228265][ T9931] dump_stack_lvl+0x16c/0x1f0 [ 425.228328][ T9931] should_fail_ex+0x512/0x640 [ 425.228386][ T9931] _copy_to_user+0x32/0xd0 [ 425.228424][ T9931] simple_read_from_buffer+0xcb/0x170 [ 425.228463][ T9931] proc_fail_nth_read+0x197/0x240 [ 425.228500][ T9931] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 425.228538][ T9931] ? rw_verify_area+0xcf/0x6c0 [ 425.228571][ T9931] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 425.228607][ T9931] vfs_read+0x1e4/0xcf0 [ 425.228650][ T9931] ? __pfx___mutex_lock+0x10/0x10 [ 425.228702][ T9931] ? __pfx_vfs_read+0x10/0x10 [ 425.228750][ T9931] ? __fget_files+0x20e/0x3c0 [ 425.228800][ T9931] ksys_read+0x12a/0x250 [ 425.228841][ T9931] ? __pfx_ksys_read+0x10/0x10 [ 425.228890][ T9931] do_syscall_64+0xcd/0x4c0 [ 425.228944][ T9931] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.228977][ T9931] RIP: 0033:0x7f6f5258d8dc [ 425.229001][ T9931] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 425.229033][ T9931] RSP: 002b:00007f6f53359030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 425.229063][ T9931] RAX: ffffffffffffffda RBX: 00007f6f527e5fa0 RCX: 00007f6f5258d8dc [ 425.229084][ T9931] RDX: 000000000000000f RSI: 00007f6f533590a0 RDI: 0000000000000006 [ 425.229105][ T9931] RBP: 00007f6f53359090 R08: 0000000000000000 R09: 0000000000000000 [ 425.229125][ T9931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 425.229145][ T9931] R13: 00007f6f527e6038 R14: 00007f6f527e5fa0 R15: 00007ffdd0f872a8 [ 425.229188][ T9931] [ 425.881338][ T9945] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 425.933540][ T9945] netlink: 4 bytes leftover after parsing attributes in process `syz.3.800'. [ 426.716755][ T9951] netlink: 186 bytes leftover after parsing attributes in process `syz.0.802'. [ 426.730200][ T9951] netlink: 186 bytes leftover after parsing attributes in process `syz.0.802'. [ 426.931777][ T9952] netlink: 268 bytes leftover after parsing attributes in process `syz.0.802'. [ 428.030628][ T9966] netlink: 4 bytes leftover after parsing attributes in process `syz.0.805'. [ 428.105704][ T9971] netlink: 186 bytes leftover after parsing attributes in process `syz.2.807'. [ 428.118213][ T9971] netlink: 186 bytes leftover after parsing attributes in process `syz.2.807'. [ 428.829408][ T9971] netlink: 268 bytes leftover after parsing attributes in process `syz.2.807'. [ 429.314341][ T9982] netlink: 62 bytes leftover after parsing attributes in process `syz.0.809'. [ 429.452489][ T31] audit: type=1800 audit(4294967570.909:6): pid=9992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.811" name="features" dev="configfs" ino=25547 res=0 errno=0 [ 432.169478][T10024] netlink: 4 bytes leftover after parsing attributes in process `syz.3.816'. [ 432.244206][T10032] FAULT_INJECTION: forcing a failure. [ 432.244206][T10032] name failslab, interval 1, probability 0, space 0, times 0 [ 432.323927][T10032] CPU: 1 UID: 0 PID: 10032 Comm: syz.1.818 Tainted: G U syzkaller #0 PREEMPT(full) [ 432.323983][T10032] Tainted: [U]=USER [ 432.323995][T10032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 432.324015][T10032] Call Trace: [ 432.324026][T10032] [ 432.324039][T10032] dump_stack_lvl+0x16c/0x1f0 [ 432.324097][T10032] should_fail_ex+0x512/0x640 [ 432.324150][T10032] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 432.324192][T10032] should_failslab+0xc2/0x120 [ 432.324237][T10032] __kmalloc_cache_noprof+0x6a/0x3e0 [ 432.324270][T10032] ? __lock_acquire+0xb97/0x1ce0 [ 432.324316][T10032] ? snd_timer_instance_new+0x47/0x2e0 [ 432.324358][T10032] snd_timer_instance_new+0x47/0x2e0 [ 432.324393][T10032] snd_seq_timer_open+0x1cc/0x600 [ 432.324444][T10032] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 432.324499][T10032] ? find_held_lock+0x2b/0x80 [ 432.324538][T10032] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 432.324586][T10032] ? lockdep_hardirqs_on+0x7c/0x110 [ 432.324635][T10032] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 432.324688][T10032] queue_use+0xe3/0x250 [ 432.324730][T10032] snd_seq_queue_alloc+0x2e5/0x5a0 [ 432.324791][T10032] snd_seq_ioctl_create_queue+0xa9/0x380 [ 432.324851][T10032] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 432.324894][T10032] alloc_seq_queue+0xda/0x180 [ 432.324928][T10032] ? __pfx_alloc_seq_queue+0x10/0x10 [ 432.324989][T10032] ? mark_held_locks+0x49/0x80 [ 432.325033][T10032] ? _raw_spin_unlock_irq+0x23/0x50 [ 432.325082][T10032] snd_seq_oss_open+0x38c/0xa20 [ 432.325126][T10032] odev_open+0x6f/0x90 [ 432.325156][T10032] ? __pfx_odev_open+0x10/0x10 [ 432.325187][T10032] soundcore_open+0x40c/0x580 [ 432.325242][T10032] ? __pfx_soundcore_open+0x10/0x10 [ 432.325296][T10032] chrdev_open+0x234/0x6a0 [ 432.325339][T10032] ? __pfx_apparmor_file_open+0x10/0x10 [ 432.325378][T10032] ? __pfx_chrdev_open+0x10/0x10 [ 432.325424][T10032] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 432.325473][T10032] do_dentry_open+0x982/0x1530 [ 432.325515][T10032] ? __pfx_chrdev_open+0x10/0x10 [ 432.325569][T10032] vfs_open+0x82/0x3f0 [ 432.325625][T10032] path_openat+0x1de4/0x2cb0 [ 432.325680][T10032] ? __pfx_path_openat+0x10/0x10 [ 432.325738][T10032] do_filp_open+0x20b/0x470 [ 432.325781][T10032] ? __pfx_do_filp_open+0x10/0x10 [ 432.325854][T10032] ? alloc_fd+0x471/0x7d0 [ 432.325903][T10032] do_sys_openat2+0x11b/0x1d0 [ 432.325955][T10032] ? __pfx_do_sys_openat2+0x10/0x10 [ 432.326045][T10032] __x64_sys_openat+0x174/0x210 [ 432.326077][T10032] ? __pfx___x64_sys_openat+0x10/0x10 [ 432.326125][T10032] do_syscall_64+0xcd/0x4c0 [ 432.326180][T10032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.326215][T10032] RIP: 0033:0x7fa7fa78eec9 [ 432.326241][T10032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.326274][T10032] RSP: 002b:00007fa7fb701038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 432.326307][T10032] RAX: ffffffffffffffda RBX: 00007fa7fa9e5fa0 RCX: 00007fa7fa78eec9 [ 432.326329][T10032] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 432.326351][T10032] RBP: 00007fa7fa811f91 R08: 0000000000000000 R09: 0000000000000000 [ 432.326372][T10032] R10: 0000000000000500 R11: 0000000000000246 R12: 0000000000000000 [ 432.326393][T10032] R13: 00007fa7fa9e6038 R14: 00007fa7fa9e5fa0 R15: 00007ffe99514b38 [ 432.326437][T10032] [ 433.053309][T10042] FAULT_INJECTION: forcing a failure. [ 433.053309][T10042] name failslab, interval 1, probability 0, space 0, times 0 [ 433.115334][T10042] CPU: 1 UID: 0 PID: 10042 Comm: syz.1.821 Tainted: G U syzkaller #0 PREEMPT(full) [ 433.115391][T10042] Tainted: [U]=USER [ 433.115401][T10042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 433.115420][T10042] Call Trace: [ 433.115430][T10042] [ 433.115441][T10042] dump_stack_lvl+0x16c/0x1f0 [ 433.115496][T10042] should_fail_ex+0x512/0x640 [ 433.115548][T10042] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 433.115588][T10042] should_failslab+0xc2/0x120 [ 433.115633][T10042] __kmalloc_cache_noprof+0x6a/0x3e0 [ 433.115668][T10042] ? snd_seq_create_port+0xf7/0xae0 [ 433.115706][T10042] snd_seq_create_port+0xf7/0xae0 [ 433.115750][T10042] snd_seq_ioctl_create_port+0x253/0x950 [ 433.115804][T10042] ? __pfx_snd_seq_ioctl_create_port+0x10/0x10 [ 433.115860][T10042] ? kasan_save_stack+0x42/0x60 [ 433.115896][T10042] ? kasan_save_stack+0x33/0x60 [ 433.115931][T10042] ? kasan_save_track+0x14/0x30 [ 433.115974][T10042] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 433.116016][T10042] create_port+0x197/0x260 [ 433.116049][T10042] ? __pfx_create_port+0x10/0x10 [ 433.116088][T10042] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 433.116127][T10042] ? __pfx_free_devinfo+0x10/0x10 [ 433.116193][T10042] ? mark_held_locks+0x49/0x80 [ 433.116242][T10042] ? _raw_spin_unlock_irq+0x23/0x50 [ 433.116291][T10042] snd_seq_oss_open+0x36c/0xa20 [ 433.116336][T10042] odev_open+0x6f/0x90 [ 433.116365][T10042] ? __pfx_odev_open+0x10/0x10 [ 433.116459][T10042] soundcore_open+0x40c/0x580 [ 433.116515][T10042] ? __pfx_soundcore_open+0x10/0x10 [ 433.116567][T10042] chrdev_open+0x234/0x6a0 [ 433.116611][T10042] ? __pfx_apparmor_file_open+0x10/0x10 [ 433.116649][T10042] ? __pfx_chrdev_open+0x10/0x10 [ 433.116695][T10042] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 433.116742][T10042] do_dentry_open+0x982/0x1530 [ 433.116784][T10042] ? __pfx_chrdev_open+0x10/0x10 [ 433.116837][T10042] vfs_open+0x82/0x3f0 [ 433.116893][T10042] path_openat+0x1de4/0x2cb0 [ 433.116948][T10042] ? __pfx_path_openat+0x10/0x10 [ 433.117000][T10042] do_filp_open+0x20b/0x470 [ 433.117041][T10042] ? __pfx_do_filp_open+0x10/0x10 [ 433.117113][T10042] ? alloc_fd+0x471/0x7d0 [ 433.117162][T10042] do_sys_openat2+0x11b/0x1d0 [ 433.117213][T10042] ? __pfx_do_sys_openat2+0x10/0x10 [ 433.117270][T10042] ? __fget_files+0x20e/0x3c0 [ 433.117308][T10042] __x64_sys_openat+0x174/0x210 [ 433.117329][T10042] ? __pfx___x64_sys_openat+0x10/0x10 [ 433.117349][T10042] ? ksys_write+0x1ac/0x250 [ 433.117392][T10042] do_syscall_64+0xcd/0x4c0 [ 433.117431][T10042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.117454][T10042] RIP: 0033:0x7fa7fa78eec9 [ 433.117473][T10042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 433.117495][T10042] RSP: 002b:00007fa7fb701038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 433.117516][T10042] RAX: ffffffffffffffda RBX: 00007fa7fa9e5fa0 RCX: 00007fa7fa78eec9 [ 433.117531][T10042] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 433.117545][T10042] RBP: 00007fa7fb701090 R08: 0000000000000000 R09: 0000000000000000 [ 433.117558][T10042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 433.117572][T10042] R13: 00007fa7fa9e6038 R14: 00007fa7fa9e5fa0 R15: 00007ffe99514b38 [ 433.117601][T10042] [ 433.484252][T10042] ALSA: seq_oss: can't create port [ 434.480501][T10039] kexec: Could not allocate control_code_buffer [ 434.657283][T10070] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 436.031677][T10096] FAULT_INJECTION: forcing a failure. [ 436.031677][T10096] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 436.100116][T10096] CPU: 0 UID: 0 PID: 10096 Comm: syz.3.830 Tainted: G U syzkaller #0 PREEMPT(full) [ 436.100167][T10096] Tainted: [U]=USER [ 436.100178][T10096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 436.100197][T10096] Call Trace: [ 436.100207][T10096] [ 