last executing test programs: 11m18.56591945s ago: executing program 2 (id=89): r0 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000040), 0x4a4c02, 0x0) mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) r1 = io_uring_setup$auto(0x7, 0x0) ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000000)={0x1c800000, 0x0, [{0x6, 0x3fd, 0x80000000}, {0x3, 0x10000, 0xba}]}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x8, 0xe27c, 0x8) r2 = socket(0xf, 0xa, 0xd13) writev$auto(r0, &(0x7f0000000100)={0x0, 0x3}, 0x8) r3 = socket(0x2b, 0x1, 0x1) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) munmap$auto(0x400000008000, 0xffffffff) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) getsockopt$auto_SO_ZEROCOPY(r3, 0x7, 0x3c, &(0x7f00000000c0)='/dev/nullb0\x00', &(0x7f0000000100)=0x8efd) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x19, 0x4, 0x5, 0x880b, 0x401, 0xd, 0x66b, 0x4, 0x3}, 0x6f4) r5 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x80201, 0x0) ioctl$auto_RTC_WKALM_SET(r5, 0x4028700f, &(0x7f00000000c0)={0x1, 0x0, {0x9, 0x3, 0xd46, 0x5, 0x200, 0x28f, 0x0, 0x3a, 0x6}}) mmap$auto(0x0, 0x2020006, 0x4, 0x17, r0, 0x8000) unshare$auto(0x40000080) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r6, 0x127f, 0x0) pipe$auto(&(0x7f0000000000)=r6) close_range$auto(r2, r0, 0x888b) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x89a0, 0x4) 11m15.337001118s ago: executing program 2 (id=96): mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fanotify_init$auto(0xfffffffd, 0x1) utimensat$auto(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x6, 0x40}, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyy2\x00', 0x100, 0x0) select$auto(0x4, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x7, 0x2, 0x1, 0x948b, 0x1000000000000004, 0x15f4da0a, 0x39, 0x3, 0x2fffffffffffffe, 0x80000002, 0x7a142c64, 0x6d3c, 0x5, 0x80, 0xfb]}, 0x0) write$auto(0xca, 0x0, 0x2d9) ioctl$auto(0x3, 0x5412, 0x38) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(r1, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f0000000280)={0x18, r2, 0xd3ac6c422733a379, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_BEACON_TAIL={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x2404c000}, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001100)=""/4106, 0x100a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x7ffc) socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@generic={0x1e, "e20937aa330c2d93cdc6f50182ff"}, 0x54) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/i8042/serio1/power/wakeup_abort_count\x00', 0x60204, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r3, 0x3, &(0x7f0000000180)='/dev/snd/midiC2D0\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) select$auto(0x6, &(0x7f0000000000)={[0x5, 0x4, 0x4, 0x9, 0xccf9, 0x6, 0xffffffffffffffff, 0x3, 0xb, 0x1, 0x100000000000000, 0x3, 0xfffffffffffffe8f, 0x3, 0x5, 0xfffffffffffffff7]}, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x4, 0xc, 0x6, 0x8fd, 0xb80, 0x7b, 0x9, 0x2, 0xfffffffffffff954, 0xffffffffffffffff, 0xfff]}, &(0x7f0000000180)={[0x2, 0x8000, 0x4, 0x8000000000000001, 0x7f, 0x0, 0x7, 0x7, 0x8, 0x2, 0x8, 0x10, 0x5, 0xfffffffffffffff4, 0x9, 0x2]}, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) 11m14.3176793s ago: executing program 2 (id=100): madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x161100, 0x0) pread64$auto(r1, 0x0, 0x1000f42d, 0x100) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x20e01, 0x0) write$auto(r2, 0x0, 0x4) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0xe4) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80480, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_STATUS(0xffffffffffffffff, 0x0, 0x4008050) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2082, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r4 = socket(0xa, 0x3, 0x3b) connect$auto(r4, &(0x7f0000000000)=@generic={0x0, "ff20e100002000"}, 0x58) recvmmsg$auto(0x3, 0x0, 0x7, 0x3, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) 11m13.212623518s ago: executing program 2 (id=109): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x100000000000027, 0x0) fsopen$auto(0x0, 0x1) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1, 0x9, 0xd, 0xe13, 0x81, 0xe, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0xb8, 0x8627, 0x9, 0x20000800001, 0x3, 0x5, 0x7, 0x6, 0x6, 0x0, 0xffffffee, 0x2a17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x18, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2]}, 0x9, 0xa) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0xc090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xfffff000, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) setresuid$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) shmctl$auto_IPC_SET(0xc, 0x1, &(0x7f0000000300)={{0xffffffff, 0xffffffffffffffff, 0xee01, 0x1000, 0xae, 0x9, 0x4}, 0x1, 0x7, 0x2, 0x280, @inferred, @raw=0x5, 0x3, 0x0, &(0x7f0000000140)="4666def67af41b4f051e39fd6511fd6cfab11faa93fdd757f3a42ab52c0db46c7c57737a54cb9ad1fccd9f47e3400debebecee8c4b3ab4b0ecd15cb89799d7a8a423d738e2914ff98f43b494873650cfa841", &(0x7f0000000240)="41b431f15aa64d11716c2908cc9f948827ddb702f4ae4ad578a4d9e2fa81"}) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) bind$auto(r0, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3d}}, 0x6a) listen$auto(0x3, 0x81) 11m12.125972397s ago: executing program 2 (id=118): madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x161100, 0x0) pread64$auto(r1, 0x0, 0x1000f42d, 0x100) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x20e01, 0x0) write$auto(r2, 0x0, 0x4) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0xe4) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80480, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_STATUS(0xffffffffffffffff, 0x0, 0x4008050) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2082, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r4 = socket(0xa, 0x3, 0x3b) connect$auto(r4, &(0x7f0000000000)=@generic={0x0, "ff20e100002000"}, 0x58) recvmmsg$auto(0x3, 0x0, 0x7, 0x3, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) 11m11.01233864s ago: executing program 2 (id=122): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@isdn={0x22, 0xc9, 0x8a, 0x9, 0x4e}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@isdn={0x22, 0x8, 0x2, 0x2, 0x7f}, 0x54) socketpair$auto(0x755d, 0x403, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xdfe, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8000002, 0x800000009, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8e40, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0) socket(0x1a, 0x1, 0x7fff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x24a401, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x05\x00I\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYRES64=r2], 0x30}, 0x1, 0x0, 0x0, 0x40010}, 0x800) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) ioctl$auto_FS_IOC_SETFLAGS(r3, 0x40086602, 0x8) writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) socket(0x18, 0x5, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r4, 0x5403, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x10005, 0x1, 0xeb1, 0x40000000000a5, 0x8000) 10m55.600561292s ago: executing program 32 (id=122): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@isdn={0x22, 0xc9, 0x8a, 0x9, 0x4e}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@isdn={0x22, 0x8, 0x2, 0x2, 0x7f}, 0x54) socketpair$auto(0x755d, 0x403, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xdfe, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8000002, 0x800000009, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8e40, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0) socket(0x1a, 0x1, 0x7fff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x24a401, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x05\x00I\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYRES64=r2], 0x30}, 0x1, 0x0, 0x0, 0x40010}, 0x800) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) ioctl$auto_FS_IOC_SETFLAGS(r3, 0x40086602, 0x8) writev$auto(r3, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) socket(0x18, 0x5, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r4, 0x5403, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x10005, 0x1, 0xeb1, 0x40000000000a5, 0x8000) 9m54.814646061s ago: executing program 0 (id=318): mmap$auto(0x0, 0xe983, 0xde, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x28, 0x5, 0x0) syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000040), r0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) mmap$auto(0x6, 0xe983, 0x8, 0x20080000010, r1, 0x8000) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0xffffffffffffffb2, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYRESOCT=r2], 0x1ac}}, 0x4000001) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x6000000, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/lapb3/threaded\x00', 0x8a801, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) io_setup$auto(0x1, 0x0) r4 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/apparmor/current\x00', 0xca00, 0x0) epoll_create$auto(0x5) write$auto_proc_pid_attr_operations_base(r4, &(0x7f0000001240)="9d21d84deb9de6767364146595a8557089fe27b4795bf3db82d7739fbc8af9e6f4f90c4841e2f848d263bd0ff57a35e24d3cda8ec4e7eef1c29ab7f7f289c090e51acdd624c06e3ed6092ece468a2919950789f01b5a3b525575fe5ee5e5a23f76155627910e1b9d3f3b08f36c99df7bd9c0eea72f90b599b4bbf5237723f4a63e613c268907034101518a92d72111b08564a9ed05cf48ecd5fd76ea0377897e058af4e6b67760055918e78e9267e5de26d0b45d1f7d435a91c2d59157029b881aa8fc9f7d229689392cc65cd7b2650d07a888202c", 0xd5) process_madvise$auto_MADV_DONTNEED_LOCKED(r1, &(0x7f00000001c0)={&(0x7f0000000080)="1ea537c05e69b522a28202bc261843a6ad707b13878199b3588941d8000758e5fa31d8ac0dfc7847afe83a5c62c2fd504d623509856fec23eb51768bb4167be36f81a41ed0896de211", 0x2}, 0x7, 0x18, 0x8) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r5 = socket(0x2, 0x5, 0x0) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd0\x00', 0x24000, 0x0) ioctl$auto(r6, 0xab04, 0xffffffffffffffff) socket(0xa, 0x3, 0xff) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(r5, 0x10000000084, 0x85, 0x0, 0x8) sendfile$auto(r1, r1, &(0x7f0000000040)=0x3ff, 0x9) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) writev$auto(0x3, 0x0, 0x8009) 9m53.199564221s ago: executing program 0 (id=323): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x2e, 0x944a, 0x1ffde, 0x7, 0x3, 0x20000002, 0x9, 0x3, 0x100000006, 0x4, 0xb4, 0x9, 0x6, 0x10003, 0x80, 0x4, 0x0, 0x7, 0x2100, 0x8, 0x200000, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x6, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x1ff, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) r1 = gettid() openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001400), 0x143000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_PEER_REMOVE(r2, &(0x7f00000110c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x20, r3, 0x3, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x6, 0x2, 0x0, 0x0, @str='\xff\xff'}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20008105}, 0x40) r4 = pidfd_open$auto(r1, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) unshare$auto(0x9fb) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xe}}, 0x6, 0x4008) r5 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/0/cpuid\x00', 0x2, 0x0) read$auto(r5, 0x0, 0x0) syz_clone3(&(0x7f0000001680)={0x80000000, &(0x7f0000001440), &(0x7f0000001480), &(0x7f00000014c0), {0x2a}, &(0x7f0000001500)=""/87, 0x57, &(0x7f0000001580)=""/139, &(0x7f0000001640)=[r1, r1, r1], 0x3, {r4}}, 0x58) ioctl$auto_SNDRV_PCM_IOCTL_HWSYNC(r4, 0x4122, 0x0) ioctl$auto_XFS_IOC_READLINK_BY_HANDLE(r4, 0xc038586c, &(0x7f00000013c0)={r4, &(0x7f0000000000)="60707c89631177dfbe205ac7f9bfb9cfbb96f29014d82d3b119ca1191adbea917adf2619f75027137c5ae456bfc8047f3f374e443ab15eb2a0b0268fd1b46b3358058f0a9c670175924f29601923d61746d934f0cfa2bbd3eb4fbca9e334a3f755ff9328cc35c5bd4fa778bf1e4a57019990109cc8ace08f26163c5dcbb50b604ddf97b3ea738684c4bc47be59cae37f023c026602bda8691af3bc1ee68dc8cdf816c1455365b026ab9583fe4dc085ad24767f68bba97c26df7117df865bfb25a8f7be8bb075a13f4a3b80553c87f2738cda214c", 0x7, &(0x7f0000000140)="707c29136927", 0x2, &(0x7f0000000380)="2c28a02dcaefbdea85749ed4fc6c13ccd3ce502224dd90e942edd4c2815f6e0033cacc37ac2cc1a8a0971865c5de1090b5c9ca31eddfeaa280e979b479eb6ee2f14045d2757a46d2232d4412e56d2a688c97d8c3ebedbee0e3a15388b3f8bcfdb98542ce2eb534a2aae6806f89c9dcda72a6e4450e3488bbfb712f4df5d23ca3b1a7ff4682282970cc1850c704534060fab875bef5a8287140125ae34dc2a85e3df4a451c3db720d5421d52be498994d9eab9f757fed2d944628e5a9a136bb3d95f255634e3812d0a970eacc862921f9549be6bf6130e8107623a77845fa06ce9e12ae202dc32305375ddf42d424030b63dcbc608df1fe9268467dbfb43f0e21c9243ab0a4c9d020909f6b627b7d9c44a2e299e160e7d7824101900f15b4a18a22d05ff58fe7827b6e5f91345114802f7d40b553b13249067084e74354aa87533f12fd3d8638b7224dac5661014e04dc87bec91c0f03357d2ac6e4fc3e091810fb4120709a05106517932ed8e60df45ce0b6fe93a38f25b02b0df7f84e48e937a26c669e14c9ca7b4c10495d88066eddbdcc82ead7fc085089c46977db80ae24b7b981793e35df76b57ac4b896ed72cfed0ea90f841be10217f188d7a077e8c2adb7cf768cc6c6618516caa17d8c8678e77826f95ba437a6f976a5b08ad5d199b873e53ec1fbc0f8ad3ed087076c10432c69c8b9807ba2bab822d065c799e04acabda79fe0902e01f96a032629ce32cb3fafb1037e9ce09265e3041b8827132042f0a21e8e845d56ebfcab0d36f526b869a82b5b1a37df40061fd433749b500185b9c7a8c73e0d6b529e11e019b2a88dc3bb3b11a7aef909d6710af6c83de4300428eb930bcdeebbf2c99ae16952d5ecde4b63444d2aef5353eb55b038550d2826acedaabf6537c5474473bcd65fd89f016d9d537dff6c4b64c5c5c248f6e95f1d029ff8641ecf2b7dced64fe506e83bbc8f7c6c67fd15c318080377b152eb2c5530ddd7c4b8bd8be8976012a07c515a6992fdddaa1581c1d2b464c073b930381fe7bea921851504bf493ea903cb36cb522e32dbe6e96c000b07211d49b0ca4d38d0bb8b95f288f7dc8e4db5fe60e67ef66a32268d0d24742ade14a55ce50cc7be9513003b906d8a0250b08a44a92068bb29af044e7795d47a9274f0073dc4c5cb17c8591e3d3c179ee662a95777a6b3dd421a5599c6d075b1cf5ec51f28d472b2fe6cdfdb77cf8aa842d38674658287129e094b7be24f2fbd82d9af950bddf7bc3e40f32cd0a65db3e520a6c4b8848b68dcff9fdd096ba84a2f87c7675db318b1ffaa248c3522baf7bb26c6114dd3701de71faefc9a9cf9f161cb1558fd16e37cdcff177178632c5647e1e985a5afcbe353c38167e968e999df90af5a8ab4f3c7cf3012a77590cdd21c11edc7e297ed04a2d195a529d59ec828c11929b2f0ed85d3a87010c660227bcfbfb80bbc7fb85ce1e03fa777f49fe96466ee2ce6239436c5e0beec536ea98bf5809132e35df340e58f6ea473376600a7003b601643d9dba16771ff0f6f42134b197c5c1781f02e93d149d4c1f8f53a6e4b2a4238c2717085e2fae6c7c7c9e0b5f5879352f414216301ea7cbb09356dad5d5cad8885c577b5bc98d0d9393b2c688f0fa5bcc446a0e7995b2a0c11ad7d8718954114b90a443084c7ddeb74bd465b0fa17a10eb76d4ed1051d3853ff92b02b2ee04f57dd898097b2a7bea558ec28b4234672ee9f52fe0214d4261cbb618acf7193e93ced678d1fe83e69fafb02d0c9c660f3329b6606523ae1213c0f59297de5ae4b042b5f0a39a36b47454526d9f77a61f12edac7c023f0f6d268a792a7e47710bf7e9d4e93ab9a5f86502dc374976066b7e418c2633a28bd46e15415ef0b5f34b621b7cdafe8eb1f3b978f6b03e50040696e295080e7d4e5b6c107a493469632c2765b9c1e91f663c5db8d4848823498a29b6b9dba3ab6f070a3cf2a8f45b526d9f1ab2aa34643d7bea450b851d38a206cef141ef26b90a0f65adb4cda159964d69818f5e6941b8986623af93df31700de8c8974c5e861e8dae61268da5202fc94e829d7540ccebc9a210e83bff882754867c9076a254f60dcb1913109b3ad83f4426a63470d34e1ee9be7e9c3853bbd1c31e36b27871dc8c5147f9dfb4d403c4c24bdbb50b89afe434ceb8b1b95defa7b7215f9c0f5296d0506e46b438b4d0a436f569897c1ab187d052e0c00b68cc17bac3cd28acbb208f614e9cbcc7f9d1901f71085c56464a00653be75d70dd7cd6e2501f1eac9433dbc958411f71587ab6f6846768b07e8e14bb8e8b4a09ed7420acdfc29ba129c6dd31fda139ea765030adbded7ebb6298c376b4c8e728868d36ca935a9739a309b1b25046b3865999b849a8cde25798b9197ea7c0ffe71db6aecf59b02330b31679915c5d1ede0974a8cf59381c2f596ce6557841db832db481be63a301772b49a7d3d77d95985b36b0da4bf345323a25cf4706467ba0abe095038bc78dcecbfd5a2f963c06b4cd95d08bce6267373f4fc7010f8e55ee564e13af391fc8c55d5d35232dfaba63a861e5258fb969173ace8126de30d1f76d1cff8e2c2549aaca5c1253876a8db725a75fe5903b9e2730a2c03e117ba9592e0804bad5d26e7f05585dc15ace7f3ccbc12c189741c3b9e249a8301cc6e09717788ca4a3006aa8c0ecb49f35b90a917af86c0a81c8fd5447222ce00e34ebb0f0e1ce713ae42121463606d8b712b99c1cd1f051476e5925ea97c329a90085038a5f2f9adfb0db5fa5f3252af9f1f5684b4add14891a9a4396ef733265e0e64128949d5f8935dcc79e60762347203636d69a549b700dd865b4a633eddf5d9bcd3a6204a11b3a1aff3d4a8a7cfbd4e7d537f9491793ea30cf8664647dde291b3824da7d98221ac1ed55ccfd28279d33761d209d964dae6095b12600450b68f9428afce862b5055bbd0d48999a39efcc0cd0ac61253460951cf8e845d1d223a3e073f66a7d1c43b40f03bcf40738f1307d5cf2ca50958bdef82ee98c2c790c87dd2b72794d7833511550b2991676d0fe9468bcaf820d2c7d845a47bd0680f6c5725d92b22fd7aa75b974d6847a7dcafce5818101407a963b676c479b42c014839618f3b34171661aed59c5601b6ac972de7d4156b302486159eebaafb4b543fae2dd6bf7bdd724bcc40a742070d49fca5c9258425b4c08f03e6061d62bec2e49bdc40c65e7f607467c6e6559843492e3f466f3abac6efe91b3b857c9323dfbbc058be6c8a3c8b71ae3e500f5c1dbfc0825accdaad7d13e4a1a593b22756a0221612a9fde00394f258bde59f9d8c3a00155783ad63356fb3896e2dd8fa0e1b59077ec65b0ececc22e601a5317dc0dd9d87175438138e0837af35fcabe04968edf86cc70a104705d513b55640cba26346f303e11980807e14b8be4d1d8784747c86cb0674adba757d747e16d9b44710dadea19bc77436b76d1a65b351596f526232aed853bd712e81640bfc909f61040504e58450b4b82351ffc3601f57de24a608a560ae5f9b46cf02146a259e56ec0d575da49757886d47803e736552ea5c04fbb3d60ca7c406d2a3774663a8e3ea5cb668eb45ead554f2d3113318e0385b9956e54968e8b5d495e37a6de81c2233263074f68fb51be62fbb1d359335ba1c13e30ba4a2c330cad06e87bd05f6996a039f7fc7f3a4e0e12b4da321246d8355e6e3cb77ddcf16e70fb75e06d598a75c88ac870357d44d71d91b5c57fd0f6062911fc4bf3dca353a271cfc05cf2e5a1ca05fda66906efb2d0f2026256a918231f76fa2c26734e0e639f59d37e6c126813539818118d7f3c3c74d030273f6d6815ee21e1843a93861f86d4634f3c4e8726a4801cb8d5d162f1e0442a4cf68202981d7cc1d293837fd34b6fafd0186b4de1dfc846068cf32632f14b6903a9d9db333232078d794d22fc8dedda6bb0d2f9a1a5d03c3ea044137bd4967f10a8fba3c13ce45942f6cf13703c86f6744df9ccf79713b0aa4a90d3bfa34cf1569337061e1541734726d2757a270525f3ca08fa6b1ed089fca6783bfdeb664a52fc4b98e05dfe0461663156548e233f8c967a6a1953d52f632a4af00023b3cda9a0978531cd15ae39d945fbf10177b6ba40acf20e4fbec9f6caaee29dbccb0be2d25ce8c22b2f9c856a403ed85cd15b5c2e6cb92474ef35035ac94947f98236621e4dc7f88a40fdc9fe7a416b9d8f2348044c464086636562bd1a170012e59f2154d3dd67ac70f1bebc462eb32c36a937061cb672c85b8e59db9b64ca5e2f4188485fb3164d902f91e2334bfd79d3b904471be7881e4cef7fd0e4c3f4a2e822f001a6f91dcc93567816b32d29bc94608806b93bf40f9429658d7804336c7388ecf130432c81ee1d95a3fffdc4e1e9ee4b3b01f7db93f08be9bfaca6ee7e0e3c7a226fc849275c305378e6e6653460cc84e03af06347ecb3620ebc808386a255ce8f1c340087a76bbdee88944e37ca914e6cc3c9e9391d7ea98a97a7f6a2d4d0e916e16e303f0909f62ad75be886389c6a4c69fd22ba27afd7d37853f3b28fe4a23464cb27612c6d11f5c93a44bddaef90ed941551c0fb767a0dd597d221620ef33e0a76573dd257410610bd88d0d3419206f59de26553daf8ae6f1621b68e8c524f293b2d6cf48201a7e9fe042432adad9ab07207ae66a2bc101e70bfcdaafaf872b030d5aaffd02912560349c905385f3e89cd9e9ee84b2c4978a40e6ee6e0560a09515871d066bde80c4c4fa21c43a0583f1123f5c8f5a989ca31ee0f4aed972416352a0e9b7d0436e2a833db5879ec4d1c116e1a649bd1988b62bbfcb370757f84fc2c47a02ea932222cbc0a7c17a3c75c14cc143751b64ec147389a2921258673e2df2bac64a47b0012cefcc8c79bf2104d8c01c805af6e66d4474ed08a98b6e44a5b20be8915082acde117f21b7b1d9f7e1efc9190975ce5c95ef88a838f2773c5e3666f344fbf08c7984ad71d4ea03019c61607c822efe8ae7953dbb614eeeeb8c91202d84538ed4873f312eabbbf084eb01da2f8ddcbf030f8865a95ccfa61a9fd47ac2fa036518a0d4ef0f2fe45b8f0b6390f628d442a57162e68268c321bf17a0e90a70872782cd145171de772c17b19b4ff2a41594dd7aa7fe4a48bff0b555eb3255ad7ddd4c7abc1c84f35b20b9f5376fd1a4ee9f9d74b1cfd487b93473ade0171dcb184c5b41e4f5c3b772eba780cc17106bc2137559930926909d30b8995bb31cdf5b54b85282289745c267d4e76cfb695245022ee90dd3843ea0bba5a74e8321b7e9655cb09a81b546bd3a6479147d32197d188ae53846dc0ab9751a005c5684e7e1ff13301298ad9f053f15dff00e519bfe667ff6a6c1bc133300e6158cf1ffdf2f94bd034b2ef46027eec1172f0c1d9acbe8be0fa02d7b41f1f8a30afdd8ab4eda60635edd275eb826010b269f8be263c76ce24ab705ce43008bb102e899051689e01b227e970fa2d82d0fd56cde9885577899ae260d1696c11aeefe80e3701d12b5851fcdd2c913e3c711204c555e26af54d949555bcc1c2e5e3e1495247272da4ed43a050555d870560e5d9c74d9d262929d4220530b246808013e9dd282feec96d87f8b57332c148e52e7e5eb0db57bfe63a95730f2199735ba85d114dbbcc07f955c9e9562591071c2975d88303b30af910c7bc1891d4efcfd38f32767c53b9fe45b8d09b108707ab1db43d161e9d406729ce2a4aaf5f6336d088ab648994bff836fb3334b6b3447e9a6321d5cf6c58ce931f", &(0x7f0000001380)=0x8}) 