last executing test programs: 2m49.690187303s ago: executing program 1 (id=1996): mmap$auto(0x0, 0x8000, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x4000000, 0x10000000400008, 0xdf, 0x9b72, r0, 0x40000008000) write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f00000000c0)='\x00\x00\x00\x00', 0x4) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) gettid() open(&(0x7f0000000040)='./file0\x00', 0x0, 0x154) lseek$auto(0x3, 0x7, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) ioctl$auto(0xffffffffffffffff, 0x4b3a, 0x1) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x2, 0x73) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x1, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x20001, 0x0) 2m48.782806629s ago: executing program 1 (id=1999): syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) (async) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x2, 0x0) (async) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) (async, rerun: 64) syslog$auto(0xfffffff9, &(0x7f0000000000)='-,:}(-*{N)%\x00', 0x10) (rerun: 64) lseek$auto(0x3, 0xff, 0x2) 2m48.460116699s ago: executing program 1 (id=2001): syz_genetlink_get_family_id$auto_netdev(&(0x7f00000002c0), 0xffffffffffffffff) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000300)={{&(0x7f0000000000)="abe1883dc42a05007baf5b7a8f09660fe599d3312e5f849b916cde2dfd8d5a9b6cf49c343a88415fb23e529c94644cae80fc6fa9593bcd8a7c2224d00d14688a5f49e8b545aa2dfb3d9e2c730d853c9022a87b42eae54ad1b14804aa54e6291f6c8436853a5621876a757df9bdee2f7c9d91170c9fe70e5a65fc849b451d862e7a7baa435c94e0fd3b45b34dc6419d1de22655639db6613058f37fcc69bf8f171fce5ced095e992e49b30162e4b81d3f405f1c5f34509a21a0bb3b093270d987aa7cd855f944a4f8aa7f2391892f4463c9f0cdfb717ecf719ce47f43e7669e5b467c871646fe2e365e7ce5b44053a8f69fecc4da02c761ee3694ef68", 0x8, &(0x7f00000001c0)={&(0x7f0000000100)="f363cb2ffaf36e71a572c6877fa768d847c2b0a64d0b28f682d0dd37c8c11818d333a24941687aa000750a762b3437652cc6c4f4e32f1fdb8282a22e23681c1c014039328ffb9ab8e8cabab5175b5ff5a921da822c5ed9ef5e42cbcf17d08ef79e368d6f46b54b6a3dddaddce4986a6b08e2482d2ddf3d33c9f4c555e58f5fc58b1bf08c36af44a2bf4cb7d4203fdcd494c6d9b8d7e103b8dde99daee7d7d27bb6cf46293afa4f13c9e3df0166af456ffd41c11638bea1bb870fc65a96", 0x3}, 0x400, &(0x7f0000000200)="016ed608002bd49e25b8ae2e89e9249d60a8e80df1dd84030d1ba589f1dce95ea059158b30d60fff374011f13003fd328e369a9e24a2c890be06bdae64a46361bc8a1c99df0fad0302bcad0bb1eae6a2587849bb8ecc3843c900624c658d7eb9367a05e935777831452a0578a370d63f54c778d97c22b86aef79565a8771ad22471734428285cfa3", 0x4, 0x3}, 0x9}, 0x5, 0x9) 2m48.324237905s ago: executing program 1 (id=2002): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyq5\x00', 0xa40, 0x0) mlockall$auto(0x7) ioctl$auto(0xffffffffffffffff, 0x4b67, 0xffffffffffffffff) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x89e0, 0x91) mmap$auto(0x0, 0xe183, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x3e, 0x5, 0x80000001, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x75) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) 2m46.268729881s ago: executing program 1 (id=2012): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x1, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='f\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40050) close_range$auto(0x2, 0x8, 0x0) openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000f80)='/sys/kernel/debug/dri/vkms/Writeback-1/vrr_range\x00', 0xa8441, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1000000007e) pwritev$auto(0x3, 0x0, 0x5, 0x3, 0x9) 2m45.139601641s ago: executing program 1 (id=2016): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x100000000000036, 0x0) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) socket(0x2, 0x3, 0x0) (async, rerun: 32) socket(0x1e, 0x4, 0x0) (rerun: 32) socket(0x1e, 0x4, 0x0) (async, rerun: 64) r0 = socket(0x1e, 0x4, 0x0) (rerun: 64) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) (async, rerun: 64) socket(0xa, 0x2, 0x0) (rerun: 64) socket(0x8, 0x800, 0xe09f) (async, rerun: 32) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x80000000000000d4, 0x1, 0x6, 0x0, 0x5, 0x4, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0xb, 0x0, 0x9, 0x81, 0xfffffffffbff628e, 0x800000a747, 0xdead, 0x804}) (async, rerun: 32) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x28000, 0x0) (async) connect$auto(0x3, 0x0, 0x54) (async, rerun: 64) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (rerun: 64) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) ioctl$auto(0x3, 0x400454d9, 0x38) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r1 = epoll_create$auto(0x4) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) r2 = socket(0x15, 0x5, 0x9) (async, rerun: 32) close_range$auto(0x2, 0xa, 0x0) (async, rerun: 32) fcntl$auto_F_GETOWNER_UIDS(r0, 0x11, 0xfffffffffffffffb) (async, rerun: 32) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) epoll_create$auto(0x100008) (async, rerun: 64) epoll_ctl$auto(r1, 0x1, r2, 0x0) (rerun: 64) 2m30.129203316s ago: executing program 32 (id=2016): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x100000000000036, 0x0) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) socket(0x2, 0x3, 0x0) (async, rerun: 32) socket(0x1e, 0x4, 0x0) (rerun: 32) socket(0x1e, 0x4, 0x0) (async, rerun: 64) r0 = socket(0x1e, 0x4, 0x0) (rerun: 64) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) (async, rerun: 64) socket(0xa, 0x2, 0x0) (rerun: 64) socket(0x8, 0x800, 0xe09f) (async, rerun: 32) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x80000000000000d4, 0x1, 0x6, 0x0, 0x5, 0x4, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0xb, 0x0, 0x9, 0x81, 0xfffffffffbff628e, 0x800000a747, 0xdead, 0x804}) (async, rerun: 32) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x28000, 0x0) (async) connect$auto(0x3, 0x0, 0x54) (async, rerun: 64) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (rerun: 64) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) ioctl$auto(0x3, 0x400454d9, 0x38) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) r1 = epoll_create$auto(0x4) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 32) r2 = socket(0x15, 0x5, 0x9) (async, rerun: 32) close_range$auto(0x2, 0xa, 0x0) (async, rerun: 32) fcntl$auto_F_GETOWNER_UIDS(r0, 0x11, 0xfffffffffffffffb) (async, rerun: 32) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) epoll_create$auto(0x100008) (async, rerun: 64) epoll_ctl$auto(r1, 0x1, r2, 0x0) (rerun: 64) 5.401471269s ago: executing program 0 (id=2627): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x1, 0x7ff) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x62, 0x27dd) 5.375004556s ago: executing program 4 (id=2628): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x3, 0x100) (async, rerun: 64) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (rerun: 64) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x2c, r1, 0x13, 0x70bd2c, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x1}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x9effffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) (async) sendmsg$auto_NL80211_CMD_STOP_NAN(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000040)={&(0x7f0000000300)={0x84, r1, 0x300, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_VENDOR_DATA={0x6d, 0xc5, "c97f2e2171c3f6c2329c64e2c70e02f837eb62f3b94d2b0c442bccaee7bd148f1f6587b6ba6d4f02a7c918a134a5641a6e5938f7ffe75fbdbec63f873ddc5ec298a758206a2d568e166dfe9da0d2834cdd2f107f82b92d13a358d3b53a29b0375064767671eddf846e"}]}, 0x84}, 0x1, 0x0, 0x0, 0x4041}, 0x40000) (async) socket(0x10, 0x2, 0x0) (async, rerun: 32) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='U'], 0x1ac}}, 0x4004) (async, rerun: 32) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) 5.18379485s ago: executing program 0 (id=2629): r0 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r0, 0x80044df9, &(0x7f0000000100)) mmap$auto(0x100000004, 0x2, 0xfffffffffffffffe, 0x13, 0xfffffffffffffffa, 0x41) capget$auto(&(0x7f00000000c0)={0xb, 0xffffffffffffffff}, &(0x7f0000000200)={0x8000002, 0x7, 0x7fff}) r1 = waitid$auto(0xa, 0xffffffffffffffff, &(0x7f0000000440)={@_si_pad}, 0x6, &(0x7f00000004c0)={{0xc76f, 0x1}, {0x7, 0x3fc}, 0x8, 0xfff, 0x2, 0x3, 0x4000000000068a, 0x100aa, 0x2, 0xa0, 0xe, 0x8af, 0x10, 0x0, 0x6, 0x81}) sysfs$auto(0x5, 0x4, 0x3) lsm_list_modules$auto(0x0, 0x0, 0x400) getcwd$auto(0x0, 0x8000000000000000) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x40146f2c, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, 0x0, 0x40, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) pselect6$auto(0x400, &(0x7f0000000000)={[0x8, 0x4, 0x40000000000000, 0x6, 0x7fffffff, 0xffffffffffffffff, 0xfff, 0x6, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) fgetxattr$auto(r2, &(0x7f0000000080)='[]!%^(\x00', 0x0, 0x7ffffffffffffffc) close_range$auto(0x0, 0xfffffffffffff000, 0x2) close_range$auto(0x0, 0xfffffffffffff001, 0x2) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04, 0x0) waitid$auto_P_PID(0x1, r1, &(0x7f0000000240)={@_si_pad}, 0x3, &(0x7f00000002c0)={{0x66e0}, {0x1, 0x7}, 0x7, 0x7f, 0x7f, 0x4b, 0xffffffffffffffff, 0xfffffffffffffffc, 0x403, 0x3, 0x5, 0x5, 0x3, 0x9, 0x7, 0x1}) socket(0x22, 0x5, 0x4) r3 = open(&(0x7f0000000180)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001340)=ANY=[@ANYBLOB='4\b\x00\x00', @ANYBLOB="beeabdbf18ae8883087d9f69f2a657fa893fca2ab1792a2b3367f97409591fecfe77a7930b106c8db907532288c0feca553ab3fdb3f83577d3257dbb1cf0ecf80fe1132e311379674a0ef7ca26f46510782213f30883d549c02b403888b698e5bfbace4990188a5916e511c5eb770579e936e02a2ee2e5f19fca0f65825114b5931df41eaf32f2a25a4fbe791ce25c39512a1482ac4d28570519d69cdfc88dc300bd443b966722dfa5ef8980b1ecd6732a4fce2fc0eec61cf9d39872f65cf8f407e7f9569f01d14a55f7385f19c28b370fcdebf337e0f6c8d271fe95c1018a08265cc54c42822a89dff6f66f9f09b01b932fb2f4f7c8310e787eefb37c9557de3a64fb39e0068a5b274578b458d86669f5d131a19cf99c7d7e68610caf525121f349d348a5e5e438ba5cc3fa7a5f1464e5656fff34f48151aedb8cdc88540f31e30216c16ebbf7b1a28f41015e9df85ef9f3b19f7d1ad736eba9c2d67e1bb4a0e317bf7f8191d7fb2ece321a73ca2c72fea127af96d8930c0568b13bb31ed35c510d8e34e77e92de07ac31536bddc2c0c4829982f56b3a1dfaf1e9a3a67dfa20ffeedf20f213339e60e8e3ebd00fcf0e08066a6ab4fe58a59ffba1bad913292927000cff5ea9ecb2766ea75c8d699f6da3063f54482f370011a8cdfe2b9c9680019d275818c2074d4480321fcf7a69b20ae6f349de07f0047f934e5c404058c443bc4d239cdb0d42919041e89bd332dc92f8005986aca533c689d2f296227cfd13b485bbde104095a9d4fb5fd7cd6818786ceb898e4b8208e810e96dcb6e78ee7c229d42ed8f8ffd9b8d3e125861c7dd313b3e5c010890bb3409c9a3d81d81b748b6b3ca4e069edfb38b12b57dd6163de0ae4271f9acbd0a6327433b7492b62be9a53532bf02664c14598a3afbb1e82996040b422c1df5650484684e4458d6d1a2d8b1ca966ed2852cf2bb10970c8e734213e1e8a4c85df3c9a1216ca168f58fc8d650fb833e576f8bb1c08c32de8c1360072a3be1449a8c7c85d429ada21e338a9724ee873bd29150d022eae187d5e7aa151fd3a641190c661b1c11e85c3e6a704e2289b000e695f40913ff4816b4831412ec0e1162f707162902384593c739c48c4e9f5b57f7fa2affe9ebb5225a8ccbfea7bd9cd4d91207a86abc6062d68f743db92e0cb8d462fede7f88767b890c1d2f16940b1f9e087b8b41bba8af3f01412c741e628b64b700adbe227b3e8776887a5850c4eb831c471598c207cff80987b3f6e856dee577662721bd9b88f69b9158a56a2741531428a136128e0be3cc2cacc679fd24cf97f54585c6ec3db6cfc553772ee56ea4be2eefc83a2b4cac718a019363797bc48bc2fbbc9436cedaf330f086e7d3164b5dd73ded73aa063ade20ee3c12b97322a239aed93f067062e2b5231a1a59c159cc833a73c967dba7d5d68a3612e7d9df7af54a07ed21b76a4671dbb9d68808a6869095c3ec137240db8420114ab7fe156d76bd8690a1e4006b4003e097cf925809a2f8fd14884ba25b29f257bf7fa3221d9339c73937ca15e07567869735fcbd53f54c3bbfc9cf40cdc86b52b37018612f98bd73dc8edb8cd1f94286facb07bf2a40d2a05445f73c9a2a0e36366004802cf043746f906fe77076733d8533d9e6cd875094ec2c147773be2e9b92fab73fefa267b38e7356e915076b08c7818ddf03a1bfe85ee46df4ff86781ec535834d584a40a44611428a8d20cd728d0f368627b206373027ecf9c398662346e93a6360b76177e9259330d1e32c30682fafd82626a1fc1d97dd4104ba66eeb0882c4686bf3e4a0bd5f54eeae8b872dada44cda81c17b6a9551647331cc2d63c14e07831385122f6cb9f85a0e3af5cf28f528b91f34ae63432c0178b0265f167d2a124a8d9c5e2de9c5e334d7149c6fd0099b08939af4baf957535852f97f137971c92b15c094c83d67d5354e0b4796416671f77599bf6b8705615505d48e1e152c202e92a29be55769f840799d1cbd20a3a1788d55b00d5d166ff5bae2fa1493e083be5ab07d80b68b62095a3d5c3a6b299bfba7ae3235c3eb3582b417b8a6b53e545e0b060e1639d6be37c79dfc8e2b0b89f956ee203ab15094b114016b5c96bf4aeed4ed4c4d2b91e888a1c3ed14a873d4e8c01ed7405f409605c", @ANYBLOB="010026bd7000fcdbdf2501000000", @ANYRES32=0x4, @ANYBLOB="080001002e53520008000200", @ANYRES32=r3], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80) bpf$auto(0xd, 0x0, 0x6f5) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) 4.346434245s ago: executing program 4 (id=2632): r0 = openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000240), 0x60800, 0x0) close_range$auto(r0, r0, 0x404) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000100), r1) sendmsg$auto_IEEE802154_SET_MACPARAMS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYRESHEX=r1], 0x1c}, 0x1, 0x0, 0x0, 0x40010}, 0x40) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x200582, 0x0) read$auto_page_owner_stack_operations_page_owner(r0, &(0x7f00000000c0)=""/46, 0x28) socket(0x23, 0x4, 0x0) mmap$auto(0x0, 0xe982, 0xdf, 0xeb1, r0, 0x7fff) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(r3, &(0x7f0000000080)=@in={0x2, 0x4e24, @loopback}, 0x8) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(r1, 0x0, 0xfffffdeb) mmap$auto(0x0, 0x400008, 0xe0, 0x11, 0x2, 0x8000) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, r0, 0x85) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000280), 0x22880, 0x0) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0xbce, 0xa, 0x10, 0x4000000000000381, 0x948b, 0x9, 0x15f4da0a, 0x1, 0x10000, 0x61, 0x8, 0x7, 0x8, 0x7, 0x2, 0x5]}, 0x0) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000280), 0x9}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) write$auto(0x3, 0x0, 0xffd8) 4.069830084s ago: executing program 0 (id=2636): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x1, 0x7ff) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/io\x00', 0x0, 0x0) read$auto_proc_single_file_operations_base(r1, &(0x7f00000051c0)=""/103, 0x67) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x62, 0x27dd) 3.884051789s ago: executing program 0 (id=2638): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x8d, 0x8, 0xffffffffffffffff, [0x10, 0x0, 0x2], {0x6, 0x8, 0x1, 0x1ff, 0x3, 0x83, 0xffffffff, 0xa, 0x7}, {0x2, 0x2, 0x75c7, 0x5, 0x1, 0x40, 0x876c5, 0xc, 0x100000000}}) socket(0x2, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/reboot/cpu\x00', 0x3a3843, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="e95ddd695df9d7c55845a8f59c6b68dbe4a592fd93716b3143058b9fb31ea87cf97e366541e1337e97105afcf2be4741768186c12d796eb7469fa60b94fdff7f", @ANYRES32, @ANYBLOB="010026bd7000ffdbdf250400000014001a80ffff04800c0001"], 0x28}, 0x1, 0x0, 0x0, 0x894}, 0x4) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4002, 0x4}, 0x77, 0xfffffffc, 0x0, 0x62bd) socket(0x10, 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x3, 0x2) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xc048aeca, 0x0) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto(0x3, 0x5411, 0x38) io_uring_setup$auto(0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) 3.481500456s ago: executing program 4 (id=2642): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r0) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'wg1\x00', 0x0}) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2202, 0x0) write$auto(r3, 0x0, 0x8) socket(0x11, 0x3, 0x2) read$auto(0x3, 0x0, 0x81) init_module$auto(0x0, 0xfffff, 0x0) (async, rerun: 32) mkdir$auto(0x0, 0x8001) (async, rerun: 32) r4 = setfsuid$auto(0xee01) setresuid$auto(r4, r4, r4) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32) readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9) (async, rerun: 32) getpriority$auto_PRIO_USER(0x2, r4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) (async) setfsgid$auto(0x9) (async) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) lstat$auto(&(0x7f0000000500)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) (rerun: 64) socketpair$auto(0xffffff6c, 0x4, 0x8000000, 0x0) (async) r5 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r5, 0x8953, 0x0) (async, rerun: 64) r6 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) (rerun: 64) write$auto_fuse_dev_operations_fuse_i(r6, &(0x7f0000000440)="1100000002000000000000000000000001", 0x11) (async) sendmsg$auto_WG_CMD_GET_DEVICE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, r1, 0x703, 0x70bd27, 0x25dfd9fc, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x880}, 0x4) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) 3.381426011s ago: executing program 3 (id=2643): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="e687", @ANYBLOB=']'], 0x1ac}}, 0x40000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) r2 = open(0x0, 0x161342, 0x100) unshare$auto(0x40000080) r3 = socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) write$auto(0xca, &(0x7f0000000000)='\x04\x01\x04\x00\x00\x00\xf1\xff\x00\xb6', 0x8) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r4, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_UI_SET_EVBIT(r2, 0x40045564, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0xd5, 0x8, 0x4) madvise$auto(0x0, 0x2003f0, 0x15) ioperm$auto(0x7, 0x86, 0x9) dup2$auto(0xffffffffffffffff, 0xffffffffffffffff) getsockname$auto(0x5, 0x0, 0x0) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 2.927413688s ago: executing program 2 (id=2646): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/shmem_enabled\x00', 0xc8002, 0x0) writev$auto(r0, &(0x7f0000000080)={&(0x7f00000000c0)="78202e01e4bb5c0c0a", 0x9}, 0x4) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000fc0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010025bdf000fedbdf257500000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0xc1}, 0x90) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000900), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_NEW(r4, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000000)={0x24, r5, 0x1, 0x70bd27, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_KEY={0x4}, @OVS_FLOW_ATTR_KEY={0x4}, @OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x202}]}, 0x24}, 0x1, 0x0, 0x0, 0x50040}, 0x810) r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r6, 0x1, 0x7ff) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r6, 0x62, 0x27dd) 2.872095293s ago: executing program 0 (id=2647): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="e687", @ANYBLOB=']'], 0x1ac}}, 0x40000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) r2 = open(0x0, 0x161342, 0x100) unshare$auto(0x40000080) r3 = socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) write$auto(0xca, &(0x7f0000000000)='\x04\x01\x04\x00\x00\x00\xf1\xff\x00\xb6', 0x8) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r4, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(0xffffffffffffffff, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000000180)={0x140, 0x0, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x128, 0x1, 0x0, 0x1, [@nested={0x124, 0x2f, 0x0, 0x1, [@generic, @nested={0x120, 0x126, 0x0, 0x1, [@typed={0x8, 0x123, 0x0, 0x0, @pid}, @generic, @typed={0x8, 0xdf, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x2e}}, @nested={0xf1, 0x8e, 0x0, 0x1, [@generic, @typed={0x8, 0x25, 0x0, 0x0, @fd}, @typed={0x4, 0x50}, @generic="f87b9416806f64201a21270c0a3ff7b336f58a7b0b9018d9560bfbec945affd5dac9331511c6a463d7751882550b5a973531d670d3b1fabd9be47f231020225ee5c38bbc151f79175b29ad35f552640060228b90ef7e72a5eb3b7cfe4e604e302772050613d65a1983c85d091fbfd199cd7ac46da186efa6a0664282478ee3a362fc98609d7df18cfd5580a36e94eaaff631d7edc5e37b304de9cc2fa44fa1e7c01884a61f368712fb1ccebda65ea228e863f2ce24305412cee7907118a7134d26f019072232c5778fa5ae86c2ffefe2d0fa0cc82a3e32a2fbdd8841b26f3a0f2c"]}, @typed={0xc, 0xec, 0x0, 0x0, @u64}, @nested={0x9, 0x56, 0x0, 0x1, [@generic="382fc93a8d"]}]}]}]}]}, 0x140}, 0x1, 0x0, 0x0, 0x40c4}, 0xc000) ioctl$auto_UI_SET_EVBIT(r2, 0x40045564, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0xd5, 0x8, 0x4) madvise$auto(0x0, 0x2003f0, 0x15) ioperm$auto(0x7, 0x86, 0x9) dup2$auto(0xffffffffffffffff, 0xffffffffffffffff) getsockname$auto(0x5, 0x0, 0x0) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 2.673604226s ago: executing program 2 (id=2648): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r0, 0x0, 0x5, 0x20000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x8000000, 0x0, 0x40) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = socket(0x10, 0x2, 0x0) r2 = openat$auto_trace_time_stamp_mode_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/timestamp_mode\x00', 0x20100, 0x0) sendmmsg$auto(r2, &(0x7f00000003c0)={{&(0x7f0000000100)="64a22dc102d09ca632b440e071ce376014a7218edf645c528417434c7f3c8fb3f52095b1e0c0b5c68197c99a5a291290cab204ea675f266d912f1a4f0422f9a2454577c3fb26c0685aeec7c1aaa9b0056c4def311bf0f5865f8a10ddebe467e6dee0abcda1e43addc0a64519008125a81980b70238674ba8e74984035ed515898c571860494dbb86b31a317a1ecb0ae1b69607ea", 0xfff, &(0x7f00000002c0)={&(0x7f00000001c0)="b5bd03334a7e54dca714dde417d4baacdb4806c5f0c0c0f507c5758f656445427bd919d3d690f8d9545b0229ff70481c904ec1a1ae8433107d056941d7616ff2307381eb1a65c9da3bcb8cebba4965bfbafd512ae0772878b37762912b530c8914dd65b111e59c8e8e8a70bb87c299ef2039e9d868cfcbd1732a10ef37c8400a3d23567572a92349673683927db30866a650c7de149a2a5a00d08f3c36ebb1c1e02a83720735a9df99ec3121c4f2fdc1c2c35ad7ae869c0be2f47a642bce0ceab469db3e72087ddfac4ab320", 0x4}, 0x1, &(0x7f0000000300)="0f3b15a8eb65c3a5093d9f6314c22cb82ac6e9c5435e7408f4e4697cfd6a0752adef88e86a924d9742d2740ea92048492a4c9580019b53fdcf8e44160afa580777c4c41d486738ef5eca71e68f53094ce224982a84e53d942cac005e3032686cbc93fe0c9851ea293a2bb78b354274adc3b9e6758f92a77d6a42fef59c50e3ef16cf89ff2e9b1d74278681d79879004044d4", 0x8, 0x88}, 0x5}, 0x5, 0x100) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000000)="42bf", 0x2) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x4840) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='.