436.100220][T10096] dump_stack_lvl+0x16c/0x1f0 [ 436.100273][T10096] should_fail_ex+0x512/0x640 [ 436.100336][T10096] _copy_from_user+0x2e/0xd0 [ 436.100384][T10096] copy_msghdr_from_user+0x98/0x160 [ 436.100435][T10096] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 436.100493][T10096] ? kfree+0x24f/0x4d0 [ 436.100522][T10096] ? __lock_acquire+0x62e/0x1ce0 [ 436.100575][T10096] ___sys_recvmsg+0xdb/0x1a0 [ 436.100625][T10096] ? __pfx____sys_recvmsg+0x10/0x10 [ 436.100696][T10096] ? __pfx___might_resched+0x10/0x10 [ 436.100736][T10096] do_recvmmsg+0x2fe/0x750 [ 436.100789][T10096] ? __pfx_do_recvmmsg+0x10/0x10 [ 436.100847][T10096] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 436.100910][T10096] ? __fget_files+0x20e/0x3c0 [ 436.100955][T10096] __x64_sys_recvmmsg+0x22a/0x280 [ 436.101009][T10096] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 436.101076][T10096] do_syscall_64+0xcd/0x4c0 [ 436.101131][T10096] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.101164][T10096] RIP: 0033:0x7f6f5258eec9 [ 436.101187][T10096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.101220][T10096] RSP: 002b:00007f6f507d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 436.101249][T10096] RAX: ffffffffffffffda RBX: 00007f6f527e6180 RCX: 00007f6f5258eec9 [ 436.101271][T10096] RDX: 000000000000fffe RSI: 0000000000000000 RDI: 0000000000000003 [ 436.101290][T10096] RBP: 00007f6f507d5090 R08: 0000000000000000 R09: 0000000000000000 [ 436.101310][T10096] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 436.101330][T10096] R13: 00007f6f527e6218 R14: 00007f6f527e6180 R15: 00007ffdd0f872a8 [ 436.101380][T10096] [ 436.574899][T10108] FAULT_INJECTION: forcing a failure. [ 436.574899][T10108] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 436.602098][T10108] CPU: 0 UID: 0 PID: 10108 Comm: syz.3.833 Tainted: G U syzkaller #0 PREEMPT(full) [ 436.602158][T10108] Tainted: [U]=USER [ 436.602169][T10108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 436.602188][T10108] Call Trace: [ 436.602199][T10108] [ 436.602211][T10108] dump_stack_lvl+0x16c/0x1f0 [ 436.602266][T10108] should_fail_ex+0x512/0x640 [ 436.602325][T10108] _copy_to_iter+0x463/0x1710 [ 436.602373][T10108] ? __pfx__copy_to_iter+0x10/0x10 [ 436.602411][T10108] ? const_folio_flags+0x5b/0x100 [ 436.602451][T10108] ? folio_mark_accessed+0xc1/0xc00 [ 436.602496][T10108] ? __pfx_folio_mark_accessed+0x10/0x10 [ 436.602548][T10108] copy_page_to_iter+0x12a/0x1e0 [ 436.602590][T10108] filemap_read+0x6b1/0xe40 [ 436.602653][T10108] ? __pfx_filemap_read+0x10/0x10 [ 436.602730][T10108] ? __pfx_down_read+0x10/0x10 [ 436.602766][T10108] ? __pfx_aa_file_perm+0x10/0x10 [ 436.602824][T10108] blkdev_read_iter+0x1ac/0x500 [ 436.602877][T10108] do_iter_readv_writev+0x743/0x9e0 [ 436.602918][T10108] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 436.602962][T10108] ? bpf_lsm_file_permission+0x9/0x10 [ 436.603008][T10108] ? security_file_permission+0x71/0x210 [ 436.603055][T10108] ? rw_verify_area+0xcf/0x6c0 [ 436.603092][T10108] vfs_readv+0x4cb/0x8b0 [ 436.603126][T10108] ? __pfx_try_to_wake_up+0x10/0x10 [ 436.603167][T10108] ? find_held_lock+0x2b/0x80 [ 436.603200][T10108] ? __pfx_vfs_readv+0x10/0x10 [ 436.603236][T10108] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 436.603288][T10108] ? rcu_preempt_deferred_qs_irqrestore+0x8e6/0xbc0 [ 436.603357][T10108] ? __fget_files+0x20e/0x3c0 [ 436.603404][T10108] ? do_readv+0x132/0x340 [ 436.603437][T10108] do_readv+0x132/0x340 [ 436.603471][T10108] ? __pfx_do_readv+0x10/0x10 [ 436.603507][T10108] ? ksys_write+0x1ac/0x250 [ 436.603544][T10108] ? __pfx_ksys_write+0x10/0x10 [ 436.603589][T10108] __x64_sys_preadv2+0x11f/0x160 [ 436.603636][T10108] do_syscall_64+0xcd/0x4c0 [ 436.603690][T10108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.603724][T10108] RIP: 0033:0x7f6f5258eec9 [ 436.603749][T10108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 436.603781][T10108] RSP: 002b:00007f6f507f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147 [ 436.603811][T10108] RAX: ffffffffffffffda RBX: 00007f6f527e6090 RCX: 00007f6f5258eec9 [ 436.603833][T10108] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0000000000000003 [ 436.603853][T10108] RBP: 00007f6f507f6090 R08: 0000000000000004 R09: 000000000000002e [ 436.603874][T10108] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 436.603894][T10108] R13: 00007f6f527e6128 R14: 00007f6f527e6090 R15: 00007ffdd0f872a8 [ 436.603938][T10108] [ 438.444322][T10143] block2mtd: parameter too long [ 440.629388][T10175] FAULT_INJECTION: forcing a failure. [ 440.629388][T10175] name fail_futex, interval 1, probability 0, space 0, times 0 [ 440.643845][T10175] CPU: 1 UID: 0 PID: 10175 Comm: syz.2.849 Tainted: G U syzkaller #0 PREEMPT(full) [ 440.643884][T10175] Tainted: [U]=USER [ 440.643892][T10175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 440.643907][T10175] Call Trace: [ 440.643916][T10175] [ 440.643941][T10175] dump_stack_lvl+0x16c/0x1f0 [ 440.643983][T10175] should_fail_ex+0x512/0x640 [ 440.644026][T10175] get_futex_key+0x1d0/0x1560 [ 440.644060][T10175] ? __pfx_get_futex_key+0x10/0x10 [ 440.644095][T10175] ? mptcp_release_cb+0x746/0xa60 [ 440.644132][T10175] futex_wake+0xea/0x530 [ 440.644165][T10175] ? reacquire_held_locks+0xcd/0x1f0 [ 440.644202][T10175] ? __pfx_futex_wake+0x10/0x10 [ 440.644242][T10175] ? inet_stream_connect+0x79/0xa0 [ 440.644271][T10175] ? rcu_is_watching+0x12/0xc0 [ 440.644295][T10175] ? __local_bh_enable_ip+0xa4/0x120 [ 440.644329][T10175] do_futex+0x1e3/0x350 [ 440.644361][T10175] ? __pfx_do_futex+0x10/0x10 [ 440.644394][T10175] ? __sys_connect+0xe0/0x160 [ 440.644430][T10175] __x64_sys_futex+0x1e0/0x4c0 [ 440.644466][T10175] ? __pfx___x64_sys_futex+0x10/0x10 [ 440.644498][T10175] ? xfd_validate_state+0x61/0x180 [ 440.644534][T10175] ? __pfx_do_writev+0x10/0x10 [ 440.644569][T10175] do_syscall_64+0xcd/0x4c0 [ 440.644610][T10175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.644634][T10175] RIP: 0033:0x7f636198eec9 [ 440.644653][T10175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.644678][T10175] RSP: 002b:00007f63628df0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 440.644702][T10175] RAX: ffffffffffffffda RBX: 00007f6361be5fa8 RCX: 00007f636198eec9 [ 440.644717][T10175] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6361be5fac [ 440.644732][T10175] RBP: 00007f6361be5fa0 R08: 00007f63628e0000 R09: 0000000000000000 [ 440.644746][T10175] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 440.644761][T10175] R13: 00007f6361be6038 R14: 00007ffcb80a72f0 R15: 00007ffcb80a73d8 [ 440.644792][T10175] [ 441.710550][T10185] block2mtd: parameter too long [ 442.444326][T10192] netlink: zone id is out of range [ 442.449477][T10192] netlink: del zone limit has 4 unknown bytes [ 442.797029][T10195] netlink: zone id is out of range [ 442.811468][T10189] netlink: 4 bytes leftover after parsing attributes in process `syz.1.852'. [ 442.823552][T10195] netlink: del zone limit has 4 unknown bytes [ 442.858518][T10199] block2mtd: parameter too long [ 444.457257][T10219] FAULT_INJECTION: forcing a failure. [ 444.457257][T10219] name failslab, interval 1, probability 0, space 0, times 0 [ 444.473510][T10219] CPU: 1 UID: 0 PID: 10219 Comm: syz.2.858 Tainted: G U syzkaller #0 PREEMPT(full) [ 444.473548][T10219] Tainted: [U]=USER [ 444.473555][T10219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 444.473570][T10219] Call Trace: [ 444.473577][T10219] [ 444.473586][T10219] dump_stack_lvl+0x16c/0x1f0 [ 444.473628][T10219] should_fail_ex+0x512/0x640 [ 444.473668][T10219] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 444.473696][T10219] should_failslab+0xc2/0x120 [ 444.473728][T10219] __kmalloc_cache_noprof+0x6a/0x3e0 [ 444.473754][T10219] ? subflow_create_ctx+0x9b/0x2c0 [ 444.473796][T10219] subflow_create_ctx+0x9b/0x2c0 [ 444.473835][T10219] subflow_ulp_init+0xc3/0x4d0 [ 444.473874][T10219] tcp_set_ulp+0x329/0x7f0 [ 444.473901][T10219] mptcp_subflow_create_socket+0x361/0xed0 [ 444.473926][T10219] ? finish_task_switch.isra.0+0x221/0xc10 [ 444.473956][T10219] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 444.473982][T10219] ? rcu_is_watching+0x12/0xc0 [ 444.474006][T10219] ? trace_sched_exit_tp+0xd1/0x120 [ 444.474044][T10219] ? __schedule+0x11a3/0x5de0 [ 444.474081][T10219] __mptcp_nmpc_sk+0x182/0x890 [ 444.474110][T10219] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 444.474147][T10219] mptcp_connect+0x7e/0xae0 [ 444.474179][T10219] __inet_stream_connect+0x914/0xf60 [ 444.474216][T10219] ? __pfx___inet_stream_connect+0x10/0x10 [ 444.474245][T10219] ? __pfx_inet_stream_connect+0x10/0x10 [ 444.474273][T10219] ? preempt_schedule_common+0x44/0xc0 [ 444.474309][T10219] ? preempt_schedule_thunk+0x16/0x30 [ 444.474350][T10219] ? __pfx_inet_stream_connect+0x10/0x10 [ 444.474377][T10219] inet_stream_connect+0x57/0xa0 [ 444.474417][T10219] __sys_connect_file+0x141/0x1a0 [ 444.474453][T10219] __sys_connect+0x13b/0x160 [ 444.474485][T10219] ? __pfx___sys_connect+0x10/0x10 [ 444.474527][T10219] ? xfd_validate_state+0x61/0x180 [ 444.474562][T10219] ? __pfx_do_writev+0x10/0x10 [ 444.474594][T10219] __x64_sys_connect+0x72/0xb0 [ 444.474624][T10219] ? lockdep_hardirqs_on+0x7c/0x110 [ 444.474661][T10219] do_syscall_64+0xcd/0x4c0 [ 444.474701][T10219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.474726][T10219] RIP: 0033:0x7f636198eec9 [ 444.474746][T10219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 444.474769][T10219] RSP: 002b:00007f63628df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 444.474794][T10219] RAX: ffffffffffffffda RBX: 00007f6361be5fa0 RCX: 00007f636198eec9 [ 444.474809][T10219] RDX: 0000000000000054 RSI: 0000000000000000 RDI: 0000000000000003 [ 444.474823][T10219] RBP: 00007f6361a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 444.474837][T10219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 444.474851][T10219] R13: 00007f6361be6038 R14: 00007f6361be5fa0 R15: 00007ffcb80a73d8 [ 444.474881][T10219] [ 444.874665][T10223] FAULT_INJECTION: forcing a failure. [ 444.874665][T10223] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 444.888580][T10223] CPU: 0 UID: 0 PID: 10223 Comm: syz.2.860 Tainted: G U syzkaller #0 PREEMPT(full) [ 444.888626][T10223] Tainted: [U]=USER [ 444.888636][T10223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 444.888654][T10223] Call Trace: [ 444.888664][T10223] [ 444.888676][T10223] dump_stack_lvl+0x16c/0x1f0 [ 444.888729][T10223] should_fail_ex+0x512/0x640 [ 444.888785][T10223] should_fail_alloc_page+0xe7/0x130 [ 444.888831][T10223] prepare_alloc_pages+0x3c2/0x610 [ 444.888885][T10223] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 444.888927][T10223] ? stack_trace_save+0x8e/0xc0 [ 444.888964][T10223] ? __pfx_stack_trace_save+0x10/0x10 [ 444.888997][T10223] ? rcu_is_watching+0x12/0xc0 [ 444.889029][T10223] ? stack_depot_save_flags+0x29/0x9c0 [ 444.889091][T10223] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 444.889131][T10223] ? __kasan_slab_alloc+0x89/0x90 [ 444.889171][T10223] ? __pmd_alloc+0xbf/0x930 [ 444.889218][T10223] ? handle_mm_fault+0x589/0xd10 [ 444.889248][T10223] ? __get_user_pages+0x551/0x34a0 [ 444.889294][T10223] ? populate_vma_page_range+0x267/0x3f0 [ 444.889347][T10223] ? __mm_populate+0x1d8/0x380 [ 444.889401][T10223] ? vm_mmap_pgoff+0x37f/0x470 [ 444.889446][T10223] ? ksys_mmap_pgoff+0x32c/0x5c0 [ 444.889489][T10223] ? __x64_sys_mmap+0x125/0x190 [ 444.889555][T10223] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 444.889616][T10223] ? policy_nodemask+0xea/0x4e0 [ 444.889667][T10223] alloc_pages_mpol+0x1fb/0x550 [ 444.889713][T10223] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 444.889769][T10223] alloc_pages_noprof+0x131/0x390 [ 444.889812][T10223] pte_alloc_one+0x1c/0x3a0 [ 444.889849][T10223] do_pte_missing+0x1afc/0x3ba0 [ 444.889884][T10223] ? do_raw_spin_unlock+0x172/0x230 [ 444.889939][T10223] ? __pmd_alloc+0x3fb/0x930 [ 444.889993][T10223] __handle_mm_fault+0x152a/0x2a50 [ 444.890041][T10223] ? __pfx___handle_mm_fault+0x10/0x10 [ 444.890111][T10223] handle_mm_fault+0x589/0xd10 [ 444.890153][T10223] __get_user_pages+0x551/0x34a0 [ 444.890218][T10223] ? __pfx___get_user_pages+0x10/0x10 [ 444.890279][T10223] populate_vma_page_range+0x267/0x3f0 [ 444.890332][T10223] ? __pfx_populate_vma_page_range+0x10/0x10 [ 444.890383][T10223] ? __pfx_find_vma_intersection+0x10/0x10 [ 444.890434][T10223] ? do_mmap+0x69c/0x1210 [ 444.890487][T10223] __mm_populate+0x1d8/0x380 [ 444.890518][T10223] ? __pfx___mm_populate+0x10/0x10 [ 444.890551][T10223] ? up_write+0x1b2/0x520 [ 444.890612][T10223] vm_mmap_pgoff+0x37f/0x470 [ 444.890662][T10223] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 444.890718][T10223] ? __fget_files+0x20e/0x3c0 [ 444.890763][T10223] ksys_mmap_pgoff+0x32c/0x5c0 [ 444.890810][T10223] ? __pfx_ksys_write+0x10/0x10 [ 444.890854][T10223] __x64_sys_mmap+0x125/0x190 [ 444.890910][T10223] do_syscall_64+0xcd/0x4c0 [ 444.890963][T10223] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.890997][T10223] RIP: 0033:0x7f636198eec9 [ 444.891023][T10223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 444.891055][T10223] RSP: 002b:00007f63628df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 444.891084][T10223] RAX: ffffffffffffffda RBX: 00007f6361be5fa0 RCX: 00007f636198eec9 [ 444.891106][T10223] RDX: 0000002000000efb RSI: 0000000000810004 RDI: 0000000000000000 [ 444.891125][T10223] RBP: 00007f63628df090 R08: 0000000000000004 R09: 0000000000008000 [ 444.891145][T10223] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 444.891165][T10223] R13: 00007f6361be6038 R14: 00007f6361be5fa0 R15: 00007ffcb80a73d8 [ 444.891208][T10223] [ 445.242365][ C0] vkms_vblank_simulate: vblank timer overrun [ 445.894815][T10231] FAULT_INJECTION: forcing a failure. [ 445.894815][T10231] name failslab, interval 1, probability 0, space 0, times 0 [ 445.979378][T10220] netlink: 186 bytes leftover after parsing attributes in process `syz.1.859'. [ 445.992712][T10220] netlink: 186 bytes leftover after parsing attributes in process `syz.1.859'. [ 446.002389][T10231] CPU: 1 UID: 0 PID: 10231 Comm: syz.0.862 Tainted: G U syzkaller #0 PREEMPT(full) [ 446.002436][T10231] Tainted: [U]=USER [ 446.002446][T10231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 446.002465][T10231] Call Trace: [ 446.002475][T10231] [ 446.002487][T10231] dump_stack_lvl+0x16c/0x1f0 [ 446.002552][T10231] should_fail_ex+0x512/0x640 [ 446.002600][T10231] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 446.002638][T10231] should_failslab+0xc2/0x120 [ 446.002682][T10231] __kmalloc_cache_noprof+0x6a/0x3e0 [ 446.002718][T10231] ? snd_seq_create_port+0xf7/0xae0 [ 446.002756][T10231] snd_seq_create_port+0xf7/0xae0 [ 446.002798][T10231] snd_seq_ioctl_create_port+0x253/0x950 [ 446.002852][T10231] ? __pfx_snd_seq_ioctl_create_port+0x10/0x10 [ 446.002904][T10231] ? kasan_save_stack+0x42/0x60 [ 446.002939][T10231] ? kasan_save_stack+0x33/0x60 [ 446.002971][T10231] ? kasan_save_track+0x14/0x30 [ 446.003015][T10231] snd_seq_kernel_client_ctl+0x10a/0x1c0 [ 446.003055][T10231] create_port+0x197/0x260 [ 446.003088][T10231] ? __pfx_create_port+0x10/0x10 [ 446.003129][T10231] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 446.003168][T10231] ? __pfx_free_devinfo+0x10/0x10 [ 446.003234][T10231] ? mark_held_locks+0x49/0x80 [ 446.003277][T10231] ? _raw_spin_unlock_irq+0x23/0x50 [ 446.003325][T10231] snd_seq_oss_open+0x36c/0xa20 [ 446.003367][T10231] odev_open+0x6f/0x90 [ 446.003393][T10231] ? __pfx_odev_open+0x10/0x10 [ 446.003421][T10231] soundcore_open+0x40c/0x580 [ 446.003475][T10231] ? __pfx_soundcore_open+0x10/0x10 [ 446.003533][T10231] chrdev_open+0x234/0x6a0 [ 446.003575][T10231] ? __pfx_apparmor_file_open+0x10/0x10 [ 446.003613][T10231] ? __pfx_chrdev_open+0x10/0x10 [ 446.003658][T10231] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 446.003703][T10231] do_dentry_open+0x982/0x1530 [ 446.003745][T10231] ? __pfx_chrdev_open+0x10/0x10 [ 446.003797][T10231] vfs_open+0x82/0x3f0 [ 446.003852][T10231] path_openat+0x1de4/0x2cb0 [ 446.003906][T10231] ? __pfx_path_openat+0x10/0x10 [ 446.003958][T10231] do_filp_open+0x20b/0x470 [ 446.003999][T10231] ? __pfx_do_filp_open+0x10/0x10 [ 446.004070][T10231] ? alloc_fd+0x471/0x7d0 [ 446.004118][T10231] do_sys_openat2+0x11b/0x1d0 [ 446.004169][T10231] ? __pfx_do_sys_openat2+0x10/0x10 [ 446.004224][T10231] ? __fget_files+0x20e/0x3c0 [ 446.004269][T10231] __x64_sys_openat+0x174/0x210 [ 446.004299][T10231] ? __pfx___x64_sys_openat+0x10/0x10 [ 446.004328][T10231] ? ksys_write+0x1ac/0x250 [ 446.004378][T10231] do_syscall_64+0xcd/0x4c0 [ 446.004432][T10231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.004466][T10231] RIP: 0033:0x7f4c5ad8eec9 [ 446.004491][T10231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.004530][T10231] RSP: 002b:00007f4c5bcad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 446.004560][T10231] RAX: ffffffffffffffda RBX: 00007f4c5afe5fa0 RCX: 00007f4c5ad8eec9 [ 446.004580][T10231] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 446.004601][T10231] RBP: 00007f4c5bcad090 R08: 0000000000000000 R09: 0000000000000000 [ 446.004621][T10231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 446.004640][T10231] R13: 00007f4c5afe6038 R14: 00007f4c5afe5fa0 R15: 00007ffdb34c9608 [ 446.004684][T10231] [ 446.004697][T10231] ALSA: seq_oss: can't create port [ 446.607477][T10238] netlink: zone id is out of range [ 446.638473][T10238] netlink: del zone limit has 4 unknown bytes [ 446.699201][T10221] netlink: 268 bytes leftover after parsing attributes in process `syz.1.859'. [ 448.471707][T10260] FAULT_INJECTION: forcing a failure. [ 448.471707][T10260] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 448.485729][T10260] CPU: 1 UID: 0 PID: 10260 Comm: syz.2.870 Tainted: G U syzkaller #0 PREEMPT(full) [ 448.485779][T10260] Tainted: [U]=USER [ 448.485789][T10260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 448.485809][T10260] Call Trace: [ 448.485819][T10260] [ 448.485832][T10260] dump_stack_lvl+0x16c/0x1f0 [ 448.485888][T10260] should_fail_ex+0x512/0x640 [ 448.485947][T10260] _copy_from_iter+0x29f/0x1720 [ 448.485986][T10260] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 448.486051][T10260] ? __pfx__copy_from_iter+0x10/0x10 [ 448.486088][T10260] ? alloc_pages_mpol+0x25a/0x550 [ 448.486134][T10260] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 448.486186][T10260] copy_page_from_iter+0xde/0x180 [ 448.486227][T10260] anon_pipe_write+0xbe7/0x1a90 [ 448.486288][T10260] ? __pfx_anon_pipe_write+0x10/0x10 [ 448.486332][T10260] ? common_file_perm+0x1a9/0x340 [ 448.486377][T10260] ? bpf_lsm_file_permission+0x9/0x10 [ 448.486425][T10260] ? security_file_permission+0x71/0x210 [ 448.486473][T10260] ? rw_verify_area+0xcf/0x6c0 [ 448.486511][T10260] vfs_write+0x7d0/0x11d0 [ 448.486551][T10260] ? __pfx_anon_pipe_write+0x10/0x10 [ 448.486599][T10260] ? __pfx_vfs_write+0x10/0x10 [ 448.486633][T10260] ? find_held_lock+0x2b/0x80 [ 448.486692][T10260] ksys_write+0x1f8/0x250 [ 448.486732][T10260] ? __pfx_ksys_write+0x10/0x10 [ 448.486784][T10260] do_syscall_64+0xcd/0x4c0 [ 448.486840][T10260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.486873][T10260] RIP: 0033:0x7f636198eec9 [ 448.486899][T10260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.486929][T10260] RSP: 002b:00007f63628be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 448.486960][T10260] RAX: ffffffffffffffda RBX: 00007f6361be6090 RCX: 00007f636198eec9 [ 448.486981][T10260] RDX: 0000000004000000 RSI: 0000200000000380 RDI: 0000000000000000 [ 448.487002][T10260] RBP: 00007f63628be090 R08: 0000000000000000 R09: 0000000000000000 [ 448.487022][T10260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 448.487048][T10260] R13: 00007f6361be6128 R14: 00007f6361be6090 R15: 00007ffcb80a73d8 [ 448.487092][T10260] [ 449.220669][T10257] block2mtd: parameter too long [ 449.810489][T10271] netlink: 4 bytes leftover after parsing attributes in process `syz.2.871'. [ 450.416583][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 450.432212][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 451.152839][T10278] netlink: 186 bytes leftover after parsing attributes in process `syz.3.872'. [ 451.196056][T10278] netlink: 186 bytes leftover after parsing attributes in process `syz.3.872'. [ 451.591269][T10287] netlink: 268 bytes leftover after parsing attributes in process `syz.3.872'. [ 451.732140][T10285] netlink: 186 bytes leftover after parsing attributes in process `syz.1.873'. [ 451.761868][T10285] netlink: 