9m52.862358556s ago: executing program 0 (id=325): r0 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000140), 0x18d383, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r0, 0x4c81, 0x0) (async) ioctl$auto_LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82, 0x0) (async, rerun: 64) r1 = epoll_create$auto(0x4) (rerun: 64) truncate$auto(&(0x7f0000000080)='./file0\x00', 0x7fff) (async, rerun: 32) r2 = socket(0x6, 0x2, 0x88) (rerun: 32) setsockopt$auto(r2, 0xdae3, 0x5, 0x0, 0x81) (async) r3 = open(&(0x7f0000000000)='./file0\x00', 0x1eb341, 0x100) ioctl$auto_FS_IOC_RESVSP64(r1, 0x4030582a, 0x1) (async) openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), r1) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/block/loop5/rqos/wbt/wb_normal\x00', 0x2a2141, 0x0) mmap$auto(0x0, 0x400004, 0x400, 0x9b74, 0xffffffffffffffff, 0x8000) (async) prctl$auto_PR_SET_MM_START_BRK(0x3, 0x6, 0xffffffffffffffff, 0x4485, 0x7fffffff) ioctl$auto_NS_GET_MNTNS_ID(r1, 0x8008b705, &(0x7f0000000100)=0x1) (async, rerun: 32) ioctl$auto_SNAPSHOT_GET_IMAGE_SIZE(0xffffffffffffffff, 0x8008330e, &(0x7f00000001c0)=0x2c02) (rerun: 32) mmap$auto(0x0, 0x2000d, 0xde, 0xeb1, 0xffffffffffffffff, 0x7ffd) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x4) (async, rerun: 64) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/022/001\x00', 0x212b00, 0x0) (async, rerun: 64) mmap$auto(0x4, 0x5, 0x1ff, 0xeb1, 0x8000000000000024, 0xffffffffffffffff) (async, rerun: 32) io_uring_setup$auto(0x8, 0x0) (rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x8, 0x800, 0x80) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xd) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'nicvf0\x00'}) mmap$auto(0x0, 0x40009, 0x3, 0x19, r4, 0x28000) (async) socket(0x8, 0x4, 0x0) (async) socketpair$auto(0xecd, 0x8, 0x76c5, 0x0) 9m52.643597575s ago: executing program 0 (id=327): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), r0) r2 = getpgrp(0x0) sendmsg$auto_TASKSTATS_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, r1, 0xa01, 0x70bd2b, 0x25dfdbfb, {}, [@TASKSTATS_CMD_ATTR_TGID={0x8, 0x2, r2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000001e00), 0x8000, 0x0) read$auto_vhost_vsock_fops_vsock(r5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000780), r4) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r0, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000840)={&(0x7f00000008c0)={0x5c, r7, 0x800, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_PAUSE_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0xf}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x9}, @ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0xf9}, @ETHTOOL_A_PAUSE_RX={0x5}, @ETHTOOL_A_PAUSE_AUTONEG={0x5, 0x2, 0x9}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20008040}, 0xc841) r8 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) ioctl$auto_SNDCTL_SEQ_CTRLRATE(r8, 0xc0045103, &(0x7f0000001940)) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_STOP(r4, &(0x7f00000006c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000680)={&(0x7f0000000540)=ANY=[@ANYBLOB="10010000", @ANYRES16=r3, @ANYBLOB="01002bbd7000fedbdf256300000008002600f7ffffff0500f60080000000d500f300156775c0ce53993f5c414cabcf0e03f4f93417b3a1befc48036eb51823fc9107b536122bb6835c065140d53fe2dc023ddaf1bc5d709698f81eec9be9b3a0d50fc43cd71de757f287bac32d0189660696ba3f3ed9640a11ed0ecac09f27298a4d40fa69efddb188f79546902f226ca54c211c180f0b64c801f0608986714ad681ab7d229f70ef820d8e51ecfe17e5780d237a6e9d1080c44157eb9d0ba9572e170d3276286d00e59a47619f4c94f028010e82531623a6987ac6a0099de5198ede14137ba9353b268223ef5372dc6ddb36a300000005000800070000000400bf000800420004000000"], 0x110}, 0x1, 0x0, 0x0, 0x4001}, 0x800) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xf, 0x80003, 0xb) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) socket(0xa, 0x3, 0x100) socketpair$auto(0x8, 0x7, 0x1, 0x0) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r9, 0x5423, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto_TCFLSH2(r9, 0x8926, 0x0) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000003ec0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4c0d4}, 0x20040894) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000700)='/sys/devices/virtual/tty/ttyrb/power/autosuspend_delay_ms\x00', 0x200000, 0x0) r10 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) io_uring_register$auto_IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f0000000c80)="9814d39e464c1e681192aef6012c6b9fd544c0891deaff9c709f391da5bb002d5b20038b1e9293ace504b62c388508981310918b520f34e55339b46497239206667f9065e47a31a2104c4c2c8fb1e8cd6327570bdd3fc06ca75c3cdd9c24dbf297db28391d13c3d1b603eb2221a4e0df302058e9ed98ab4ce4d5a87ed96cf72617302d641a0e7eac4f192578b194ec9e99284d3ac9156dcca4c19fe5816b483e46a163b2c64a70e3dc58bf7c522a6a3b419e097e39016e8d7a1c6bd8a95943f34151cdc5eb1d7c47613e500f5760ef6f75f7ed6ebe09f34f6549cec5969dd45dcc6b0f772005b47397fc0615685f91b81317642825df4d320da5b71d4af22b53789ac949f34c4c943ffb2dcc1bc91b3636da8ec0feecba1fe40a1fa10bde28eac01fea6727f82026aceaa09a9104500fa3ac9f1260628a898ae9ee76b7bff01febd7574bec296273dfd6b949030601e1b1cde9bcb00467698576e4b7b6d0ce6e47fc43c5463108dca2b2e1ef7be95f9a396f5fefa91201d98da999e6624c3e4fe322965d86fe0d1394fcff", 0x2) write$auto_seq_oss_f_ops_seq_oss(r10, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d621178012495837d6a220eeaaf498ccc01", 0xfe04) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/o2cb/interface_revision\x00', 0x800, 0x0) 9m51.992383909s ago: executing program 0 (id=330): socket(0x1e, 0x4, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) socketpair$auto(0x1, 0x2, 0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@ax25={0x3, @bcast, 0x5}, 0x55) sendmmsg$auto(0x3, 0x0, 0x1f, 0x0) 9m51.74579167s ago: executing program 0 (id=332): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4000000000c, 0x4000000000df, 0x44eb5, 0xffffffffffffffff, 0x300000000000) (async) mmap$auto(0x0, 0x4000000000c, 0x4000000000df, 0x44eb5, 0xffffffffffffffff, 0x300000000000) bpf$auto(0x5, 0x0, 0x7) (async) bpf$auto(0x5, 0x0, 0x7) mprotect$auto(0x0, 0x806121, 0x8) (async) mprotect$auto(0x0, 0x806121, 0x8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) fcntl$auto(0x3, 0x4, 0xa553) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syslog$auto(0x1, 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r0 = socket(0x2b, 0x1, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x8, 0x1) ioctl$auto(r1, 0xc0045627, r0) socket(0x1a, 0x2, 0xff7ffffb) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x1ff) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) set_tid_address$auto(0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) 9m36.558558702s ago: executing program 33 (id=332): syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4000000000c, 0x4000000000df, 0x44eb5, 0xffffffffffffffff, 0x300000000000) (async) mmap$auto(0x0, 0x4000000000c, 0x4000000000df, 0x44eb5, 0xffffffffffffffff, 0x300000000000) bpf$auto(0x5, 0x0, 0x7) (async) bpf$auto(0x5, 0x0, 0x7) mprotect$auto(0x0, 0x806121, 0x8) (async) mprotect$auto(0x0, 0x806121, 0x8) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) fcntl$auto(0x3, 0x4, 0xa553) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syslog$auto(0x1, 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r0 = socket(0x2b, 0x1, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x8, 0x1) ioctl$auto(r1, 0xc0045627, r0) socket(0x1a, 0x2, 0xff7ffffb) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x1ff) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) set_tid_address$auto(0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) 6m9.871475405s ago: executing program 1 (id=845): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0xc14d799908ffc2d5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0xa, 0x1, 0x84) getsockopt$auto(r2, 0x84, 0x16, 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x10005, 0x4, 0xeb1, 0x40000000000a5, 0x8000) r3 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_UBI_IOCATT(r3, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r3, 0x40046f41, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) mmap$auto(0x0, 0x200, 0x5, 0xf8, r1, 0x8000) madvise$auto(0xffffffffffffffff, 0x5, 0x4) unshare$auto(0x40000080) bind$auto(0x3, 0x0, 0x6a) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x30}, 0x1) close_range$auto(0x2, 0xa, 0x0) r5 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) getsockopt$auto_SO_PROTOCOL(r0, 0x8, 0x26, &(0x7f0000000040)='/dev/dsp\x00', &(0x7f00000000c0)=0x3) pipe$auto(0x0) dup2$auto(r5, r4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) 6m8.696485088s ago: executing program 1 (id=848): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async) ioctl$auto_XFS_IOC_ALLOCSP64(0xffffffffffffffff, 0x40305824, &(0x7f0000000180)={0x8, 0x2, 0x4d9, 0x7ff, 0xb680, 0x0}) socket(0x27, 0x800, 0x6) (async) sched_setattr$auto(r0, &(0x7f00000001c0)={0x7, 0x0, 0x8000, 0x4, 0x6, 0x7fffffffffffffff, 0x3ff, 0x6, 0xa, 0x410}, 0x7) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) (async) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, 0x0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}, @BATADV_ATTR_TT_CRC32={0x8, 0x13, 0x10001}]}, 