\x00', 0x100, 0x161) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000000580)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="d4b20010", @ANYRES16=0x0, @ANYBLOB="200028bd7000fedbdf25010000000c00040003000000000000000c000400fbffffffffffffff8c00098098b15738b214a8bb449d9d434bc910fdcd516cda313162f76d2cea533fc61f6fe6c36548d6bcad7186bfecb799075167ff298cde985819e0936397019729aef3c1662d13164977af2b3cf648473ec2fedb3b393fb1ac1f90de863764b66d24c2d79c3c4154846a636168b91406e3f19d918c70988b0ce2af884413aab6395877907bb6284346183e0c0002000600000000000000080001000400000006000a0029280000"], 0xd4}, 0x1, 0x0, 0x0, 0x821}, 0x80) getdents64$auto(0x0, 0x0, 0x18) getdents$auto(0x0, 0x0, 0x700) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/vt/parameters/default_red\x00', 0x801, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) 2.013803495s ago: executing program 3 (id=2649): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x1, 0x7ff) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x62, 0x27dd) 1.872582284s ago: executing program 4 (id=2650): mincore$auto(0x1ff, 0x2, 0x0) (async) r0 = socket(0x10, 0x2, 0xc) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/packets_per_slave\x00', 0x182b02, 0x0) pwrite64$auto(r1, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x15\x00p\x01\x99\x88c\x14\r>\x14\x1a\xd3\xd3\x1d\xf8?\xdb\xdb\xc1\xf5\xe3o\x8e\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\xe5}\xea\x1b\x95\xafQ;_L\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\x10\x00\x00\x00\x00\x00/TX:\xfe\xe8\xe0\x96\xb1x\xc5\x1f\xd2\xe2\xf6^\xfdo\x00\x9a>T\xd5\x1e\xe3\xeb\x89q\a\xd6h\xc9\xbc\x8f\x1dBk\x95\x174\xdc\x03\x05> -\xb6\x9d[\xe42(\xe4\n\x98u\xc9\xa1\xc4Zb\x04\xc2\xf1 \x8a\xbe]\xde\xfd8u\xb4\xde\xb3\xa1T/\xdfx\x14Y\xfe\x1e\x1f\x91\x19\xb7\xfc\xcd\x7fl\xb3\xa8#\xa0\xb9P\x8d\x04C\x87\xebR\x93\x12\x18H&N\x8b\'i)\xab@\xaf\xcb\xda\x00\x067\xce\xd6V4\xc2\xeeX\xb4\xe9\f\xee\xe8\xd8\x91\x1b\xcd\x00j\x14H\xcc-\x14\xde\xaaN\x87\x8d\x9b\xa05\xacHX\xc1\xce\x91\xee\xad\r\xbe\xb2&f\xa3\xe2\x8bp\xba\x8a\"\xf1\xfc\xa13\xfe\xe0JG\xe1v\x82s}v~`X%pJ\xbf\xc3`\xa9\x8f\"l\xc7XX\xa4\xb6\x0e\xbe\xa0wy\xfe\x03n\xb5\r\xf149*(\x15\xaa\xc2\x8aB\xf1\xbb$M\xfe%\xc7\x84\xf0\xa4}bd\xac\xa8T\xda\xffm\x86\xca\x80\xde3\xa7\xba\xc7Y]\xd7\xa2\xec)\xd6\xad\xbcI\x10\xa3#\xd4/J\xa8\x14\x1b<\x04\xbd\x89\xefQf\xc0Q\x92\x92\xa7\x99\xcf\xaekR\xf5\xb7\x14r[\x9fx\xaf+\xb3@\xf4\x83\xbf\xc7e\xe7\xc2\xd6\x10\x0fk\xee)\x92\bO\xa1\x1a\x9e\xef:5\x1e\x1c\"9\xd8\xdf\xa9C\xe2SHG6\xf2\xd5.\x12]\x17J\x8b\xc52\xe9\x9e\xbc\xdc\xae\xef\xed\xf9\xa6\x9e-\x92pZ\x12j/\x1dD{\xac\x17\\O\xee\x11\x10$\x12\xfc \xb0\xb7cA;\xa1,\x040\xa7\xd9\xb2\x19@1\x92\x10\xc4\xc0\x1f\x1d\xe1\xf6\x80lW\v,\xa2\x134no\xa0\x00l\xd8\xe4\xd3\x16\xd3%\x8b\xf5\x1e\x12{\xe6\xdb\xde\a\xdedH\x90\xf7\x19\xff\xcb\xacC\xeadOf\xb8\x15\xc39\xefLt\t\x11\xa1\x0e\x85\xac\xcc+\xc0\xb4.\xaa3>\xc0\x96\x84\xd5\x02\xc1\x94=\xb0\xfe\xda\x1d\xe9\xa7\xe1\xcf\x80|k\xdd\x95\xc9\xb0y\xb4\xbd\xc2W\x9c\xa4\x80\x13\xbc\x7fb=y\xdb]U\xd1HC\xe1\xa7\x94q\xb0C\xb8\x86\xd0\x9d\xe0\x8aD\x91x\'\xd6\x17\xd1\x9d\x16\xa7oZ\x8a\xce:\x9e@\x04\x00\x05f+\xee\xd8\xe6D\x9e\xb18Aw\x92\xe8\xb8>\x81{', 0x8001, 0x1) bind$auto(0x3, 0x0, 0x68) (async) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dri/card0\x00', 0x800, 0x0) ioctl$auto(r2, 0x64c6, 0x1e2) (async) close_range$auto(r2, r2, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) pidfd_send_signal$auto_SIGCONT(r2, 0x12, &(0x7f0000000040)={@_si_pad}, 0x3ff) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x7, 0x12, 0xffffffffffffffff, 0xf4e) (async) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) (async) r3 = openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x8a001, 0x0) ioctl$auto_rfkill_fops_core(r3, 0x1, &(0x7f0000000340)) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f0000001640)='/\x01\x00\x00\x00\x00\xc3\xd0\x01\x00\x00\x00q\xb4\xde\x98\xea\xec\xbf\r\xca~a\x11\xa8\xf1g\xdc\xc4^\xd8\xb6\'7h\n\xbaX\xe3DZ\x8d\x15[\x9c\xa0\xed\xd5\x00@\xc5\xcb+\xb4\x11\xc7\xa1\x13\xe8\xcd\xb5\xc1\xd8R\xeb>\x99;\xa4d\x80\xed\x9e\xdcb3fs\xb7\x85\xb1`\xdfr\a\xa0\xa5pX\x18\xc5\xd5\xddY\v\x97\xe9\xcea\x99\'\x18\xf2\xfe#\xf1\xce\xc8\xca\xd5\x8d\xd3\xed\xfd,40\xd9WDl\x90\xef\xda\xb1\xf7\xb4\xf4\x80\xc0\xbf\x1b\x8d3\xaf~\x10\x94/\xf1uV\xd8\'$\xc0\n{\xd7\xb7q\xcc\x18\x94g\xfft\xcd\ba\x0e\xdba\xa5J\xb4&\xfb\xdbWM\xb4MI\xa9\xc2\xc7\xdeb\xf2\xb8\xe2\x93\xfeD\xf8\n\x85\xaa_\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa5', 0x2354) (async) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) r5 = socket(0x15, 0x5, 0x0) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) (async) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f0000002780)=ANY=[@ANYBLOB="20100000", @ANYRES16=0x0, @ANYBLOB="040026bd7000ffdbdf25080000000c10038008005f00", @ANYRES32=0x0, @ANYBLOB="e9d9bd95ea8eb9ef8f407e7a7121837c931ed0f3985a452660e84da5e98518e71e6fa26d4ad4d6a46ba8f6156413413b0d4af5c32701f2178f4628249e5733f6f1af3ce5c7a224ff74f155b9bc21bd5ecfd35c2b24f55b7e2a46b95692e4ec3186d18af57ad8b6508f02352ee7d8db6c4f1d45d5f73804aaaecd85b63257ca96c1781b54c8bbc5833341fe5cdcde56e1710b8cc65c992d1425ee2d8451fb147cf6f9e1458aaa82958b019d91e7fee576633f435d7bdb9e8d3ff072f3a7268605b30c1906b617f839538e07400b9174ffd5ec04bb5479d8e0b6e1b6caffb98345ae92e01a07a2ce69b05ef8681ee2c0380925fb5daf16e03697cccd1df182b039daf24dc8407a63903d3d14e826b328d4d9da9ac22032e560cf1658f27e4bcbcf014663853086baa4d43c0e46098712712ee95979ffffff7f88b67cbe0d900809c5a20ca7e14a12f52b49f9268027f494ee1156bacfc66e6419611f62a63d8c0d06eea842001e646d4045e17fd9b0b65a4dc795dfec373d65a9c218e17289b7262ebd6cbe72fa8b07674cd703153a12f52dce53bea196475458603788dc9a99d8abc167352f1ee4ab419b34067ec3f20048132ce339798644fa79d7e3974c7aeba4673d7d6a6357a56909a699c7ce6920b1372ff387db4cfbb0bba5862946f928bb77b9d30435a1decc1ef65e8d1e93d6e0980c50df30b737ab4e51aaa22c002de000de95259a837a558c30752ad22d8cc0e5b35a1e28d796922968ab0c583be0647abcee6137fb771e4f5ae5587f558fe6b99f95e1d0a237d7ffbbd109d49534dcaab032b6f278e0c1ac4f40176d0dabf684fe85ec3f95a139146882b42f9fde6daba7414989b6fda498dc908329ba1f2bd7e1419c4644c4568eeaca05f197d5c9f034e0b4c2dca90d9fd77df4b4c5c470238194c064121a4e8f70765b493104a56ab31b61c596bc46ad1af3aa99f969ac07ec8c2b8a9d0ef2fbf2c6eb6af478d2d208a7bbefca16472fa7bebc72b8c908ea3d35b56e0e0573efc0d9f192652a98cc8bf7ae4c5e803daf1881657f286a34483e156c3249c6cdf9a34859a19b8acfc1dd96fb61c5423848e039a887a2646d245d5a70c327c26ac87fd79cb1d7e099daec697217612a249a69743c805810cc693511683917b159d4195a9fdbc50321c6d3a738af3a5296d068dab3c90d9e5ad8075f4896290fad8fc941c2c8a7e89e434d3f0050cfd2df4dfd8e36dc0378b8086ec7732ee98613fc8b5adb4ff9bc668f5c12c756ea180165d4f3511762c6bf226a4bacf71f655f895de40dfdbe8b677ccb63ded35a3e6347b5f09d4fde1f15fb2582e2cf2ab01d6510c03136a600575549edaa90f8dd53d37acb76a2c4423f67b1f4dff95573d960101a487398e68775a8af2f417675514bf2d613038792f8ec8b2d8ef6a1b7e07437f41cfe58d32c9b7d6d3451de8b620100220b4ba2e39dfca5161082a6bfbc102c7786227347cbaaa1c8bec76991cc106247a605d18918c8cd7345be1211e6ca2092bb36a81388863c3a460918e4d04f32a77832b2a59c2e17b2d7f0e7e5a1e87a0a06b4f6ee9e396d2dfacc117f9bdd04f413ef5468ce519e6b67d7e662fb47f809e671bc68f274f7cfff6ea508d56de2e3da31dee07505253ee2698ec118bc37ddc8e64b3f707054203e24d8e111afc974521ba8b40f6502b7a273749353ccca6a203c2d4ccbbc3c6e0b99cdce48f9f694eaec56d2d73896e634ee544e6b3e9d7fbd0e778d32744866b7bca26213b1dd05cf0e38090a08096913425bc405c2c14d2044072cfdac07ecf324b2e864fb68e28d166805da1927a9f8d25fd08755c8eb8cffc474b5a5a36106da98edef64cfe9ea3eeb7c3108df5737ccccdd808de953d90b2f6955a4bf7cc0a43e4fc1fe4c8512e3a1dd5cc69ca96c8fd0e6de74988c4814bd82667ac412149d33202e81212391a9186312fc93def1228e7b471bb5a1a5ebd0ee42babb1082c9020bfc65bb358a3e8289d127865f091620fedcefc782bf9f3400a649ac5dee1cbc24928096eaa7d585a61778cf9db768348570dbf08c3cfa0347f75da50308724653e1505b004623b5e6543984b09df51fe0cbd354d2e3e4a8bc62344a5e3d1e0756b44032ef9720d537b09cc0f55dd62202ec7195ea028d999f86d56be83c6d80bf0cbbb35f9dfe641c28222feabb1dd4cf4e75bc99183416c05a2406d139f0b0b3a301213f8e514203dc679a835a5c4e724d007e175c832573f2d9b80f98ad421e297364fd57619e2855e1d14d72615b1fc4f8f269846bb6cd78da33d1fa4a1b33e7de96a3d7eaf75a7e0b91d495ba5def305bf9a74605f0e40eb4c551a55bb45b8caa635ba67674e9b6102d01cf94dbe8d61df8776c33520a100e61cc6921fbf14e0f9640b57244d12ebefc844ed5015d0c0c8b9d9f9dc324df85a6ca69c9e7d06375cf037c9162d19995c80ddbefd5429bda594272038ba75a4b08831f42fdf54eadb72e03c2c41ec287722dc8cbe02012eb1efad6e35f46a704bdff1a35b833b1b6e6e805ab42a905888d0e5cb100d48bd625d39cca4a2fd964903a8389eb1dc84409a6866f07eef8f00a3ac08e3f1bf14181df4e06df747824cd513ffdbe61232a054e25948c2f7bfc43cb52f47247e0eac084425f8d9bd45dcdc5722449c01a2dda807fed7091e6a0832ca3591ba289b0ca23a39b5fad00226c98af2ea74c53ff44e3e6328121edee0bfc1e723835e976fd3c67d6e0ca8e768ceea60ee49ce722a30a5a0d10afd0acb7ce5c3a07d965e69bdf5472f4ab4bf3d1102181f530df2e301c47b801d521736397ecf8442fec181674ef4d80a48b55a64bd6ddfbd2a75710e480f48d5dcfe1ab119a3f41dae4163077ce37c36b676fe5614984ef72a1a9d6c5d05b8977be77a175684ebb280fa24223e309f23906aa8c9581a205e224e6d76cf651b09f695d152d30a269b7f01d16ed8b2e2c6922434e4859c8e4f35c243019ff233d8f1139192b286100abd2b91507dcbf341204e7e47f39d3b37e02934a5d83a77cb5be034789e247f49836d7c7f3b495adcab6ed72bc1c530dbea4abef5875e59f3b159ba5c7f4fda0f44cd217a0660ba574fba5fea3aa619061a84d73559d05ff35ab60c4ff4f022ea994da8b287511da8989047db119776defb7fb8a73ca4ccd72b7dcc766ca7e70268bd8d57622389d1089e6c508f2a054d1d94f74bdeb643637b4b95676e0b1c6d1ef9fce7c17d3fe9d6b31ad1433953090e97b57e5e91309f12963f333364be1fc7f2c467563937f69fc65420a3e4f1f1e9edea5bfb445db8ccfcfb7678556e5a0bc7e28497082f90beb71e034702d97b865a84c19af4f4ceef0957116133ae8f6de7a1e06fc5f69e593cf383360e195b161b9a11ab31e68399b91f5413139a73f552866e628ced7551a4e3eca12ce64bcdc3f7d4d63bb83a6bac128334a5b6fff00268a3d5e5459185fe2ede5c5b25fc31f52203d35f23b20703e7150981ca9704c69d2b5b42ba1d4937925362399c249d66f5a0a15e6a2c02a0c30200b341af7a0821f2d0f29facd952474769572cbc326cfbbbba8a4598afe95e2e47a2ad53d47d78bdc94cb2ec4ad41a7fc85c44dadf393aa28892782cf4a22ff094e3b6e9577855bac57ddbf54e4fb7415b42c7bc12aaf498d2e6569a0dc5ffc2e03837f0b37b553950c35ea67e1761a8d4480288cf7cc62a93efddfc8ec96837a73b2077ccf951f1a5172bbb45dd5f6ba9b03ac8a9fb440ef6186d6285c3545a0821c0aa453a3dc8524a5586fe4272776e4361ccc262c945d38d96e40b32f7c6f6d7c8554daf32c087b8f25a6ea090981fc2f4ecc23303f89619ce36b51790e1547c55d327d3459fcfc6a05400755beaa244b9aac0497c7565d30e15fd8da02077e1731f9209d630ea0c3b059ad9cc94c7419f3bea28fda9412af650f683bec6874356717963d7022c74d185530fd398d450b8c7e8bba2c29e19301da257240f7feb36ee2877fbb203a63b00cd3c7d41981bc2b269101f925f824507631ac613e932453079900256bc5cb75f387a268eecf5755585bac723ef9436c9f2037edfa3f0b52182cc6487a7d3d9b4bf999abb610a443f1f7267a082e5a64e41751092d067dff2cb6e62aa383e1efd38dde4084f0a23aa883f96391caff31273e9b8eadccc9d7d84b4f7604df31e45ab19363ed9c0434ebfd260cdc58c87e153c5b201cbbe5252d4742363be9cb81773b8aad6ef7dc77bfeb1e4f0c1b65a3a0d2fd97f0e4cb8aefd46a7eef253486fbae17a515d6e2d40e389eeac6ca24696b1ad5d013a8e418f3e42ccd39e86cc7c5f25620b11bd3f98669b67aa614026e8994a14ed1a9ee7cd9e75d70e155836795534aa96491c1fd4551e189d106dd24da1803e8e04e9bb3cba8b02e094ff2f2e69ba523f7b15ee879d655bcce101f5574896a86e319a5949c30e788070a270819e0c83472bf8cb946abd6efd1a1000ce56df9a3faf17f3aba7752d2d1e6edaf48e08c66bd5a823e2adbff735808ed82cc328acd430770ad725dd68f6fc6b566139e5929d32df556cfa4aef8b501bffad1f0350ed79fa48004801c415e4e137cdceb3316bb1f686fc5e1873198c2bff4dead802b2f8a0181cb63c7a473b273d487c7f9737b260098b01c68c7b6c89374392b2b8612925c37ae0065a76655efcb53742357cc42f6b03c2423b62fd6ccd8183e006c6777790576bbc3b377101a4375df534c721d449b8070afb4cd1236e23f705652277bc3ba1de2b5f02a94b636d177e1505dfa4259565b834541b8b5025a21870e972d18767eb74777831b28758671c2f7cbeea6231f575c106a9a0c022d8c21c032262d6f40c566f62935520cdfad421324b61ca6cbbc7078caf63764e0f541cafae2ad89d72a016a39237ee0096e9b799d9b5cc8091fd01488b33254864a8c5369de800d8395ed2876f29d0af46b9ceb1f7be296782afa246fb8b2f8942df4611c381f9425ab0b2bb47ab293827ded041cd1c5a904c4c6586e72e49a132356a64045fed9e3ff936ca7e8aded26cd8f182317c74734d50e41ff2ed30507ae944012b26824f77e5b5f9ffa574413a3eb6f6344ee38f1950bd0cedcb3ba15737643303ea7336feaee9ed90198329156156c280950d1f3bccd7bbb4efd2150a748f5f84112353d8328bd2dad7f7af4b141392a6b269fe03532ed8c8689b20928bf94a0ba6a7f0b7dc83e66ed02a15578358551f42473c1224f38fc06592d25e3962361bf6ae84e7cea79c7bde81dff8618397c59ca27602ce6cf7b5979f36a73f47e92422ff9f9f0a7d71fb0bb4c354f7eff13f697c6b85984bec977fe8378ed0e96dd9eb69d0dcafccc0b5d68fbd82094b2bb9f76496f241f6334a1fc7ec60c4b310c8c7f3807db54361e24d8f7396c4d29d4359ccd7d91f8486e67e27ede5bdc67b8c798cbc750166c8f12abaff03bc4505f7b212d067eb0f3215fee36f193ce1bf964c5b99bb8397e8341b03b820fe6f26a31d65850d7b2a4676d76d25dbcdd28fe8441ffd3586334d0aa1a519674fe1538eff14f5a61395893fa8698b8f51da9b0a3719d5aa3e8a9fda6c9ff915d7432b1e456eaefba3196509cd04211acca5d0015ae4255761379ccb33c2ba50734f31da319c143d2c12c327cbf433e8794af6694cf49dea7a36aeba4ceff642c6ac06c38664f50560112722bb2e9d85610b1254165d88c1f50adf41b84de31bb01334dfa4481597e42c7c242c148f01aeb8e9468294d73718f5887b28206edf875de066b53b87dff0fa4776cf715a5d29830cdca5f1630ab018b5cd335884b512cb2c16f933af87c548dc8d89093c6ea4d29750e53a05dc47b148ce8ce19677ea9e33741222f2d0abf5ee4b358771b6de4f6f936ece2ee59f90ad646b1689d8882c1790ebc2c1d76501677a850b9fa6157c279e21b6c01d102351c267f33b87dc423ea6049b0a9112970638c2a8e5367b992d5bb75e7359c5772efd1c2a72cfeaee503cfb6deb42b6bdc7654"], 0x1020}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040940) (async) sendmsg$auto(r5, &(0x7f0000000180)={0x0, 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/renderD128\x00', 0x100, 0x0) 1.870001573s ago: executing program 3 (id=2651): mmap$auto(0x0, 0x9bc, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x1, 0x84) socket(0x23, 0x80805, 0x0) fanotify_init$auto(0x2, 0x2000000000002) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) socket(0x2, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x4, 0xa) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x2, 0x801, 0x106) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2d, 0x2, 0x0) socket(0x1e, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x9) close_range$auto(0x2, 0x8, 0x0) 1.712461827s ago: executing program 4 (id=2652): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/4096, 0x1000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) r3 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000001100), r3) (async) r4 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000001100), r3) sendmsg$auto_OVS_METER_CMD_SET(r2, &(0x7f00000011c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001180)={&(0x7f0000001140)=ANY=[@ANYBLOB='o\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00012cbd7000fedbdf2502000000080008000200000008000100010000000400060008000800ff030000"], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x10) write$auto_force_suspend_fops_hci_vhci(0xffffffffffffffff, 0x0, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r5, 0x4b45, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) (async) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) bind$auto(0x3, 0x0, 0x6a) (async) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x11d, 0x0, 0x5, 0x19, r1, 0x7) (async) mmap$auto(0x11d, 0x0, 0x5, 0x19, r1, 0x7) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) close_range$auto(0x2, 0xa, 0x0) (async) close_range$auto(0x2, 0xa, 0x0) 1.709040574s ago: executing program 2 (id=2653): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) bind$auto(0xffffffffffffffff, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\xfc\x00/\x00\x06\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\xff\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6e) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x24040854) fcntl$auto(0x3, 0x4, 0xa553) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) 1.673836195s ago: executing program 3 (id=2654): r0 = openat$auto_objects_fops_(0xffffffffffffff9c, &(0x7f00000002c0), 0x40042, 0x0) pread64$auto(r0, &(0x7f0000000080)='/sys/kernel/debug/kfence/objects\x00', 0x7, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tracing_readme_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/README\x00', 0x600181, 0x0) pwrite64$auto(r2, &(0x7f0000000180)='ila\x00', 0x3ff, 0x580) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), r1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_DEL(r3, 0x0, 0x800) mmap$auto(0x9, 0x4, 0x7fffffff, 0x40eb2, 0x4, 0x300000000000) r4 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_REWIND(r4, 0x40084146, 0x0) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) r5 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/028/001\x00', 0x400, 0x0) read$auto_usbdev_file_operations_usb(r6, 0x0, 0x0) read$auto(0x3, 0x0, 0x80) sendmsg$auto_SMC_PNETID_FLUSH(r5, 0x0, 0xc0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_keepalive_probes\x00', 0x40100, 0x0) read$auto(r7, 0x0, 0x1ff) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r7, &(0x7f0000000200)={0x0, 0x7}, 0x5) timer_create$auto(0xffff, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000000140)=""/122, 0x7a) mmap$auto(0x8000, 0x20009, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000) 1.309754715s ago: executing program 3 (id=2655): r0 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0) ioctl$auto_OSS_ALSAEMULVER(r0, 0x80044df9, &(0x7f0000000100)) mmap$auto(0x100000004, 0x2, 0xfffffffffffffffe, 0x13, 0xfffffffffffffffa, 0x41) capget$auto(&(0x7f00000000c0)={0xb, 0xffffffffffffffff}, &(0x7f0000000200)={0x8000002, 0x7, 0x7fff}) r1 = waitid$auto(0xa, 0xffffffffffffffff, &(0x7f0000000440)={@_si_pad}, 0x6, &(0x7f00000004c0)={{0xc76f, 0x1}, {0x7, 0x3fc}, 0x8, 0xfff, 0x2, 0x3, 0x4000000000068a, 0x100aa, 0x2, 0xa0, 0xe, 0x8af, 0x10, 0x0, 0x6, 0x81}) sysfs$auto(0x5, 0x4, 0x3) lsm_list_modules$auto(0x0, 0x0, 0x400) getcwd$auto(0x0, 0x8000000000000000) ioctl$auto_dvb_demux_fops_dmxdev(0xffffffffffffffff, 0x40146f2c, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, 0x0, 0x40, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) pselect6$auto(0x400, &(0x7f0000000000)={[0x8, 0x4, 0x40000000000000, 0x6, 0x7fffffff, 0xffffffffffffffff, 0xfff, 0x6, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) fgetxattr$auto(r2, &(0x7f0000000080)='[]!%^(\x00', 0x0, 0x7ffffffffffffffc) close_range$auto(0x0, 0xfffffffffffff000, 0x2) close_range$auto(0x0, 0xfffffffffffff001, 0x2) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04, 0x0) waitid$auto_P_PID(0x1, r1, &(0x7f0000000240)={@_si_pad}, 0x3, &(0x7f00000002c0)={{0x66e0}, {0x1, 0x7}, 0x7, 0x7f, 0x7f, 0x4b, 0xffffffffffffffff, 0xfffffffffffffffc, 0x403, 0x3, 0x5, 0x5, 0x3, 0x9, 0x7, 0x1}) socket(0x22, 0x5, 0x4) r3 = open(&(0x7f0000000180)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001340)=ANY=[@ANYBLOB='4\b\x00\x00', @ANYBLOB="beeabdbf18ae8883087d9f69f2a657fa893fca2ab1792a2b3367f97409591fecfe77a7930b106c8db907532288c0feca553ab3fdb3f83577d3257dbb1cf0ecf80fe1132e311379674a0ef7ca26f46510782213f30883d549c02b403888b698e5bfbace4990188a5916e511c5eb770579e936e02a2ee2e5f19fca0f65825114b5931df41eaf32f2a25a4fbe791ce25c39512a1482ac4d28570519d69cdfc88dc300bd443b966722dfa5ef8980b1ecd6732a4fce2fc0eec61cf9d39872f65cf8f407e7f9569f01d14a55f7385f19c28b370fcdebf337e0f6c8d271fe95c1018a08265cc54c42822a89dff6f66f9f09b01b932fb2f4f7c8310e787eefb37c9557de3a64fb39e0068a5b274578b458d86669f5d131a19cf99c7d7e68610caf525121f349d348a5e5e438ba5cc3fa7a5f1464e5656fff34f48151aedb8cdc88540f31e30216c16ebbf7b1a28f41015e9df85ef9f3b19f7d1ad736eba9c2d67e1bb4a0e317bf7f8191d7fb2ece321a73ca2c72fea127af96d8930c0568b13bb31ed35c510d8e34e77e92de07ac31536bddc2c0c4829982f56b3a1dfaf1e9a3a67dfa20ffeedf20f213339e60e8e3ebd00fcf0e08066a6ab4fe58a59ffba1bad913292927000cff5ea9ecb2766ea75c8d699f6da3063f54482f370011a8cdfe2b9c9680019d275818c2074d4480321fcf7a69b20ae6f349de07f0047f934e5c404058c443bc4d239cdb0d42919041e89bd332dc92f8005986aca533c689d2f296227cfd13b485bbde104095a9d4fb5fd7cd6818786ceb898e4b8208e810e96dcb6e78ee7c229d42ed8f8ffd9b8d3e125861c7dd313b3e5c010890bb3409c9a3d81d81b748b6b3ca4e069edfb38b12b57dd6163de0ae4271f9acbd0a6327433b7492b62be9a53532bf02664c14598a3afbb1e82996040b422c1df5650484684e4458d6d1a2d8b1ca966ed2852cf2bb10970c8e734213e1e8a4c85df3c9a1216ca168f58fc8d650fb833e576f8bb1c08c32de8c1360072a3be1449a8c7c85d429ada21e338a9724ee873bd29150d022eae187d5e7aa151fd3a641190c661b1c11e85c3e6a704e2289b000e695f40913ff4816b4831412ec0e1162f707162902384593c739c48c4e9f5b57f7fa2affe9ebb5225a8ccbfea7bd9cd4d91207a86abc6062d68f743db92e0cb8d462fede7f88767b890c1d2f16940b1f9e087b8b41bba8af3f01412c741e628b64b700adbe227b3e8776887a5850c4eb831c471598c207cff80987b3f6e856dee577662721bd9b88f69b9158a56a2741531428a136128e0be3cc2cacc679fd24cf97f54585c6ec3db6cfc553772ee56ea4be2eefc83a2b4cac718a019363797bc48bc2fbbc9436cedaf330f086e7d3164b5dd73ded73aa063ade20ee3c12b97322a239aed93f067062e2b5231a1a59c159cc833a73c967dba7d5d68a3612e7d9df7af54a07ed21b76a4671dbb9d68808a6869095c3ec137240db8420114ab7fe156d76bd8690a1e4006b4003e097cf925809a2f8fd14884ba25b29f257bf7fa3221d9339c73937ca15e07567869735fcbd53f54c3bbfc9cf40cdc86b52b37018612f98bd73dc8edb8cd1f94286facb07bf2a40d2a05445f73c9a2a0e36366004802cf043746f906fe77076733d8533d9e6cd875094ec2c147773be2e9b92fab73fefa267b38e7356e915076b08c7818ddf03a1bfe85ee46df4ff86781ec535834d584a40a44611428a8d20cd728d0f368627b206373027ecf9c398662346e93a6360b76177e9259330d1e32c30682fafd82626a1fc1d97dd4104ba66eeb0882c4686bf3e4a0bd5f54eeae8b872dada44cda81c17b6a9551647331cc2d63c14e07831385122f6cb9f85a0e3af5cf28f528b91f34ae63432c0178b0265f167d2a124a8d9c5e2de9c5e334d7149c6fd0099b08939af4baf957535852f97f137971c92b15c094c83d67d5354e0b4796416671f77599bf6b8705615505d48e1e152c202e92a29be55769f840799d1cbd20a3a1788d55b00d5d166ff5bae2fa1493e083be5ab07d80b68b62095a3d5c3a6b299bfba7ae3235c3eb3582b417b8a6b53e545e0b060e1639d6be37c79dfc8e2b0b89f956ee203ab15094b114016b5c96bf4aeed4ed4c4d2b91e888a1c3ed14a873d4e8c01ed7405f409605c", @ANYBLOB="010026bd7000fcdbdf2501000000", @ANYRES32=0x4, @ANYBLOB="080001002e53520008000200", @ANYRES32=r3], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80) bpf$auto(0xd, 0x0, 0x6f5) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) 1.235050994s ago: executing program 2 (id=2656): socket(0x80000000000000a, 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x800000000001, 0x0) write$auto(r0, &(0x7f00000005c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D_#\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc^:\xd1\xe3\xf1@\xc0\x93^:Mn#Oi\xaa[X\x93)\x8f\x03K\xe6\xa4\x11?