186 bytes leftover after parsing attributes in process `syz.1.873'. [ 452.106136][T10290] netlink: 268 bytes leftover after parsing attributes in process `syz.1.873'. [ 452.813272][T10307] FAULT_INJECTION: forcing a failure. [ 452.813272][T10307] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 452.899433][T10307] CPU: 0 UID: 0 PID: 10307 Comm: syz.3.876 Tainted: G U syzkaller #0 PREEMPT(full) [ 452.899482][T10307] Tainted: [U]=USER [ 452.899492][T10307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 452.899510][T10307] Call Trace: [ 452.899521][T10307] [ 452.899532][T10307] dump_stack_lvl+0x16c/0x1f0 [ 452.899587][T10307] should_fail_ex+0x512/0x640 [ 452.899643][T10307] _copy_from_user+0x2e/0xd0 [ 452.899678][T10307] kstrtouint_from_user+0xd6/0x1d0 [ 452.899725][T10307] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 452.899770][T10307] ? __lock_acquire+0xb97/0x1ce0 [ 452.899837][T10307] proc_fail_nth_write+0x83/0x220 [ 452.899875][T10307] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 452.899921][T10307] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 452.899954][T10307] vfs_write+0x2a0/0x11d0 [ 452.900000][T10307] ? __pfx___mutex_lock+0x10/0x10 [ 452.900053][T10307] ? __pfx_vfs_write+0x10/0x10 [ 452.900105][T10307] ? __fget_files+0x20e/0x3c0 [ 452.900153][T10307] ksys_write+0x12a/0x250 [ 452.900192][T10307] ? __pfx_ksys_write+0x10/0x10 [ 452.900243][T10307] do_syscall_64+0xcd/0x4c0 [ 452.900298][T10307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.900326][T10307] RIP: 0033:0x7f6f5258d97f [ 452.900347][T10307] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 452.900374][T10307] RSP: 002b:00007f6f507f6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 452.900399][T10307] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6f5258d97f [ 452.900417][T10307] RDX: 0000000000000001 RSI: 00007f6f507f60a0 RDI: 0000000000000003 [ 452.900434][T10307] RBP: 00007f6f507f6090 R08: 0000000000000000 R09: 0000000000000000 [ 452.900450][T10307] R10: 00002000000002c0 R11: 0000000000000293 R12: 0000000000000001 [ 452.900467][T10307] R13: 00007f6f527e6128 R14: 00007f6f527e6090 R15: 00007ffdd0f872a8 [ 452.900502][T10307] [ 453.093329][ C0] vkms_vblank_simulate: vblank timer overrun [ 454.174589][T10327] block2mtd: parameter too long [ 455.023329][T10333] netlink: 28 bytes leftover after parsing attributes in process `syz.0.881'. [ 455.561268][T10346] netlink: 4 bytes leftover after parsing attributes in process `syz.0.882'. [ 456.170152][T10340] netlink: 186 bytes leftover after parsing attributes in process `syz.1.883'. [ 456.181609][T10340] netlink: 186 bytes leftover after parsing attributes in process `syz.1.883'. [ 456.452425][T10345] netlink: 268 bytes leftover after parsing attributes in process `syz.1.883'. [ 456.590248][T10360] netlink: zone id is out of range [ 456.742374][T10360] netlink: del zone limit has 4 unknown bytes [ 457.918016][T10381] netlink: 28 bytes leftover after parsing attributes in process `syz.0.890'. [ 459.410441][T10398] netlink: 186 bytes leftover after parsing attributes in process `syz.2.893'. [ 459.424050][T10398] netlink: 186 bytes leftover after parsing attributes in process `syz.2.893'. [ 459.689425][T10405] block2mtd: parameter too long [ 460.223483][T10410] snd_virmidi snd_virmidi.0: control 61678:131081:32767:yªƒ>oÆ[k<÷:1 is already present [ 460.688971][T10396] netlink: 268 bytes leftover after parsing attributes in process `syz.2.893'. [ 461.254217][T10421] vivid-003: ================= START STATUS ================= [ 461.284958][T10421] vivid-003: Radio HW Seek Mode: Bounded [ 461.290933][T10421] vivid-003: Radio Programmable HW Seek: false [ 461.342092][T10421] vivid-003: RDS Rx I/O Mode: Block I/O [ 461.372256][T10421] vivid-003: Generate RBDS Instead of RDS: false [ 461.380446][T10421] vivid-003: RDS Reception: true [ 461.414633][T10421] vivid-003: RDS Program Type: 0 inactive [ 461.512820][T10421] vivid-003: RDS PS Name: inactive [ 461.550309][T10421] vivid-003: RDS Radio Text: inactive [ 461.565289][T10421] vivid-003: RDS Traffic Announcement: false inactive [ 461.572557][T10421] vivid-003: RDS Traffic Program: false inactive [ 461.578962][T10421] vivid-003: RDS Music: false inactive [ 461.585735][T10421] vivid-003: ================== END STATUS ================== [ 461.604877][T10423] netlink: 186 bytes leftover after parsing attributes in process `syz.1.899'. [ 461.634431][T10423] netlink: 186 bytes leftover after parsing attributes in process `syz.1.899'. [ 462.368106][T10419] netlink: 268 bytes leftover after parsing attributes in process `syz.1.899'. [ 464.691408][T10475] netlink: 4 bytes leftover after parsing attributes in process `syz.3.908'. [ 466.778940][T10498] netlink: 186 bytes leftover after parsing attributes in process `syz.2.915'. [ 466.807199][T10498] netlink: 186 bytes leftover after parsing attributes in process `syz.2.915'. [ 466.835025][T10515] block2mtd: parameter too long [ 467.278892][T10526] block2mtd: parameter too long [ 467.510956][T10498] netlink: 268 bytes leftover after parsing attributes in process `syz.2.915'. [ 468.874796][T10545] netlink: 4 bytes leftover after parsing attributes in process `syz.3.923'. [ 469.357058][T10549] FAULT_INJECTION: forcing a failure. [ 469.357058][T10549] name failslab, interval 1, probability 0, space 0, times 0 [ 469.372276][T10549] CPU: 0 UID: 0 PID: 10549 Comm: syz.1.924 Tainted: G U syzkaller #0 PREEMPT(full) [ 469.372326][T10549] Tainted: [U]=USER [ 469.372337][T10549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 469.372355][T10549] Call Trace: [ 469.372366][T10549] [ 469.372378][T10549] dump_stack_lvl+0x16c/0x1f0 [ 469.372442][T10549] should_fail_ex+0x512/0x640 [ 469.372492][T10549] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 469.372536][T10549] should_failslab+0xc2/0x120 [ 469.372580][T10549] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 469.372620][T10549] ? acpi_ut_allocate_owner_id+0x2d6/0x3a0 [ 469.372658][T10549] ? acpi_ps_alloc_op+0xf1/0x310 [ 469.372713][T10549] acpi_ps_alloc_op+0xf1/0x310 [ 469.372765][T10549] acpi_ps_create_scope_op+0x1a/0x70 [ 469.372815][T10549] acpi_ps_execute_method+0x1b1/0xb30 [ 469.372866][T10549] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 469.372905][T10549] acpi_ns_evaluate+0x76c/0xca0 [ 469.372960][T10549] ? kasan_save_track+0x14/0x30 [ 469.373003][T10549] acpi_evaluate_object+0x1fa/0xa90 [ 469.373050][T10549] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.373087][T10549] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 469.373131][T10549] ? __mutex_trylock_common+0xe9/0x250 [ 469.373186][T10549] acpi_evaluate_integer+0xdd/0x200 [ 469.373225][T10549] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 469.373282][T10549] ? __pfx_status_show+0x10/0x10 [ 469.373325][T10549] status_show+0xa0/0x120 [ 469.373370][T10549] ? __pfx_status_show+0x10/0x10 [ 469.373432][T10549] dev_attr_show+0x53/0xe0 [ 469.373467][T10549] ? __pfx_dev_attr_show+0x10/0x10 [ 469.373497][T10549] sysfs_kf_seq_show+0x216/0x3e0 [ 469.373544][T10549] seq_read_iter+0x509/0x12c0 [ 469.373597][T10549] kernfs_fop_read_iter+0x46c/0x610 [ 469.373631][T10549] ? rw_verify_area+0xcf/0x6c0 [ 469.373669][T10549] vfs_read+0x8bc/0xcf0 [ 469.373712][T10549] ? __pfx___mutex_lock+0x10/0x10 [ 469.373763][T10549] ? __pfx_vfs_read+0x10/0x10 [ 469.373830][T10549] ksys_read+0x12a/0x250 [ 469.373868][T10549] ? __pfx_ksys_read+0x10/0x10 [ 469.373920][T10549] do_syscall_64+0xcd/0x4c0 [ 469.373974][T10549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 469.374006][T10549] RIP: 0033:0x7fa7fa78eec9 [ 469.374031][T10549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 469.374063][T10549] RSP: 002b:00007fa7fb701038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 469.374093][T10549] RAX: ffffffffffffffda RBX: 00007fa7fa9e5fa0 RCX: 00007fa7fa78eec9 [ 469.374114][T10549] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000006 [ 469.374134][T10549] RBP: 00007fa7fb701090 R08: 0000000000000000 R09: 0000000000000000 [ 469.374154][T10549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 469.374173][T10549] R13: 00007fa7fa9e6038 R14: 00007fa7fa9e5fa0 R15: 00007ffe99514b38 [ 469.374218][T10549] [ 470.181029][T10556] netlink: zone id is out of range [ 470.193422][T10556] netlink: del zone limit has 4 unknown bytes [ 470.767679][T10574] netlink: 268 bytes leftover after parsing attributes in process `syz.1.931'. [ 471.525648][T10577] netlink: 186 bytes leftover after parsing attributes in process `syz.2.928'. [ 471.794882][T10580] netlink: 186 bytes leftover after parsing attributes in process `syz.2.928'. [ 471.989773][T10584] netlink: 28 bytes leftover after parsing attributes in process `syz.1.934'. [ 472.058487][T10577] netlink: 268 bytes leftover after parsing attributes in process `syz.2.928'. [ 472.532378][T10589] netlink: 4 bytes leftover after parsing attributes in process `syz.1.935'. [ 473.652590][T10605] netlink: zone id is out of range [ 473.662288][T10605] netlink: del zone limit has 4 unknown bytes [ 474.888054][T10612] netlink: 28 bytes leftover after parsing attributes in process `syz.0.939'. [ 477.648156][T10658] FAULT_INJECTION: forcing a failure. [ 477.648156][T10658] name failslab, interval 1, probability 0, space 0, times 0 [ 477.682175][T10649] netlink: 186 bytes leftover after parsing attributes in process `syz.0.947'. [ 477.732730][T10658] CPU: 1 UID: 0 PID: 10658 Comm: syz.3.950 Tainted: G U syzkaller #0 PREEMPT(full) [ 477.732785][T10658] Tainted: [U]=USER [ 477.732797][T10658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 477.732817][T10658] Call Trace: [ 477.732829][T10658] [ 477.732842][T10658] dump_stack_lvl+0x16c/0x1f0 [ 477.732901][T10658] should_fail_ex+0x512/0x640 [ 477.732962][T10658] should_failslab+0xc2/0x120 [ 477.733009][T10658] __kmalloc_cache_noprof+0x6a/0x3e0 [ 477.733047][T10658] ? proc_self_get_link+0x1a9/0x230 [ 477.733097][T10658] proc_self_get_link+0x1a9/0x230 [ 477.733142][T10658] ? __pfx_proc_self_get_link+0x10/0x10 [ 477.733184][T10658] step_into+0x195e/0x2270 [ 477.733228][T10658] ? __pfx_step_into+0x10/0x10 [ 477.733270][T10658] ? lookup_fast+0x156/0x610 [ 477.733311][T10658] walk_component+0xfc/0x5b0 [ 477.733349][T10658] link_path_walk+0x627/0xe20 [ 477.733408][T10658] path_openat+0x1b0/0x2cb0 [ 477.733447][T10658] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.733497][T10658] ? __pfx_path_openat+0x10/0x10 [ 477.733552][T10658] do_filp_open+0x20b/0x470 [ 477.733594][T10658] ? __pfx_do_filp_open+0x10/0x10 [ 477.733668][T10658] ? alloc_fd+0x471/0x7d0 [ 477.733717][T10658] do_sys_openat2+0x11b/0x1d0 [ 477.733769][T10658] ? __pfx_do_sys_openat2+0x10/0x10 [ 477.733841][T10658] __x64_sys_openat+0x174/0x210 [ 477.733872][T10658] ? __pfx___x64_sys_openat+0x10/0x10 [ 477.733922][T10658] do_syscall_64+0xcd/0x4c0 [ 477.733979][T10658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.734012][T10658] RIP: 0033:0x7f6f5258eec9 [ 477.734039][T10658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 477.734073][T10658] RSP: 002b:00007f6f53359038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 477.734106][T10658] RAX: ffffffffffffffda RBX: 00007f6f527e5fa0 RCX: 00007f6f5258eec9 [ 477.734129][T10658] RDX: 0000000000002100 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 477.734151][T10658] RBP: 00007f6f52611f91 R08: 0000000000000000 R09: 0000000000000000 [ 477.734173][T10658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.734193][T10658] R13: 00007f6f527e6038 R14: 00007f6f527e5fa0 R15: 00007ffdd0f872a8 [ 477.734238][T10658] [ 477.969988][T10649] netlink: 186 bytes leftover after parsing attributes in process `syz.0.947'. [ 478.551223][T10647] netlink: 268 bytes leftover after parsing attributes in process `syz.0.947'. [ 479.650994][T10678] block2mtd: parameter too long [ 480.509317][T10665] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 481.952213][T10702] netlink: 4 bytes leftover after parsing attributes in process `syz.2.957'. [ 483.219146][T10711] netlink: 186 bytes leftover after parsing attributes in process `syz.0.959'. [ 483.337310][T10711] netlink: 186 bytes leftover after parsing attributes in process `syz.0.959'. [ 484.825234][T10735] block2mtd: parameter too long [ 484.917950][T10710] netlink: 268 bytes leftover after parsing attributes in process `syz.0.959'. [ 485.882410][T10741] FAULT_INJECTION: forcing a failure. [ 485.882410][T10741] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 485.909347][T10741] CPU: 0 UID: 0 PID: 10741 Comm: syz.0.965 Tainted: G U syzkaller #0 PREEMPT(full) [ 485.909385][T10741] Tainted: [U]=USER [ 485.909392][T10741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 485.909406][T10741] Call Trace: [ 485.909413][T10741] [ 485.909422][T10741] dump_stack_lvl+0x16c/0x1f0 [ 485.909462][T10741] should_fail_ex+0x512/0x640 [ 485.909504][T10741] _copy_to_user+0x32/0xd0 [ 485.909530][T10741] simple_read_from_buffer+0xcb/0x170 [ 485.909558][T10741] proc_fail_nth_read+0x197/0x240 [ 485.909584][T10741] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 485.909612][T10741] ? rw_verify_area+0xcf/0x6c0 [ 485.909636][T10741] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 485.909661][T10741] vfs_read+0x1e4/0xcf0 [ 485.909692][T10741] ? __pfx___mutex_lock+0x10/0x10 [ 485.909729][T10741] ? __pfx_vfs_read+0x10/0x10 [ 485.909763][T10741] ? __fget_files+0x20e/0x3c0 [ 485.909797][T10741] ksys_read+0x12a/0x250 [ 485.909824][T10741] ? __pfx_ksys_read+0x10/0x10 [ 485.909867][T10741] do_syscall_64+0xcd/0x4c0 [ 485.909906][T10741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.909930][T10741] RIP: 0033:0x7f4c5ad8d8dc [ 485.909948][T10741] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 485.909971][T10741] RSP: 002b:00007f4c5bcad030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 485.909992][T10741] RAX: ffffffffffffffda RBX: 00007f4c5afe5fa0 RCX: 00007f4c5ad8d8dc [ 485.910008][T10741] RDX: 000000000000000f RSI: 00007f4c5bcad0a0 RDI: 0000000000000003 [ 485.910022][T10741] RBP: 00007f4c5bcad090 R08: 0000000000000000 R09: 0000000000000000 [ 485.910036][T10741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 485.910049][T10741] R13: 00007f4c5afe6038 R14: 00007f4c5afe5fa0 R15: 00007ffdb34c9608 [ 485.910078][T10741] [ 487.400671][T10757] netlink: 186 bytes leftover after parsing attributes in process `syz.3.969'. [ 487.521631][T10763] netlink: 186 bytes leftover after parsing attributes in process `syz.3.969'. [ 488.243329][T10756] netlink: 268 bytes leftover after parsing attributes in process `syz.3.969'. [ 489.345568][T10793] netlink: 28 bytes leftover after parsing attributes in process `syz.3.975'. [ 489.526732][T10789] netlink: 186 bytes leftover after parsing attributes in process `syz.1.973'. [ 489.872711][T10787] netlink: 186 bytes leftover after parsing attributes in process `syz.1.973'. [ 490.274972][T10804] netlink: 186 bytes leftover after parsing attributes in process `syz.3.977'. [ 490.369770][T10804] netlink: 186 bytes leftover after parsing attributes in process `syz.3.977'. [ 490.770974][T10787] netlink: 268 bytes leftover after parsing attributes in process `syz.1.973'. [ 490.859658][T10813] block2mtd: parameter too long [ 491.963603][T10828] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 493.525717][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz.1.986'. [ 493.709254][T10854] netlink: 4 bytes leftover after parsing attributes in process `syz.3.987'. [ 495.391149][T10877] block2mtd: parameter too long [ 496.917405][T10895] netlink: zone id is out of range [ 496.946546][T10895] netlink: del zone limit has 4 unknown bytes [ 497.308049][T10904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.996'. [ 498.743941][T10915] netlink: 4 bytes leftover after parsing attributes in process `syz.0.998'. [ 499.205565][T10926] FAULT_INJECTION: forcing a failure. [ 499.205565][T10926] name failslab, interval 1, probability 0, space 0, times 0 [ 499.241973][T10926] CPU: 1 UID: 0 PID: 10926 Comm: syz.1.1000 Tainted: G U syzkaller #0 PREEMPT(full) [ 499.242035][T10926] Tainted: [U]=USER [ 499.242046][T10926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 499.242065][T10926] Call Trace: [ 499.242077][T10926] [ 499.242089][T10926] dump_stack_lvl+0x16c/0x1f0 [ 499.242145][T10926] should_fail_ex+0x512/0x640 [ 499.242197][T10926] ? __kmalloc_noprof+0xbf/0x510 [ 499.242240][T10926] ? iter_file_splice_write+0x1cc/0x12e0 [ 499.242353][T10926] should_failslab+0xc2/0x120 [ 499.242410][T10926] __kmalloc_noprof+0xd2/0x510 [ 499.242569][T10926] iter_file_splice_write+0x1cc/0x12e0 [ 499.242628][T10926] ? kfree+0x2b4/0x4d0 [ 499.242669][T10926] ? __pfx_iter_file_splice_write+0x10/0x10 [ 499.242705][T10926] ? __lock_acquire+0xb97/0x1ce0 [ 499.242751][T10926] ? __pfx_copy_splice_read+0x10/0x10 [ 499.242809][T10926] ? __pfx_iter_file_splice_write+0x10/0x10 [ 499.242850][T10926] direct_splice_actor+0x18f/0x6c0 [ 499.242891][T10926] splice_direct_to_actor+0x345/0xa30 [ 499.242930][T10926] ? __pfx_direct_splice_actor+0x10/0x10 [ 499.242974][T10926] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 499.243007][T10926] ? get_pid_task+0xfc/0x250 [ 499.243065][T10926] do_splice_direct+0x174/0x240 [ 499.243101][T10926] ? __pfx_do_splice_direct+0x10/0x10 [ 499.243138][T10926] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 499.243179][T10926] ? rw_verify_area+0xcf/0x6c0 [ 499.243218][T10926] do_sendfile+0xb06/0xe50 [ 499.243261][T10926] ? __pfx_do_sendfile+0x10/0x10 [ 499.243299][T10926] ? __fget_files+0x20e/0x3c0 [ 499.243348][T10926] __x64_sys_sendfile64+0x1d8/0x220 [ 499.243392][T10926] ? ksys_write+0x1ac/0x250 [ 499.243440][T10926] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 499.243501][T10926] do_syscall_64+0xcd/0x4c0 [ 499.243557][T10926] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.243591][T10926] RIP: 0033:0x7fa7fa78eec9 [ 499.243617][T10926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 499.243648][T10926] RSP: 002b:00007fa7fb701038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 499.243679][T10926] RAX: ffffffffffffffda RBX: 00007fa7fa9e5fa0 RCX: 00007fa7fa78eec9 [ 499.243701][T10926] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 499.243720][T10926] RBP: 00007fa7fb701090 R08: 0000000000000000 R09: 0000000000000000 [ 499.243740][T10926] R10: 0000000000001049 R11: 0000000000000246 R12: 0000000000000001 [ 499.243760][T10926] R13: 00007fa7fa9e6038 R14: 00007fa7fa9e5fa0 R15: 00007ffe99514b38 [ 499.243804][T10926] [ 500.134525][T10927] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1001'. [ 500.219155][T10927] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1001'. [ 501.099766][T10929] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1001'. [ 501.506867][T10935] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1003'. [ 501.525232][T10935] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1003'. [ 501.703032][T10949] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1006'. [ 501.959860][T10937] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1003'. [ 502.418493][T10958] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1008'. [ 503.435090][T10971] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1012'. [ 504.259033][T10965] __nla_validate_parse: 5 callbacks suppressed [ 504.259059][T10965] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1009'. [ 505.791712][T10997] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1016'. [ 506.174248][T10994] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1015'. [ 506.238309][T10995] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1015'. [ 506.663644][T10995] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1015'. [ 506.750497][T11014] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1021'. [ 507.175480][T11009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1020'. [ 507.656515][T11018] netlink: zone id is out of range [ 507.687739][T11018] netlink: del zone limit has 4 unknown bytes [ 508.004726][T11029] block2mtd: parameter too long [ 508.108258][T11027] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1025'. [ 508.513700][T11036] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1027'. [ 509.562959][T11052] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1029'. [ 509.583670][T11052] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1029'. [ 510.052121][T11056] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1029'. [ 510.404125][T11065] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1032'. [ 510.669530][T11076] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1032'. [ 