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4c800) (async) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!'], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) (async) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) ioctl$auto_IMADDTIMER(r2, 0x80044940, &(0x7f0000000100)=0x4) r3 = socket(0x2, 0x1, 0x0) bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x70) (async) fallocate$auto(r3, 0x5, 0x0, 0x7) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8) mmap$auto(0x0, 0x0, 0x400000000007ff, 0x9000000eb1, 0xfffffffffffffffa, 0x9) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) sendto$auto(0x3, 0x0, 0x5, 0x5d9, 0x0, 0x8) close_range$auto(0x2, r3, 0x0) 6m8.315427003s ago: executing program 1 (id=850): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth1_virt_wifi/ra_defrtr_metric\x00', 0x101242, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x10003c, 0x1, 0x1ffde, 0x7, 0x3, 0xfffffffffffffffe, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x9, 0x10005, 0x80, 0x4, 0xffefffff, 0x7, 0x2000, 0x203, 0x0, 0x20e9d17d, 0x400300000000000, 0xdb, 0x0, 0x80000000, 0xf04, [0xfffffffffffffffe, 0x0, 0x2, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffe, 0x0, 0x20000000000007, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff5b, 0xc72, 0x0, 0x9, 0x0, 0x66, 0x2, 0x1, 0x0, 0x0, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x8c]}, 0x2, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x20100, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/udp6\x00', 0x80, 0x0) pread64$auto(r3, 0x0, 0x8202000, 0x2d) ioctl$auto(r2, 0x404064c8, r2) write$auto(r1, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0) pidfd_open$auto(0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x2, 0x1]}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_JOIN_OCB(r4, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0x1c4, r5, 0x2, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_MAC={0xfc, 0x6, "6d3935387d68bdfb16670163c2d772c7675bb7dc9b38fa6e62630ccc93ce26caa449b2f9e0912c80277f6c0e5af0e4d8dd6e73c3943f11fe4910e61cb595d4ebcd662f31e16b0f8a5f9fc927f4c4c936ab79ba5ea58057cf87aad2be5ea37ce618d555e93e77d24ee5b07a264ea91306bcac1ed4aa41010b0e0e7c9b631ad072d4c83e4391e75aa5779f7dfe562046acb390800ed6717e7cef961d6f7cdc966a7d49dfbbdcfa8e8618d903562443923efa0e4bdd7ec98d123952ed212150874e0900b9d7b2ef02b380c632a3b311947dd8bb9e1f0c2f8cd095664b419fa97fe60adbac2cb5ef3e67a9469bca7c7c58de658ac99aab2afbc9"}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'pimreg1\x00'}, @NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x8}, @NL80211_ATTR_STA_PLINK_ACTION={0x5, 0x19, 0x1}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x8}, @NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x3}, @NL80211_ATTR_STA_EXT_CAPABILITY={0x71, 0xac, "132ee70686c6d686a37e3521c43d52f920b31b24735becfc0dae070a1699649e9f6f322ecc3ebac11db8c907143bdd2841ac117108193672efb165c43163f83a51d588ab37993ab9bab6cd7eee67d251f4f7d0f22226a2f389a1ef611833db1377804cf4ce7df8ec901fc7adf7"}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x3}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x800}, 0x42) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/team0/accept_dad\x00', 0x202, 0x0) sendfile$auto(r0, r6, 0x0, 0x10000) 6m5.869521184s ago: executing program 1 (id=852): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x88042, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) set_mempolicy$auto(0x3, &(0x7f0000000040)=0x7, 0x3) write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) timer_settime$auto(0x0, 0x519a, &(0x7f0000000100)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/arch_status\x00', 0x240, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x100) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 6m5.53734356s ago: executing program 1 (id=854): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x1, 0x84) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xca600, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x7, 0x3, 0x10001, 0x3, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948e, 0xffffffffffffffff, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x6, 0x2, 0x6]}, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xca002, 0x0) sendfile$auto(r1, r1, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) readv$auto(r2, &(0x7f0000000140)={0x0, 0x8}, 0x200000000080003) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) listmount$auto(0xfffffffffffffffd, 0x0, 0x8, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x110c230000, 0x1, 0x9) 5m57.366056205s ago: executing program 1 (id=866): mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0xffffffff7fffffff) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 5m56.796065261s ago: executing program 34 (id=866): mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0xffffffff7fffffff) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 9.211871957s ago: executing program 4 (id=1798): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000400)='/dev/binderfs/binder0\x00', 0x40, 0x0) socket(0x9, 0x1, 0x106) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) getdents$auto(r0, &(0x7f0000000080)={0x7, 0xc, 0x3ff}, 0x201) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) r1 = socket(0x2, 0x5, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000053c0), 0x41, 0x0) ioctl$auto_KVM_GET_SUPPORTED_HV_CPUID(r2, 0xc008aec1, &(0x7f0000005400)) unshare$auto(0x40000080) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) sendfile$auto(r3, r3, 0x0, 0x7ffff000) acct$auto(&(0x7f00000001c0)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x1f') r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto(0x6, 0x0, 0x100000002) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000d80), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_SET_CFG(r6, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001040)={0x2c, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_PLCA_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x20008800) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 8.112534063s ago: executing program 3 (id=1801): mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dri/card0\x00', 0x400000, 0x0) ioctl$auto(r2, 0x800064d1, r2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/vhci_hcd.14/usb37/power/autosuspend_delay_ms\x00', 0x10002, 0x0) read$auto(r3, 0x0, 0x20) writev$auto(r1, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/midiC2D1\x00', 0x1202, 0x0) r5 = prctl$auto(0x943, 0x1, 0x0, 0x1, 0xffffffffffffffc0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.2/udc/dummy_udc.2/a_alt_hnp_support\x00', 0x2000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, 0x0, 0x0) socket(0x26, 0x800, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r7 = socket(0x28, 0x1, 0x84) setsockopt$auto(r7, 0x0, 0x60, 0x0, 0x4f) r8 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) mmap$auto(0x2000, 0x20000000400008, 0xdc, 0x9b72, 0x2, 0x8000) r9 = socket(0x2, 0x1, 0x0) bind$auto(r8, &(0x7f0000000040)=@in={0x2, 0x4e60, @dev={0xac, 0x14, 0x14, 0x34}}, 0x3) sendmmsg$auto(r9, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(r5, 0x0, 0xc, 0x421, 0x0, 0xfffffffffffffffd) write$auto(r0, 0x0, 0x401) mmap$auto(0x0, 0x6, 0x400008, 0x11, 0xffffffffffffffff, 0x7ffb) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x800) connect$auto(0x3, 0x0, 0x55) read$auto(0x3, 0x0, 0x80) 6.980559533s ago: executing program 3 (id=1805): mmap$auto(0x0, 0x4, 0x4000000000e3, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup/cpu.weight\x00', 0x128082, 0x0) r1 = fanotify_init$auto(0x280, 0x1) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event\x00', 0x121000, 0x0) pread64$auto(r2, &(0x7f0000000080)='MaCE0211_HWSIM\x00', 0x3, 0x1) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) write$auto(0xffffffffffffffff, 0x0, 0xfdef) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) close_range$auto(0xffffffffffffffff, 0x8, 0xfffffffb) socket(0x2, 0x801, 0x106) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x2000, 0x0) socket(0x28, 0x1, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) mprotect$auto(0x1ffffffff000, 0x100018, 0x4) openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000001180), 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) r3 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000001680)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2, 0x0) write$auto_uprobe_events_ops_trace_uprobe(r3, &(0x7f0000000380)="703a3a82d9e5cc7c2ceda8d50bfc", 0xe) read$auto_snd_pcm_f_ops_pcm1(r1, &(0x7f00000000c0)=""/109, 0x6d) r4 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r4, 0x100, 0x70bd2a, 0x1, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40004) write$auto(r0, 0x0, 0x4) 6.275410482s ago: executing program 3 (id=1807): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) sendfile$auto(r1, r0, 0x0, 0x10000) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.4/usb5/power/level\x00', 0x129882, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800) r3 = socketpair$auto(0x22, 0x3, 0x8000000000000000, 0x0) shmctl$auto_IPC_INFO(0x28, 0x3, 0x0) read$auto_proc_auxv_operations_base(r3, 0x0, 0x0) ioctl$auto_XFS_IOC_FREESP(r3, 0x4030580b, &(0x7f00000000c0)={0x7bfa, 0xffff, 0x8000000000000001, 0xc63, 0x3, 0xffffffffffffffff}) shmctl$auto_IPC_SET(0xff, 0x1, &(0x7f0000000380)={{0x2, 0xee00, 0xee01, 0x0, 0x9, 0x9, 0x9}, 0xb20, 0xfffffffffffffffe, 0x7f, 0xfffffffffffffffd, @raw=0x7, @inferred=r4, 0xfc, 0x0, &(0x7f0000000840), &(0x7f0000000800)="81726da2c24df37e85f1ad146d92ae0e24799cc6ebc5cd4119eeef3b8d91d2a35959582bb9abf959be670d19201ad75f3b07515669fa6b6b54b6ef26fb665bd22e83240da65aab1d2fdad7a39316bd1bed4c0fdc03bfa44e3b9020f9c28c60818ca3b4a1da119f887ff13c81a617aa9c27643331696d6c5372b069482cc33bbdccb2195f094b3fa085766916b61ec3d6e9b97f79e72e7d704458dffd081bff42438deea3ce1951adefdbdf139b1d10ff7ef55ddef2ae86fc24f778b4e65f7a3109f3f373a086d802bd228ef22e1bad5ce4b303d8f31e01"}) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x400000000000003, 