\xf1\x02+\\\xf9\x8b\xe5l5\x11\x006c\x907E\xeb\x81\fB\xe3\xf8n\x8f\x94V\xbcB\x9cm\x9f\x15\x00Q\xf8\x8fFW#?\xd5Z~\xa51\x832\xbd|\x19\xda\x8e\xff\x17\r\x96\xa3\xcc+\xf4a\xffN\xd2_\xe5\\\xf8Lzc\xd4\xa0\x1f\x04_\xf1\xc6\fO\xbe?)Q\xc7\\B\xdb\xeaI\xde\xe9m\xf5\xf9\x19\xd3@IK\xe3c\x0ek\x8drZ\xad\xdc\xbb\xfc\xd4\x1f\xdaOW\x87\xb6Fm\x12\xadw(z\\j\xcc0P\xaeC\x9f\xbf\xd5\xf9\xe3\x85~cG\f\x85\xd6\x84ma\xfd\xdayNj\x80\xdd3^\x87,\x14\x8e\xbe$\x05\x8a\xb0 M\xf6$B TCs\xa9\x91dil[\xfc\a\xbfD\xd9\x8d(F\x1e\f\xec\xe9K|h\xf5\xcaUI\x18#\xbed\xa8C\x8a\xbb\fE\xe6\xa3|\xf7\xa8\xbb\xd3\x97l.V/uc\xb5Q\x1eY\xe0\x03\xa1\xc1\xc8\xe2=RK\x7fWV;\xe4\xccTsf\xa7[\xdd\x9cR\xab\xf81s\xbc\x9c\xaaSGH\x9al\xb9%u\v\xb4\x9d\x95\x16\x01\xbbT\x99S\xf8A\xcd\bRC\xf4\xb0\x1a%\xdd+1\x81\x9d6\x90\xe8\xc6\xc1\x1e\xf0~\xaf\x10g&\xd6\x01l::V\xdbJiVW\xab4G\x97\x9cl', 0x100000a3d9) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xf, 0x3, 0x2) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)=';') ioctl$auto(0x3, 0x40086203, 0x38) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="000229bd0000fbdbdf3502000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="8b0500000000fedbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x40000) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) sendmsg$auto_NL80211_CMD_GET_POWER_SAVE(r1, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="08002dbd7000fedbdf253e000000040047018ba0ebd3f52c6bd87ed8282abfc65d053afd205f7c9af42158b3baf29436515b785f72b0055e892558263a3b9603a5c930e347811022d80ae3541ad2be663ee0b4406ef4acc1f87e7657ab77628a2ff0df2f8d31ff667a43e47191866f53aaae891457f77c9dd718cb0a42e6e7a252f57ebbce20be8c50f89a5174a4ccbbdff123f09d50c46d343b6b642b407b8d44b4caa9d61897642927f533fb10c0f4ea6263bb67"], 0x18}, 0x1, 0x0, 0x0, 0x14}, 0x20000040) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) write$auto_proc_mem_operations_base(r4, &(0x7f0000001680)="a7", 0x80000) r5 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="948805c10a5f09eb012da1dddd"], 0x1ac}}, 0x40000) recvmmsg$auto(r6, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x6, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r5, 0x0, 0xffffff4b) write$auto(0x3, 0x0, 0x5c8) 887.334168ms ago: executing program 0 (id=2657): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="e687", @ANYBLOB=']'], 0x1ac}}, 0x40000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) r2 = open(0x0, 0x161342, 0x100) unshare$auto(0x40000080) r3 = socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) write$auto(0xca, &(0x7f0000000000)='\x04\x01\x04\x00\x00\x00\xf1\xff\x00\xb6', 0x8) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000f00)={0x14, r4, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_UI_SET_EVBIT(r2, 0x40045564, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0xd5, 0x8, 0x4) madvise$auto(0x0, 0x2003f0, 0x15) ioperm$auto(0x7, 0x86, 0x9) dup2$auto(0xffffffffffffffff, 0xffffffffffffffff) getsockname$auto(0x5, 0x0, 0x0) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 882.5488ms ago: executing program 3 (id=2658): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="24051c27c100dedbdf250307cc0008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000006000700050000000a00050000000000000000000a00010000000000000000000a0001000000000000000000060006000d00000006"], 0x6c}}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x400000f5, 0x400, 0x2}]}) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000006380), 0x1, 0x0) writev$auto(r3, &(0x7f0000007240)={0x0, 0x9dc}, 0x1ff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044040}, 0x24008890) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ptrace$auto(0x10, r0, 0x1, 0x7ff) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x62, 0x27dd) 682.568051ms ago: executing program 4 (id=2659): r0 = openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x40242, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) writev$auto(r2, &(0x7f00000000c0)={0x0, 0x10}, 0x3) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000001940), 0x80643, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) write$auto(0x3, 0x0, 0x17) read$auto_page_owner_stack_operations_page_owner(r0, &(0x7f00000000c0)=""/46, 0x2e) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/bonding/bond0\x00', 0x18b000, 0x0) pread64$auto(r4, &(0x7f0000000180)='/proc-NesH\x1fk\xdd\x00\x00\x00\x00\x88\x00\x00\x00\x00\x00:\x19\xf4\xe2\xb7:\x81\xf8\xedl\x9d\x9a\'\xf8D,\xc0x\x1d\xf5JE\xcd7\xc3^\xbc2\xc7\xbf\xe5\x7f\xb93 \xcd${!\x9a`\x96\x86\x96D|\xf0H\x8c\x05:\xae\xa6\x88x@\x82E\x92f\xe3h\x05\x0f9\x9e\v\t\x18\x8b\xec\xd7\xe8 syzkaller syzkaller login: [ 629.628855][T16470] FAULT_INJECTION: forcing a failure. [ 629.628855][T16470] name failslab, interval 1, probability 0, space 0, times 0 [ 629.658503][T16468] FAULT_INJECTION: forcing a failure. [ 629.658503][T16468] name fail_futex, interval 1, probability 0, space 0, times 0 [ 629.702002][T16470] CPU: 0 UID: 0 PID: 16470 Comm: syz.4.2144 Not tainted syzkaller #0 PREEMPT(full) [ 629.702023][T16470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 629.702032][T16470] Call Trace: [ 629.702038][T16470] [ 629.702044][T16470] dump_stack_lvl+0x16c/0x1f0 [ 629.702071][T16470] should_fail_ex+0x512/0x640 [ 629.702093][T16470] ? fs_reclaim_acquire+0xae/0x150 [ 629.702116][T16470] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 629.702137][T16470] should_failslab+0xc2/0x120 [ 629.702156][T16470] __kmalloc_noprof+0xd2/0x510 [ 629.702178][T16470] tomoyo_realpath_from_path+0xc2/0x6e0 [ 629.702203][T16470] tomoyo_check_open_permission+0x2ab/0x3c0 [ 629.702222][T16470] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 629.702262][T16470] ? find_held_lock+0x2b/0x80 [ 629.702282][T16470] tomoyo_file_open+0x6b/0x90 [ 629.702297][T16470] security_file_open+0x84/0x1e0 [ 629.702317][T16470] do_dentry_open+0x596/0x1530 [ 629.702340][T16470] vfs_open+0x82/0x3f0 [ 629.702363][T16470] path_openat+0x1de4/0x2cb0 [ 629.702387][T16470] ? __pfx_path_openat+0x10/0x10 [ 629.702409][T16470] do_filp_open+0x20b/0x470 [ 629.702426][T16470] ? __pfx_do_filp_open+0x10/0x10 [ 629.702449][T16470] ? __pfx_kfree_link+0x10/0x10 [ 629.702476][T16470] ? alloc_fd+0x471/0x7d0 [ 629.702497][T16470] do_sys_openat2+0x11b/0x1d0 [ 629.702519][T16470] ? __pfx_do_sys_openat2+0x10/0x10 [ 629.702539][T16470] ? find_held_lock+0x2b/0x80 [ 629.702553][T16470] ? handle_mm_fault+0x2ab/0xd10 [ 629.702572][T16470] __x64_sys_openat+0x174/0x210 [ 629.702585][T16470] ? __pfx___x64_sys_openat+0x10/0x10 [ 629.702599][T16470] ? do_user_addr_fault+0x843/0x1370 [ 629.702627][T16470] do_syscall_64+0xcd/0x4c0 [ 629.702642][T16470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.702657][T16470] RIP: 0033:0x7fdcc718d710 [ 629.702669][T16470] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 629.702683][T16470] RSP: 002b:00007fdcc80e0fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 629.702697][T16470] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fdcc718d710 [ 629.702707][T16470] RDX: 0000000000000002 RSI: 00007fdcc721224b RDI: 00000000ffffff9c [ 629.702716][T16470] RBP: 00007fdcc721224b R08: 0000000000000000 R09: 00007fdcc80e2000 [ 629.702725][T16470] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 629.702733][T16470] R13: 00007fdcc73e6038 R14: 00007fdcc73e5fa0 R15: 00007fff3b7b3258 [ 629.702752][T16470] [ 630.203636][T16468] CPU: 0 UID: 0 PID: 16468 Comm: syz.3.2142 Not tainted syzkaller #0 PREEMPT(full) [ 630.203658][T16468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 630.203668][T16468] Call Trace: [ 630.203673][T16468] [ 630.203679][T16468] dump_stack_lvl+0x16c/0x1f0 [ 630.203706][T16468] should_fail_ex+0x512/0x640 [ 630.203731][T16468] get_futex_key+0x293/0x1560 [ 630.203752][T16468] ? __pfx_get_futex_key+0x10/0x10 [ 630.203769][T16468] ? __mutex_trylock_common+0xe9/0x250 [ 630.203794][T16468] futex_wake+0xea/0x530 [ 630.203816][T16468] ? __pfx_futex_wake+0x10/0x10 [ 630.203844][T16468] do_futex+0x1e3/0x350 [ 630.203868][T16468] ? __pfx_do_futex+0x10/0x10 [ 630.203884][T16468] ? __might_fault+0xe3/0x190 [ 630.203905][T16468] mm_release+0x24e/0x300 [ 630.203923][T16468] do_exit+0x68e/0x2bf0 [ 630.203947][T16468] ? __pfx_do_exit+0x10/0x10 [ 630.203966][T16468] ? do_raw_spin_lock+0x12c/0x2b0 [ 630.203987][T16468] ? find_held_lock+0x2b/0x80 [ 630.204004][T16468] do_group_exit+0xd3/0x2a0 [ 630.204025][T16468] get_signal+0x2673/0x26d0 [ 630.204048][T16468] ? __pfx_get_signal+0x10/0x10 [ 630.204063][T16468] ? do_futex+0x122/0x350 [ 630.204081][T16468] ? __pfx_do_futex+0x10/0x10 [ 630.204100][T16468] arch_do_signal_or_restart+0x8f/0x790 [ 630.204120][T16468] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 630.204144][T16468] ? __pfx_do_pwritev+0x10/0x10 [ 630.204163][T16468] exit_to_user_mode_loop+0x84/0x110 [ 630.204185][T16468] do_syscall_64+0x41c/0x4c0 [ 630.204200][T16468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 630.204215][T16468] RIP: 0033:0x7f0cd658eec9 [ 630.204226][T16468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 630.204240][T16468] RSP: 002b:00007f0cd738f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 630.204255][T16468] RAX: fffffffffffffe00 RBX: 00007f0cd67e5fa8 RCX: 00007f0cd658eec9 [ 630.204264][T16468] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0cd67e5fa8 [ 630.204273][T16468] RBP: 00007f0cd67e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 630.204282][T16468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 630.204290][T16468] R13: 00007f0cd67e6038 R14: 00007ffe5550c630 R15: 00007ffe5550c718 [ 630.204309][T16468] [ 630.821446][T16470] ERROR: Out of memory at tomoyo_realpath_from_path. [ 630.888568][T16488] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2147'. [ 631.708161][T16487] ima: policy update failed [ 631.784025][ T30] audit: type=1802 audit(4294967307.317:20): pid=16487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2149" res=0 errno=0 [ 632.009308][T16529] tipc: Started in network mode [ 632.056774][T16529] tipc: Node identity 45e5412, cluster identity 4711 [ 632.090654][T16529] tipc: Node number set to 73290770 [ 632.122921][T16531] delete_channel: no stack [ 632.645896][T16551] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 632.879282][T16541] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2157'. [ 633.466573][T11723] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 9 with max blocks 11 with error 117 [ 633.548934][T11723] EXT4-fs (sda1): This should not happen!! Data will be lost [ 633.548934][T11723] [ 634.039013][ T9901] Bluetooth: hci2: unexpected event 0x01 length: 5 > 1 [ 634.322577][T16588] FAULT_INJECTION: forcing a failure. [ 634.322577][T16588] name (null), interval 1, probability 0, space 0, times 0 [ 634.439698][T16588] CPU: 0 UID: 0 PID: 16588 Comm: syz.3.2165 Not tainted syzkaller #0 PREEMPT(full) [ 634.439721][T16588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 634.439730][T16588] Call Trace: [ 634.439736][T16588] [ 634.439743][T16588] dump_stack_lvl+0x16c/0x1f0 [ 634.439770][T16588] should_fail_ex+0x512/0x640 [ 634.439795][T16588] null_queue_rq+0x2ed/0xfd0 [ 634.439818][T16588] ? blk_add_trace_unplug+0x164/0x350 [ 634.439836][T16588] null_queue_rqs+0xe9/0x2f0 [ 634.439858][T16588] ? __pfx_null_queue_rqs+0x10/0x10 [ 634.439884][T16588] __blk_mq_flush_list+0x97/0xc0 [ 634.439906][T16588] blk_mq_dispatch_queue_requests+0x184/0x7b0 [ 634.439929][T16588] blk_mq_flush_plug_list+0x1f2/0x600 [ 634.439951][T16588] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 634.439976][T16588] __blk_flush_plug+0x2c4/0x4b0 [ 634.439997][T16588] ? __pfx___blk_flush_plug+0x10/0x10 [ 634.440020][T16588] blk_finish_plug+0x53/0xa0 [ 634.440036][T16588] read_pages+0x583/0xc70 [ 634.440051][T16588] ? find_held_lock+0x2b/0x80 [ 634.440066][T16588] ? xa_load+0x149/0x2c0 [ 634.440082][T16588] ? __pfx_read_pages+0x10/0x10 [ 634.440095][T16588] ? xa_load+0x153/0x2c0 [ 634.440117][T16588] page_cache_ra_unbounded+0x5d2/0x7d0 [ 634.440141][T16588] page_cache_ra_order+0xa41/0xd70 [ 634.440165][T16588] filemap_fault+0x152e/0x2930 [ 634.440188][T16588] ? __pfx_filemap_fault+0x10/0x10 [ 634.440216][T16588] ? __pfx_filemap_map_pages+0x10/0x10 [ 634.440232][T16588] __do_fault+0x10d/0x490 [ 634.440250][T16588] ? __pfx_filemap_map_pages+0x10/0x10 [ 634.440266][T16588] do_pte_missing+0xf50/0x3ba0 [ 634.440281][T16588] ? find_held_lock+0x2b/0x80 [ 634.440295][T16588] ? __handle_mm_fault+0x14fd/0x2a50 [ 634.440313][T16588] __handle_mm_fault+0x152a/0x2a50 [ 634.440329][T16588] ? mt_find+0x3ef/0xa30 [ 634.440344][T16588] ? __pfx___handle_mm_fault+0x10/0x10 [ 634.440358][T16588] ? __pfx_mt_find+0x10/0x10 [ 634.440382][T16588] ? find_vma+0xbf/0x140 [ 634.440400][T16588] ? __pfx_find_vma+0x10/0x10 [ 634.440420][T16588] handle_mm_fault+0x589/0xd10 [ 634.440444][T16588] ? trace_raw_output_exceptions+0x131/0x150 [ 634.440469][T16588] do_user_addr_fault+0x7a6/0x1370 [ 634.440491][T16588] ? __pfx___schedule+0x10/0x10 [ 634.440511][T16588] ? rcu_is_watching+0x12/0xc0 [ 634.440528][T16588] exc_page_fault+0x5c/0xb0 [ 634.440548][T16588] asm_exc_page_fault+0x26/0x30 [ 634.440562][T16588] RIP: 0010:copy_iovec_from_user+0x84/0x170 [ 634.440579][T16588] Code: e8 f1 23 dc fc 4d 85 ff 0f 85 e5 00 00 00 e8 33 29 dc fc 0f 01 cb 0f ae e8 49 bf 00 00 00 00 00 fc ff df e8 1e 29 dc fc 31 db <48> 8b 45 08 31 ff 89 de 49 89 c6 e8 4c 24 dc fc 85 db 0f 85 aa 00 [ 634.440593][T16588] RSP: 0018:ffffc9000b397b38 EFLAGS: 00050246 [ 634.440605][T16588] RAX: 0000000000000023 RBX: 0000000000000000 RCX: ffffc9000c46b000 [ 634.440614][T16588] RDX: 0000000000080000 RSI: ffffffff84dedde2 RDI: 0000000000000006 [ 634.440623][T16588] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000000 [ 634.440631][T16588] R10: 0000000000000050 R11: 0000000000000000 R12: ffffc9000b397d70 [ 634.440640][T16588] R13: 0000000000000005 R14: 00007ffffffff000 R15: dffffc0000000000 [ 634.440655][T16588] ? copy_iovec_from_user+0x82/0x170 [ 634.440675][T16588] ? copy_iovec_from_user+0x82/0x170 [ 634.440691][T16588] iovec_from_user+0xa2/0x140 [ 634.440708][T16588] __import_iovec+0x88/0x650 [ 634.440729][T16588] import_iovec+0x86/0xb0 [ 634.440746][T16588] vfs_writev+0x19b/0xde0 [ 634.440769][T16588] ? __pfx_vfs_writev+0x10/0x10 [ 634.440798][T16588] ? __fget_files+0x20e/0x3c0 [ 634.440819][T16588] ? do_pwritev+0x1a6/0x270 [ 634.440832][T16588] do_pwritev+0x1a6/0x270 [ 634.440848][T16588] ? __pfx_do_pwritev+0x10/0x10 [ 634.440869][T16588] do_syscall_64+0xcd/0x4c0 [ 634.440884][T16588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 634.440897][T16588] RIP: 0033:0x7f0cd658eec9 [ 634.440909][T16588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 634.440922][T16588] RSP: 002b:00007f0cd738f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 634.440935][T16588] RAX: ffffffffffffffda RBX: 00007f0cd67e5fa0 RCX: 00007f0cd658eec9 [ 634.440944][T16588] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 634.440953][T16588] RBP: 00007f0cd6611f91 R08: 0000000000000009 R09: 0000000000000000 [ 634.440961][T16588] R10: 000000000000003f R11: 0000000000000246 R12: 0000000000000000 [ 634.440969][T16588] R13: 00007f0cd67e6038 R14: 00007f0cd67e5fa0 R15: 00007ffe5550c718 [ 634.440988][T16588] [ 635.249102][T16607] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 635.748640][T16602] could not allocate digest TFM handle [ 636.795446][T11730] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1360 with max blocks 5 with error 117 [ 636.854882][T11730] EXT4-fs (sda1): This should not happen!! Data will be lost [ 636.854882][T11730] [ 636.875632][T16655] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47 [ 637.066320][T16661] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2182'. [ 638.192955][ T9901] Bluetooth: hci4: unexpected event 0x01 length: 5 > 1 [ 638.357996][T16691] FAULT_INJECTION: forcing a failure. [ 638.357996][T16691] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 638.476706][T16691] CPU: 0 UID: 0 PID: 16691 Comm: syz.3.2187 Not tainted syzkaller #0 PREEMPT(full) [ 638.476728][T16691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 638.476737][T16691] Call Trace: [ 638.476744][T16691] [ 638.476750][T16691] dump_stack_lvl+0x16c/0x1f0 [ 638.476777][T16691] should_fail_ex+0x512/0x640 [ 638.476803][T16691] should_fail_alloc_page+0xe7/0x130 [ 638.476824][T16691] prepare_alloc_pages+0x3c2/0x610 [ 638.476848][T16691] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 638.476867][T16691] ? copy_splice_read+0x1a8/0xc20 [ 638.476882][T16691] ? stack_trace_save+0x8e/0xc0 [ 638.476898][T16691] ? __pfx_stack_trace_save+0x10/0x10 [ 638.476914][T16691] ? stack_depot_save_flags+0x29/0x9c0 [ 638.476938][T16691] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 638.476955][T16691] ? kasan_save_stack+0x33/0x60 [ 638.476970][T16691] ? __kasan_kmalloc+0xaa/0xb0 [ 638.476985][T16691] ? copy_splice_read+0x1a8/0xc20 [ 638.476998][T16691] ? do_splice_read+0x282/0x370 [ 638.477010][T16691] ? splice_direct_to_actor+0x2a1/0xa30 [ 638.477023][T16691] ? do_splice_direct+0x174/0x240 [ 638.477043][T16691] ? do_sendfile+0xb06/0xe50 [ 638.477058][T16691] ? __x64_sys_sendfile64+0x1d8/0x220 [ 638.477077][T16691] ? do_syscall_64+0xcd/0x4c0 [ 638.477103][T16691] alloc_pages_bulk_noprof+0x71c/0x1410 [ 638.477130][T16691] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 638.477152][T16691] ? trace_kmalloc+0x2b/0xd0 [ 638.477170][T16691] ? __kmalloc_noprof+0x242/0x510 [ 638.477191][T16691] copy_splice_read+0x1e1/0xc20 [ 638.477206][T16691] ? __pfx_pipe_to_null+0x10/0x10 [ 638.477230][T16691] ? __pfx_copy_splice_read+0x10/0x10 [ 638.477243][T16691] ? pipe_unlock+0x4a/0x70 [ 638.477260][T16691] ? __pfx_splice_from_pipe+0x10/0x10 [ 638.477280][T16691] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 638.477297][T16691] ? __pfx_copy_splice_read+0x10/0x10 [ 638.477311][T16691] do_splice_read+0x282/0x370 [ 638.477328][T16691] splice_direct_to_actor+0x2a1/0xa30 [ 638.477345][T16691] ? __pfx_direct_splice_actor+0x10/0x10 [ 638.477364][T16691] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 638.477384][T16691] do_splice_direct+0x174/0x240 [ 638.477400][T16691] ? __pfx_do_splice_direct+0x10/0x10 [ 638.477414][T16691] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 638.477430][T16691] ? bpf_lsm_file_permission+0x9/0x10 [ 638.477450][T16691] ? security_file_permission+0x71/0x210 [ 638.477469][T16691] ? rw_verify_area+0xcf/0x6c0 [ 638.477485][T16691] do_sendfile+0xb06/0xe50 [ 638.477504][T16691] ? __pfx_do_sendfile+0x10/0x10 [ 638.477523][T16691] ? __x64_sys_futex+0x1e0/0x4c0 [ 638.477539][T16691] ? __x64_sys_futex+0x1e9/0x4c0 [ 638.477559][T16691] __x64_sys_sendfile64+0x1d8/0x220 [ 638.477578][T16691] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 638.477602][T16691] do_syscall_64+0xcd/0x4c0 [ 638.477617][T16691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 638.477632][T16691] RIP: 0033:0x7f0cd658eec9 [ 638.477645][T16691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 638.477659][T16691] RSP: 002b:00007f0cd738f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 638.477673][T16691] RAX: ffffffffffffffda RBX: 00007f0cd67e5fa0 RCX: 00007f0cd658eec9 [ 638.477683][T16691] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 638.477691][T16691] RBP: 00007f0cd6611f91 R08: 0000000000000000 R09: 0000000000000000 [ 638.477700][T16691] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 638.477709][T16691] R13: 00007f0cd67e6038 R14: 00007f0cd67e5fa0 R15: 00007ffe5550c718 [ 638.477728][T16691] [ 639.053125][T16694] random: crng reseeded on system resumption [ 639.748892][T16711] FAULT_INJECTION: forcing a failure. [ 639.748892][T16711] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 639.809793][T16711] CPU: 0 UID: 0 PID: 16711 Comm: syz.3.2192 Not tainted syzkaller #0 PREEMPT(full) [ 639.809815][T16711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 639.809824][T16711] Call Trace: [ 639.809829][T16711] [ 639.809836][T16711] dump_stack_lvl+0x16c/0x1f0 [ 639.809862][T16711] should_fail_ex+0x512/0x640 [ 639.809888][T16711] _copy_to_iter+0x29f/0x1710 [ 639.809905][T16711] ? __pfx___skb_try_recv_datagram+0x10/0x10 [ 639.809933][T16711] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 639.809953][T16711] ? __pfx__copy_to_iter+0x10/0x10 [ 639.809971][T16711] ? __skb_recv_datagram+0x1b2/0x220 [ 639.809992][T16711] ? __pfx___skb_recv_datagram+0x10/0x10 [ 639.810012][T16711] simple_copy_to_iter+0x46/0x90 [ 639.810031][T16711] __skb_datagram_iter+0x129/0x900 [ 639.810047][T16711] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 639.810066][T16711] ? skb_recv_datagram+0x88/0xc0 [ 639.810087][T16711] skb_copy_datagram_iter+0x40/0x50 [ 639.810106][T16711] netlink_recvmsg+0x27e/0xa90 [ 639.810128][T16711] ? __pfx_netlink_recvmsg+0x10/0x10 [ 639.810148][T16711] ? __fget_files+0x204/0x3c0 [ 639.810166][T16711] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 639.810185][T16711] sock_recvmsg+0x1f9/0x250 [ 639.810201][T16711] __sys_recvfrom+0x203/0x310 [ 639.810222][T16711] ? __pfx___sys_recvfrom+0x10/0x10 [ 639.810247][T16711] ? fd_install+0x225/0x750 [ 639.810269][T16711] ? __pfx___sys_socket+0x10/0x10 [ 639.810285][T16711] ? xfd_validate_state+0x61/0x180 [ 639.810309][T16711] __x64_sys_recvfrom+0xe0/0x1c0 [ 639.810328][T16711] ? do_syscall_64+0x91/0x4c0 [ 639.810340][T16711] ? lockdep_hardirqs_on+0x7c/0x110 [ 639.810360][T16711] do_syscall_64+0xcd/0x4c0 [ 639.810374][T16711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.810389][T16711] RIP: 0033:0x7f0cd6590c94 [ 639.810401][T16711] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04 [ 639.810414][T16711] RSP: 002b:00007f0cd738df30 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 639.810429][T16711] RAX: ffffffffffffffda RBX: 000000000000003f RCX: 00007f0cd6590c94 [ 639.810438][T16711] RDX: 0000000000001000 RSI: 00007f0cd738e010 RDI: 0000000000000008 [ 639.810448][T16711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 639.810456][T16711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000001940 [ 639.810464][T16711] R13: 00007f0cd738dfc0 R14: 000000000000000f R15: 0000000000000000 [ 639.810482][T16711] [ 640.388135][T16727] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 640.548567][T16732] FAULT_INJECTION: forcing a failure. [ 