510.741192][T11075] netlink: zone id is out of range [ 510.746751][T11075] netlink: del zone limit has 4 unknown bytes [ 510.885145][ T5869] Bluetooth: hci3: unexpected event 0x0f length: 440 > 4 [ 511.373177][T11085] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1037'. [ 511.712313][T11064] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1032'. [ 511.848036][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 511.854553][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 512.202053][T11094] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1038'. [ 513.362915][T11113] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1041'. [ 513.399735][T11110] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1041'. [ 514.588410][T11109] __nla_validate_parse: 3 callbacks suppressed [ 514.588431][T11109] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1041'. [ 514.797414][T11137] netlink: zone id is out of range [ 514.883859][T11137] netlink: del zone limit has 4 unknown bytes [ 514.964859][ T5869] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 514.973581][ T5869] Bluetooth: hci3: Injecting HCI hardware error event [ 514.983144][ T5869] Bluetooth: hci3: hardware error 0x00 [ 516.035356][T11155] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1048'. [ 517.124758][ T5869] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 517.199130][T11176] program syz.0.1054 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 517.560069][T11181] netlink: zone id is out of range [ 517.572105][T11181] netlink: del zone limit has 4 unknown bytes [ 518.230368][T11187] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(13) [ 518.695069][ T31] audit: type=1800 audit(4294967660.159:7): pid=11205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1059" name="features" dev="configfs" ino=34594 res=0 errno=0 [ 518.715483][ C0] vkms_vblank_simulate: vblank timer overrun [ 520.616439][T11226] block2mtd: parameter too long [ 521.163687][T11234] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1063'. [ 521.232347][T11234] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1063'. [ 522.219672][T11227] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1063'. [ 522.775888][T11251] netlink: zone id is out of range [ 522.804255][T11251] netlink: del zone limit has 4 unknown bytes [ 522.892826][T11255] ptrace attach of "./syz-executor exec"[5867] was attempted by "./syz-executor exec"[11255] [ 522.975969][T11255] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1067'. [ 523.244265][T11236] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 523.929648][T11268] FAULT_INJECTION: forcing a failure. [ 523.929648][T11268] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 523.974765][T11268] CPU: 1 UID: 0 PID: 11268 Comm: syz.3.1071 Tainted: G U syzkaller #0 PREEMPT(full) [ 523.974804][T11268] Tainted: [U]=USER [ 523.974811][T11268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 523.974826][T11268] Call Trace: [ 523.974836][T11268] [ 523.974844][T11268] dump_stack_lvl+0x16c/0x1f0 [ 523.974883][T11268] should_fail_ex+0x512/0x640 [ 523.974924][T11268] _copy_from_user+0x2e/0xd0 [ 523.974949][T11268] psi_write+0x111/0x2e0 [ 523.974977][T11268] ? __pfx_psi_write+0x10/0x10 [ 523.975011][T11268] ? __pfx_psi_memory_write+0x10/0x10 [ 523.975039][T11268] proc_reg_write+0x23d/0x330 [ 523.975073][T11268] ? __pfx_proc_reg_write+0x10/0x10 [ 523.975103][T11268] vfs_write+0x2a0/0x11d0 [ 523.975134][T11268] ? __pfx___mutex_lock+0x10/0x10 [ 523.975171][T11268] ? __pfx_vfs_write+0x10/0x10 [ 523.975213][T11268] ? __fget_files+0x20e/0x3c0 [ 523.975247][T11268] ksys_write+0x12a/0x250 [ 523.975274][T11268] ? __pfx_ksys_write+0x10/0x10 [ 523.975310][T11268] do_syscall_64+0xcd/0x4c0 [ 523.975350][T11268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 523.975373][T11268] RIP: 0033:0x7f6f5258eec9 [ 523.975391][T11268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 523.975414][T11268] RSP: 002b:00007f6f53359038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 523.975436][T11268] RAX: ffffffffffffffda RBX: 00007f6f527e5fa0 RCX: 00007f6f5258eec9 [ 523.975452][T11268] RDX: 000000000000fdf3 RSI: 0000000000000000 RDI: 0000000000000003 [ 523.975466][T11268] RBP: 00007f6f53359090 R08: 0000000000000000 R09: 0000000000000000 [ 523.975481][T11268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 523.975494][T11268] R13: 00007f6f527e6038 R14: 00007f6f527e5fa0 R15: 00007ffdd0f872a8 [ 523.975524][T11268] [ 524.615805][T11277] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1074'. [ 524.949076][T11286] netlink: zone id is out of range [ 524.955429][T11286] netlink: del zone limit has 4 unknown bytes [ 525.653094][T11298] sd 0:0:1:0: device reset [ 526.164597][T11309] FAULT_INJECTION: forcing a failure. [ 526.164597][T11309] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 526.201993][T11309] CPU: 0 UID: 0 PID: 11309 Comm: syz.0.1082 Tainted: G U syzkaller #0 PREEMPT(full) [ 526.202040][T11309] Tainted: [U]=USER [ 526.202049][T11309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 526.202069][T11309] Call Trace: [ 526.202079][T11309] [ 526.202091][T11309] dump_stack_lvl+0x16c/0x1f0 [ 526.202149][T11309] should_fail_ex+0x512/0x640 [ 526.202207][T11309] _copy_to_user+0x32/0xd0 [ 526.202244][T11309] simple_read_from_buffer+0xcb/0x170 [ 526.202289][T11309] proc_fail_nth_read+0x197/0x240 [ 526.202325][T11309] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 526.202364][T11309] ? rw_verify_area+0xcf/0x6c0 [ 526.202396][T11309] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 526.202433][T11309] vfs_read+0x1e4/0xcf0 [ 526.202473][T11309] ? trace_contention_end+0xdd/0x130 [ 526.202518][T11309] ? find_held_lock+0x2b/0x80 [ 526.202550][T11309] ? __pfx_vfs_read+0x10/0x10 [ 526.202584][T11309] ? __x64_sys_io_uring_register+0x1df/0x280 [ 526.202645][T11309] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 526.202699][T11309] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 526.202760][T11309] ksys_read+0x12a/0x250 [ 526.202797][T11309] ? __pfx_ksys_read+0x10/0x10 [ 526.202834][T11309] ? fput+0x9b/0xd0 [ 526.202887][T11309] do_syscall_64+0xcd/0x4c0 [ 526.202942][T11309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 526.202975][T11309] RIP: 0033:0x7f4c5ad8d8dc [ 526.202999][T11309] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 526.203030][T11309] RSP: 002b:00007f4c5bcad030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 526.203061][T11309] RAX: ffffffffffffffda RBX: 00007f4c5afe5fa0 RCX: 00007f4c5ad8d8dc [ 526.203082][T11309] RDX: 000000000000000f RSI: 00007f4c5bcad0a0 RDI: 0000000000000003 [ 526.203103][T11309] RBP: 00007f4c5bcad090 R08: 0000000000000000 R09: 0000000000000000 [ 526.203122][T11309] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 526.203142][T11309] R13: 00007f4c5afe6038 R14: 00007f4c5afe5fa0 R15: 00007ffdb34c9608 [ 526.203184][T11309] [ 526.418802][ C0] vkms_vblank_simulate: vblank timer overrun [ 527.745937][T11334] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1085'. [ 527.779025][T11334] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1085'. [ 528.233708][T11346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1088'. [ 528.415810][T11339] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1086'. [ 528.441504][T11339] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1086'. [ 528.753946][T11328] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1085'. [ 529.680993][T11331] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1086'. [ 532.148614][T11393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1096'. [ 533.624135][T11403] FAULT_INJECTION: forcing a failure. [ 533.624135][T11403] name failslab, interval 1, probability 0, space 0, times 0 [ 533.636934][T11403] CPU: 0 UID: 0 PID: 11403 Comm: syz.1.1098 Tainted: G U syzkaller #0 PREEMPT(full) [ 533.636971][T11403] Tainted: [U]=USER [ 533.636979][T11403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 533.636993][T11403] Call Trace: [ 533.637002][T11403] [ 533.637011][T11403] dump_stack_lvl+0x16c/0x1f0 [ 533.637053][T11403] should_fail_ex+0x512/0x640 [ 533.637104][T11403] should_failslab+0xc2/0x120 [ 533.637149][T11403] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 533.637184][T11403] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 533.637222][T11403] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 533.637267][T11403] idr_get_free+0x528/0xa30 [ 533.637312][T11403] idr_alloc_u32+0x190/0x2f0 [ 533.637357][T11403] ? __pfx_idr_alloc_u32+0x10/0x10 [ 533.637395][T11403] ? lock_acquire+0x179/0x350 [ 533.637435][T11403] idr_alloc_cyclic+0x10b/0x230 [ 533.637471][T11403] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 533.637503][T11403] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 533.637549][T11403] map_create+0xae3/0x1f80 [ 533.637593][T11403] ? __pfx_map_create+0x10/0x10 [ 533.637624][T11403] ? __might_fault+0xe3/0x190 [ 533.637651][T11403] ? __might_fault+0xe3/0x190 [ 533.637676][T11403] ? __might_fault+0x13b/0x190 [ 533.637715][T11403] __sys_bpf+0x44d2/0x4de0 [ 533.637754][T11403] ? __pfx___sys_bpf+0x10/0x10 [ 533.637791][T11403] ? ksys_write+0x190/0x250 [ 533.637825][T11403] ? do_futex+0x122/0x350 [ 533.637856][T11403] ? __pfx_do_futex+0x10/0x10 [ 533.637898][T11403] ? fput+0x9b/0xd0 [ 533.637932][T11403] ? xfd_validate_state+0x61/0x180 [ 533.637967][T11403] ? __pfx_ksys_write+0x10/0x10 [ 533.638000][T11403] __x64_sys_bpf+0x78/0xc0 [ 533.638037][T11403] ? lockdep_hardirqs_on+0x7c/0x110 [ 533.638072][T11403] do_syscall_64+0xcd/0x4c0 [ 533.638112][T11403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.638137][T11403] RIP: 0033:0x7fa7fa78eec9 [ 533.638156][T11403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 533.638180][T11403] RSP: 002b:00007fa7fb6e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 533.638204][T11403] RAX: ffffffffffffffda RBX: 00007fa7fa9e6090 RCX: 00007fa7fa78eec9 [ 533.638220][T11403] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 533.638235][T11403] RBP: 00007fa7fa811f91 R08: 0000000000000000 R09: 0000000000000000 [ 533.638249][T11403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 533.638264][T11403] R13: 00007fa7fa9e6128 R14: 00007fa7fa9e6090 R15: 00007ffe99514b38 [ 533.638295][T11403] [ 