0x81, 0x53, 0x110, 0xfffffffffffffffa, 0x9) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x42000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r5, 0xc4c85512, &(0x7f0000000300)={{@raw=0x6, 0x0, 0x8001, 0x2, "da14cf93e7670976d4df4660872c34e34ab92824711bacf3578dcec408cf5180d03a4d126edb3169db6d48ac"}, 0x1, @iec958={"28f6a86309b1e098a7dfa272f95c4c28615313f81f02a4eb", "77a2e9b1b0224a8ef0ac25ff0db0b6ec20c55cccbf4e9b253241777363b62fbe19f64f49f5ed0205399a691cb53e4086d6ec9dcbc5173fee439c2db7f3d5f2d4dd2a267a11e3c0cc771cdddef6bdb02a85cf5ea2ecc26fa3fe291d1e45404619547117c0d45a0de14bc3b9c22d705152efa9d2cfb220c6210dd7606723fb4d6d8ea3e197b19203c65d90e3c761870cbd392bea", 0x0, "e8134be5"}, "a8949c7d9c57acd66da4c5f111166031ad47ebfed172b36a28d7b0204e3a90e9a6c41064df45da18212d9c4e61a29b8146bd0c0284d89751eb5c58cb32c2abf739599063c9a0820f08f1c1b3645f00006dcd033a712822785eeb6a2c41b6d7c00f5e965c1d0000000000000000000000000400"}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe0201, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfffffdef) fcntl$auto_F_ADD_SEALS(0xffffffffffffffff, 0x409, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) setsockopt$auto(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000680)='\xa1\x00\x16\x12\xf8\x98\xcf\x9b\x87\xf6I}T\x99\xb4\xd8S]\xbb\f\xdaY\xac\xf1\xa2\x98c\x1ds3\xfe@\v\xc2\x90X\x81\xa3r\xfdH\xb2\x0f\x01v2\x13Lo$\xb4d\xf1\'\xa0^\xa9[\x1b\xba\xe6\xd3zkL\xa8s\x8ccT=\xac\'\x93 %\xd4l\xfcfQ=\x10z%\x16\b\xd3\xa9\x11~\x11\x19c\x1e\xde\x0f\x9deB\xb3\xb2\xed0\xab', 0x4) sendfile$auto(r6, r6, 0x0, 0x2) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="21042abd700002dcdf250200000050b349d37eb17466ed7c2277f81b4fee00920cd6a6848e5254e0970051bafe3a63d0adf0ca706fd8b198fac509a3d11cea856b40fd9d47f9243f49aa650fc766daa23d35f633bcf812a10883b8166df54ba87a53b15e1396a9a8ebc928fa3bdb75"], 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x800) r8 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="14"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r8, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) sendfile$auto(r7, r7, 0x0, 0x2) 5.997273857s ago: executing program 5 (id=1808): unshare$auto(0x40000080) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x10400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0xee1, 0x6, 0x100007ff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub3/xrun_injection\x00', 0x8a180, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0) ioctl$auto(0x3, 0x80106f53, r0) 5.385584893s ago: executing program 5 (id=1809): pkey_mprotect$auto(0x800000000007, 0xbb, 0x5, 0xfffff802) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) socket(0x2, 0x5, 0x0) (async) r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0x8000}, 0x5, 0x311) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) clone$auto(0x1ff00, 0x0, &(0x7f0000002040)=0x7, 0x0, 0x9) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyx6\x00', 0x400, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b42", 0xfdef) (async) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="c80d1b5d399b42", 0xfdef) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) (async) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r5, &(0x7f0000003900)='\t', 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) (async) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r6, 0x0, 0x20) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) unshare$auto(0x40000080) ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x40000021, 0x400, 0x9}]}) (async) ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x40000021, 0x400, 0x9}]}) close_range$auto(0x2, 0x8, 0x0) 5.243902972s ago: executing program 4 (id=1810): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x7, 0x4) r0 = set_tid_address$auto(0x0) syz_open_procfs$namespace(r0, &(0x7f00000001c0)='ns/pid_for_children\x00') socket(0x1d, 0x2, 0x6) getsockname$auto(0x3, &(0x7f00000002c0), &(0x7f0000000180)=0x4) syz_clone(0x124a000, 0x0, 0x0, 0x0, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0xea) read$auto(0xffffffffffffffff, 0x0, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x20000003) madvise$auto(0xfffffffffffffffe, 0x100000, 0x17) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x1, 0x0) geteuid() socket(0xb877d7ae5150abdb, 0x3, 0x8000) prctl$auto(0x22003a, 0x5, 0x0, 0x2, 0x800000004000) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x804, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000300)={{0x0, 0x12, 0x0, 0x4, 0x0, 0x2, 0xb}, 0x800008}, 0x1ff, 0x1ffffff8) semget$auto(0x0, 0x13c, 0x1ff) bpf$auto(0x7, &(0x7f00000000c0)=@raw_tracepoint={0x9, 0x0, 0x0, 0x6}, 0x3d) semtimedop$auto(0x0, &(0x7f00000000c0)={0xa, 0x81, 0x70}, 0x1f4, 0x0) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0x36ec}, 0x1, 0x0) semctl$auto(0x0, 0x9, 0x0, 0x2) lstat$auto(&(0x7f0000000200)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', 0x0) ioctl$auto(0x3, 0x5420, 0x38) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0x402c542c, 0x38) 5.175522504s ago: executing program 3 (id=1811): unshare$auto(0x40000080) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) pread64$auto(0xffffffffffffffff, 0x0, 0x202, 0x7) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x1000000a, 0x1, 0x44b, 0x4, 0x1, 0x1007181, 0xd1, 0x7, 0x7, 0x7ff, 0x800c, 0x5, 0x8, 0x80200000000001, 0x800000000fff, 0xde6, 0x9809588, 0xfffffffd, 0x2, 0xbb2f, 0x864, 0x6, 0x22000, 0x200, 0xffffffff, 0xc3f, 0x2000000, 0x0, 0x0, 0x0, 0xfffffffe, [0x3, 0x0, 0x0, 0x7fdf, 0x3, 0x4, 0x100, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x7, 0xffffffffffffffff, 0x2, 0x44cd98b, 0x6, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x6, 0x2a, 0x180000001, 0x0, 0x10001, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x8, 0x1, 0xffffffffffffffff, 0x0, 0x5, 0x0, 0xfff]}, 0xa, 0xd) openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, 0x0, 0x180, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd02, &(0x7f00000001c0)) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = io_uring_setup$auto(0x7, 0x0) io_uring_register$auto(r2, 0x11, &(0x7f0000000000), 0x0) unshare$auto(0x7) openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/debug/netdevsim/netdevsim4/take_snapshot\x00', 0x758200, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r4, &(0x7f0000000e80)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd700002dcde251f0000000500060009000000080003000400000005000400e900000008000200f7000000180001801400020076657468305f766972745f7769666900fe630c7477f03c14b313de98d424a0614416010d7a0f5ecc928342f63a5c599dcc9e81ee11504806d405279176ca7e561a16f9e617ce5f0603cd34d000ff639ee87957c897b1290ab2399dc088fb649daba56143c4b262aedc7dff577f4cf5b262d99a05d1e7c29f233db9fd88018c60b59a2204d19ea7e9efe58192cca559b95c59ff"], 0x4c}, 0x1, 0x0, 0x0, 0x4004084}, 0x82) shutdown$auto(r4, 0x2) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/controlC0\x00', 0x1d1d40, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) write$auto_ocfs2_control_fops_stack_user(r5, &(0x7f0000003900), 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/net\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/net\x00') remap_file_pages$auto(0x6a27, 0x1000, 0x1, 0xb78, 0x66a) 4.081114426s ago: executing program 3 (id=1812): statmount$auto(0x0, &(0x7f0000000480)={0x8, 0x1, 0x401bf, 0x7352, 0x34, 0x400000000065e, 0x1ffde, 0x40007, 0x40000000007f, 0x20000005, 0x9, 0x3, 0x6, 0x408000004, 0xb4, 0x4, 0x6, 0x2, 0x1, 0xfff, 0xfffffff7, 0x7, 0x1fff, 0x203, 0x838b, 0x84, 0x2, 0x0, 0x5, 0x0, 0x0, [0x0, 0x0, 0x0, 0x40000000000, 0x10000, 0xffffffffffffffff, 0x0, 0x0, 0x400, 0x0, 0x0, 0x401, 0x70000, 0x0, 0x7, 0x0, 0x81, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x251, 0x3, 0x0, 0x0, 0x8, 0x3, 0xfffffffffffff7cc, 0x4, 0x400000000000002, 0x0, 0x0, 0x0, 0x0, 0x9, 0x8, 0x2000], "d61f9cfd58be47870d84274ae2b3b76fb0b42a66dee4f0f61dd79fd360dab529981d9cec9ad88c140f35f0575514804de9fea42f6548b535f472071c082528db19ad5ff0f5f4a228b56a9c6ab3d17436ceb6572e7c5b16414feeeaf3c222000d450e5972085a3cc360e8b0bb7e0b6fac6b6c349cc0f2fbe5427d0fc619745f63a1be89069d0c7f5adfbe8e1ce7bcccf80d6509ff0d6148c0276da636046dabe62306f8b7dae06536c109c8ea020fcc22e77f521cfc85ca367ca89d935b91cb6191bd72106fbea553b57d89a24ea697dae9eeb76f6eec824fe474a26ad3866232e120ceb2c9a2a6d866088f0ca42ae6975a064e819c1ea89c4c6540e0174ef7f5a8df0cc06b56f2739dc79f7e9fd8a442eca5e4dc1d6e4c29e48f5bc55a37c949aa076ead96a361de531a45071a77300810dd06219a141903bb49f44f31d32d8197f796ab3ac74b23cd25619ecb52a52d989455ba06c8e9876818d3915240deff707e04b2e19dec3b30adcef9ad1ed6668e6e"}, 0x1fe, 0x8) personality$auto(0x5) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0x101901, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x9, "0200000002000000997e763f222ce1", '\x00', "0001410c", '\x00', ["f5404de9641f0000000060c1", "70d9a9a3af9f39d000000001", "ef5ac4927ad89c5c00"]}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/003/001\x00', 0x8001, 0x0) ioctl$auto_USBDEVFS_SETINTERFACE(r1, 0x80085504, &(0x7f0000000180)={0xfffffffe, 0x802}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x8) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000440)='/dev/dsp1\x00', 0x4e02, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r2, 0xc0045005, 0x0) socket(0x1d, 0x80008, 0x7fff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r5, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) r6 = socket(0x18, 0x5, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r7, 0x5403, 0x0) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r6, 0x0, 0x30004850) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtdblock0\x00', 0x20200, 0x0) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x80000000}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r4) 3.972253775s ago: executing program 6 (id=1813): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f682, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), r2) sendmsg$auto_L2TP_CMD_SESSION_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x24, r3, 0x1, 0x74bd2b, 0x25dfdbfc, {}, [@L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x1}, @L2TP_ATTR_CONN_ID={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x20000044) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) r6 = socket(0xa, 0x5, 0x84) sendto$auto(r6, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c) ioctl$auto_EVIOCGEFFECTS(r1, 0x80044584, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_RXQ_OVFL(0xffffffffffffffff, 0x34, 0x28, &(0x7f0000000280)='!