640.548567][T16732] name failslab, interval 1, probability 0, space 0, times 0 [ 640.611376][T16732] CPU: 0 UID: 0 PID: 16732 Comm: syz.3.2196 Not tainted syzkaller #0 PREEMPT(full) [ 640.611398][T16732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 640.611408][T16732] Call Trace: [ 640.611413][T16732] [ 640.611420][T16732] dump_stack_lvl+0x16c/0x1f0 [ 640.611446][T16732] should_fail_ex+0x512/0x640 [ 640.611467][T16732] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 640.611487][T16732] should_failslab+0xc2/0x120 [ 640.611506][T16732] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 640.611524][T16732] ? __d_alloc+0x32/0xae0 [ 640.611544][T16732] __d_alloc+0x32/0xae0 [ 640.611563][T16732] d_alloc_pseudo+0x1c/0xc0 [ 640.611584][T16732] alloc_file_pseudo+0xcf/0x230 [ 640.611606][T16732] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 640.611627][T16732] ? alloc_fd+0x471/0x7d0 [ 640.611645][T16732] sock_alloc_file+0x50/0x210 [ 640.611660][T16732] __sys_socket+0x1c0/0x260 [ 640.611677][T16732] ? __pfx___sys_socket+0x10/0x10 [ 640.611693][T16732] ? xfd_validate_state+0x61/0x180 [ 640.611713][T16732] ? __pfx_ksys_write+0x10/0x10 [ 640.611733][T16732] __x64_sys_socket+0x72/0xb0 [ 640.611752][T16732] ? lockdep_hardirqs_on+0x7c/0x110 [ 640.611772][T16732] do_syscall_64+0xcd/0x4c0 [ 640.611786][T16732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.611801][T16732] RIP: 0033:0x7f0cd658eec9 [ 640.611814][T16732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 640.611828][T16732] RSP: 002b:00007f0cd738f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 640.611848][T16732] RAX: ffffffffffffffda RBX: 00007f0cd67e5fa0 RCX: 00007f0cd658eec9 [ 640.611858][T16732] RDX: 0000000000000300 RSI: 0000000000080003 RDI: 0000000000000011 [ 640.611867][T16732] RBP: 00007f0cd6611f91 R08: 0000000000000000 R09: 0000000000000000 [ 640.611877][T16732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 640.611886][T16732] R13: 00007f0cd67e6038 R14: 00007f0cd67e5fa0 R15: 00007ffe5550c718 [ 640.611905][T16732] [ 640.826553][T16738] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 640.931926][T16730] futex_wake_op: syz.0.2195 tries to shift op by -9; fix this program [ 641.157334][T16733] Process accounting resumed [ 641.507803][ T30] audit: type=1326 audit(4294967308.353:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16747 comm="syz.2.2199" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff4f0d8eec9 code=0x0 [ 641.560301][T16750] FAULT_INJECTION: forcing a failure. [ 641.560301][T16750] name failslab, interval 1, probability 0, space 0, times 0 [ 641.645179][T16750] CPU: 0 UID: 0 PID: 16750 Comm: syz.0.2200 Not tainted syzkaller #0 PREEMPT(full) [ 641.645202][T16750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 641.645211][T16750] Call Trace: [ 641.645217][T16750] [ 641.645224][T16750] dump_stack_lvl+0x16c/0x1f0 [ 641.645251][T16750] should_fail_ex+0x512/0x640 [ 641.645273][T16750] ? fs_reclaim_acquire+0xae/0x150 [ 641.645296][T16750] ? security_inode_init_security+0x13f/0x390 [ 641.645318][T16750] should_failslab+0xc2/0x120 [ 641.645337][T16750] __kmalloc_noprof+0xd2/0x510 [ 641.645358][T16750] security_inode_init_security+0x13f/0x390 [ 641.645382][T16750] ? __pfx_shmem_initxattrs+0x10/0x10 [ 641.645402][T16750] ? __pfx_security_inode_init_security+0x10/0x10 [ 641.645425][T16750] ? shmem_get_inode+0x73a/0xfb0 [ 641.645450][T16750] shmem_symlink+0x135/0x9f0 [ 641.645469][T16750] ? __pfx_shmem_symlink+0x10/0x10 [ 641.645485][T16750] ? bpf_lsm_inode_permission+0x9/0x10 [ 641.645504][T16750] ? security_inode_permission+0xbf/0x260 [ 641.645522][T16750] ? inode_permission+0x156/0x630 [ 641.645546][T16750] vfs_symlink+0x400/0x680 [ 641.645562][T16750] do_symlinkat+0x261/0x310 [ 641.645581][T16750] ? __pfx_do_symlinkat+0x10/0x10 [ 641.645599][T16750] ? getname_flags.part.0+0x1c5/0x550 [ 641.645624][T16750] __x64_sys_symlink+0x75/0x90 [ 641.645642][T16750] do_syscall_64+0xcd/0x4c0 [ 641.645657][T16750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 641.645672][T16750] RIP: 0033:0x7f198038eec9 [ 641.645684][T16750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 641.645698][T16750] RSP: 002b:00007f198130e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 641.645713][T16750] RAX: ffffffffffffffda RBX: 00007f19805e5fa0 RCX: 00007f198038eec9 [ 641.645723][T16750] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180 [ 641.645732][T16750] RBP: 00007f1980411f91 R08: 0000000000000000 R09: 0000000000000000 [ 641.645741][T16750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 641.645750][T16750] R13: 00007f19805e6038 R14: 00007f19805e5fa0 R15: 00007fff78923428 [ 641.645769][T16750] [ 642.044265][T16759] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 642.461945][T16769] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 642.684513][T16771] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 642.772218][T16779] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2205'. [ 642.915639][T16778] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2211'. [ 644.178381][ T9921] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 873 with max blocks 60 with error 117 [ 644.259655][ T9921] EXT4-fs (sda1): This should not happen!! Data will be lost [ 644.259655][ T9921] [ 645.203892][T16822] blktrace: Concurrent blktraces are not allowed on loop2 [ 645.512184][T16829] ubi0: attaching mtd0 [ 645.517287][T16829] ubi0: scanning is finished [ 645.608132][T16829] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 645.944573][T16829] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 646.396331][T16847] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 646.991605][T16856] ima: policy update failed [ 647.029823][ T30] audit: type=1802 audit(4294967300.834:22): pid=16856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2222" res=0 errno=0 [ 647.321175][T16868] netlink: 'syz.0.2226': attribute type 11 has an invalid length. [ 647.377883][T16868] netlink: 'syz.0.2226': attribute type 11 has an invalid length. [ 647.405501][T16868] netlink: 'syz.0.2226': attribute type 11 has an invalid length. [ 647.443689][T16868] netlink: 'syz.0.2226': attribute type 11 has an invalid length. [ 647.670326][T16877] FAULT_INJECTION: forcing a failure. [ 647.670326][T16877] name fail_futex, interval 1, probability 0, space 0, times 0 [ 647.791520][T16877] CPU: 0 UID: 0 PID: 16877 Comm: syz.2.2229 Not tainted syzkaller #0 PREEMPT(full) [ 647.791543][T16877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 647.791552][T16877] Call Trace: [ 647.791558][T16877] [ 647.791564][T16877] dump_stack_lvl+0x16c/0x1f0 [ 647.791591][T16877] should_fail_ex+0x512/0x640 [ 647.791615][T16877] get_futex_key+0x1d0/0x1560 [ 647.791635][T16877] ? find_held_lock+0x2b/0x80 [ 647.791649][T16877] ? __pfx_get_futex_key+0x10/0x10 [ 647.791667][T16877] ? do_raw_spin_unlock+0x172/0x230 [ 647.791688][T16877] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 647.791710][T16877] futex_wait_setup+0x9d/0x550 [ 647.791736][T16877] __futex_wait+0x194/0x2f0 [ 647.791757][T16877] ? __pfx___futex_wait+0x10/0x10 [ 647.791776][T16877] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 647.791795][T16877] ? lockdep_hardirqs_on+0x7c/0x110 [ 647.791817][T16877] ? __pfx_futex_wake_mark+0x10/0x10 [ 647.791840][T16877] ? futex_private_hash_put+0x176/0x300 [ 647.791858][T16877] ? futex_private_hash_put+0x18a/0x300 [ 647.791876][T16877] futex_wait+0xe8/0x380 [ 647.791896][T16877] ? __pfx_futex_wait+0x10/0x10 [ 647.791920][T16877] ? __pfx_path_getxattrat+0x10/0x10 [ 647.791938][T16877] ? ksys_write+0x190/0x250 [ 647.791958][T16877] do_futex+0x229/0x350 [ 647.791976][T16877] ? __pfx_do_futex+0x10/0x10 [ 647.791998][T16877] __x64_sys_futex+0x1e0/0x4c0 [ 647.792018][T16877] ? __pfx___x64_sys_futex+0x10/0x10 [ 647.792036][T16877] ? xfd_validate_state+0x61/0x180 [ 647.792055][T16877] ? __pfx_ksys_write+0x10/0x10 [ 647.792076][T16877] do_syscall_64+0xcd/0x4c0 [ 647.792090][T16877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.792105][T16877] RIP: 0033:0x7ff4f0d8eec9 [ 647.792118][T16877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 647.792139][T16877] RSP: 002b:00007ff4f1cb90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 647.792155][T16877] RAX: ffffffffffffffda RBX: 00007ff4f0fe5fa8 RCX: 00007ff4f0d8eec9 [ 647.792167][T16877] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff4f0fe5fa8 [ 647.792177][T16877] RBP: 00007ff4f0fe5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 647.792186][T16877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 647.792194][T16877] R13: 00007ff4f0fe6038 R14: 00007ffd739b2f20 R15: 00007ffd739b3008 [ 647.792213][T16877] [ 648.032228][ C0] vkms_vblank_simulate: vblank timer overrun [ 648.474830][T16881] zswap: compressor not available [ 649.020456][T16896] Invalid ELF header len 5 [ 649.440289][T16907] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 649.500763][ T9901] Bluetooth: hci2: unexpected event 0x35 length: 13 > 6 [ 649.613682][T16906] can: request_module (can-proto-0) failed. [ 649.870489][T16922] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 650.035340][T16926] Malformed UNC in devname [ 650.035340][T16926] [ 650.071665][T16926] CIFS: VFS: Malformed UNC in devname [ 650.108066][T16929] Malformed UNC in devname [ 650.108066][T16929] [ 650.132125][T16929] CIFS: VFS: Malformed UNC in devname [ 650.466806][ T9901] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1 [ 651.133841][T16945] syz.0.2244 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 651.752012][T16956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2246'. [ 652.041077][T16973] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input48 [ 652.050084][T16963] FAULT_INJECTION: forcing a failure. [ 652.050084][T16963] name failslab, interval 1, probability 0, space 0, times 0 [ 652.240973][T16980] Process accounting resumed [ 652.323396][T16963] CPU: 0 UID: 0 PID: 16963 Comm: syz.2.2246 Not tainted syzkaller #0 PREEMPT(full) [ 652.323418][T16963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 652.323428][T16963] Call Trace: [ 652.323433][T16963] [ 652.323439][T16963] dump_stack_lvl+0x16c/0x1f0 [ 652.323466][T16963] should_fail_ex+0x512/0x640 [ 652.323488][T16963] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 652.323509][T16963] should_failslab+0xc2/0x120 [ 652.323528][T16963] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 652.323545][T16963] ? __alloc_skb+0x2b2/0x380 [ 652.323567][T16963] __alloc_skb+0x2b2/0x380 [ 652.323586][T16963] ? __pfx___alloc_skb+0x10/0x10 [ 652.323606][T16963] ? __lock_acquire+0x62e/0x1ce0 [ 652.323629][T16963] alloc_skb_with_frags+0xe0/0x860 [ 652.323650][T16963] sock_alloc_send_pskb+0x7fb/0x990 [ 652.323676][T16963] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 652.323696][T16963] ? ip6_finish_output2+0xb30/0x2020 [ 652.323723][T16963] __ip6_append_data+0x2a98/0x4750 [ 652.323753][T16963] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 652.323785][T16963] ? __pfx___ip6_append_data+0x10/0x10 [ 652.323805][T16963] ? __pfx_ip6_mtu+0x10/0x10 [ 652.323820][T16963] ? ip6_setup_cork+0xc51/0x1530 [ 652.323841][T16963] ip6_make_skb+0x2c8/0x3f0 [ 652.323862][T16963] ? ip6_dst_check+0x343/0x950 [ 652.323877][T16963] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 652.323900][T16963] ? __pfx_ip6_make_skb+0x10/0x10 [ 652.323919][T16963] ? find_held_lock+0x2b/0x80 [ 652.323937][T16963] ? sk_dst_check+0x1da/0x540 [ 652.323960][T16963] ? udpv6_sendmsg+0x235c/0x2d20 [ 652.323973][T16963] udpv6_sendmsg+0x235c/0x2d20 [ 652.323987][T16963] ? aa_label_sk_perm+0x195/0x600 [ 652.324005][T16963] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 652.324032][T16963] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 652.324057][T16963] ? __pfx___might_resched+0x10/0x10 [ 652.324071][T16963] ? __lock_acquire+0xb97/0x1ce0 [ 652.324096][T16963] ? iovec_from_user+0xbb/0x140 [ 652.324115][T16963] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 652.324131][T16963] ? inet6_sendmsg+0x105/0x140 [ 652.324144][T16963] inet6_sendmsg+0x105/0x140 [ 652.324159][T16963] ____sys_sendmsg+0x705/0xc70 [ 652.324176][T16963] ? copy_msghdr_from_user+0x10a/0x160 [ 652.324196][T16963] ? __pfx_____sys_sendmsg+0x10/0x10 [ 652.324215][T16963] ? kfree+0x24f/0x4d0 [ 652.324228][T16963] ? futex_unqueue+0x133/0x2c0 [ 652.324248][T16963] ___sys_sendmsg+0x134/0x1d0 [ 652.324270][T16963] ? __pfx____sys_sendmsg+0x10/0x10 [ 652.324307][T16963] ? __pfx___might_resched+0x10/0x10 [ 652.324325][T16963] __sys_sendmmsg+0x200/0x420 [ 652.324348][T16963] ? __pfx___sys_sendmmsg+0x10/0x10 [ 652.324374][T16963] ? __pfx_do_futex+0x10/0x10 [ 652.324399][T16963] ? fput+0x9b/0xd0 [ 652.324419][T16963] ? xfd_validate_state+0x61/0x180 [ 652.324439][T16963] ? __pfx_ksys_write+0x10/0x10 [ 652.324458][T16963] __x64_sys_sendmmsg+0x9c/0x100 [ 652.324478][T16963] ? lockdep_hardirqs_on+0x7c/0x110 [ 652.324499][T16963] do_syscall_64+0xcd/0x4c0 [ 652.324513][T16963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.324528][T16963] RIP: 0033:0x7ff4f0d8eec9 [ 652.324540][T16963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 652.324555][T16963] RSP: 002b:00007ff4f1c77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 652.324569][T16963] RAX: ffffffffffffffda RBX: 00007ff4f0fe6180 RCX: 00007ff4f0d8eec9 [ 652.324579][T16963] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 652.324588][T16963] RBP: 00007ff4f0e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 652.324597][T16963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.324605][T16963] R13: 00007ff4f0fe6218 R14: 00007ff4f0fe6180 R15: 00007ffd739b3008 [ 652.324623][T16963] [ 652.687761][ C0] vkms_vblank_simulate: vblank timer overrun [ 653.413658][T16993] FAULT_INJECTION: forcing a failure. [ 653.413658][T16993] name (null), interval 1, probability 0, space 0, times 0 [ 653.466860][T16993] CPU: 0 UID: 0 PID: 16993 Comm: syz.0.2253 Not tainted syzkaller #0 PREEMPT(full) [ 653.466884][T16993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 653.466894][T16993] Call Trace: [ 653.466899][T16993] [ 653.466906][T16993] dump_stack_lvl+0x16c/0x1f0 [ 653.466933][T16993] should_fail_ex+0x512/0x640 [ 653.466962][T16993] null_queue_rq+0x2ed/0xfd0 [ 653.466985][T16993] ? blk_add_trace_unplug+0x164/0x350 [ 653.467004][T16993] null_queue_rqs+0xe9/0x2f0 [ 653.467026][T16993] ? __pfx_null_queue_rqs+0x10/0x10 [ 653.467053][T16993] __blk_mq_flush_list+0x97/0xc0 [ 653.467077][T16993] blk_mq_dispatch_queue_requests+0x184/0x7b0 [ 653.467099][T16993] blk_mq_flush_plug_list+0x1f2/0x600 [ 653.467121][T16993] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 653.467146][T16993] __blk_flush_plug+0x2c4/0x4b0 [ 653.467167][T16993] ? __pfx___blk_flush_plug+0x10/0x10 [ 653.467190][T16993] blk_finish_plug+0x53/0xa0 [ 653.467207][T16993] read_pages+0x583/0xc70 [ 653.467221][T16993] ? find_held_lock+0x2b/0x80 [ 653.467236][T16993] ? xa_load+0x149/0x2c0 [ 653.467252][T16993] ? __pfx_read_pages+0x10/0x10 [ 653.467266][T16993] ? xa_load+0x153/0x2c0 [ 653.467288][T16993] page_cache_ra_unbounded+0x5d2/0x7d0 [ 653.467311][T16993] page_cache_ra_order+0xa41/0xd70 [ 653.467336][T16993] filemap_fault+0x152e/0x2930 [ 653.467359][T16993] ? __pfx_filemap_fault+0x10/0x10 [ 653.467386][T16993] ? __pfx_filemap_map_pages+0x10/0x10 [ 653.467402][T16993] __do_fault+0x10d/0x490 [ 653.467421][T16993] ? __pfx_filemap_map_pages+0x10/0x10 [ 653.467437][T16993] do_pte_missing+0xf50/0x3ba0 [ 653.467452][T16993] ? find_held_lock+0x2b/0x80 [ 653.467466][T16993] ? __handle_mm_fault+0x14fd/0x2a50 [ 653.467484][T16993] __handle_mm_fault+0x152a/0x2a50 [ 653.467501][T16993] ? mt_find+0x3ef/0xa30 [ 653.467515][T16993] ? __pfx___handle_mm_fault+0x10/0x10 [ 653.467529][T16993] ? __pfx_mt_find+0x10/0x10 [ 653.467562][T16993] ? find_vma+0xbf/0x140 [ 653.467580][T16993] ? __pfx_find_vma+0x10/0x10 [ 653.467602][T16993] handle_mm_fault+0x589/0xd10 [ 653.467618][T16993] ? trace_raw_output_exceptions+0x131/0x150 [ 653.467642][T16993] do_user_addr_fault+0x7a6/0x1370 [ 653.467664][T16993] ? __pfx___schedule+0x10/0x10 [ 653.467683][T16993] ? rcu_is_watching+0x12/0xc0 [ 653.467700][T16993] exc_page_fault+0x5c/0xb0 [ 653.467720][T16993] asm_exc_page_fault+0x26/0x30 [ 653.467734][T16993] RIP: 0010:copy_iovec_from_user+0x84/0x170 [ 653.467750][T16993] Code: e8 f1 23 dc fc 4d 85 ff 0f 85 e5 00 00 00 e8 33 29 dc fc 0f 01 cb 0f ae e8 49 bf 00 00 00 00 00 fc ff df e8 1e 29 dc fc 31 db <48> 8b 45 08 31 ff 89 de 49 89 c6 e8 4c 24 dc fc 85 db 0f 85 aa 00 [ 653.467765][T16993] RSP: 0018:ffffc90003e1fb38 EFLAGS: 00050246 [ 653.467777][T16993] RAX: 0000000000000023 RBX: 0000000000000000 RCX: ffffc9000bc69000 [ 653.467787][T16993] RDX: 0000000000080000 RSI: ffffffff84dedde2 RDI: 0000000000000006 [ 653.467796][T16993] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000000 [ 653.467804][T16993] R10: 0000000000000050 R11: 0000000000000000 R12: ffffc90003e1fd70 [ 653.467813][T16993] R13: 0000000000000005 R14: 00007ffffffff000 R15: dffffc0000000000 [ 653.467828][T16993] ? copy_iovec_from_user+0x82/0x170 [ 653.467845][T16993] ? copy_iovec_from_user+0x82/0x170 [ 653.467861][T16993] iovec_from_user+0xa2/0x140 [ 653.467879][T16993] __import_iovec+0x88/0x650 [ 653.467899][T16993] import_iovec+0x86/0xb0 [ 653.467917][T16993] vfs_writev+0x19b/0xde0 [ 653.467938][T16993] ? __pfx_vfs_writev+0x10/0x10 [ 653.467967][T16993] ? __fget_files+0x20e/0x3c0 [ 653.467987][T16993] ? do_pwritev+0x1a6/0x270 [ 653.468001][T16993] do_pwritev+0x1a6/0x270 [ 653.468017][T16993] ? __pfx_do_pwritev+0x10/0x10 [ 653.468038][T16993] do_syscall_64+0xcd/0x4c0 [ 653.468052][T16993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 653.468066][T16993] RIP: 0033:0x7f198038eec9 [ 653.468078][T16993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 653.468091][T16993] RSP: 002b:00007f198130e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 653.468104][T16993] RAX: ffffffffffffffda RBX: 00007f19805e5fa0 RCX: 00007f198038eec9 [ 653.468113][T16993] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 653.468122][T16993] RBP: 00007f1980411f91 R08: 0000000000000009 R09: 0000000000000000 [ 653.468130][T16993] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 653.468138][T16993] R13: 00007f19805e6038 R14: 00007f19805e5fa0 R15: 00007fff78923428 [ 653.468157][T16993] [ 653.902782][ C0] vkms_vblank_simulate: vblank timer overrun [ 653.990924][T16992] Process accounting resumed [ 654.296645][T17014] random: crng reseeded on system resumption [ 654.915294][T17022] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 655.130437][T17025] FAULT_INJECTION: forcing a failure. [ 655.130437][T17025] name failslab, interval 1, probability 0, space 0, times 0 [ 655.182865][T17025] CPU: 0 UID: 0 PID: 17025 Comm: syz.4.2260 Not tainted syzkaller #0 PREEMPT(full) [ 655.182886][T17025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 655.182896][T17025] Call Trace: [ 655.182902][T17025] [ 655.182908][T17025] dump_stack_lvl+0x16c/0x1f0 [ 655.182934][T17025] should_fail_ex+0x512/0x640 [ 655.182956][T17025] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 655.182976][T17025] should_failslab+0xc2/0x120 [ 655.182995][T17025] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 655.183011][T17025] ? __pfx_acct_collect+0x10/0x10 [ 655.183036][T17025] ? taskstats_exit+0x654/0xbe0 [ 655.183060][T17025] taskstats_exit+0x654/0xbe0 [ 655.183081][T17025] ? __pfx_taskstats_exit+0x10/0x10 [ 655.183106][T17025] do_exit+0x5dc/0x2bf0 [ 655.183129][T17025] ? __pfx_do_exit+0x10/0x10 [ 655.183149][T17025] ? do_raw_spin_lock+0x12c/0x2b0 [ 655.183170][T17025] ? find_held_lock+0x2b/0x80 [ 655.183187][T17025] do_group_exit+0xd3/0x2a0 [ 655.183208][T17025] get_signal+0x2673/0x26d0 [ 655.183231][T17025] ? __pfx_get_signal+0x10/0x10 [ 655.183247][T17025] ? do_futex+0x122/0x350 [ 655.183265][T17025] ? __pfx_do_futex+0x10/0x10 [ 655.183285][T17025] arch_do_signal_or_restart+0x8f/0x790 [ 655.183305][T17025] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 655.183328][T17025] ? xfd_validate_state+0x61/0x180 [ 655.183348][T17025] ? __pfx_ksys_write+0x10/0x10 [ 655.183374][T17025] exit_to_user_mode_loop+0x84/0x110 [ 655.183397][T17025] do_syscall_64+0x41c/0x4c0 [ 655.183411][T17025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.183426][T17025] RIP: 0033:0x7fdcc718eec9 [ 655.183438][T17025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.183452][T17025] RSP: 002b:00007fdcc80e10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 655.183467][T17025] RAX: fffffffffffffe00 RBX: 00007fdcc73e5fa8 RCX: 00007fdcc718eec9 [ 655.183476][T17025] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdcc73e5fa8 [ 655.183485][T17025] RBP: 00007fdcc73e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 655.183494][T17025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.183503][T17025] R13: 00007fdcc73e6038 R14: 00007fff3b7b3170 R15: 00007fff3b7b3258 [ 655.183521][T17025] [ 655.950539][T17035] Console: switching to colour VGA+ 80x25 [ 656.157736][ T30] audit: type=1804 audit(4294967301.859:23): pid=17036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2262" name="/newroot/548/file0" dev="tmpfs" ino=2923 res=1 errno=0 [ 656.406728][ T30] audit: type=1804 audit(4294967302.110:24): pid=17048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2262" name="/newroot/548/file0" dev="tmpfs" ino=2923 res=1 errno=0 [ 657.199393][ T9901] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1 [ 657.889134][T17061] kexec: Could not allocate control_code_buffer [ 659.113479][T17111] FAULT_INJECTION: forcing a failure. [ 659.113479][T17111] name failslab, interval 1, probability 0, space 0, times 0 [ 659.179812][T17111] CPU: 0 UID: 0 PID: 17111 Comm: syz.0.2279 Not tainted syzkaller #0 PREEMPT(full) [ 659.179836][T17111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 659.179846][T17111] Call Trace: [ 659.179852][T17111] [ 659.179858][T17111] dump_stack_lvl+0x16c/0x1f0 [ 659.179886][T17111] should_fail_ex+0x512/0x640 [ 659.179908][T17111] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 659.179929][T17111] should_failslab+0xc2/0x120 [ 659.179948][T17111] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 659.179964][T17111] ? do_raw_spin_unlock+0x172/0x230 [ 659.179987][T17111] ? __d_alloc+0x32/0xae0 [ 659.180014][T17111] ? __pfx_mqueue_fill_super+0x10/0x10 [ 659.180029][T17111] ? __pfx_mqueue_fill_super+0x10/0x10 [ 659.180044][T17111] __d_alloc+0x32/0xae0 [ 659.180061][T17111] ? mqueue_get_inode+0x285/0xdd0 [ 659.180076][T17111] ? __pfx_mqueue_fill_super+0x10/0x10 [ 659.180090][T17111] d_make_root+0x3e/0x90 [ 659.180108][T17111] mqueue_fill_super+0x175/0x260 [ 659.180122][T17111] get_tree_nodev+0xda/0x190 [ 659.180139][T17111] mqueue_get_tree+0xf1/0x130 [ 659.180152][T17111] vfs_get_tree+0x8e/0x340 [ 659.180166][T17111] fc_mount_longterm+0x18/0x160 [ 659.180189][T17111] mq_init_ns+0x426/0x620 [ 659.180206][T17111] copy_ipcs+0x383/0x610 [ 659.180221][T17111] ? copy_utsname+0xab/0x470 [ 659.180242][T17111] create_new_namespaces+0x20a/0xa90 [ 659.180258][T17111] ? security_capable+0x7e/0x260 [ 659.180275][T17111] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 659.180293][T17111] ksys_unshare+0x45b/0xa40 [ 659.180312][T17111] ? __pfx_ksys_unshare+0x10/0x10 [ 659.180332][T17111] ? xfd_validate_state+0x61/0x180 [ 659.180358][T17111] __x64_sys_unshare+0x31/0x40 [ 659.180377][T17111] do_syscall_64+0xcd/0x4c0 [ 659.180392][T17111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.180406][T17111] RIP: 0033:0x7f198038eec9 [ 659.180418][T17111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.180432][T17111] RSP: 002b:00007f198130e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 659.180446][T17111] RAX: ffffffffffffffda RBX: 00007f19805e5fa0 RCX: 00007f198038eec9 [ 659.180456][T17111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 659.180465][T17111] RBP: 00007f1980411f91 R08: 0000000000000000 R09: 0000000000000000 [ 659.180474][T17111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.180483][T17111] R13: 00007f19805e6038 R14: 00007f19805e5fa0 R15: 00007fff78923428 [ 659.180501][T17111] [ 659.262945][T17113] Console: switching to colour frame buffer device 2x2 [ 661.359923][T17137] tty tty12: ldisc open failed (-12), clearing slot 11 [ 664.020192][T17211] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 664.399750][T17216] FAULT_INJECTION: forcing a failure. [ 664.399750][T17216] name failslab, interval 1, probability 0, space 0, times 0 [ 664.572005][T17216] CPU: 0 UID: 0 PID: 17216 Comm: syz.4.2301 Not tainted syzkaller #0 PREEMPT(full) [ 664.572027][T17216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 664.572036][T17216] Call Trace: [ 664.572042][T17216] [ 664.572048][T17216] dump_stack_lvl+0x16c/0x1f0 [ 664.572075][T17216] should_fail_ex+0x512/0x640 [ 664.572097][T17216] ? fs_reclaim_acquire+0xae/0x150 [ 664.572120][T17216] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 664.572141][T17216] should_failslab+0xc2/0x120 [ 664.572160][T17216] __kmalloc_noprof+0xd2/0x510 [ 664.572182][T17216] tomoyo_realpath_from_path+0xc2/0x6e0 [ 664.572207][T17216] tomoyo_check_open_permission+0x2ab/0x3c0 [ 664.572227][T17216] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 664.572263][T17216] ? find_held_lock+0x2b/0x80 [ 664.572283][T17216] tomoyo_file_open+0x6b/0x90 [ 664.572298][T17216] security_file_open+0x84/0x1e0 [ 664.572318][T17216] do_dentry_open+0x596/0x1530 [ 664.572342][T17216] vfs_open+0x82/0x3f0 [ 664.572365][T17216] path_openat+0x1de4/0x2cb0 [ 664.572389][T17216] ? __pfx_path_openat+0x10/0x10 [ 664.572411][T17216] do_filp_open+0x20b/0x470 [ 664.572428][T17216] ? __pfx_do_filp_open+0x10/0x10 [ 664.572456][T17216] ? __pfx_kfree_link+0x10/0x10 [ 664.572484][T17216] ? alloc_fd+0x471/0x7d0 [ 664.572504][T17216] do_sys_openat2+0x11b/0x1d0 [ 664.572525][T17216] ? __pfx_do_sys_openat2+0x10/0x10 [ 664.572546][T17216] ? find_held_lock+0x2b/0x80 [ 664.572560][T17216] ? handle_mm_fault+0x2ab/0xd10 [ 664.572579][T17216] __x64_sys_openat+0x174/0x210 [ 664.572592][T17216] ? __pfx___x64_sys_openat+0x10/0x10 [ 664.572608][T17216] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 664.572634][T17216] do_syscall_64+0xcd/0x4c0 [ 664.572648][T17216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.572663][T17216] RIP: 0033:0x7fdcc718d710 [ 664.572675][T17216] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 664.572689][T17216] RSP: 002b:00007fdcc80e0fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 664.572703][T17216] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fdcc718d710 [ 664.572713][T17216] RDX: 0000000000000002 RSI: 00007fdcc721224b RDI: 00000000ffffff9c [ 664.572722][T17216] RBP: 00007fdcc721224b R08: 0000000000000000 R09: 00007fdcc80e2000 [ 664.572731][T17216] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 664.572740][T17216] R13: 00007fdcc73e6038 R14: 00007fdcc73e5fa0 R15: 00007fff3b7b3258 [ 664.572758][T17216] [ 664.572764][T17216] ERROR: Out of memory at tomoyo_realpath_from_path. [ 664.920897][T17229] random: crng reseeded on system resumption [ 665.241370][T17237] FAULT_INJECTION: forcing a failure. [ 665.241370][T17237] name fail_futex, interval 1, probability 0, space 0, times 0 [ 665.278587][T17237] CPU: 0 UID: 0 PID: 17237 Comm: syz.3.2305 Not tainted syzkaller #0 PREEMPT(full) [ 665.278609][T17237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 665.278619][T17237] Call Trace: [ 665.278624][T17237] [ 665.278630][T17237] dump_stack_lvl+0x16c/0x1f0 [ 665.278658][T17237] should_fail_ex+0x512/0x640 [ 665.278684][T17237] get_futex_key+0x1d0/0x1560 [ 665.278704][T17237] ? __pfx_get_futex_key+0x10/0x10 [ 665.278720][T17237] ? futex_private_hash_put+0x176/0x300 [ 665.278742][T17237] futex_wake+0xea/0x530 [ 665.278764][T17237] ? __pfx_futex_wake+0x10/0x10 [ 665.278784][T17237] ? __lock_acquire+0x62e/0x1ce0 [ 665.278805][T17237] ? aa_sk_perm+0x2f4/0xb10 [ 665.278823][T17237] ? __pfx___sys_sendmmsg+0x10/0x10 [ 665.278848][T17237] do_futex+0x1e3/0x350 [ 665.278866][T17237] ? __pfx_do_futex+0x10/0x10 [ 665.278882][T17237] ? rcu_is_watching+0x12/0xc0 [ 665.278897][T17237] ? kfree+0x24f/0x4d0 [ 665.278913][T17237] __x64_sys_futex+0x1e0/0x4c0 [ 665.278934][T17237] ? __pfx___x64_sys_futex+0x10/0x10 [ 665.278952][T17237] ? __sys_setsockopt+0x140/0x1a0 [ 665.278977][T17237] do_syscall_64+0xcd/0x4c0 [ 665.278991][T17237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.279006][T17237] RIP: 0033:0x7f0cd658eec9 [ 665.279017][T17237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 665.279032][T17237] RSP: 002b:00007f0cd736e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 665.279046][T17237] RAX: ffffffffffffffda RBX: 00007f0cd67e6098 RCX: 00007f0cd658eec9 [ 665.279056][T17237] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0cd67e609c [ 665.279065][T17237] RBP: 00007f0cd67e6090 R08: 00007f0cd7390000 R09: 0000000000000000 [ 665.279074][T17237] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 665.279083][T17237] R13: 00007f0cd67e6128 R14: 00007ffe5550c630 R15: 00007ffe5550c718 [ 665.279101][T17237] [ 666.702503][T17255] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.742801][T17259] netlink: 'syz.4.2311': attribute type 11 has an invalid length. [ 667.094614][ T9916] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 667.104752][ T9916] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 667.112664][ T9916] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 667.123019][ T9916] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 667.133285][ T9916] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 667.533507][T17274] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2314'. [ 667.843511][T17266] chnl_net:caif_netlink_parms(): no params data found [ 668.478245][T17296] sctp: Changing rto_alpha or rto_beta may lead to suboptimal rtt/srtt estimations! [ 668.643130][T17266] bridge0: port 1(bridge_slave_0) entered blocking state [ 668.703593][T17266] bridge0: port 1(bridge_slave_0) entered disabled state [ 668.751811][T17266] bridge_slave_0: entered allmulticast mode [ 668.789308][T17266] bridge_slave_0: entered promiscuous mode [ 668.837386][T17266] bridge0: port 2(bridge_slave_1) entered blocking state [ 668.932190][T17266] bridge0: port 2(bridge_slave_1) entered disabled state [ 668.966108][T17266] bridge_slave_1: entered allmulticast mode [ 669.003022][T17266] bridge_slave_1: entered promiscuous mode [ 669.177175][ T9916] Bluetooth: hci3: command tx timeout [ 669.456357][T17266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 669.511897][T17266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 669.733127][T17266] team0: Port device team_slave_0 added [ 669.858234][T17266] team0: Port device team_slave_1 added [ 670.426236][T11723] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.574801][T17266] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 670.613644][T17266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 670.727698][T17266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 670.948516][T11723] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 670.988909][T17266] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 670.998148][T17266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 671.063087][T17266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 671.201527][T11723] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 671.247111][ T9916] Bluetooth: hci3: command tx timeout [ 671.333530][T17266] hsr_slave_0: entered promiscuous mode [ 671.347343][T17266] hsr_slave_1: entered promiscuous mode [ 671.362086][T17266] debugfs: 'hsr0' already exists in 'hsr' [ 671.376837][T17266] Cannot create hsr debugfs directory [ 671.386147][T17305] Process accounting paused [ 671.951115][T17386] random: crng reseeded on system resumption [ 671.980212][T11723] team0: left allmulticast mode [ 672.004262][T11723] team_slave_0: left allmulticast mode [ 672.009723][T11723] team_slave_1: left allmulticast mode [ 672.049348][T17388] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 672.068089][T11723] team0: left promiscuous mode [ 672.092000][T11723] team_slave_0: left promiscuous mode [ 672.097499][T11723] team_slave_1: left promiscuous mode [ 672.143359][T11723] bridge0: port 3(team0) entered disabled state [ 672.179378][T11723] bridge_slave_1: left allmulticast mode [ 672.197727][T17394] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 672.211285][T11723] bridge_slave_1: left promiscuous mode [ 672.227954][T11723] bridge0: port 2(bridge_slave_1) entered disabled state [ 672.299097][T11723] bridge_slave_0: left allmulticast mode [ 672.326753][T11723] bridge_slave_0: left promiscuous mode [ 672.356850][T11723] bridge0: port 1(bridge_slave_0) entered disabled state [ 672.990240][T17413] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 673.320613][ T9916] Bluetooth: hci3: command tx timeout [ 673.766670][T17424] ptrace attach of "./syz-executor exec"[5868] was attempted by ""[17424] [ 673.915696][T17427] sd 0:0:1:0: PR command failed: 1026 [ 673.957214][T17427] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 673.979724][T17427] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 674.037974][T17432] FAULT_INJECTION: forcing a failure. [ 674.037974][T17432] name failslab, interval 1, probability 0, space 0, times 0 [ 674.127240][T17432] CPU: 0 UID: 0 PID: 17432 Comm: syz.3.2337 Not tainted syzkaller #0 PREEMPT(full) [ 674.127264][T17432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 674.127274][T17432] Call Trace: [ 674.127280][T17432] [ 674.127286][T17432] dump_stack_lvl+0x16c/0x1f0 [ 674.127314][T17432] should_fail_ex+0x512/0x640 [ 674.127336][T17432] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 674.127357][T17432] should_failslab+0xc2/0x120 [ 674.127377][T17432] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 674.127394][T17432] ? mas_alloc_nodes+0x18b/0x8b0 [ 674.127417][T17432] mas_alloc_nodes+0x18b/0x8b0 [ 674.127439][T17432] mas_node_count_gfp+0x105/0x130 [ 674.127459][T17432] mas_preallocate+0x7e0/0xde0 [ 674.127473][T17432] ? __memcg_slab_post_alloc_hook+0x492/0x960 [ 674.127504][T17432] ? __pfx_mas_preallocate+0x10/0x10 [ 674.127525][T17432] ? anon_vma_name+0x81/0x2f0 [ 674.127550][T17432] __split_vma+0x34a/0x1070 [ 674.127569][T17432] ? __pfx___split_vma+0x10/0x10 [ 674.127584][T17432] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 674.127614][T17432] vms_gather_munmap_vmas+0x3b1/0x1340 [ 674.127634][T17432] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 674.127653][T17432] ? mas_walk+0x6f5/0x980 [ 674.127677][T17432] __mmap_region+0x436/0x27b0 [ 674.127695][T17432] ? finish_task_switch.isra.0+0x21c/0xc10 [ 674.127710][T17432] ? __pfx___mmap_region+0x10/0x10 [ 674.127726][T17432] ? rcu_is_watching+0x12/0xc0 [ 674.127745][T17432] ? rcu_is_watching+0x12/0xc0 [ 674.127759][T17432] ? trace_sched_exit_tp+0xd1/0x120 [ 674.127780][T17432] ? __schedule+0x11a3/0x5de0 [ 674.127798][T17432] ? __lock_acquire+0x62e/0x1ce0 [ 674.127822][T17432] ? __lock_acquire+0x62e/0x1ce0 [ 674.127842][T17432] ? __pfx___schedule+0x10/0x10 [ 674.127884][T17432] ? __lock_acquire+0xb97/0x1ce0 [ 674.127907][T17432] mmap_region+0x1ab/0x3f0 [ 674.127924][T17432] ? __get_unmapped_area+0x267/0x440 [ 674.127946][T17432] do_mmap+0xa3e/0x1210 [ 674.127969][T17432] ? __pfx_do_mmap+0x10/0x10 [ 674.127988][T17432] ? __pfx_down_write_killable+0x10/0x10 [ 674.128006][T17432] vm_mmap_pgoff+0x29e/0x470 [ 674.128030][T17432] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 674.128054][T17432] ? __x64_sys_futex+0x1e0/0x4c0 [ 674.128071][T17432] ? __x64_sys_futex+0x1e9/0x4c0 [ 674.128091][T17432] ksys_mmap_pgoff+0x7d/0x5c0 [ 674.128110][T17432] ? xfd_validate_state+0x61/0x180 [ 674.128130][T17432] ? __pfx_ksys_write+0x10/0x10 [ 674.128149][T17432] __x64_sys_mmap+0x125/0x190 [ 674.128172][T17432] do_syscall_64+0xcd/0x4c0 [ 674.128187][T17432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.128201][T17432] RIP: 0033:0x7f0cd658eec9 [ 674.128214][T17432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 674.128228][T17432] RSP: 002b:00007f0cd736e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 674.128246][T17432] RAX: ffffffffffffffda RBX: 00007f0cd67e6090 RCX: 00007f0cd658eec9 [ 674.128257][T17432] RDX: 00000000000000df RSI: 0000000000400008 RDI: 000000000000f000 [ 674.128267][T17432] RBP: 00007f0cd6611f91 R08: 0000000000000002 R09: 0000000000008000 [ 674.128276][T17432] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 674.128285][T17432] R13: 00007f0cd67e6128 R14: 00007f0cd67e6090 R15: 00007ffe5550c718 [ 674.128304][T17432] [ 675.384770][ T9916] Bluetooth: hci3: command tx timeout [ 675.622973][T17459] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 675.890340][T17266] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 675.985925][T17463] ptrace attach of "./syz-executor exec"[5868] was attempted by "ÇÐêD¾Ï£è¸¢\x22·lîú¬*Ìu—¡±Ê¤ªIb8ƒND;_Q™Zf4™¤\x0cóû˜ï]LO©\x0bÔG–`a,8!WSÏt¸=!â.UoÔwè\x5c¬Åw*áÞè&æ‹™e8á©Îkòí\x07né7­–|\x09È\x1b\x5cÀfEZ܈mÇŸ:ê ¤¶O¦£O~=¨–5]«q¨øež™\x0a\x07Úíë7@!ÄÙÍž™ØR²zÆ›%¹ÅJŽ2—\x0bVdjá¼Oœ¸ˆ¹CïO€¹ÒéoA—ò¨)dKÖ³n¬T¨$…@ÞúØ?TC¬R K@âæüä pâ´žk˜§‹àbÐ\x22UpZçMŦق(<ÝVµ«gtûðÌÃ>][9¢†)O©à:ÄçôÓYA{†;dBqJð¶óýáŸÃzð{n‡ìE\x5cWº±6\x09K6¯L»Bݶ¶\x5cb‹Wd¡ù#X·Ø›`4ÖÚøÔæ\x0cœâxX·S•,Fa‘ì['ÉPrE—iÃq7}Öµ˜‡ãŽ·¿Žün¡ÖíP…v;W„Hþá¢Ú˜œŸ™_–Š¥ Á-æ˜Èc¼gåhGÄ &˜)mÜó©nâ½M«ò^Me4Q¾û—¿?¼T‚ä¼Wpñt¢$ŦjÅ»¹Úœ´b\x09¤¼OÀh£J†´U1L¿È{Ír•åáå±Õ>«˜ñAßÒ½CÀÓOXÔëÖ[ åìÏÏY=“ˆn¤Š\x0a-3:t%Á?]Ø°+=!Î÷¤.©U,’sD^É×¢K}A±ø\x22W¾¨KN¹Ç“§eÁ};ùðèøLSæEÀ„pëº-_\x0cÝu§¸6ê÷ú—™‰²/‹j\x09‘æi´)þ‡ \x09e=DìÄmåÁˆZ[#3pº6 W²ÞW® [ 676.008758][T17266] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 676.099999][ C0] vkms_vblank_simulate: vblank timer overrun [ 676.444054][T11723] hsr_slave_0: left promiscuous mode [ 676.479926][T11723] hsr_slave_1: left promiscuous mode [ 676.564617][T11723] veth0_macvtap: left promiscuous mode [ 676.596685][T11723] veth1_vlan: left promiscuous mode [ 676.628831][T11723] veth0_vlan: left promiscuous mode [ 676.932095][T17485] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 677.027234][T17489] random: crng reseeded on system resumption [ 678.371757][T11723] team0 (unregistering): Port device team_slave_1 removed [ 678.501638][T11723] team0 (unregistering): Port device team_slave_0 removed [ 678.672225][T17503] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 679.418652][T17266] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 679.514780][T17266] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 680.620182][T17266] 8021q: adding VLAN 0 to HW filter on device bond0 [ 680.800942][T17266] 8021q: adding VLAN 0 to HW filter on device team0 [ 680.887121][T15964] bridge0: port 1(bridge_slave_0) entered blocking state [ 680.894232][T15964] bridge0: port 1(bridge_slave_0) entered forwarding state [ 680.972432][T15964] bridge0: port 2(bridge_slave_1) entered blocking state [ 680.979555][T15964] bridge0: port 2(bridge_slave_1) entered forwarding state [ 681.771928][T17562] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 681.973554][T17568] FAULT_INJECTION: forcing a failure. [ 681.973554][T17568] name failslab, interval 1, probability 0, space 0, times 0 [ 682.002115][T17559] vmstat_refresh: nr_hugetlb -8192 [ 682.015424][T17266] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 682.035586][T17568] CPU: 0 UID: 0 PID: 17568 Comm: syz.2.2358 Not tainted syzkaller #0 PREEMPT(full) [ 682.035608][T17568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 682.035617][T17568] Call Trace: [ 682.035623][T17568] [ 682.035629][T17568] dump_stack_lvl+0x16c/0x1f0 [ 682.035655][T17568] should_fail_ex+0x512/0x640 [ 682.035680][T17568] ? fs_reclaim_acquire+0xae/0x150 [ 682.035706][T17568] should_failslab+0xc2/0x120 [ 682.035730][T17568] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 682.035750][T17568] ? security_inode_alloc+0x3b/0x2b0 [ 682.035777][T17568] security_inode_alloc+0x3b/0x2b0 [ 682.035797][T17568] inode_init_always_gfp+0xce4/0x1030 [ 682.035819][T17568] alloc_inode+0x86/0x240 [ 682.035843][T17568] new_inode+0x22/0x1c0 [ 682.035863][T17568] ? trace_cap_capable+0x18d/0x200 [ 682.035881][T17568] shmem_get_inode+0x19a/0xfb0 [ 682.035906][T17568] ? __vm_enough_memory+0x184/0x3f0 [ 682.035930][T17568] __shmem_file_setup+0x279/0x330 [ 682.035949][T17568] shmem_zero_setup+0x93/0x1a0 [ 682.035970][T17568] __mmap_region+0x2081/0x27b0 [ 682.035989][T17568] ? finish_task_switch.isra.0+0x21c/0xc10 [ 682.036006][T17568] ? __pfx___mmap_region+0x10/0x10 [ 682.036025][T17568] ? rcu_is_watching+0x12/0xc0 [ 682.036046][T17568] ? rcu_is_watching+0x12/0xc0 [ 682.036062][T17568] ? trace_sched_exit_tp+0xd1/0x120 [ 682.036085][T17568] ? __schedule+0x11a3/0x5de0 [ 682.036106][T17568] ? __lock_acquire+0x62e/0x1ce0 [ 682.036134][T17568] ? __pfx___schedule+0x10/0x10 [ 682.036174][T17568] ? trace_cap_capable+0x18d/0x200 [ 682.036195][T17568] mmap_region+0x1ab/0x3f0 [ 682.036211][T17568] ? __get_unmapped_area+0x267/0x440 [ 682.036233][T17568] do_mmap+0xa3e/0x1210 [ 682.036257][T17568] ? __pfx_do_mmap+0x10/0x10 [ 682.036277][T17568] ? __pfx_down_write_killable+0x10/0x10 [ 682.036291][T17568] ? kmem_cache_free+0x2d1/0x4d0 [ 682.036309][T17568] vm_mmap_pgoff+0x29e/0x470 [ 682.036332][T17568] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 682.036356][T17568] ? __x64_sys_futex+0x1e0/0x4c0 [ 682.036373][T17568] ? __x64_sys_futex+0x1e9/0x4c0 [ 682.036393][T17568] ksys_mmap_pgoff+0x7d/0x5c0 [ 682.036411][T17568] ? xfd_validate_state+0x61/0x180 [ 682.036434][T17568] __x64_sys_mmap+0x125/0x190 [ 682.036458][T17568] do_syscall_64+0xcd/0x4c0 [ 682.036472][T17568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 682.036487][T17568] RIP: 0033:0x7ff4f0d8eec9 [ 682.036499][T17568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 682.036513][T17568] RSP: 002b:00007ff4f1cb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 682.036527][T17568] RAX: ffffffffffffffda RBX: 00007ff4f0fe5fa0 RCX: 00007ff4f0d8eec9 [ 682.036537][T17568] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 682.036546][T17568] RBP: 00007ff4f0e11f91 R08: 0000000000000401 R09: 0000000000008000 [ 682.036555][T17568] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 682.036564][T17568] R13: 00007ff4f0fe6038 R14: 00007ff4f0fe5fa0 R15: 00007ffd739b3008 [ 682.036583][T17568] [ 682.336276][ C0] vkms_vblank_simulate: vblank timer overrun [ 682.382228][T17266] veth0_vlan: entered promiscuous mode [ 682.391987][T17266] veth1_vlan: entered promiscuous mode [ 682.410652][T17266] veth0_macvtap: entered promiscuous mode [ 682.418925][T17266] veth1_macvtap: entered promiscuous mode [ 682.434533][T17266] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 682.445396][T17266] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 682.755084][T11725] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.764588][T11725] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.831316][T11725] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.852045][T11725] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 682.902973][T17568] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 683.082990][T11730] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 683.132528][T11730] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 683.322413][ T9903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 683.340830][T17603] FAULT_INJECTION: forcing a failure. [ 683.340830][T17603] name fail_futex, interval 1, probability 0, space 0, times 0 [ 683.357777][ T9903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 683.409812][T17603] CPU: 0 UID: 0 PID: 17603 Comm: syz.2.2364 Not tainted syzkaller #0 PREEMPT(full) [ 683.409834][T17603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 683.409844][T17603] Call Trace: [ 683.409849][T17603] [ 683.409856][T17603] dump_stack_lvl+0x16c/0x1f0 [ 683.409883][T17603] should_fail_ex+0x512/0x640 [ 683.409908][T17603] get_futex_key+0x1d0/0x1560 [ 683.409927][T17603] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 683.409947][T17603] ? __pfx_get_futex_key+0x10/0x10 [ 683.409966][T17603] ? __pfx_free_one_page+0x10/0x10 [ 683.409982][T17603] futex_wake+0xea/0x530 [ 683.410003][T17603] ? do_getxattr+0x1f7/0x360 [ 683.410018][T17603] ? __pfx_futex_wake+0x10/0x10 [ 683.410038][T17603] ? path_getxattrat+0x139/0x2d0 [ 683.410055][T17603] ? __pfx_path_getxattrat+0x10/0x10 [ 683.410076][T17603] do_futex+0x1e3/0x350 [ 683.410094][T17603] ? __pfx_do_futex+0x10/0x10 [ 683.410117][T17603] __x64_sys_futex+0x1e0/0x4c0 [ 683.410137][T17603] ? __pfx___x64_sys_futex+0x10/0x10 [ 