533.970350][T11411] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1100'. [ 534.664514][T11420] block2mtd: parameter too long [ 534.748878][T11402] ima: policy update failed [ 534.778151][ T31] audit: type=1802 audit(4294967676.239:8): pid=11402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1099" res=0 errno=0 [ 536.633929][T11449] netlink: zone id is out of range [ 536.639342][T11449] netlink: del zone limit has 4 unknown bytes [ 537.380276][T11458] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1109'. [ 537.391586][T11458] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1109'. [ 537.477031][T11461] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1110'. [ 538.434596][T11454] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1109'. [ 538.986987][T11472] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1111'. [ 539.043105][T11480] block2mtd: parameter too long [ 539.708843][T11486] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1111'. [ 540.385143][T11486] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1111'. [ 542.004050][T11512] FAULT_INJECTION: forcing a failure. [ 542.004050][T11512] name failslab, interval 1, probability 0, space 0, times 0 [ 542.053996][T11512] CPU: 1 UID: 0 PID: 11512 Comm: syz.2.1118 Tainted: G U syzkaller #0 PREEMPT(full) [ 542.054047][T11512] Tainted: [U]=USER [ 542.054057][T11512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 542.054074][T11512] Call Trace: [ 542.054084][T11512] [ 542.054095][T11512] dump_stack_lvl+0x16c/0x1f0 [ 542.054148][T11512] should_fail_ex+0x512/0x640 [ 542.054195][T11512] ? __kmalloc_noprof+0xbf/0x510 [ 542.054236][T11512] ? copy_splice_read+0x1a8/0xc20 [ 542.054264][T11512] should_failslab+0xc2/0x120 [ 542.054308][T11512] __kmalloc_noprof+0xd2/0x510 [ 542.054354][T11512] copy_splice_read+0x1a8/0xc20 [ 542.054396][T11512] ? __pfx_copy_splice_read+0x10/0x10 [ 542.054432][T11512] ? look_up_lock_class+0x59/0x150 [ 542.054486][T11512] ? lockdep_init_map_type+0x5c/0x280 [ 542.054534][T11512] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 542.054576][T11512] ? __pfx_copy_splice_read+0x10/0x10 [ 542.054609][T11512] do_splice_read+0x285/0x370 [ 542.054645][T11512] splice_direct_to_actor+0x2a1/0xa30 [ 542.054683][T11512] ? __pfx_direct_splice_actor+0x10/0x10 [ 542.054726][T11512] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 542.054759][T11512] ? get_pid_task+0xfc/0x250 [ 542.054816][T11512] do_splice_direct+0x174/0x240 [ 542.054858][T11512] ? __pfx_do_splice_direct+0x10/0x10 [ 542.054901][T11512] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 542.054938][T11512] ? bpf_lsm_file_permission+0x9/0x10 [ 542.054990][T11512] ? security_file_permission+0x71/0x210 [ 542.055037][T11512] ? rw_verify_area+0xcf/0x6c0 [ 542.055074][T11512] do_sendfile+0xb06/0xe50 [ 542.055116][T11512] ? __pfx_do_sendfile+0x10/0x10 [ 542.055153][T11512] ? __fget_files+0x20e/0x3c0 [ 542.055200][T11512] __x64_sys_sendfile64+0x1d8/0x220 [ 542.055244][T11512] ? ksys_write+0x1ac/0x250 [ 542.055283][T11512] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 542.055342][T11512] do_syscall_64+0xcd/0x4c0 [ 542.055397][T11512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 542.055429][T11512] RIP: 0033:0x7f636198eec9 [ 542.055454][T11512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 542.055486][T11512] RSP: 002b:00007f63628be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 542.055514][T11512] RAX: ffffffffffffffda RBX: 00007f6361be6090 RCX: 00007f636198eec9 [ 542.055535][T11512] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 542.055554][T11512] RBP: 00007f63628be090 R08: 0000000000000000 R09: 0000000000000000 [ 542.055574][T11512] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000001 [ 542.055593][T11512] R13: 00007f6361be6128 R14: 00007f6361be6090 R15: 00007ffcb80a73d8 [ 542.055634][T11512] [ 544.292545][T11532] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1124'. [ 544.301659][T11532] bridge0: entered promiscuous mode [ 544.324556][T11530] netlink: zone id is out of range [ 544.329809][T11530] netlink: del zone limit has 4 unknown bytes [ 544.941641][T11541] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1126'. [ 545.894321][T11535] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1125'. [ 546.955655][T11565] block nbd9: NBD_DISCONNECT [ 547.185063][T11571] block nbd9: NBD_DISCONNECT [ 547.572654][T11565] FAULT_INJECTION: forcing a failure. [ 547.572654][T11565] name failslab, interval 1, probability 0, space 0, times 0 [ 547.651406][T11565] CPU: 0 UID: 0 PID: 11565 Comm: syz.3.1131 Tainted: G U syzkaller #0 PREEMPT(full) [ 547.651448][T11565] Tainted: [U]=USER [ 547.651458][T11565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 547.651474][T11565] Call Trace: [ 547.651483][T11565] [ 547.651494][T11565] dump_stack_lvl+0x16c/0x1f0 [ 547.651546][T11565] should_fail_ex+0x512/0x640 [ 547.651596][T11565] ? __kmalloc_noprof+0xbf/0x510 [ 547.651646][T11565] ? copy_splice_read+0x1a8/0xc20 [ 547.651675][T11565] should_failslab+0xc2/0x120 [ 547.651718][T11565] __kmalloc_noprof+0xd2/0x510 [ 547.651765][T11565] copy_splice_read+0x1a8/0xc20 [ 547.651807][T11565] ? __pfx_copy_splice_read+0x10/0x10 [ 547.651848][T11565] ? look_up_lock_class+0x59/0x150 [ 547.651901][T11565] ? lockdep_init_map_type+0x5c/0x280 [ 547.651954][T11565] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 547.651995][T11565] ? __pfx_copy_splice_read+0x10/0x10 [ 547.652025][T11565] do_splice_read+0x285/0x370 [ 547.652062][T11565] splice_direct_to_actor+0x2a1/0xa30 [ 547.652107][T11565] ? __pfx_direct_splice_actor+0x10/0x10 [ 547.652148][T11565] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 547.652179][T11565] ? get_pid_task+0xfc/0x250 [ 547.652234][T11565] do_splice_direct+0x174/0x240 [ 547.652268][T11565] ? __pfx_do_splice_direct+0x10/0x10 [ 547.652303][T11565] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 547.652341][T11565] ? rw_verify_area+0xcf/0x6c0 [ 547.652377][T11565] do_sendfile+0xb06/0xe50 [ 547.652417][T11565] ? __pfx_do_sendfile+0x10/0x10 [ 547.652454][T11565] ? __fget_files+0x20e/0x3c0 [ 547.652499][T11565] __x64_sys_sendfile64+0x1d8/0x220 [ 547.652555][T11565] ? ksys_write+0x1ac/0x250 [ 547.652591][T11565] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 547.652649][T11565] do_syscall_64+0xcd/0x4c0 [ 547.652702][T11565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.652733][T11565] RIP: 0033:0x7f6f5258eec9 [ 547.652757][T11565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 547.652786][T11565] RSP: 002b:00007f6f507f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 547.652814][T11565] RAX: ffffffffffffffda RBX: 00007f6f527e6090 RCX: 00007f6f5258eec9 [ 547.652834][T11565] RDX: 0000000000000000 RSI: 000000000000000b RDI: 000000000000000b [ 547.652851][T11565] RBP: 00007f6f507f6090 R08: 0000000000000000 R09: 0000000000000000 [ 547.652870][T11565] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 547.652888][T11565] R13: 00007f6f527e6128 R14: 00007f6f527e6090 R15: 00007ffdd0f872a8 [ 547.652925][T11565] [ 548.347823][T11557] netlink: 268 bytes leftover after parsing attributes in process `syz.2.1129'. [ 548.978373][T11582] netlink: zone id is out of range [ 549.004396][T11582] netlink: del zone limit has 4 unknown bytes [ 549.224003][T11591] block2mtd: parameter too long [ 550.349241][T11598] netlink: 'syz.1.1137': attribute type 16 has an invalid length. [ 550.360710][T11598] netlink: 306 bytes leftover after parsing attributes in process `syz.1.1137'. [ 550.990851][T11602] block2mtd: parameter too long [ 553.140241][T11628] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1144'. [ 553.754872][T11614] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1142'. [ 555.009106][T11647] netlink: zone id is out of range [ 555.019705][T11647] netlink: del zone limit has 4 unknown bytes [ 556.293843][T11636] FAULT_INJECTION: forcing a failure. [ 556.293843][T11636] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 556.326251][T11636] CPU: 1 UID: 0 PID: 11636 Comm: syz.3.1145 Tainted: G U syzkaller #0 PREEMPT(full) [ 556.326301][T11636] Tainted: [U]=USER [ 556.326313][T11636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 556.326332][T11636] Call Trace: [ 556.326343][T11636] [ 556.326356][T11636] dump_stack_lvl+0x16c/0x1f0 [ 556.326414][T11636] should_fail_ex+0x512/0x640 [ 556.326478][T11636] _copy_from_user+0x2e/0xd0 [ 556.326517][T11636] copy_msghdr_from_user+0x98/0x160 [ 556.326569][T11636] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 556.326641][T11636] ? __pfx_futex_wake_mark+0x10/0x10 [ 556.326701][T11636] ___sys_sendmsg+0xfe/0x1d0 [ 556.326756][T11636] ? __pfx____sys_sendmsg+0x10/0x10 [ 556.326860][T11636] __sys_sendmsg+0x16d/0x220 [ 556.326913][T11636] ? __pfx___sys_sendmsg+0x10/0x10 [ 556.326966][T11636] ? __x64_sys_futex+0x1e0/0x4c0 [ 556.327037][T11636] do_syscall_64+0xcd/0x4c0 [ 556.327093][T11636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 556.327127][T11636] RIP: 0033:0x7f6f5258eec9 [ 556.327154][T11636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 556.327187][T11636] RSP: 002b:00007f6f53359038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 556.327219][T11636] RAX: ffffffffffffffda RBX: 00007f6f527e5fa0 RCX: 00007f6f5258eec9 [ 556.327242][T11636] RDX: 0000000000000801 RSI: 00002000000001c0 RDI: 0000000000000003 [ 556.327263][T11636] RBP: 00007f6f52611f91 R08: 0000000000000000 R09: 0000000000000000 [ 556.327284][T11636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 556.327305][T11636] R13: 00007f6f527e6038 R14: 00007f6f527e5fa0 R15: 00007ffdd0f872a8 [ 556.327349][T11636] [ 556.504509][ C1] vkms_vblank_simulate: vblank timer overrun [ 557.004695][T11669] FAULT_INJECTION: forcing a failure. [ 557.004695][T11669] name failslab, interval 1, probability 0, space 0, times 0 [ 557.188895][T11669] CPU: 1 UID: 0 PID: 11669 Comm: syz.3.1152 Tainted: G U syzkaller #0 PREEMPT(full) [ 557.188947][T11669] Tainted: [U]=USER [ 557.188958][T11669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 557.188978][T11669] Call Trace: [ 557.188989][T11669] [ 557.189001][T11669] dump_stack_lvl+0x16c/0x1f0 [ 557.189057][T11669] should_fail_ex+0x512/0x640 [ 557.189127][T11669] ? fs_reclaim_acquire+0xae/0x150 [ 557.189180][T11669] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 