{\x00', 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r8, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000002e80)={0x14, r9, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4) r10 = ioctl$auto_NS_GET_TGID_IN_PIDNS(r5, 0x8004b709, &(0x7f0000000140)=0x7) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x310, r9, 0x1, 0x70bd27, 0x25dfdbff, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x7}, @SEG6_ATTR_HMACINFO={0x2f3, 0x7, 0x0, 0x1, [@nested={0x44, 0x62, 0x0, 0x1, [@typed={0x16, 0x12, 0x0, 0x0, @str='/dev/input/event0\x00'}, @nested={0x4, 0x5e}, @typed={0xc, 0xb4, 0x0, 0x0, @u64=0x400}, @typed={0x9, 0x127, 0x0, 0x0, @str='l2tp\x00'}, @typed={0x8, 0xb5, 0x0, 0x0, @u32=0x5}, @nested={0x4, 0x14f}]}, @nested={0x1c8, 0x73, 0x0, 0x1, [@generic="3e4ec35af8e5b822fc89e3c14c0e691ba9c935a84af964c31759da0c2d76dca78b911fa96b9ba20a75f9301eee879ab3e0a1940f460bc8c28d31350814b580105803b9f9bae6954953f023257f0c26acc60c422dbcf00169540dadfe4d7d059026bb052cffd472e42ffb99cecef2989ba8eaf52158d3a75e30b9c85654a4968cc54b174ecaabbcc3763e4ba76768677ea7b43edd23a11efb54f7d714f2d11ebf28444f8122ed77f4aa3f8f1a82a3fa7ffccb3356b5a14c9829c3b9f0b1905573bd274211954bea2637c3a9112306edc989c073aeced6fde1d04a2982cd6fdcd69ba3188e1d97bc04f30a347d2f1f1af80654", @generic="dc1951719ba46b2068bb", @nested={0x4, 0xc2}, @typed={0x8, 0xa3, 0x0, 0x0, @pid=r10}, @generic="10e7546ff48ffef58a8a7607b88b36b4d2784d35a6821ba30f8ab324d709a1e87298cdecaedfe56518fcba9d2889403c13864a73304763245c89f04f2b4098a03b1365c333e621242f3e76e51bcfe21ebe57b8b03e03a71b6d5d4ca35fb9ec64be49eddcc8ecde11902a6c49dc625ac77b05c2dbcb72cf58513401b69ebd05d9e8fb4a1c43d0868cd62aca10cbe6f689714a183138916594c402571bac840b91c036d42b54bda3bd851d65d60e3302c19820021aa7d8bac792bcd2b0"]}, @generic="e599a8b75f2d961df83dbfe85187e89c8b697d947f79acfde9f19dd0fd0c9c32922cfac4617666c6d277defcbf2839af08d4f50e7868590ddf337d6ebd6cdd38fcb2a493b5c253d6922417682d05175ffbc8ed9f3317bcd6d88217ad869238f10a35c002b75a4c79128517165865436a7d860eab69c827650a23b9d25376e55e7fae3648a13e318a00cdf6b7d2b84aa6af07cea8df52431dc61199fc70762d05628172cb35dc23", @nested={0x3a, 0x12d, 0x0, 0x1, [@generic="103793f6a36f9cf438f5c3451f807c579fb20647c5780b06e8d0bc0073cb205aa51d63ac73d1ebaaca1dbf90684b2eeb18a7eea772d0"]}]}]}, 0x310}, 0x1, 0x0, 0x0, 0x4000080}, 0x20000000) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(r5, r6, 0x0, 0xc) acct$auto(&(0x7f0000000080)='/dev/dri/card0\x00') 3.50888729s ago: executing program 4 (id=1814): r0 = open(0x0, 0x161342, 0x62) read$auto_lowpan_control_fops_6lowpan(r0, 0x0, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) r1 = socket(0xa, 0x2, 0x73) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000f9dbdf250100000008000a0008000000050007003b000000080009009c781e01060002000100", @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) close_range$auto(0x2, 0x8, 0x0) 2.791371716s ago: executing program 5 (id=1815): openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) (async) r0 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) ioctl$auto_IOCTL_GET_NUM_DEVICES(r0, 0x40046104, &(0x7f0000000080)=0x207f) socket(0xa, 0x801, 0x84) socket(0x2, 0x4, 0x8c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) mremap$auto(0x8008, 0x18, 0x1000003fd7, 0x8, 0x10001) (async) mremap$auto(0x8008, 0x18, 0x1000003fd7, 0x8, 0x10001) mmap$auto(0x5, 0x8, 0xe3, 0x9b7f, 0x2, 0x8000) (async) mmap$auto(0x5, 0x8, 0xe3, 0x9b7f, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = pidfd_open$auto(0x1, 0x0) setns(r2, 0x60020000) (async) setns(r2, 0x60020000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) socket(0x29, 0x5, 0x1) getcwd$auto(0x0, 0x3) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xff}}, 0x4000054) 2.770687591s ago: executing program 4 (id=1816): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0) inotify_init1$auto(0x3000000000000) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) socket(0x1e, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) sysfs$auto(0x2, 0xe, 0x4) lsm_list_modules$auto(0x0, 0x0, 0x0) r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x40000403c6f2b, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x5) read$auto(r2, 0x0, 0x800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1000, 0x40000d, 0xdf, 0xfffffffffffffff5, 0xffffffffffffffff, 0x8000) clone$auto(0x2, 0x81, 0x0, 0x0, 0x3) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x401, "790eaa833e6fc65b6b3cf705000b933f628d208bd2fc1f64010043eeb0b05c03000000fc000e00", @raw=0x9}, 0x1, 0x966, 0x3, @raw=0x404, @integer={0x4, 0x2000000b752, 0x9}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80000, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x40146f2c, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = gettid() kill$auto(r5, 0x11) ptrace$auto_ARCH_MAP_VDSO_64(0x800, r5, 0x3, 0x2003) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRESDEC=r4, @ANYBLOB="010029bd7000fedbdf250d0000000c000600010000000000000008"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r6 = socket(0xa, 0x2, 0x3a) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, r6, 0x3, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x100) 2.625388585s ago: executing program 6 (id=1817): unshare$auto(0x40000080) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x10400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0xee1, 0x6, 0x100007ff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/batadv_slave_0/proxy_ndp\x00', 0x382, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0) ioctl$auto(0x3, 0x80106f53, r0) 2.239406987s ago: executing program 5 (id=1818): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(r0, r0, 0x0, 0x7ffff00b) write$auto(0x1, 0x0, 0x80000000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x28, 0x801, 0x0) socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x7fffffff, 0x948b, 0x40000000000003, 0x95f4da2d, 0x851, 0x6, 0x62, 0x7, 0x0, 0x6d3f, 0xa, 0x5, 0x5]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x60a41, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\x13\x12dQ\x01y\xeb', 0x7e) listen$auto(r3, 0x1f64b57d) prctl$auto(0x4d, 0x1, 0x0, 0x0, 0x0) timer_create$auto(0x9, 0x0, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000100)={[0x1fe, 0x6, 0x2, 0xffffffffffffffe7, 0x800000000000948b, 0x3, 0x15f4da0a, 0x3, 0x4000000000000003, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x8000000000000000, 0x6]}, 0x0) listen$auto(r1, 0xffffffff) ioctl$auto(0x3, 0x5411, 0x10000000000402) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x110c230000, 0x8031ca, 0x9) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0xc40c1, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, 0x0, 0x0) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) 1.975464655s ago: executing program 6 (id=1819): r0 = socket(0xa, 0x3, 0x3a) setsockopt$auto(r0, 0x29, 0x15, 0x0, 0x1) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r1, 0x100, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x4}, @NL802154_ATTR_WPAN_PHY_NAME={0x7, 0x2, '}@\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x100}, 0x40) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000002100), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_DISCONNECT(r2, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000002200)={&(0x7f0000000000)={0x14, r3, 0x200, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20044800}, 0x4000) 1.669796771s ago: executing program 6 (id=1820): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, r1, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r2}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x80}, @OVS_DP_ATTR_NAME={0x13, 0x1, '\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00Kc\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) 1.356201855s ago: executing program 3 (id=1821): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) setrlimit$auto(0x0, &(0x7f0000000000)={0x1, 0xfb3}) sigaltstack$auto(&(0x7f0000000180)={0x0, 0x80000001, 0x40b4}, 0x0) sigaltstack$auto(&(0x7f0000000080)={0x0, 0x2, 0x4}, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = semctl$auto(0x2, 0x9, 0x939, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f00000009c0)={0x274, 0x0, 0x100, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}, @NL802154_ATTR_SEC_KEY={0x242, 0x30, 0x0, 0x1, [@nested={0x5a, 0x148, 0x0, 0x1, [@generic="ed570a541f7b1c0bd1b0d7ebcd27eb80936e986826c82f23607e0804923887f0237976de9dc348dcf05bc7252e7610f4e94d", @nested={0x4, 0x14a}, @typed={0x8, 0x9a, 0x0, 0x0, @ipv4=@local}, @typed={0x17, 0x110, 0x0, 0x0, @str='/proc/self/pagemap\x00'}]}, @generic="2a37d9cf718fd26f87e9fd12bcd871f79069e0af57e4d00636a415ecc9b0819c20fa8b2e6fcc621fcae2e16dd56383aa15a5696b93a5b393e47cfcb1634ed805152b36f53235e401931d5662dd7586a02db9ab28466f2b80baa1e4d06861f14c51ee866bfe18f689d9eea1fa5a0599d07c070f61b9bc1e25fcef211ed03c", @nested={0x24, 0x92, 0x0, 0x1, [@typed={0x8, 0x42, 0x0, 0x0, @pid}, @typed={0x14, 0xb8, 0x0, 0x0, @ipv6=@mcast2}, @nested={0x4, 0x11c}]}, @generic="bc4e", @generic, @nested={0xfd, 0x1f, 0x0, 0x1, [@typed={0x8, 0x82, 0x0, 0x0, @ipv4=@rand_addr=0x64010102}, @generic="229b4d5838c462be6eaec64306d31af4b2fc20a498184cc853188352ddc391a82b0e3945baa39f0a0e0058ab275ba62ffac80bcaff36a46499f0e155be9b289627027dee5e57a99bbd039b1e7f349da46627c1ea3dcb4b1e3821516bd1ae80ad94960b564d711aaa9996d0803e605aabcfdbcd96de8faa9458e8501f4ca669912b5a7a5381730acadf0c67f4dc4d48b49dbceeaae65ef123ac0af12e08d7c30e7ee83e49fb5fa645292d95193d32e5a5174ff15147c63442b9656cc2cf153ba59d4c32a4f000e91413d0e0ae76b4c34566e3f3060d6081054d76ddf8d3be32ae97", @nested={0x4, 