683.410154][T17603] ? xfd_validate_state+0x61/0x180 [ 683.410174][T17603] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 683.410196][T17603] do_syscall_64+0xcd/0x4c0 [ 683.410210][T17603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.410224][T17603] RIP: 0033:0x7ff4f0d8eec9 [ 683.410236][T17603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.410250][T17603] RSP: 002b:00007ff4f1cb90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 683.410265][T17603] RAX: ffffffffffffffda RBX: 00007ff4f0fe5fa8 RCX: 00007ff4f0d8eec9 [ 683.410274][T17603] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff4f0fe5fac [ 683.410283][T17603] RBP: 00007ff4f0fe5fa0 R08: 00007ff4f1cba000 R09: 0000000000000000 [ 683.410292][T17603] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 683.410301][T17603] R13: 00007ff4f0fe6038 R14: 00007ffd739b2f20 R15: 00007ffd739b3008 [ 683.410319][T17603] [ 683.606688][ C0] vkms_vblank_simulate: vblank timer overrun [ 684.001069][T17615] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 684.142535][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 684.148892][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.481267][T17623] device-mapper: ioctl: Invalid ioctl structure: name , dev 400007f00010006 [ 685.580951][T17649] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 686.014574][ T9901] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 686.025824][ T9901] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 686.034376][ T9901] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 686.042174][ T9901] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 686.062079][ T9901] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 686.440722][T11723] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.762045][T11723] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.955318][T11723] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 686.966890][T17675] input: jJǸí¸ü;9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input49 [ 687.025097][T17677] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 687.128981][T11723] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 687.549641][T17660] chnl_net:caif_netlink_parms(): no params data found [ 687.667502][T11723] vlan1: left allmulticast mode [ 687.686093][T11723] veth0_vlan: left allmulticast mode [ 687.711552][T11723] vlan1: left promiscuous mode [ 687.736715][T11723] bridge0: port 3(vlan1) entered disabled state [ 687.772220][T11723] bridge_slave_1: left allmulticast mode [ 687.809110][T11723] bridge_slave_1: left promiscuous mode [ 687.846009][T11723] bridge0: port 2(bridge_slave_1) entered disabled state [ 687.878436][T11723] bridge_slave_0: left allmulticast mode [ 687.909031][T11723] bridge_slave_0: left promiscuous mode [ 687.929999][T11723] bridge0: port 1(bridge_slave_0) entered disabled state [ 688.118929][ T9901] Bluetooth: hci0: command tx timeout [ 688.970929][T11723] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 688.996255][T11723] bond0 (unregistering): Released all slaves [ 689.530871][T17660] bridge0: port 1(bridge_slave_0) entered blocking state [ 689.571625][T17660] bridge0: port 1(bridge_slave_0) entered disabled state [ 689.613434][T17660] bridge_slave_0: entered allmulticast mode [ 689.654182][T17660] bridge_slave_0: entered promiscuous mode [ 689.704112][T17660] bridge0: port 2(bridge_slave_1) entered blocking state [ 689.752362][T17660] bridge0: port 2(bridge_slave_1) entered disabled state [ 689.807371][T17660] bridge_slave_1: entered allmulticast mode [ 689.862470][T17660] bridge_slave_1: entered promiscuous mode [ 690.085816][T17660] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 690.187904][ T9901] Bluetooth: hci0: command tx timeout [ 690.250831][T17660] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 690.962583][T17660] team0: Port device team_slave_0 added [ 691.053561][T17660] team0: Port device team_slave_1 added [ 691.269356][T17660] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 691.284194][T17660] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 691.340849][T17660] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 691.391968][T11723] hsr_slave_0: left promiscuous mode [ 691.403589][T11723] hsr_slave_1: left promiscuous mode [ 691.433813][T11723] veth1_macvtap: left promiscuous mode [ 691.448403][T11723] veth0_macvtap: left promiscuous mode [ 691.459456][T11723] veth1_vlan: left promiscuous mode [ 691.470717][T11723] veth0_vlan: left promiscuous mode [ 691.761123][T17772] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 692.257879][ T9901] Bluetooth: hci0: command tx timeout [ 692.267806][T11723] team0 (unregistering): Port device team_slave_1 removed [ 692.345176][T11723] team0 (unregistering): Port device team_slave_0 removed [ 692.802793][T17660] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 692.810241][T17660] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 692.836990][T17660] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 693.064877][T17660] hsr_slave_0: entered promiscuous mode [ 693.085022][T17660] hsr_slave_1: entered promiscuous mode [ 693.101254][T17660] debugfs: 'hsr0' already exists in 'hsr' [ 693.122210][T17660] Cannot create hsr debugfs directory [ 693.968265][T17791] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2392'. [ 693.996529][T17796] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2392'. [ 694.097947][T17800] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2394'. [ 694.114614][T17793] netlink: set zone limit has 8 unknown bytes [ 694.168942][T17800] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2394'. [ 694.327587][ T9901] Bluetooth: hci0: command tx timeout [ 695.457877][T17840] program syz.2.2399 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 695.474833][T17660] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 695.551827][T17838] FAULT_INJECTION: forcing a failure. [ 695.551827][T17838] name failslab, interval 1, probability 0, space 0, times 0 [ 695.602657][T17660] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 695.639013][T17838] CPU: 0 UID: 0 PID: 17838 Comm: syz.2.2399 Not tainted syzkaller #0 PREEMPT(full) [ 695.639035][T17838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 695.639047][T17838] Call Trace: [ 695.639053][T17838] [ 695.639059][T17838] dump_stack_lvl+0x16c/0x1f0 [ 695.639086][T17838] should_fail_ex+0x512/0x640 [ 695.639108][T17838] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 695.639125][T17838] should_failslab+0xc2/0x120 [ 695.639145][T17838] __kmalloc_cache_noprof+0x6a/0x3e0 [ 695.639160][T17838] ? ipv4_mib_init_net+0x263/0x5f0 [ 695.639179][T17838] ipv4_mib_init_net+0x263/0x5f0 [ 695.639195][T17838] ? __pfx_igmp_net_init+0x10/0x10 [ 695.639213][T17838] ? __pfx_ipv4_mib_init_net+0x10/0x10 [ 695.639229][T17838] ops_init+0x1e2/0x5f0 [ 695.639254][T17838] setup_net+0x10f/0x380 [ 695.639265][T17838] ? lockdep_init_map_type+0x5c/0x280 [ 695.639286][T17838] ? __pfx_setup_net+0x10/0x10 [ 695.639299][T17838] ? debug_mutex_init+0x37/0x70 [ 695.639316][T17838] copy_net_ns+0x2a6/0x5f0 [ 695.639333][T17838] create_new_namespaces+0x3ea/0xa90 [ 695.639360][T17838] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 695.639378][T17838] ksys_unshare+0x45b/0xa40 [ 695.639398][T17838] ? __pfx_ksys_unshare+0x10/0x10 [ 695.639418][T17838] ? xfd_validate_state+0x61/0x180 [ 695.639445][T17838] __x64_sys_unshare+0x31/0x40 [ 695.639464][T17838] do_syscall_64+0xcd/0x4c0 [ 695.639479][T17838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.639494][T17838] RIP: 0033:0x7ff4f0d8eec9 [ 695.639506][T17838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 695.639520][T17838] RSP: 002b:00007ff4f1c98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 695.639535][T17838] RAX: ffffffffffffffda RBX: 00007ff4f0fe6090 RCX: 00007ff4f0d8eec9 [ 695.639545][T17838] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 695.639553][T17838] RBP: 00007ff4f0e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 695.639562][T17838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 695.639571][T17838] R13: 00007ff4f0fe6128 R14: 00007ff4f0fe6090 R15: 00007ffd739b3008 [ 695.639590][T17838] [ 695.853178][ C0] vkms_vblank_simulate: vblank timer overrun [ 695.875039][T17660] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 696.392318][T17660] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 697.073879][T17660] 8021q: adding VLAN 0 to HW filter on device bond0 [ 697.147167][T17660] 8021q: adding VLAN 0 to HW filter on device team0 [ 697.214170][ T9903] bridge0: port 1(bridge_slave_0) entered blocking state [ 697.221315][ T9903] bridge0: port 1(bridge_slave_0) entered forwarding state [ 697.337272][T11723] bridge0: port 2(bridge_slave_1) entered blocking state [ 697.344389][T11723] bridge0: port 2(bridge_slave_1) entered forwarding state [ 697.476646][T17660] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 698.181448][T17660] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 698.368176][T17660] veth0_vlan: entered promiscuous mode [ 698.426327][T17660] veth1_vlan: entered promiscuous mode [ 698.545779][T17660] veth0_macvtap: entered promiscuous mode [ 698.592309][T17660] veth1_macvtap: entered promiscuous mode [ 698.643852][T17928] FAULT_INJECTION: forcing a failure. [ 698.643852][T17928] name fail_futex, interval 1, probability 0, space 0, times 0 [ 698.698798][T17660] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 698.727418][T17928] CPU: 0 UID: 0 PID: 17928 Comm: syz.0.2411 Not tainted syzkaller #0 PREEMPT(full) [ 698.727442][T17928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 698.727451][T17928] Call Trace: [ 698.727457][T17928] [ 698.727463][T17928] dump_stack_lvl+0x16c/0x1f0 [ 698.727491][T17928] should_fail_ex+0x512/0x640 [ 698.727515][T17928] get_futex_key+0x1d0/0x1560 [ 698.727537][T17928] ? __pfx_get_futex_key+0x10/0x10 [ 698.727554][T17928] ? __pfx___schedule+0x10/0x10 [ 698.727574][T17928] ? trace_pid_list_is_set+0xfb/0x150 [ 698.727595][T17928] futex_wait_setup+0x9d/0x550 [ 698.727622][T17928] __futex_wait+0x194/0x2f0 [ 698.727643][T17928] ? __pfx___futex_wait+0x10/0x10 [ 698.727666][T17928] ? __pfx_futex_wake_mark+0x10/0x10 [ 698.727689][T17928] ? futex_private_hash_put+0x176/0x300 [ 698.727708][T17928] ? futex_private_hash_put+0x18a/0x300 [ 698.727726][T17928] futex_wait+0xe8/0x380 [ 698.727746][T17928] ? __pfx_futex_wait+0x10/0x10 [ 698.727774][T17928] ? __pfx_path_getxattrat+0x10/0x10 [ 698.727797][T17928] do_futex+0x229/0x350 [ 698.727815][T17928] ? __pfx_do_futex+0x10/0x10 [ 698.727837][T17928] __x64_sys_futex+0x1e0/0x4c0 [ 698.727857][T17928] ? __pfx___x64_sys_futex+0x10/0x10 [ 698.727875][T17928] ? xfd_validate_state+0x61/0x180 [ 698.727895][T17928] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 698.727916][T17928] do_syscall_64+0xcd/0x4c0 [ 698.727930][T17928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.727945][T17928] RIP: 0033:0x7fcbc438eec9 [ 698.727958][T17928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 698.727972][T17928] RSP: 002b:00007fcbc52520e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 698.727986][T17928] RAX: ffffffffffffffda RBX: 00007fcbc45e5fa8 RCX: 00007fcbc438eec9 [ 698.727996][T17928] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fcbc45e5fa8 [ 698.728004][T17928] RBP: 00007fcbc45e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 698.728013][T17928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 698.728021][T17928] R13: 00007fcbc45e6038 R14: 00007ffcdfde1780 R15: 00007ffcdfde1868 [ 698.728040][T17928] [ 698.947284][ C0] vkms_vblank_simulate: vblank timer overrun [ 698.966506][T17660] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 699.294217][T11725] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 699.403915][T11725] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 699.448142][T11725] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 699.588550][T11725] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 699.755421][ T9921] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 699.835156][ T9921] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 699.969899][ T9903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 699.993085][ T9903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 700.054343][T17939] 0x000200000001-0xa29656a63616329 : "" [ 700.099635][T17939] mtd: partition "" is out of reach -- disabled [ 700.239505][T17939] ftl_cs: FTL header not found. [ 701.141253][T17983] FAULT_INJECTION: forcing a failure. [ 701.141253][T17983] name failslab, interval 1, probability 0, space 0, times 0 [ 701.210319][T17983] CPU: 0 UID: 0 PID: 17983 Comm: syz.0.2422 Not tainted syzkaller #0 PREEMPT(full) [ 701.210340][T17983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 701.210349][T17983] Call Trace: [ 701.210355][T17983] [ 701.210360][T17983] dump_stack_lvl+0x16c/0x1f0 [ 701.210387][T17983] should_fail_ex+0x512/0x640 [ 701.210409][T17983] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 701.210429][T17983] should_failslab+0xc2/0x120 [ 701.210448][T17983] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 701.210466][T17983] ? __d_alloc+0x32/0xae0 [ 701.210486][T17983] __d_alloc+0x32/0xae0 [ 701.210502][T17983] ? file_init_path+0x4fe/0x760 [ 701.210524][T17983] d_alloc_pseudo+0x1c/0xc0 [ 701.210545][T17983] alloc_file_pseudo+0xcf/0x230 [ 701.210567][T17983] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 701.210589][T17983] ? __pfx_unix_socketpair+0x10/0x10 [ 701.210615][T17983] sock_alloc_file+0x50/0x210 [ 701.210630][T17983] __sys_socketpair+0x34e/0x5a0 [ 701.210649][T17983] ? __pfx___sys_socketpair+0x10/0x10 [ 701.210668][T17983] ? xfd_validate_state+0x61/0x180 [ 701.210689][T17983] ? __pfx_do_writev+0x10/0x10 [ 701.210707][T17983] __x64_sys_socketpair+0x96/0x100 [ 701.210724][T17983] ? lockdep_hardirqs_on+0x7c/0x110 [ 701.210745][T17983] do_syscall_64+0xcd/0x4c0 [ 701.210760][T17983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 701.210775][T17983] RIP: 0033:0x7fcbc438eec9 [ 701.210787][T17983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 701.210801][T17983] RSP: 002b:00007fcbc5252038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 701.210822][T17983] RAX: ffffffffffffffda RBX: 00007fcbc45e5fa0 RCX: 00007fcbc438eec9 [ 701.210832][T17983] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000001 [ 701.210841][T17983] RBP: 00007fcbc4411f91 R08: 0000000000000000 R09: 0000000000000000 [ 701.210849][T17983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 701.210858][T17983] R13: 00007fcbc45e6038 R14: 00007fcbc45e5fa0 R15: 00007ffcdfde1868 [ 701.210876][T17983] [ 701.415311][ C0] vkms_vblank_simulate: vblank timer overrun [ 701.454630][T17972] Process accounting resumed [ 702.574966][T18010] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 703.200306][T18014] ptp ptp0: only physical clock in use now [ 704.075834][T18022] delete_channel: no stack [ 704.511625][T18052] vivid-003: ================= START STATUS ================= [ 704.645412][T18052] vivid-003: Radio HW Seek Mode: Bounded [ 704.741681][T18052] vivid-003: Radio Programmable HW Seek: false [ 704.802949][T18052] vivid-003: RDS Rx I/O Mode: Block I/O [ 704.852896][T18052] vivid-003: Generate RBDS Instead of RDS: false [ 704.879624][T18052] vivid-003: RDS Reception: true [ 704.902854][T18052] vivid-003: RDS Program Type: 0 inactive [ 704.945415][T18052] vivid-003: RDS PS Name: inactive [ 704.950659][T18052] vivid-003: RDS Radio Text: inactive [ 705.007470][T18059] FAULT_INJECTION: forcing a failure. [ 705.007470][T18059] name failslab, interval 1, probability 0, space 0, times 0 [ 705.022097][T18052] vivid-003: RDS Traffic Announcement: false inactive [ 705.029272][T18052] vivid-003: RDS Traffic Program: false inactive [ 705.190003][T18052] vivid-003: RDS Music: false inactive [ 705.249938][T18059] CPU: 0 UID: 0 PID: 18059 Comm: syz.4.2440 Not tainted syzkaller #0 PREEMPT(full) [ 705.249961][T18059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 705.249971][T18059] Call Trace: [ 705.249977][T18059] [ 705.249983][T18059] dump_stack_lvl+0x16c/0x1f0 [ 705.250010][T18059] should_fail_ex+0x512/0x640 [ 705.250032][T18059] ? fs_reclaim_acquire+0xae/0x150 [ 705.250055][T18059] should_failslab+0xc2/0x120 [ 705.250074][T18059] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 705.250091][T18059] ? inode_set_ctime_current+0x2a1/0x8f0 [ 705.250110][T18059] ? jbd2__journal_start+0x193/0x6a0 [ 705.250134][T18059] jbd2__journal_start+0x193/0x6a0 [ 705.250159][T18059] __ext4_journal_start_sb+0x195/0x690 [ 705.250177][T18059] ? ext4_dirty_inode+0xa1/0x130 [ 705.250198][T18059] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 705.250217][T18059] ext4_dirty_inode+0xa1/0x130 [ 705.250236][T18059] ? rcu_is_watching+0x12/0xc0 [ 705.250251][T18059] __mark_inode_dirty+0x1eb/0xe40 [ 705.250274][T18059] generic_update_time+0xcf/0xf0 [ 705.250294][T18059] file_modified+0x207/0x240 [ 705.250313][T18059] ext4_fallocate+0x24a/0x37a0 [ 705.250342][T18059] ? __pfx_ext4_fallocate+0x10/0x10 [ 705.250362][T18059] vfs_fallocate+0x5b1/0x10e0 [ 705.250382][T18059] ? __pfx_vfs_fallocate+0x10/0x10 [ 705.250407][T18059] ? madvise_vma_behavior+0x2b20/0x2d60 [ 705.250432][T18059] madvise_vma_behavior+0x2ad7/0x2d60 [ 705.250455][T18059] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 705.250477][T18059] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 705.250499][T18059] ? __pfx_mas_prev+0x10/0x10 [ 705.250524][T18059] ? find_vma_prev+0xda/0x160 [ 705.250543][T18059] ? find_held_lock+0x2b/0x80 [ 705.250557][T18059] ? __pfx_find_vma_prev+0x10/0x10 [ 705.250576][T18059] ? futex_unqueue+0x133/0x2c0 [ 705.250598][T18059] ? __futex_wait+0x24c/0x2f0 [ 705.250620][T18059] madvise_walk_vmas+0x31f/0x9c0 [ 705.250643][T18059] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 705.250669][T18059] madvise_do_behavior+0x1e2/0x530 [ 705.250688][T18059] ? futex_private_hash_put+0x18a/0x300 [ 705.250705][T18059] ? __pfx_madvise_do_behavior+0x10/0x10 [ 705.250726][T18059] ? down_read+0x13d/0x480 [ 705.250749][T18059] do_madvise+0x176/0x240 [ 705.250768][T18059] ? __pfx_do_madvise+0x10/0x10 [ 705.250787][T18059] ? do_futex+0x122/0x350 [ 705.250808][T18059] ? __sys_connect+0xe0/0x160 [ 705.250834][T18059] ? xfd_validate_state+0x61/0x180 [ 705.250854][T18059] ? __pfx_ksys_write+0x10/0x10 [ 705.250875][T18059] __x64_sys_madvise+0xa9/0x110 [ 705.250895][T18059] ? lockdep_hardirqs_on+0x7c/0x110 [ 705.250915][T18059] do_syscall_64+0xcd/0x4c0 [ 705.250930][T18059] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.250945][T18059] RIP: 0033:0x7fdcc718eec9 [ 705.250957][T18059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 705.250971][T18059] RSP: 002b:00007fdcc80e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 705.250986][T18059] RAX: ffffffffffffffda RBX: 00007fdcc73e5fa0 RCX: 00007fdcc718eec9 [ 705.250996][T18059] RDX: 0000000000000009 RSI: 0000000000000001 RDI: 000000110c230000 [ 705.251005][T18059] RBP: 00007fdcc7211f91 R08: 0000000000000000 R09: 0000000000000000 [ 705.251014][T18059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 705.251023][T18059] R13: 00007fdcc73e6038 R14: 00007fdcc73e5fa0 R15: 00007fff3b7b3258 [ 705.251042][T18059] [ 705.589202][ C0] vkms_vblank_simulate: vblank timer overrun [ 705.965476][T18052] vivid-003: ================== END STATUS ================== [ 706.825309][T18079] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 707.823987][ T9916] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 707.834711][ T9916] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 707.842635][ T9916] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 707.850485][ T9916] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 707.859314][ T9916] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 709.043414][T18101] chnl_net:caif_netlink_parms(): no params data found [ 709.149311][T18127] FAULT_INJECTION: forcing a failure. [ 709.149311][T18127] name (null), interval 1, probability 0, space 0, times 0 [ 709.196303][T18127] CPU: 0 UID: 0 PID: 18127 Comm: syz.3.2455 Not tainted syzkaller #0 PREEMPT(full) [ 709.196325][T18127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 709.196335][T18127] Call Trace: [ 709.196340][T18127] [ 709.196347][T18127] dump_stack_lvl+0x16c/0x1f0 [ 709.196374][T18127] should_fail_ex+0x512/0x640 [ 709.196400][T18127] null_queue_rq+0x2ed/0xfd0 [ 709.196423][T18127] ? blk_add_trace_unplug+0x164/0x350 [ 709.196442][T18127] null_queue_rqs+0xe9/0x2f0 [ 709.196464][T18127] ? __pfx_null_queue_rqs+0x10/0x10 [ 709.196491][T18127] __blk_mq_flush_list+0x97/0xc0 [ 709.196514][T18127] blk_mq_dispatch_queue_requests+0x184/0x7b0 [ 709.196536][T18127] blk_mq_flush_plug_list+0x1f2/0x600 [ 709.196559][T18127] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 709.196584][T18127] __blk_flush_plug+0x2c4/0x4b0 [ 709.196605][T18127] ? __pfx___blk_flush_plug+0x10/0x10 [ 709.196627][T18127] blk_finish_plug+0x53/0xa0 [ 709.196644][T18127] read_pages+0x583/0xc70 [ 709.196658][T18127] ? find_held_lock+0x2b/0x80 [ 709.196673][T18127] ? xa_load+0x149/0x2c0 [ 709.196689][T18127] ? __pfx_read_pages+0x10/0x10 [ 709.196703][T18127] ? xa_load+0x153/0x2c0 [ 709.196725][T18127] page_cache_ra_unbounded+0x5d2/0x7d0 [ 709.196749][T18127] page_cache_ra_order+0xa41/0xd70 [ 709.196773][T18127] filemap_fault+0x152e/0x2930 [ 709.196796][T18127] ? __pfx_filemap_fault+0x10/0x10 [ 709.196824][T18127] ? __pfx_filemap_map_pages+0x10/0x10 [ 709.196840][T18127] __do_fault+0x10d/0x490 [ 709.196859][T18127] ? __pfx_filemap_map_pages+0x10/0x10 [ 709.196874][T18127] do_pte_missing+0xf50/0x3ba0 [ 709.196889][T18127] ? find_held_lock+0x2b/0x80 [ 709.196903][T18127] ? __handle_mm_fault+0x14fd/0x2a50 [ 709.196921][T18127] __handle_mm_fault+0x152a/0x2a50 [ 709.196938][T18127] ? mt_find+0x3ef/0xa30 [ 709.196953][T18127] ? __pfx___handle_mm_fault+0x10/0x10 [ 709.196966][T18127] ? __pfx_mt_find+0x10/0x10 [ 709.196990][T18127] ? find_vma+0xbf/0x140 [ 709.197015][T18127] ? __pfx_find_vma+0x10/0x10 [ 709.197036][T18127] handle_mm_fault+0x589/0xd10 [ 709.197052][T18127] ? trace_raw_output_exceptions+0x131/0x150 [ 709.197077][T18127] do_user_addr_fault+0x7a6/0x1370 [ 709.197099][T18127] ? __pfx___schedule+0x10/0x10 [ 