557.189227][T11669] should_failslab+0xc2/0x120 [ 557.189272][T11669] __kmalloc_noprof+0xd2/0x510 [ 557.189322][T11669] tomoyo_realpath_from_path+0xc2/0x6e0 [ 557.189374][T11669] ? tomoyo_profile+0x47/0x60 [ 557.189408][T11669] tomoyo_path_number_perm+0x245/0x580 [ 557.189445][T11669] ? tomoyo_path_number_perm+0x237/0x580 [ 557.189498][T11669] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 557.189542][T11669] ? find_held_lock+0x2b/0x80 [ 557.189614][T11669] ? find_held_lock+0x2b/0x80 [ 557.189646][T11669] ? hook_file_ioctl_common+0x145/0x410 [ 557.189699][T11669] ? __fget_files+0x20e/0x3c0 [ 557.189742][T11669] security_file_ioctl+0x9b/0x240 [ 557.189786][T11669] __x64_sys_ioctl+0xb7/0x210 [ 557.189842][T11669] do_syscall_64+0xcd/0x4c0 [ 557.189897][T11669] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.189931][T11669] RIP: 0033:0x7f6f5258eec9 [ 557.189957][T11669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.189990][T11669] RSP: 002b:00007f6f53359038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 557.190021][T11669] RAX: ffffffffffffffda RBX: 00007f6f527e5fa0 RCX: 00007f6f5258eec9 [ 557.190042][T11669] RDX: 0000000000000009 RSI: 0000000000004b32 RDI: 0000000000000003 [ 557.190062][T11669] RBP: 00007f6f53359090 R08: 0000000000000000 R09: 0000000000000000 [ 557.190082][T11669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 557.190102][T11669] R13: 00007f6f527e6038 R14: 00007f6f527e5fa0 R15: 00007ffdd0f872a8 [ 557.190146][T11669] [ 557.190159][T11669] ERROR: Out of memory at tomoyo_realpath_from_path. [ 559.186743][T11690] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1156'. [ 560.686787][T11716] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1162'. [ 560.860532][T11714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1163'. [ 562.013319][T11730] block2mtd: parameter too long [ 562.321450][T11735] syz.3.1166 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 564.765105][T11766] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1173'. [ 564.854154][T11763] block2mtd: parameter too long [ 565.039403][T11770] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1174'. [ 568.011478][T11797] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1179'. [ 569.833267][T11829] zswap: compressor 000 not available [ 570.489231][T11845] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1184'. [ 570.967590][T11835] kexec: Could not allocate control_code_buffer [ 571.384613][T11714] svc: failed to register nfsdv3 RPC service (errno 111). [ 571.401560][T11714] svc: failed to register nfsaclv3 RPC service (errno 111). [ 572.014415][T11846] netlink: 268 bytes leftover after parsing attributes in process `syz.3.1187'. [ 572.806030][T11862] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1189'. [ 573.289521][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.296748][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.748015][T11876] kexec: Could not allocate control_code_buffer [ 575.053654][ T5869] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 575.887556][T11870] ------------[ cut here ]------------ [ 575.900826][T11870] WARNING: CPU: 1 PID: 11870 at kernel/trace/trace.c:8604 tracing_buffers_mmap_close+0xdd/0x130 [ 575.911396][T11870] Modules linked in: [ 575.915739][T11870] CPU: 1 UID: 0 PID: 11870 Comm: syz.3.1193 Tainted: G U syzkaller #0 PREEMPT(full) [ 575.928750][T11870] Tainted: [U]=USER [ 575.932708][T11870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 575.943051][T11870] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 575.949529][T11870] Code: 75 46 48 8b 7b 08 e8 02 96 ff ff 31 ff 89 c3 89 c6 e8 e7 58 fb ff 85 db 75 0a 48 83 c4 08 5b e9 99 5d fb ff e8 94 5d fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 86 5d fb ff e8 51 cd 60 00 eb 87 e8 7a [ 575.969997][T11870] RSP: 0018:ffffc90019b27990 EFLAGS: 00010293 [ 575.976567][T11870] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bfac79 [ 575.984614][T11870] RDX: ffff88803412da00 RSI: ffffffff81bfac8c RDI: 0000000000000005 [ 575.992814][T11870] RBP: ffffffff81bfabb0 R08: 0000000000000005 R09: 0000000000000000 [ 576.000840][T11870] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff88807865a408 [ 576.008964][T11870] R13: dffffc0000000000 R14: ffffc90019b27a28 R15: 0000000000100000 [ 576.017006][T11870] FS: 0000000000000000(0000) GS:ffff8881247ba000(0000) knlGS:0000000000000000 [ 576.026102][T11870] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 576.032737][T11870] CR2: 0000001b3361bff8 CR3: 00000000772b4000 CR4: 00000000003526f0 [ 576.040727][T11870] Call Trace: [ 576.044058][T11870] [ 576.046997][T11870] remove_vma+0x85/0x160 [ 576.051348][T11870] exit_mmap+0x511/0xb90 [ 576.055682][T11870] ? __pfx_exit_mmap+0x10/0x10 [ 576.060483][T11870] ? __lock_acquire+0xb97/0x1ce0 [ 576.066139][T11870] __mmput+0x12a/0x410 [ 576.070415][T11870] mmput+0x62/0x70 [ 576.074571][T11870] do_exit+0x7c7/0x2bf0 [ 576.078767][T11870] ? proc_coredump_connector+0x2d1/0x4f0 [ 576.084553][T11870] ? __pfx_do_exit+0x10/0x10 [ 576.089197][T11870] do_group_exit+0xd3/0x2a0 [ 576.093761][T11870] get_signal+0x2673/0x26d0 [ 576.098288][T11870] ? lockdep_hardirqs_on+0x7c/0x110 [ 576.103560][T11870] ? __pfx_get_signal+0x10/0x10 [ 576.108442][T11870] ? force_sig_info_to_task+0x3a0/0x660 [ 576.114063][T11870] arch_do_signal_or_restart+0x8f/0x790 [ 576.119641][T11870] ? __pfx_force_exit_sig+0x10/0x10 [ 576.124901][T11870] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 576.131106][T11870] ? syscall_user_dispatch+0x120/0x140 [ 576.136670][T11870] exit_to_user_mode_loop+0x84/0x110 [ 576.142045][T11870] do_syscall_64+0x41c/0x4c0 [ 576.146671][T11870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.152611][T11870] RIP: 0033:0x7f6f5258eec9 [ 576.157145][T11870] Code: Unable to access opcode bytes at 0x7f6f5258ee9f. [ 576.164307][T11870] RSP: 002b:00007f6f533590e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 576.173235][T11870] RAX: ffffffffffffffda RBX: 00007f6f527e5fa8 RCX: 00007f6f5258eec9 [ 576.181239][T11870] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6f527e5fac [ 576.189677][T11870] RBP: 00007f6f527e5fa0 R08: 00007f6f5335a000 R09: 0000000000000000 [ 576.197707][T11870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 576.205744][T11870] R13: 00007f6f527e6038 R14: 00007ffdd0f871c0 R15: 00007ffdd0f872a8 [ 576.213780][T11870] [ 576.216813][T11870] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 576.224101][T11870] CPU: 1 UID: 0 PID: 11870 Comm: syz.3.1193 Tainted: G U syzkaller #0 PREEMPT(full) [ 576.235052][T11870] Tainted: [U]=USER [ 576.238859][T11870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 576.248925][T11870] Call Trace: [ 576.252220][T11870] [ 576.255157][T11870] dump_stack_lvl+0x3d/0x1f0 [ 576.259776][T11870] vpanic+0x6e8/0x7a0 [ 576.263782][T11870] ? __pfx_vpanic+0x10/0x10 [ 576.268313][T11870] ? tracing_buffers_mmap_close+0xdd/0x130 [ 576.274141][T11870] panic+0xca/0xd0 [ 576.277990][T11870] ? __pfx_panic+0x10/0x10 [ 576.282448][T11870] ? check_panic_on_warn+0x1f/0xb0 [ 576.287602][T11870] check_panic_on_warn+0xab/0xb0 [ 576.292580][T11870] __warn+0xf6/0x3c0 [ 576.296517][T11870] ? tracing_buffers_mmap_close+0xdd/0x130 [ 576.302441][T11870] report_bug+0x3c3/0x580 [ 576.306816][T11870] ? tracing_buffers_mmap_close+0xdd/0x130 [ 576.312649][T11870] handle_bug+0x184/0x210 [ 576.316994][T11870] exc_invalid_op+0x17/0x50 [ 576.321511][T11870] asm_exc_invalid_op+0x1a/0x20 [ 576.326386][T11870] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 576.332927][T11870] Code: 75 46 48 8b 7b 08 e8 02 96 ff ff 31 ff 89 c3 89 c6 e8 e7 58 fb ff 85 db 75 0a 48 83 c4 08 5b e9 99 5d fb ff e8 94 5d fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 86 5d fb ff e8 51 cd 60 00 eb 87 e8 7a [ 576.352650][T11870] RSP: 0018:ffffc90019b27990 EFLAGS: 00010293 [ 576.358767][T11870] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bfac79 [ 576.366759][T11870] RDX: ffff88803412da00 RSI: ffffffff81bfac8c RDI: 0000000000000005 [ 576.374747][T11870] RBP: ffffffff81bfabb0 R08: 0000000000000005 R09: 0000000000000000 [ 576.382732][T11870] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff88807865a408 [ 576.390736][T11870] R13: dffffc0000000000 R14: ffffc90019b27a28 R15: 0000000000100000 [ 576.398722][T11870] ? __pfx_tracing_buffers_mmap_close+0x10/0x10 [ 576.404995][T11870] ? tracing_buffers_mmap_close+0xc9/0x130 [ 576.410836][T11870] ? tracing_buffers_mmap_close+0xdc/0x130 [ 576.416673][T11870] remove_vma+0x85/0x160 [ 576.420965][T11870] exit_mmap+0x511/0xb90 [ 576.425288][T11870] ? __pfx_exit_mmap+0x10/0x10 [ 576.430105][T11870] ? __lock_acquire+0xb97/0x1ce0 [ 576.435108][T11870] __mmput+0x12a/0x410 [ 576.439205][T11870] mmput+0x62/0x70 [ 576.442974][T11870] do_exit+0x7c7/0x2bf0 [ 576.447161][T11870] ? proc_coredump_connector+0x2d1/0x4f0 [ 576.452826][T11870] ? __pfx_do_exit+0x10/0x10 [ 576.457465][T11870] do_group_exit+0xd3/0x2a0 [ 576.462684][T11870] get_signal+0x2673/0x26d0 [ 576.467622][T11870] ? lockdep_hardirqs_on+0x7c/0x110 [ 576.473093][T11870] ? __pfx_get_signal+0x10/0x10 [ 576.477979][T11870] ? force_sig_info_to_task+0x3a0/0x660 [ 576.483578][T11870] arch_do_signal_or_restart+0x8f/0x790 [ 576.489448][T11870] ? __pfx_force_exit_sig+0x10/0x10 [ 576.494683][T11870] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 576.500978][T11870] ? syscall_user_dispatch+0x120/0x140 [ 576.506478][T11870] exit_to_user_mode_loop+0x84/0x110 [ 576.511806][T11870] do_syscall_64+0x41c/0x4c0 [ 576.516446][T11870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.522380][T11870] RIP: 0033:0x7f6f5258eec9 [ 576.526810][T11870] Code: Unable to access opcode bytes at 0x7f6f5258ee9f. [ 576.533857][T11870] RSP: 002b:00007f6f533590e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 576.542286][T11870] RAX: ffffffffffffffda RBX: 00007f6f527e5fa8 RCX: 00007f6f5258eec9 [ 576.550283][T11870] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6f527e5fac [ 576.558266][T11870] RBP: 00007f6f527e5fa0 R08: 00007f6f5335a000 R09: 0000000000000000 [ 576.566259][T11870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 576.574255][T11870] R13: 00007f6f527e6038 R14: 00007ffdd0f871c0 R15: 00007ffdd0f872a8 [ 576.582274][T11870] [ 576.585695][T11870] Kernel Offset: disabled [ 576.590042][T11870] Rebooting in 86400 seconds..