0xc9}, @typed={0x4, 0x140}, @typed={0x8, 0x2d, 0x0, 0x0, @pid=r1}]}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x14}}, @generic="09f2b646bf9ce14b00a95f667a064a99faa891d93fe26c2b527de138c78733e7324d24123bd5837bc83a"]}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}, @NL802154_ATTR_SEC_LEVEL={0x4}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0xc9e6}]}, 0x274}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x1045100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r2, 0x0, 0x39b8) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) clone$auto(0x2, 0x5feb, 0x0, 0x0, 0x2000000000003) sendmsg$auto_TIPC_NL_LINK_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4004000}, 0x8010) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.069871449s ago: executing program 6 (id=1822): mmap$auto(0x0, 0x6, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) prctl$auto(0x1000000003b, 0x100001, 0x4, 0x80a, 0x6) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) ioctl$auto_UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000080)={0x130, 0x8, 0x10001}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) setgroups$auto(0x8, &(0x7f0000000000)=0x5) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) write$auto_proc_mem_operations_base(r0, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/loop9/hctx0/sched_tags_bitmap\x00', 0x101a00, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f0000000340)=""/179, 0xb3) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x700000000000000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2900, 0x0) read$auto(r4, 0x0, 0x7) acct$auto(&(0x7f0000000000)='/dev/tty\x00`Mx\x9d\xfa\xb3\x1f\xc6k\x01\x13\x9b\x15[\xf7\xaan\x1fOgo\xbb(\xcbx\x9bJ\x91*\xa5a\x02\xf3\x1b\x9d\xddy\xef\xee\xe4h\xd5\nH\x80\x8a\xd7Y\xb8\xcb\x90') r5 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x0, 0x1, 0x9, 0x7, 0x3b, 0x3ff, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x9, 0x3, 0xfffc, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x5]}, 0x202, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c001300fcdbbc2353f74fa9256563b979e41af25e403ec2c853d4662dc2477fb8ce947bdc0f5c0513ff03a03e2f969bf97ff8acf360d119aec1eb971d4cc78fc8e0d10db928bac2c986c79fec", @ANYRESHEX=r5], 0x3c}, 0x1, 0x0, 0x0, 0x8014}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0) 1.032610305s ago: executing program 5 (id=1823): mmap$auto(0x0, 0x6, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x405b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) prctl$auto(0x1000000003b, 0x100001, 0x4, 0x80a, 0x6) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) ioctl$auto_UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000080)={0x130, 0x8, 0x10001}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) setgroups$auto(0x8, &(0x7f0000000000)=0x5) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) write$auto_proc_mem_operations_base(r0, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/loop9/hctx0/sched_tags_bitmap\x00', 0x101a00, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f0000000340)=""/179, 0xb3) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x700000000000000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2900, 0x0) read$auto(r4, 0x0, 0x7) acct$auto(&(0x7f0000000000)='/dev/tty\x00`Mx\x9d\xfa\xb3\x1f\xc6k\x01\x13\x9b\x15[\xf7\xaan\x1fOgo\xbb(\xcbx\x9bJ\x91*\xa5a\x02\xf3\x1b\x9d\xddy\xef\xee\xe4h\xd5\nH\x80\x8a\xd7Y\xb8\xcb\x90') r5 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x0, 0x1, 0x9, 0x7, 0x3b, 0x3ff, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x9, 0x3, 0xfffc, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x5]}, 0x202, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c001300fcdbbc2353f74fa9256563b979e41af25e403ec2c853d4662dc2477fb8ce947bdc0f5c0513ff03a03e2f969bf97ff8acf360d119aec1eb971d4cc78fc8e0d10db928bac2c986c79fec", @ANYRESHEX=r5], 0x3c}, 0x1, 0x0, 0x0, 0x8014}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0) 796.645157ms ago: executing program 4 (id=1824): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/hugepages-1024kB/stats/anon_fault_fallback\x00', 0x0, 0x0) (async) r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x68182, 0x0) writev$auto(r1, &(0x7f0000000280)={0x0, 0x45}, 0xb) (async) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003800)=""/168, 0xa8) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000080), 0x101200, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/rxrpc/calls\x00', 0x40280, 0x0) (async) socket(0xa, 0x3, 0x100) (async) socketpair$auto(0xb, 0xd, 0x800e8, 0x0) (async) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x88000, 0x0) (async) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x5e, 0x0, 0x100000, 0xffffffffffffaee1, 0xfffffffffffffffe, 0x2, 0x7, 0xbfd, 0x9, 0x30, 0x3, 0x2}) (async) write$auto(r2, &(0x7f0000000480)='/Eev/|uJio1\x00\x01\xad\x11\x96\xd8\xd4Z\xb8\x03\x10F\xc6\xf5\xe0\xf3VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\xdc\x0f\xe9\xec\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\x00\xe7\xd9j<)\x8b\x82\xd1I\xd4\x8b\xb0\xe7\xc8n\xba\x9e\xda5a\xc3R\x86\xbfuA\x9e\xee\xacV\x1f\xd3\xb7\x9ah\xb4W\x93}\xb7\xc5\xfd\xc5*?\x910g\x05,\xb4\xfbEK\n2rk\xbf\xcdg 4\x97\r\xb63@\x13\x9a\xd9(\xefp\xa3\xb5B\xcay\xbb\x94\xa0e\x00\xcb\xf7\xb1\x84x\x7f\x9d\vlw\xaf\x80AD\x02F\x97l\xbe$\xc3\f\x80-\xa5r{\xd6&\x1aa}\xcb\x9f\xdd/3E\x1c}\x91\xc58%\x03\xdd\x1a\xf404z^/\xf4\xba=', 0x100000a3d9) (async) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x80900, 0x0) setresgid$auto(0x0, 0x0, 0x8) (async) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0) (async) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0x1800000, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x400, 0x40000000000003, 0x462, 0x80000001, 0x50a7, 0x6d3f, 0x5, 0x1, 0xfffffffffffffffe]}, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7f, 0xd, 0x1, 0x948f, 0x1005, 0x206, 0x7, 0xfffffffffffffff6, 0x7, 0x9, 0x79d, 0x6, 0x100000000000000, 0xfffffffffffffffe, 0xf]}, 0x0) (async) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x200000, 0x0) (async) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) (async) socket(0x2, 0x3, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 334.981549ms ago: executing program 6 (id=1825): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f00000002c0)={0x7f, 0xad, 0x2, 0x11c7103f, 0xc, 0x1000, 0x0, 0xee2b, 0x1, 0x10000, 0x9, 0x2}) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000240)={0x5a02, 0x0, [{0xc, 0xffff, 0x6}]}) writev$auto(0xffffffffffffffff, 0x0, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto(0xffffffffffffffff, 0x540a, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000600), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_SET(r3, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000640)={0x24, r4, 0x1, 0x70bd2d, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_KEY={0x4}, @OVS_FLOW_ATTR_ACTIONS={0x4}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x51}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) setreuid$auto(0x7, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) sysfs$auto(0x2, 0x2, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) 3.21468ms ago: executing program 4 (id=1826): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) epoll_create1$auto(0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) unshare$auto(0x40000080) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001980)=ANY=[@ANYBLOB='\f\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1b0026bd7400fddbdf2503000000040008000c00038008000680b14e100712000100898771f1c19f17790485908286dd000004000280"], 0x3c}, 0x1, 0x0, 0x0, 0x400c000}, 0x20048880) sendfile$auto(r0, r1, 0x0, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) (async) epoll_create1$auto(0x1) (async) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) (async) unshare$auto(0x40000080) (async) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001980)=ANY=[@ANYBLOB='\f\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1b0026bd7400fddbdf2503000000040008000c00038008000680b14e100712000100898771f1c19f17790485908286dd000004000280"], 0x3c}, 0x1, 0x0, 0x0, 0x400c000}, 0x20048880) (async) sendfile$auto(r0, r1, 0x0, 0x1) (async) 0s ago: executing program 5 (id=1827): mmap$auto(0x0, 0x6, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) prctl$auto(0x1000000003b, 0x100001, 0x4, 0x80a, 0x6) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) ioctl$auto_UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000080)={0x130, 0x8, 0x10001}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) setgroups$auto(0x8, &(0x7f0000000000)=0x5) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) write$auto_proc_mem_operations_base(r0, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/loop9/hctx0/sched_tags_bitmap\x00', 0x101a00, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f0000000340)=""/179, 0xb3) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x700000000000000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2900, 0x0) read$auto(r4, 0x0, 0x7) acct$auto(&(0x7f0000000000)='/dev/tty\x00`Mx\x9d\xfa\xb3\x1f\xc6k\x01\x13\x9b\x15[\xf7\xaan\x1fOgo\xbb(\xcbx\x9bJ\x91*\xa5a\x02\xf3\x1b\x9d\xddy\xef\xee\xe4h\xd5\nH\x80\x8a\xd7Y\xb8\xcb\x90') r5 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x0, 0x1, 0x9, 0x7, 0x3b, 0x3ff, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb2, 0x9, 0x3, 0xfffc, 0x80, 0x7, 0x40000, 0x7, 0x2000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x0, [0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x1, 0x0, 0x5]}, 