709.197118][T18127] ? rcu_is_watching+0x12/0xc0 [ 709.197135][T18127] exc_page_fault+0x5c/0xb0 [ 709.197156][T18127] asm_exc_page_fault+0x26/0x30 [ 709.197170][T18127] RIP: 0010:copy_iovec_from_user+0x84/0x170 [ 709.197185][T18127] Code: e8 f1 23 dc fc 4d 85 ff 0f 85 e5 00 00 00 e8 33 29 dc fc 0f 01 cb 0f ae e8 49 bf 00 00 00 00 00 fc ff df e8 1e 29 dc fc 31 db <48> 8b 45 08 31 ff 89 de 49 89 c6 e8 4c 24 dc fc 85 db 0f 85 aa 00 [ 709.197199][T18127] RSP: 0018:ffffc900043ffb38 EFLAGS: 00050246 [ 709.197211][T18127] RAX: 0000000000000023 RBX: 0000000000000000 RCX: ffffc9000bc69000 [ 709.197221][T18127] RDX: 0000000000080000 RSI: ffffffff84dedde2 RDI: 0000000000000006 [ 709.197230][T18127] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000000 [ 709.197239][T18127] R10: 0000000000000050 R11: 0000000000000000 R12: ffffc900043ffd70 [ 709.197248][T18127] R13: 0000000000000005 R14: 00007ffffffff000 R15: dffffc0000000000 [ 709.197264][T18127] ? copy_iovec_from_user+0x82/0x170 [ 709.197280][T18127] ? copy_iovec_from_user+0x82/0x170 [ 709.197296][T18127] iovec_from_user+0xa2/0x140 [ 709.197314][T18127] __import_iovec+0x88/0x650 [ 709.197334][T18127] import_iovec+0x86/0xb0 [ 709.197351][T18127] vfs_writev+0x19b/0xde0 [ 709.197372][T18127] ? __pfx_vfs_writev+0x10/0x10 [ 709.197402][T18127] ? __fget_files+0x20e/0x3c0 [ 709.197422][T18127] ? do_pwritev+0x1a6/0x270 [ 709.197436][T18127] do_pwritev+0x1a6/0x270 [ 709.197451][T18127] ? __pfx_do_pwritev+0x10/0x10 [ 709.197472][T18127] do_syscall_64+0xcd/0x4c0 [ 709.197486][T18127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.197500][T18127] RIP: 0033:0x7f953c78eec9 [ 709.197512][T18127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.197525][T18127] RSP: 002b:00007f953a9ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 709.197538][T18127] RAX: ffffffffffffffda RBX: 00007f953c9e5fa0 RCX: 00007f953c78eec9 [ 709.197547][T18127] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 709.197556][T18127] RBP: 00007f953c811f91 R08: 0000000000000009 R09: 0000000000000000 [ 709.197565][T18127] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 709.197574][T18127] R13: 00007f953c9e6038 R14: 00007f953c9e5fa0 R15: 00007ffedaebd0e8 [ 709.197594][T18127] [ 710.104966][ T9916] Bluetooth: hci2: command tx timeout [ 710.146847][T18130] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2456'. [ 710.300992][T18145] kAFS: bad VL server IP address [ 710.311540][ T9903] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 710.489596][ T9903] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 710.715376][T18157] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 710.760252][ T9903] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 710.833670][T18101] bridge0: port 1(bridge_slave_0) entered blocking state [ 710.865871][T18101] bridge0: port 1(bridge_slave_0) entered disabled state [ 710.901924][T18101] bridge_slave_0: entered allmulticast mode [ 710.938761][T18101] bridge_slave_0: entered promiscuous mode [ 711.082008][ T9903] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 711.157867][T18101] bridge0: port 2(bridge_slave_1) entered blocking state [ 711.196040][T18101] bridge0: port 2(bridge_slave_1) entered disabled state [ 711.236209][T18101] bridge_slave_1: entered allmulticast mode [ 711.258180][T18101] bridge_slave_1: entered promiscuous mode [ 711.385313][T18101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 711.424148][T18101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 711.442362][T18171] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 711.474954][T18170] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 711.523691][T18101] team0: Port device team_slave_0 added [ 711.643421][T18101] team0: Port device team_slave_1 added [ 711.836990][T18101] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 711.878296][T18101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 711.955315][T18101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 712.010435][T18101] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 712.034430][T18101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 712.127285][T18101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 712.159622][ T9916] Bluetooth: hci2: command tx timeout [ 712.282686][ T9903] bridge_slave_1: left allmulticast mode [ 712.306529][ T9903] bridge_slave_1: left promiscuous mode [ 712.335596][ T9903] bridge0: port 2(bridge_slave_1) entered disabled state [ 712.356080][ T9903] bridge_slave_0: left allmulticast mode [ 712.392359][ T9903] bridge_slave_0: left promiscuous mode [ 712.413052][ T9903] bridge0: port 1(bridge_slave_0) entered disabled state [ 713.445479][ T9903] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 713.468763][ T9903] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 713.490991][ T9903] bond0 (unregistering): Released all slaves [ 713.564450][T18101] hsr_slave_0: entered promiscuous mode [ 713.596868][T18101] hsr_slave_1: entered promiscuous mode [ 713.617899][T18101] debugfs: 'hsr0' already exists in 'hsr' [ 713.637104][T18101] Cannot create hsr debugfs directory [ 714.226125][ T9916] Bluetooth: hci2: command tx timeout [ 715.219705][T18239] random: crng reseeded on system resumption [ 715.357318][T18245] random: crng reseeded on system resumption [ 715.463372][T18250] delete_channel: no stack [ 715.571361][ T9903] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 715.610684][ T9903] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 715.657051][ T9903] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 715.693610][ T9903] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 715.783370][ T9903] veth1_macvtap: left promiscuous mode [ 715.812761][ T9903] veth0_macvtap: left promiscuous mode [ 715.842304][ T9903] veth1_vlan: left promiscuous mode [ 715.870367][ T9903] veth0_vlan: left promiscuous mode [ 716.294145][ T9916] Bluetooth: hci2: command tx timeout [ 716.841453][ T9903] team0 (unregistering): Port device team_slave_1 removed [ 716.922294][ T9903] team0 (unregistering): Port device team_slave_0 removed [ 717.591560][ T9916] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1 [ 717.904459][T18101] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 718.067574][T18101] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 718.155742][T18101] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 718.191946][T18101] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 718.814569][T18297] netlink: 330 bytes leftover after parsing attributes in process `syz.4.2488'. [ 718.829160][T18292] mmap: syz.0.2487 (18292): VmData 37654528 exceed data ulimit 1025. Update limits or use boot option ignore_rlimit_data. [ 719.162802][T18101] 8021q: adding VLAN 0 to HW filter on device bond0 [ 719.281010][T18101] 8021q: adding VLAN 0 to HW filter on device team0 [ 719.368215][ T9921] bridge0: port 1(bridge_slave_0) entered blocking state [ 719.375322][ T9921] bridge0: port 1(bridge_slave_0) entered forwarding state [ 719.496727][T15964] bridge0: port 2(bridge_slave_1) entered blocking state [ 719.503817][T15964] bridge0: port 2(bridge_slave_1) entered forwarding state [ 719.535546][T18317] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 720.440125][T18101] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 720.626915][T18101] veth0_vlan: entered promiscuous mode [ 720.690832][T18101] veth1_vlan: entered promiscuous mode [ 720.797018][T18101] veth0_macvtap: entered promiscuous mode [ 720.861399][T18101] veth1_macvtap: entered promiscuous mode [ 721.001206][ T9916] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1 [ 721.198322][T18101] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 721.482322][T18101] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 721.587028][T18355] random: crng reseeded on system resumption [ 721.661733][T11723] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.730050][T18355] Restarting kernel threads ... [ 721.745505][T11723] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.758161][T18355] Done restarting kernel threads. [ 721.763231][T11723] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.845150][T11723] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.999726][ T9903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 722.024219][ T9903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 722.207985][T11730] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 722.234414][T11730] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 722.680017][T18380] Device name cannot be null; rc = [-22] [ 724.119971][T18408] zswap: compressor not available [ 724.298205][ T9916] Bluetooth: hci2: unexpected event 0x01 length: 5 > 1 [ 724.301521][T18421] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 726.305600][ T9901] Bluetooth: hci3: unexpected event 0x01 length: 5 > 1 [ 726.959567][ T9901] Bluetooth: hci4: command 0x0406 tx timeout [ 727.431808][T11725] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 920 with max blocks 9 with error 117 [ 727.511374][T11725] EXT4-fs (sda1): This should not happen!! Data will be lost [ 727.511374][T11725] [ 727.985271][T18502] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 728.228455][T18507] FAULT_INJECTION: forcing a failure. [ 728.228455][T18507] name failslab, interval 1, probability 0, space 0, times 0 [ 728.282160][T18507] CPU: 0 UID: 0 PID: 18507 Comm: syz.0.2527 Not tainted syzkaller #0 PREEMPT(full) [ 728.282183][T18507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 728.282192][T18507] Call Trace: [ 728.282198][T18507] [ 728.282204][T18507] dump_stack_lvl+0x16c/0x1f0 [ 728.282231][T18507] should_fail_ex+0x512/0x640 [ 728.282252][T18507] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 728.282272][T18507] should_failslab+0xc2/0x120 [ 728.282292][T18507] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 728.282308][T18507] ? dup_fd+0x4e/0xb90 [ 728.282324][T18507] ? do_futex+0x122/0x350 [ 728.282343][T18507] dup_fd+0x4e/0xb90 [ 728.282364][T18507] __do_sys_close_range+0x4ca/0x730 [ 728.282383][T18507] ? __pfx___do_sys_close_range+0x10/0x10 [ 728.282405][T18507] do_syscall_64+0xcd/0x4c0 [ 728.282419][T18507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.282434][T18507] RIP: 0033:0x7fcbc438eec9 [ 728.282445][T18507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 728.282459][T18507] RSP: 002b:00007fcbc5252038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 728.282473][T18507] RAX: ffffffffffffffda RBX: 00007fcbc45e5fa0 RCX: 00007fcbc438eec9 [ 728.282483][T18507] RDX: 0000000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 728.282492][T18507] RBP: 00007fcbc4411f91 R08: 0000000000000000 R09: 0000000000000000 [ 728.282501][T18507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 728.282509][T18507] R13: 00007fcbc45e6038 R14: 00007fcbc45e5fa0 R15: 00007ffcdfde1868 [ 728.282527][T18507] [ 728.862108][T18521] ima: policy update failed [ 728.895695][ T30] audit: type=1802 audit(4294967300.080:25): pid=18521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2528" res=0 errno=0 [ 729.914146][ T9921] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 730.011233][T18538] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2533'. [ 730.273493][T18545] FAULT_INJECTION: forcing a failure. [ 730.273493][T18545] name fail_futex, interval 1, probability 0, space 0, times 0 [ 730.327902][T18545] CPU: 0 UID: 0 PID: 18545 Comm: syz.0.2536 Not tainted syzkaller #0 PREEMPT(full) [ 730.327924][T18545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 730.327939][T18545] Call Trace: [ 730.327944][T18545] [ 730.327950][T18545] dump_stack_lvl+0x16c/0x1f0 [ 730.327976][T18545] should_fail_ex+0x512/0x640 [ 730.328001][T18545] get_futex_key+0x1d0/0x1560 [ 730.328020][T18545] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 730.328041][T18545] ? __pfx_get_futex_key+0x10/0x10 [ 730.328059][T18545] ? __pfx_free_one_page+0x10/0x10 [ 730.328076][T18545] futex_wake+0xea/0x530 [ 730.328097][T18545] ? do_getxattr+0x1f7/0x360 [ 730.328112][T18545] ? __pfx_futex_wake+0x10/0x10 [ 730.328132][T18545] ? path_getxattrat+0x139/0x2d0 [ 730.328149][T18545] ? __pfx_path_getxattrat+0x10/0x10 [ 730.328171][T18545] do_futex+0x1e3/0x350 [ 730.328189][T18545] ? __pfx_do_futex+0x10/0x10 [ 730.328211][T18545] __x64_sys_futex+0x1e0/0x4c0 [ 730.328231][T18545] ? __pfx___x64_sys_futex+0x10/0x10 [ 730.328249][T18545] ? xfd_validate_state+0x61/0x180 [ 730.328268][T18545] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 730.328289][T18545] do_syscall_64+0xcd/0x4c0 [ 730.328304][T18545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 730.328318][T18545] RIP: 0033:0x7fcbc438eec9 [ 730.328330][T18545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 730.328344][T18545] RSP: 002b:00007fcbc52520e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 730.328357][T18545] RAX: ffffffffffffffda RBX: 00007fcbc45e5fa8 RCX: 00007fcbc438eec9 [ 730.328367][T18545] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcbc45e5fac [ 730.328376][T18545] RBP: 00007fcbc45e5fa0 R08: 00007fcbc5253000 R09: 0000000000000000 [ 730.328385][T18545] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 730.328393][T18545] R13: 00007fcbc45e6038 R14: 00007ffcdfde1780 R15: 00007ffcdfde1868 [ 730.328412][T18545] [ 731.029116][T18548] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2537'. [ 731.132887][T18560] random: crng reseeded on system resumption [ 732.860329][T18583] FAULT_INJECTION: forcing a failure. [ 732.860329][T18583] name failslab, interval 1, probability 0, space 0, times 0 [ 733.043225][T18583] CPU: 0 UID: 0 PID: 18583 Comm: syz.3.2547 Not tainted syzkaller #0 PREEMPT(full) [ 733.043247][T18583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 733.043256][T18583] Call Trace: [ 733.043262][T18583] [ 733.043268][T18583] dump_stack_lvl+0x16c/0x1f0 [ 733.043295][T18583] should_fail_ex+0x512/0x640 [ 733.043317][T18583] ? fs_reclaim_acquire+0xae/0x150 [ 733.043340][T18583] should_failslab+0xc2/0x120 [ 733.043360][T18583] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 733.043378][T18583] ? security_inode_alloc+0x3b/0x2b0 [ 733.043398][T18583] security_inode_alloc+0x3b/0x2b0 [ 733.043414][T18583] inode_init_always_gfp+0xce4/0x1030 [ 733.043434][T18583] alloc_inode+0x86/0x240 [ 733.043454][T18583] new_inode+0x22/0x1c0 [ 733.043476][T18583] proc_pid_make_inode+0x22/0x160 [ 733.043495][T18583] proc_pident_instantiate+0x85/0x310 [ 733.043516][T18583] proc_pident_lookup+0x1f5/0x270 [ 733.043539][T18583] __lookup_slow+0x251/0x460 [ 733.043561][T18583] ? __pfx___lookup_slow+0x10/0x10 [ 733.043594][T18583] ? lookup_fast+0x156/0x610 [ 733.043610][T18583] walk_component+0x353/0x5b0 [ 733.043627][T18583] link_path_walk+0x627/0xe20 [ 733.043655][T18583] path_openat+0x1b0/0x2cb0 [ 733.043671][T18583] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.043692][T18583] ? __pfx_path_openat+0x10/0x10 [ 733.043714][T18583] do_filp_open+0x20b/0x470 [ 733.043731][T18583] ? __pfx_do_filp_open+0x10/0x10 [ 733.043755][T18583] ? __pfx_kfree_link+0x10/0x10 [ 733.043781][T18583] ? alloc_fd+0x471/0x7d0 [ 733.043802][T18583] do_sys_openat2+0x11b/0x1d0 [ 733.043824][T18583] ? __pfx_do_sys_openat2+0x10/0x10 [ 733.043853][T18583] __x64_sys_openat+0x174/0x210 [ 733.043866][T18583] ? __pfx___x64_sys_openat+0x10/0x10 [ 733.043886][T18583] do_syscall_64+0xcd/0x4c0 [ 733.043901][T18583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.043915][T18583] RIP: 0033:0x7f953c78d710 [ 733.043927][T18583] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 733.043941][T18583] RSP: 002b:00007f953a9edf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 733.043956][T18583] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f953c78d710 [ 733.043965][T18583] RDX: 0000000000000002 RSI: 00007f953a9edfa0 RDI: 00000000ffffff9c [ 733.043975][T18583] RBP: 00007f953a9edfa0 R08: 0000000000000000 R09: 0000000000000000 [ 733.043983][T18583] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 733.043992][T18583] R13: 00007f953c9e6038 R14: 00007f953c9e5fa0 R15: 00007ffedaebd0e8 [ 733.044010][T18583] [ 733.296720][ C0] vkms_vblank_simulate: vblank timer overrun syzkaller syzkaller login: [ 736.331753][T18649] netlink: 'syz.0.2560': attribute type 4 has an invalid length. [ 738.386461][T18692] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 739.439343][T18720] FAULT_INJECTION: forcing a failure. [ 739.439343][T18720] name failslab, interval 1, probability 0, space 0, times 0 [ 739.509558][T18720] CPU: 0 UID: 0 PID: 18720 Comm: syz.3.2579 Not tainted syzkaller #0 PREEMPT(full) [ 739.509580][T18720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 739.509590][T18720] Call Trace: [ 739.509595][T18720] [ 739.509601][T18720] dump_stack_lvl+0x16c/0x1f0 [ 739.509628][T18720] should_fail_ex+0x512/0x640 [ 739.509650][T18720] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 739.509670][T18720] should_failslab+0xc2/0x120 [ 739.509689][T18720] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 739.509706][T18720] ? security_file_alloc+0x34/0x2b0 [ 739.509729][T18720] security_file_alloc+0x34/0x2b0 [ 739.509748][T18720] init_file+0x93/0x4c0 [ 739.509769][T18720] alloc_empty_file+0x73/0x1e0 [ 739.509790][T18720] path_openat+0xda/0x2cb0 [ 739.509806][T18720] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.509827][T18720] ? __pfx_path_openat+0x10/0x10 [ 739.509848][T18720] do_filp_open+0x20b/0x470 [ 739.509865][T18720] ? __pfx_do_filp_open+0x10/0x10 [ 739.509895][T18720] ? alloc_fd+0x471/0x7d0 [ 739.509915][T18720] do_sys_openat2+0x11b/0x1d0 [ 739.509937][T18720] ? __pfx_do_sys_openat2+0x10/0x10 [ 739.509965][T18720] __x64_sys_openat+0x174/0x210 [ 739.509984][T18720] ? __pfx___x64_sys_openat+0x10/0x10 [ 739.510004][T18720] do_syscall_64+0xcd/0x4c0 [ 739.510019][T18720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.510033][T18720] RIP: 0033:0x7f953c78d710 [ 739.510044][T18720] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 739.510059][T18720] RSP: 002b:00007f953a9edfe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 739.510074][T18720] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f953c78d710 [ 739.510083][T18720] RDX: 0000000000000002 RSI: 00007f953c81224b RDI: 00000000ffffff9c [ 739.510092][T18720] RBP: 00007f953c81224b R08: 0000000000000000 R09: 00007f953c5f8000 [ 739.510102][T18720] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 739.510110][T18720] R13: 00007f953c9e6038 R14: 00007f953c9e5fa0 R15: 00007ffedaebd0e8 [ 739.510128][T18720] [ 739.714886][ C0] vkms_vblank_simulate: vblank timer overrun [ 739.728412][T18696] delete_channel: no stack [ 740.193449][T18742] netlink: 'syz.2.2585': attribute type 22 has an invalid length. [ 740.201448][T18742] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2585'. [ 740.876691][T18763] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 740.909233][T18763] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2591'. [ 741.219797][T18773] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 741.347593][T18776] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2595'. [ 741.574660][T18776] bond0: (slave bond_slave_0): Releasing backup interface [ 741.883390][T18786] FAULT_INJECTION: forcing a failure. [ 741.883390][T18786] name failslab, interval 1, probability 0, space 0, times 0 [ 741.980925][T18786] CPU: 0 UID: 0 PID: 18786 Comm: syz.0.2598 Not tainted syzkaller #0 PREEMPT(full) [ 741.980952][T18786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 741.980961][T18786] Call Trace: [ 741.980967][T18786] [ 741.980974][T18786] dump_stack_lvl+0x16c/0x1f0 [ 741.981000][T18786] should_fail_ex+0x512/0x640 [ 741.981026][T18786] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 741.981054][T18786] should_failslab+0xc2/0x120 [ 741.981076][T18786] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 741.981095][T18786] ? dup_fd+0x4e/0xb90 [ 741.981110][T18786] ? do_futex+0x122/0x350 [ 741.981132][T18786] dup_fd+0x4e/0xb90 [ 741.981154][T18786] __do_sys_close_range+0x4ca/0x730 [ 741.981173][T18786] ? __pfx___do_sys_close_range+0x10/0x10 [ 741.981195][T18786] do_syscall_64+0xcd/0x4c0 [ 741.981209][T18786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 741.981224][T18786] RIP: 0033:0x7fcbc438eec9 [ 741.981236][T18786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 741.981250][T18786] RSP: 002b:00007fcbc5252038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 741.981265][T18786] RAX: ffffffffffffffda RBX: 00007fcbc45e5fa0 RCX: 00007fcbc438eec9 [ 741.981275][T18786] RDX: 0000000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 741.981284][T18786] RBP: 00007fcbc4411f91 R08: 0000000000000000 R09: 0000000000000000 [ 741.981292][T18786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 741.981301][T18786] R13: 00007fcbc45e6038 R14: 00007fcbc45e5fa0 R15: 00007ffcdfde1868 [ 741.981319][T18786] [ 742.147109][ C0] vkms_vblank_simulate: vblank timer overrun [ 742.243660][T18792] openvswitch: netlink: Multiple metadata blocks provided [ 743.156122][T11730] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 9 with max blocks 6 with error 117 [ 743.210802][T11730] EXT4-fs (sda1): This should not happen!! Data will be lost [ 743.210802][T11730] [ 743.309046][T18818] FAULT_INJECTION: forcing a failure. [ 743.309046][T18818] name failslab, interval 1, probability 0, space 0, times 0 [ 743.361918][T18818] CPU: 0 UID: 0 PID: 18818 Comm: syz.2.2608 Not tainted syzkaller #0 PREEMPT(full) [ 743.361940][T18818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 743.361949][T18818] Call Trace: [ 743.361955][T18818] [ 743.361961][T18818] dump_stack_lvl+0x16c/0x1f0 [ 743.361988][T18818] should_fail_ex+0x512/0x640 [ 743.362010][T18818] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 743.362031][T18818] should_failslab+0xc2/0x120 [ 743.362050][T18818] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 743.362068][T18818] ? __d_alloc+0x32/0xae0 [ 743.362088][T18818] __d_alloc+0x32/0xae0 [ 743.362108][T18818] d_alloc_pseudo+0x1c/0xc0 [ 743.362129][T18818] alloc_file_pseudo+0xcf/0x230 [ 743.362151][T18818] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 743.362176][T18818] __shmem_file_setup+0x1a3/0x330 [ 743.362193][T18818] __do_sys_memfd_create+0x40a/0x8a0 [ 743.362217][T18818] do_syscall_64+0xcd/0x4c0 [ 743.362232][T18818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.362246][T18818] RIP: 0033:0x7f231b78eec9 [ 743.362258][T18818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 743.362272][T18818] RSP: 002b:00007f23199f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 743.362286][T18818] RAX: ffffffffffffffda RBX: 00007f231b9e6090 RCX: 00007f231b78eec9 [ 743.362296][T18818] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000200000000080 [ 743.362305][T18818] RBP: 00007f231b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 743.362314][T18818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 743.362322][T18818] R13: 00007f231b9e6128 R14: 00007f231b9e6090 R15: 00007ffe45306a58 [ 743.362341][T18818] [ 743.540917][ C0] vkms_vblank_simulate: vblank timer overrun [ 743.904972][T18825] FAULT_INJECTION: forcing a failure. [ 743.904972][T18825] name failslab, interval 1, probability 0, space 0, times 0 [ 743.922484][T18822] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 743.938474][T18825] CPU: 0 UID: 0 PID: 18825 Comm: syz.3.2609 Not tainted syzkaller #0 PREEMPT(full) [ 743.938494][T18825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 743.938503][T18825] Call Trace: [ 743.938509][T18825] [ 743.938515][T18825] dump_stack_lvl+0x16c/0x1f0 [ 743.938549][T18825] should_fail_ex+0x512/0x640 [ 743.938572][T18825] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 743.938593][T18825] should_failslab+0xc2/0x120 [ 743.938611][T18825] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 743.938628][T18825] ? dup_fd+0x4e/0xb90 [ 743.938644][T18825] ? do_futex+0x122/0x350 [ 743.938663][T18825] dup_fd+0x4e/0xb90 [ 743.938685][T18825] __do_sys_close_range+0x4ca/0x730 [ 743.938704][T18825] ? __pfx___do_sys_close_range+0x10/0x10 [ 743.938726][T18825] do_syscall_64+0xcd/0x4c0 [ 743.938740][T18825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.938755][T18825] RIP: 0033:0x7f953c78eec9 [ 743.938767][T18825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 743.938782][T18825] RSP: 002b:00007f953a9ee038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 743.938797][T18825] RAX: ffffffffffffffda RBX: 00007f953c9e5fa0 RCX: 00007f953c78eec9 [ 743.938806][T18825] RDX: 0000000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 743.938815][T18825] RBP: 00007f953c811f91 R08: 0000000000000000 R09: 0000000000000000 [ 743.938824][T18825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 743.938832][T18825] R13: 00007f953c9e6038 R14: 00007f953c9e5fa0 R15: 00007ffedaebd0e8 [ 743.938850][T18825] [ 744.106732][ C0] vkms_vblank_simulate: vblank timer overrun [ 745.266433][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 745.272777][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.400080][T18914] FAULT_INJECTION: forcing a failure. [ 748.400080][T18914] name failslab, interval 1, probability 0, space 0, times 0 [ 748.458034][T18914] CPU: 0 UID: 0 PID: 18914 Comm: syz.0.2629 Not tainted syzkaller #0 PREEMPT(full) [ 748.458056][T18914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 748.458066][T18914] Call Trace: [ 748.458071][T18914] [ 748.458077][T18914] dump_stack_lvl+0x16c/0x1f0 [ 748.458116][T18914] should_fail_ex+0x512/0x640 [ 748.458138][T18914] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 748.458159][T18914] should_failslab+0xc2/0x120 [ 748.458178][T18914] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 748.458195][T18914] ? dup_fd+0x4e/0xb90 [ 748.458210][T18914] ? do_futex+0x122/0x350 [ 748.458229][T18914] dup_fd+0x4e/0xb90 [ 748.458250][T18914] __do_sys_close_range+0x4ca/0x730 [ 748.458269][T18914] ? __pfx___do_sys_close_range+0x10/0x10 [ 748.458291][T18914] do_syscall_64+0xcd/0x4c0 [ 748.458305][T18914] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.458320][T18914] RIP: 0033:0x7fcbc438eec9 [ 748.458332][T18914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 748.458346][T18914] RSP: 002b:00007fcbc5252038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 748.458360][T18914] RAX: ffffffffffffffda RBX: 00007fcbc45e5fa0 RCX: 00007fcbc438eec9 [ 748.458370][T18914] RDX: 0000000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 748.458379][T18914] RBP: 00007fcbc4411f91 R08: 0000000000000000 R09: 0000000000000000 [ 748.458387][T18914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.458396][T18914] R13: 00007fcbc45e6038 R14: 00007fcbc45e5fa0 R15: 00007ffcdfde1868 [ 748.458414][T18914] [ 750.229262][T18958] Invalid ELF header magic: != ELF [ 750.432023][T18958] Invalid ELF header magic: != ELF [ 750.438811][ T9916] Bluetooth: hci0: unexpected event 0x01 length: 5 > 1 [ 750.630061][T18958] Invalid ELF header magic: != ELF [ 750.695218][T18982] openvswitch: netlink: Flow actions attr not present in new flow. [ 750.750095][T18958] Invalid ELF header magic: != ELF [ 750.793114][T18958] Invalid ELF header magic: != ELF [ 750.874823][T18958] Invalid ELF header magic: != ELF [ 750.907466][T18958] Invalid ELF header magic: != ELF [ 750.993066][ T9916] Bluetooth: hci3: unexpected event 0x01 length: 5 > 1 [ 752.273623][T19021] FAULT_INJECTION: forcing a failure. [ 752.273623][T19021] name failslab, interval 1, probability 0, space 0, times 0 [ 752.384910][T19021] CPU: 0 UID: 0 PID: 19021 Comm: syz.3.2655 Not tainted syzkaller #0 PREEMPT(full) [ 752.384934][T19021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 752.384943][T19021] Call Trace: [ 752.384948][T19021] [ 752.384955][T19021] dump_stack_lvl+0x16c/0x1f0 [ 752.384982][T19021] should_fail_ex+0x512/0x640 [ 752.385004][T19021] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 752.385023][T19021] should_failslab+0xc2/0x120 [ 752.385043][T19021] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 752.385060][T19021] ? dup_fd+0x4e/0xb90 [ 752.385076][T19021] ? do_futex+0x122/0x350 [ 752.385095][T19021] dup_fd+0x4e/0xb90 [ 752.385116][T19021] __do_sys_close_range+0x4ca/0x730 [ 752.385135][T19021] ? __pfx___do_sys_close_range+0x10/0x10 [ 752.385157][T19021] do_syscall_64+0xcd/0x4c0 [ 752.385171][T19021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.385186][T19021] RIP: 0033:0x7f953c78eec9 [ 752.385197][T19021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.385211][T19021] RSP: 002b:00007f953a9ee038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 752.385225][T19021] RAX: ffffffffffffffda RBX: 00007f953c9e5fa0 RCX: 00007f953c78eec9 [ 752.385235][T19021] RDX: 0000000000000002 RSI: fffffffffffff000 RDI: 0000000000000000 [ 752.385244][T19021] RBP: 00007f953c811f91 R08: 0000000000000000 R09: 0000000000000000 [ 752.385252][T19021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.385261][T19021] R13: 00007f953c9e6038 R14: 00007f953c9e5fa0 R15: 00007ffedaebd0e8 [ 752.385279][T19021] [ 752.747761][T19030] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2658'. [ 752.833991][T19030] bridge0: port 2(bridge_slave_1) entered disabled state [ 752.841539][T19030] bridge0: port 1(bridge_slave_0) entered disabled state [ 752.850395][T19033] random: crng reseeded on system resumption [ 752.857197][T19033] FAULT_INJECTION: forcing a failure. [ 752.857197][T19033] name failslab, interval 1, probability 0, space 0, times 0 [ 752.873886][ T9916] Bluetooth: hci3: unexpected event 0x01 length: 5 > 1 [ 752.879747][T19033] CPU: 0 UID: 0 PID: 19033 Comm: syz.4.2659 Not tainted syzkaller #0 PREEMPT(full) [ 752.879766][T19033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 752.879775][T19033] Call Trace: [ 752.879781][T19033] [ 752.879787][T19033] dump_stack_lvl+0x16c/0x1f0 [ 752.879814][T19033] should_fail_ex+0x512/0x640 [ 752.879842][T19033] should_failslab+0xc2/0x120 [ 752.879861][T19033] __kmalloc_cache_noprof+0x6a/0x3e0 [ 752.879877][T19033] ? do_raw_spin_lock+0x12c/0x2b0 [ 752.879898][T19033] ? find_held_lock+0x2b/0x80 [ 752.879912][T19033] ? async_schedule_node_domain+0x54/0x120 [ 752.879932][T19033] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 752.879952][T19033] async_schedule_node_domain+0x54/0x120 [ 752.879970][T19033] dev_cache_fw_image+0x38e/0x490 [ 752.879990][T19033] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 752.880012][T19033] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 752.880031][T19033] dpm_for_each_dev+0x5d/0xb0 [ 752.880049][T19033] fw_pm_notify+0x81/0x150 [ 752.880065][T19033] notifier_call_chain+0xb9/0x410 [ 752.880082][T19033] ? __pfx_fw_pm_notify+0x10/0x10 [ 752.880103][T19033] blocking_notifier_call_chain_robust+0xc8/0x160 [ 752.880123][T19033] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 752.880149][T19033] pm_notifier_call_chain_robust+0x27/0x60 [ 752.880168][T19033] snapshot_open+0x218/0x2b0 [ 752.880185][T19033] ? __pfx_snapshot_open+0x10/0x10 [ 752.880202][T19033] misc_open+0x35d/0x420 [ 752.880220][T19033] ? __pfx_misc_open+0x10/0x10 [ 752.880236][T19033] chrdev_open+0x231/0x6a0 [ 752.880254][T19033] ? __pfx_apparmor_file_open+0x10/0x10 [ 752.880271][T19033] ? __pfx_chrdev_open+0x10/0x10 [ 752.880290][T19033] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 752.880310][T19033] do_dentry_open+0x97f/0x1530 [ 752.880328][T19033] ? __pfx_chrdev_open+0x10/0x10 [ 752.880350][T19033] vfs_open+0x82/0x3f0 [ 752.880373][T19033] path_openat+0x1de4/0x2cb0 [ 752.880397][T19033] ? __pfx_path_openat+0x10/0x10 [ 752.880419][T19033] do_filp_open+0x20b/0x470 [ 752.880436][T19033] ? __pfx_do_filp_open+0x10/0x10 [ 752.880468][T19033] ? alloc_fd+0x471/0x7d0 [ 752.880489][T19033] do_sys_openat2+0x11b/0x1d0 [ 752.880510][T19033] ? __pfx_do_sys_openat2+0x10/0x10 [ 752.880539][T19033] __x64_sys_openat+0x174/0x210 [ 752.880552][T19033] ? __pfx___x64_sys_openat+0x10/0x10 [ 752.880573][T19033] do_syscall_64+0xcd/0x4c0 [ 752.880588][T19033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.880603][T19033] RIP: 0033:0x7fdcc718eec9 [ 752.880615][T19033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.880630][T19033] RSP: 002b:00007fdcc80e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 752.880644][T19033] RAX: ffffffffffffffda RBX: 00007fdcc73e5fa0 RCX: 00007fdcc718eec9 [ 752.880662][T19033] RDX: 0000000000080643 RSI: 0000200000001940 RDI: ffffffffffffff9c [ 752.880671][T19033] RBP: 00007fdcc7211f91 R08: 0000000000000000 R09: 0000000000000000 [ 752.880680][T19033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.880689][T19033] R13: 00007fdcc73e6038 R14: 00007fdcc73e5fa0 R15: 00007fff3b7b3258 [ 752.880709][T19033] [ 753.611210][T19033] [ 753.613547][T19033] ====================================================== [ 753.620546][T19033] WARNING: possible circular locking dependency detected [ 753.627547][T19033] syzkaller #0 Not tainted [ 753.631937][T19033] ------------------------------------------------------ [ 753.638923][T19033] syz.4.2659/19033 is trying to acquire lock: [ 753.644964][T19033] ffff88807dde5068 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}, at: process_measurement+0x7e0/0x23e0 [ 753.655558][T19033] [ 753.655558][T19033] but task is already holding lock: [ 753.662901][T19033] ffffffff8f518528 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 753.671752][T19033] [ 753.671752][T19033] which lock already depends on the new lock. [ 753.671752][T19033] [ 753.682127][T19033] [ 753.682127][T19033] the existing dependency chain (in reverse order) is: [ 753.691114][T19033] [ 753.691114][T19033] -> #4 (dpm_list_mtx){+.+.}-{4:4}: [ 753.698475][T19033] __mutex_lock+0x193/0x1060 [ 753.703578][T19033] device_pm_add+0x87/0x3e0 [ 753.708601][T19033] device_add+0x9cd/0x1aa0 [ 753.713518][T19033] device_create_groups_vargs+0x1f8/0x270 [ 753.719747][T19033] device_create+0xed/0x130 [ 753.724750][T19033] msr_device_create+0x31/0x70 [ 753.730013][T19033] cpuhp_invoke_callback+0x3d5/0xa10 [ 753.735795][T19033] cpuhp_thread_fun+0x47e/0x6f0 [ 753.741143][T19033] smpboot_thread_fn+0x3f7/0xae0 [ 753.746585][T19033] kthread+0x3c5/0x780 [ 753.751170][T19033] ret_from_fork+0x56d/0x730 [ 753.756266][T19033] ret_from_fork_asm+0x1a/0x30 [ 753.761531][T19033] [ 753.761531][T19033] -> #3 (cpuhp_state-up){+.+.}-{0:0}: [ 753.769067][T19033] cpuhp_thread_fun+0x193/0x6f0 [ 753.774414][T19033] smpboot_thread_fn+0x3f7/0xae0 [ 753.779848][T19033] kthread+0x3c5/0x780 [ 753.784417][T19033] ret_from_fork+0x56d/0x730 [ 753.789511][T19033] ret_from_fork_asm+0x1a/0x30 [ 753.794771][T19033] [ 753.794771][T19033] -> #2 (cpu_hotplug_lock){++++}-{0:0}: [ 753.802472][T19033] cpus_read_lock+0x42/0x160 [ 753.807563][T19033] ring_buffer_resize+0x105/0x15c0 [ 753.813171][T19033] tracing_update_buffers+0x15e/0x1f0 [ 753.819045][T19033] ftrace_event_write+0x14a/0x2c0 [ 753.824565][T19033] vfs_writev+0x5df/0xde0 [ 753.829410][T19033] do_writev+0x132/0x340 [ 753.834148][T19033] do_syscall_64+0xcd/0x4c0 [ 753.839147][T19033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.845537][T19033] [ 753.845537][T19033] -> #1 (trace_types_lock){+.+.}-{4:4}: [ 753.853243][T19033] __mutex_lock+0x193/0x1060 [ 753.858326][T19033] trace_array_get+0x1e/0x110 [ 753.863505][T19033] subsystem_open+0x2b3/0x3e0 [ 753.868681][T19033] do_dentry_open+0x97f/0x1530 [ 753.873947][T19033] vfs_open+0x82/0x3f0 [ 753.878531][T19033] dentry_open+0x71/0xd0 [ 753.883284][T19033] ima_calc_file_hash+0x2b6/0x490 [ 753.888817][T19033] ima_collect_measurement+0x899/0xa40 [ 753.894775][T19033] process_measurement+0x11fa/0x23e0 [ 753.900559][T19033] ima_file_check+0xc5/0x110 [ 753.905645][T19033] security_file_post_open+0x8e/0x210 [ 753.911518][T19033] path_openat+0x1404/0x2cb0 [ 753.916611][T19033] do_filp_open+0x20b/0x470 [ 753.921617][T19033] do_sys_openat2+0x11b/0x1d0 [ 753.926797][T19033] __x64_sys_openat+0x174/0x210 [ 753.932142][T19033] do_syscall_64+0xcd/0x4c0 [ 753.937139][T19033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.943530][T19033] [ 753.943530][T19033] -> #0 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}: [ 753.952105][T19033] __lock_acquire+0x12a6/0x1ce0 [ 753.957454][T19033] lock_acquire+0x179/0x350 [ 753.962456][T19033] __mutex_lock+0x193/0x1060 [ 753.967562][T19033] process_measurement+0x7e0/0x23e0 [ 753.973259][T19033] ima_file_check+0xc5/0x110 [ 753.978346][T19033] security_file_post_open+0x8e/0x210 [ 753.984219][T19033] path_openat+0x1404/0x2cb0 [ 753.989307][T19033] do_file_open_root+0x322/0x610 [ 753.994745][T19033] file_open_root+0x2a7/0x450 [ 753.999926][T19033] kernel_read_file_from_path_initns+0x189/0x260 [ 754.006754][T19033] _request_firmware+0x744/0x1470 [ 754.012293][T19033] __async_dev_cache_fw_image+0xb1/0x340 [ 754.018427][T19033] async_schedule_node_domain+0xd4/0x120 [ 754.024560][T19033] dev_cache_fw_image+0x38e/0x490 [ 754.030083][T19033] dpm_for_each_dev+0x5d/0xb0 [ 754.035261][T19033] fw_pm_notify+0x81/0x150 [ 754.040177][T19033] notifier_call_chain+0xb9/0x410 [ 754.045703][T19033] blocking_notifier_call_chain_robust+0xc8/0x160 [ 754.052616][T19033] pm_notifier_call_chain_robust+0x27/0x60 [ 754.058924][T19033] snapshot_open+0x218/0x2b0 [ 754.064012][T19033] misc_open+0x35d/0x420 [ 754.068755][T19033] chrdev_open+0x231/0x6a0 [ 754.073672][T19033] do_dentry_open+0x97f/0x1530 [ 754.078935][T19033] vfs_open+0x82/0x3f0 [ 754.083509][T19033] path_openat+0x1de4/0x2cb0 [ 754.088601][T19033] do_filp_open+0x20b/0x470 [ 754.093601][T19033] do_sys_openat2+0x11b/0x1d0 [ 754.098782][T19033] __x64_sys_openat+0x174/0x210 [ 754.104127][T19033] do_syscall_64+0xcd/0x4c0 [ 754.109126][T19033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.115518][T19033] [ 754.115518][T19033] other info that might help us debug this: [ 754.115518][T19033] [ 754.125721][T19033] Chain exists of: [ 754.125721][T19033] &ima_iint_mutex_key[depth] --> cpuhp_state-up --> dpm_list_mtx [ 754.125721][T19033] [ 754.139333][T19033] Possible unsafe locking scenario: [ 754.139333][T19033] [ 754.146756][T19033] CPU0 CPU1 [ 754.152091][T19033] ---- ---- [ 754.157427][T19033] lock(dpm_list_mtx); [ 754.161557][T19033] lock(cpuhp_state-up); [ 754.168388][T19033] lock(dpm_list_mtx); [ 754.175047][T19033] lock(&ima_iint_mutex_key[depth]); [ 754.180417][T19033] [ 754.180417][T19033] *** DEADLOCK *** [ 754.180417][T19033] [ 754.188539][T19033] 5 locks held by syz.4.2659/19033: [ 754.193718][T19033] #0: ffffffff8f307fa8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 754.202145][T19033] #1: ffffffff8e484b88 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 [ 754.212474][T19033] #2: ffffffff8e4c4ff0 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160 [ 754.224288][T19033] #3: ffffffff8f51db28 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 754.232880][T19033] #4: ffffffff8f518528 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 754.242170][T19033] [ 754.242170][T19033] stack backtrace: [ 754.248037][T19033] CPU: 0 UID: 0 PID: 19033 Comm: syz.4.2659 Not tainted syzkaller #0 PREEMPT(full) [ 754.248055][T19033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 754.248065][T19033] Call Trace: [ 754.248072][T19033] [ 754.248079][T19033] dump_stack_lvl+0x116/0x1f0 [ 754.248103][T19033] print_circular_bug+0x275/0x350 [ 754.248123][T19033] check_noncircular+0x14c/0x170 [ 754.248142][T19033] __lock_acquire+0x12a6/0x1ce0 [ 754.248163][T19033] lock_acquire+0x179/0x350 [ 754.248180][T19033] ? process_measurement+0x7e0/0x23e0 [ 754.248196][T19033] ? __pfx___might_resched+0x10/0x10 [ 754.248212][T19033] ? process_measurement+0x7e0/0x23e0 [ 754.248226][T19033] __mutex_lock+0x193/0x1060 [ 754.248238][T19033] ? process_measurement+0x7e0/0x23e0 [ 754.248254][T19033] ? __pfx___mutex_lock+0x10/0x10 [ 754.248266][T19033] ? __pfx___might_resched+0x10/0x10 [ 754.248280][T19033] ? find_held_lock+0x2b/0x80 [ 754.248294][T19033] ? down_write+0x14d/0x200 [ 754.248309][T19033] ? process_measurement+0x7e0/0x23e0 [ 754.248323][T19033] process_measurement+0x7e0/0x23e0 [ 754.248340][T19033] ? __pfx_process_measurement+0x10/0x10 [ 754.248356][T19033] ? find_held_lock+0x2b/0x80 [ 754.248370][T19033] ? fscrypt_file_open+0x47c/0x590 [ 754.248394][T19033] ? __pfx___fsnotify_parent+0x10/0x10 [ 754.248409][T19033] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 754.248426][T19033] ima_file_check+0xc5/0x110 [ 754.248441][T19033] ? __pfx_ima_file_check+0x10/0x10 [ 754.248456][T19033] ? vfs_open+0x2e3/0x3f0 [ 754.248476][T19033] security_file_post_open+0x8e/0x210 [ 754.248495][T19033] path_openat+0x1404/0x2cb0 [ 754.248518][T19033] ? trace_kmem_cache_alloc+0x28/0xc0 [ 754.248540][T19033] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 754.248556][T19033] ? __pfx_path_openat+0x10/0x10 [ 754.248573][T19033] ? __asan_memcpy+0x3c/0x60 [ 754.248588][T19033] do_file_open_root+0x322/0x610 [ 754.248605][T19033] ? __pfx_do_file_open_root+0x10/0x10 [ 754.248628][T19033] ? vsnprintf+0x318/0x1160 [ 754.248648][T19033] file_open_root+0x2a7/0x450 [ 754.248666][T19033] ? __pfx_file_open_root+0x10/0x10 [ 754.248682][T19033] ? find_held_lock+0x2b/0x80 [ 754.248695][T19033] ? kernel_read_file_from_path_initns+0x17a/0x260 [ 754.248718][T19033] kernel_read_file_from_path_initns+0x189/0x260 [ 754.248740][T19033] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 754.248761][T19033] ? trace_kmem_cache_alloc+0x28/0xc0 [ 754.248781][T19033] ? _request_firmware+0x503/0x1470 [ 754.248801][T19033] _request_firmware+0x744/0x1470 [ 754.248822][T19033] ? __pfx__request_firmware+0x10/0x10 [ 754.248841][T19033] ? dump_stack_lvl+0x1a3/0x1f0 [ 754.248862][T19033] __async_dev_cache_fw_image+0xb1/0x340 [ 754.248882][T19033] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 754.248902][T19033] ? mark_held_locks+0x49/0x80 [ 754.248919][T19033] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 754.248939][T19033] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 754.248959][T19033] async_schedule_node_domain+0xd4/0x120 [ 754.248977][T19033] dev_cache_fw_image+0x38e/0x490 [ 754.248995][T19033] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 754.249014][T19033] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 754.249032][T19033] dpm_for_each_dev+0x5d/0xb0 [ 754.249048][T19033] fw_pm_notify+0x81/0x150 [ 754.249064][T19033] notifier_call_chain+0xb9/0x410 [ 754.249082][T19033] ? __pfx_fw_pm_notify+0x10/0x10 [ 754.249100][T19033] blocking_notifier_call_chain_robust+0xc8/0x160 [ 754.249120][T19033] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 754.249142][T19033] pm_notifier_call_chain_robust+0x27/0x60 [ 754.249162][T19033] snapshot_open+0x218/0x2b0 [ 754.249178][T19033] ? __pfx_snapshot_open+0x10/0x10 [ 754.249195][T19033] misc_open+0x35d/0x420 [ 754.249212][T19033] ? __pfx_misc_open+0x10/0x10 [ 754.249228][T19033] chrdev_open+0x231/0x6a0 [ 754.249246][T19033] ? __pfx_apparmor_file_open+0x10/0x10 [ 754.249262][T19033] ? __pfx_chrdev_open+0x10/0x10 [ 754.249280][T19033] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 754.249297][T19033] do_dentry_open+0x97f/0x1530 [ 754.249314][T19033] ? __pfx_chrdev_open+0x10/0x10 [ 754.249333][T19033] vfs_open+0x82/0x3f0 [ 754.249353][T19033] path_openat+0x1de4/0x2cb0 [ 754.249371][T19033] ? __pfx_path_openat+0x10/0x10 [ 754.249389][T19033] do_filp_open+0x20b/0x470 [ 754.249405][T19033] ? __pfx_do_filp_open+0x10/0x10 [ 754.249427][T19033] ? alloc_fd+0x471/0x7d0 [ 754.249443][T19033] do_sys_openat2+0x11b/0x1d0 [ 754.249464][T19033] ? __pfx_do_sys_openat2+0x10/0x10 [ 754.249487][T19033] __x64_sys_openat+0x174/0x210 [ 754.249500][T19033] ? __pfx___x64_sys_openat+0x10/0x10 [ 754.249519][T19033] do_syscall_64+0xcd/0x4c0 [ 754.249533][T19033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.249548][T19033] RIP: 0033:0x7fdcc718eec9 [ 754.249561][T19033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.249575][T19033] RSP: 002b:00007fdcc80e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 754.249589][T19033] RAX: ffffffffffffffda RBX: 00007fdcc73e5fa0 RCX: 00007fdcc718eec9 [ 754.249604][T19033] RDX: 0000000000080643 RSI: 0000200000001940 RDI: ffffffffffffff9c [ 754.249614][T19033] RBP: 00007fdcc7211f91 R08: 0000000000000000 R09: 0000000000000000 [ 754.249623][T19033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.249632][T19033] R13: 00007fdcc73e6038 R14: 00007fdcc73e5fa0 R15: 00007fff3b7b3258 [ 754.249645][T19033] [ 754.249662][ C0] vkms_vblank_simulate: vblank timer overrun [ 754.776366][ C0] vkms_vblank_simulate: vblank timer overrun [ 755.579131][T19045] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 755.675551][T19049] zswap: compressor @ not available