0x202, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c001300fcdbbc2353f74fa9256563b979e41af25e403ec2c853d4662dc2477fb8ce947bdc0f5c0513ff03a03e2f969bf97ff8acf360d119aec1eb971d4cc78fc8e0d10db928bac2c986c79fec", @ANYRESHEX=r5], 0x3c}, 0x1, 0x0, 0x0, 0x8014}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0) kernel console output (not intermixed with test programs): ][T12380] RBP: 00007f8a72813f91 R08: 0000000000000002 R09: 0000000000008000 [ 635.270962][T12380] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 635.270970][T12380] R13: 00007f8a729e6038 R14: 00007f8a729e5fa0 R15: 00007fffbd21fcc8 [ 635.270989][T12380] [ 635.939781][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 928 with max blocks 11 with error 117 [ 636.050554][T12391] netlink: 'syz.6.1316': attribute type 1 has an invalid length. [ 636.119242][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 636.119242][ T13] [ 637.082931][T12409] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input88 [ 637.200858][T12411] mkiss: ax0: crc mode is auto. [ 637.302476][T12414] openvswitch: netlink: Message has 8 unknown bytes. [ 637.595997][T12418] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input89 [ 639.020161][T12440] FAULT_INJECTION: forcing a failure. [ 639.020161][T12440] name fail_futex, interval 1, probability 0, space 0, times 0 [ 639.142453][T12440] CPU: 0 UID: 0 PID: 12440 Comm: syz.3.1327 Tainted: G U L syzkaller #0 PREEMPT(full) [ 639.142481][T12440] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 639.142486][T12440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 639.142495][T12440] Call Trace: [ 639.142500][T12440] [ 639.142506][T12440] dump_stack_lvl+0x16c/0x1f0 [ 639.142530][T12440] should_fail_ex+0x512/0x640 [ 639.142554][T12440] get_futex_key+0x1d0/0x15f0 [ 639.142576][T12440] ? __pfx_get_futex_key+0x10/0x10 [ 639.142597][T12440] ? __lock_acquire+0x433/0x22f0 [ 639.142615][T12440] futex_wake+0xea/0x530 [ 639.142628][T12440] ? futex_wait+0x120/0x380 [ 639.142643][T12440] ? __pfx_futex_wake+0x10/0x10 [ 639.142659][T12440] ? __fget_files+0x204/0x3c0 [ 639.142681][T12440] do_futex+0x1e3/0x350 [ 639.142699][T12440] ? __pfx_do_futex+0x10/0x10 [ 639.142718][T12440] ? fput+0x70/0xf0 [ 639.142730][T12440] ? __sys_sendmsg+0x18c/0x220 [ 639.142746][T12440] __x64_sys_futex+0x1e0/0x4c0 [ 639.142766][T12440] ? __pfx___x64_sys_futex+0x10/0x10 [ 639.142792][T12440] do_syscall_64+0xcd/0xf80 [ 639.142812][T12440] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.142832][T12440] RIP: 0033:0x7f8a7278f7c9 [ 639.142845][T12440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.142859][T12440] RSP: 002b:00007f8a735c30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 639.142873][T12440] RAX: ffffffffffffffda RBX: 00007f8a729e5fa8 RCX: 00007f8a7278f7c9 [ 639.142883][T12440] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8a729e5fac [ 639.142892][T12440] RBP: 00007f8a729e5fa0 R08: 00007f8a735c4000 R09: 0000000000000000 [ 639.142900][T12440] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 639.142909][T12440] R13: 00007f8a729e6038 R14: 00007fffbd21fbe0 R15: 00007fffbd21fcc8 [ 639.142928][T12440] [ 639.353438][T12441] FAULT_INJECTION: forcing a failure. [ 639.353438][T12441] name failslab, interval 1, probability 0, space 0, times 0 [ 639.366856][T12441] CPU: 0 UID: 0 PID: 12441 Comm: syz.5.1325 Tainted: G U L syzkaller #0 PREEMPT(full) [ 639.366883][T12441] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 639.366889][T12441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 639.366897][T12441] Call Trace: [ 639.366902][T12441] [ 639.366908][T12441] dump_stack_lvl+0x16c/0x1f0 [ 639.366934][T12441] should_fail_ex+0x512/0x640 [ 639.366955][T12441] ? fs_reclaim_acquire+0xae/0x150 [ 639.366974][T12441] should_failslab+0xc2/0x120 [ 639.366994][T12441] __kmalloc_noprof+0xeb/0x910 [ 639.367014][T12441] ? usb_alloc_urb+0x66/0xa0 [ 639.367035][T12441] ? usb_alloc_urb+0x66/0xa0 [ 639.367050][T12441] ? __kasan_kmalloc+0xaa/0xb0 [ 639.367063][T12441] usb_alloc_urb+0x66/0xa0 [ 639.367080][T12441] usb_control_msg+0x1d3/0x4a0 [ 639.367099][T12441] ? __pfx_usb_control_msg+0x10/0x10 [ 639.367118][T12441] ? __lock_acquire+0x433/0x22f0 [ 639.367138][T12441] hub_ext_port_status+0x14e/0x670 [ 639.367162][T12441] hub_activate+0x6e5/0x1d60 [ 639.367186][T12441] ? __pfx_hub_activate+0x10/0x10 [ 639.367203][T12441] ? find_held_lock+0x2b/0x80 [ 639.367223][T12441] ? usbdev_ioctl+0x750/0x4070 [ 639.367245][T12441] hub_resume+0xa8/0x3f0 [ 639.367264][T12441] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 639.367285][T12441] ? __pfx_hub_resume+0x10/0x10 [ 639.367304][T12441] ? __pfx_hcd_bus_resume+0x10/0x10 [ 639.367324][T12441] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 639.367343][T12441] usb_resume_both+0x237/0x960 [ 639.367359][T12441] ? __pfx_usb_resume_both+0x10/0x10 [ 639.367375][T12441] ? __pfx_usb_runtime_resume+0x10/0x10 [ 639.367393][T12441] ? __pfx_usb_runtime_resume+0x10/0x10 [ 639.367409][T12441] __rpm_callback+0xc8/0x610 [ 639.367424][T12441] ? __pfx_usb_runtime_resume+0x10/0x10 [ 639.367441][T12441] rpm_callback+0x1b7/0x200 [ 639.367453][T12441] ? __pfx_usb_runtime_resume+0x10/0x10 [ 639.367470][T12441] rpm_resume+0xceb/0x12f0 [ 639.367487][T12441] ? __pfx_rpm_resume+0x10/0x10 [ 639.367498][T12441] ? do_raw_spin_lock+0x12c/0x2b0 [ 639.367517][T12441] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 639.367542][T12441] __pm_runtime_resume+0xb6/0x170 [ 639.367557][T12441] usb_autoresume_device+0x23/0xe0 [ 639.367578][T12441] usbdev_open+0x228/0x8b0 [ 639.367601][T12441] ? kobject_get_unless_zero+0x156/0x1e0 [ 639.367622][T12441] ? __pfx_usbdev_open+0x10/0x10 [ 639.367640][T12441] ? chrdev_open+0x10b/0x6a0 [ 639.367661][T12441] ? __pfx_usbdev_open+0x10/0x10 [ 639.367677][T12441] chrdev_open+0x234/0x6a0 [ 639.367695][T12441] ? __pfx_apparmor_file_open+0x10/0x10 [ 639.367713][T12441] ? __pfx_chrdev_open+0x10/0x10 [ 639.367732][T12441] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 639.367757][T12441] do_dentry_open+0x748/0x1590 [ 639.367775][T12441] ? __pfx_chrdev_open+0x10/0x10 [ 639.367798][T12441] vfs_open+0x82/0x3f0 [ 639.367823][T12441] path_openat+0x2078/0x3140 [ 639.367849][T12441] ? __pfx_path_openat+0x10/0x10 [ 639.367875][T12441] do_filp_open+0x20b/0x470 [ 639.367894][T12441] ? __pfx_do_filp_open+0x10/0x10 [ 639.367927][T12441] ? alloc_fd+0x471/0x7d0 [ 639.367950][T12441] do_sys_openat2+0x11f/0x280 [ 639.367964][T12441] ? __pfx_do_sys_openat2+0x10/0x10 [ 639.367985][T12441] __x64_sys_openat+0x174/0x210 [ 639.368000][T12441] ? __pfx___x64_sys_openat+0x10/0x10 [ 639.368022][T12441] do_syscall_64+0xcd/0xf80 [ 639.368043][T12441] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.368057][T12441] RIP: 0033:0x7f42eeb8f7c9 [ 639.368069][T12441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 639.368083][T12441] RSP: 002b:00007f42ef9f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 639.368096][T12441] RAX: ffffffffffffffda RBX: 00007f42eede6270 RCX: 00007f42eeb8f7c9 [ 639.368106][T12441] RDX: 0000000000040a02 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 639.368114][T12441] RBP: 00007f42eec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 639.368123][T12441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 639.368132][T12441] R13: 00007f42eede6308 R14: 00007f42eede6270 R15: 00007ffc0c76b908 [ 639.368151][T12441] [ 639.368178][T12441] hub 37-0:1.0: hub_ext_port_status failed (err = -12) [ 640.713164][T12452] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1330'. [ 640.856889][T12455] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1331'. [ 641.457037][T12462] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1333'. [ 642.939550][T12474] usb usb36: usbfs: process 12474 (syz.4.1335) did not claim interface 0 before use [ 642.949262][T12475] netlink: 98 bytes leftover after parsing attributes in process `syz.3.1337'. [ 643.202895][ T5834] Bluetooth: hci5: unexpected event 0x3e length: 726 > 260 [ 643.202929][ T5834] Bluetooth: hci5: unexpected subevent 0x0e length: 725 > 15 [ 643.219592][ T5834] Bluetooth: hci5: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 643.281747][T12484] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 643.301547][T12483] program syz.5.1336 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 644.169737][T12491] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 647.201525][T12532] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input90 [ 647.336773][T12533] openvswitch: netlink: Message has 8 unknown bytes. [ 647.733255][T12534] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input91 [ 649.392384][T12547] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 650.178212][T12568] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input92 [ 650.421051][T12572] openvswitch: netlink: Message has 8 unknown bytes. [ 650.700623][T12572] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input93 [ 651.850448][T12583] netlink: 98 bytes leftover after parsing attributes in process `syz.6.1368'. [ 652.157197][T12588] dyndbg: expected <4096 bytes into control [ 652.205890][T12595] dyndbg: bad flag-op ,, at start of , [ 652.369015][T12595] dyndbg: flags parse failed [ 653.080472][T12607] netlink: 98 bytes leftover after parsing attributes in process `syz.3.1374'. [ 653.954747][T12614] binder: BINDER_SET_CONTEXT_MGR already set [ 654.032251][T12614] binder: 12613:12614 ioctl 4018620d 9 returned -16 [ 654.118274][T12621] FAULT_INJECTION: forcing a failure. [ 654.118274][T12621] name failslab, interval 1, probability 0, space 0, times 0 [ 654.220956][T12621] CPU: 0 UID: 0 PID: 12621 Comm: syz.5.1378 Tainted: G U L syzkaller #0 PREEMPT(full) [ 654.221000][T12621] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 654.221010][T12621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 654.221026][T12621] Call Trace: [ 654.221035][T12621] [ 654.221045][T12621] dump_stack_lvl+0x16c/0x1f0 [ 654.221091][T12621] should_fail_ex+0x512/0x640 [ 654.221131][T12621] ? fs_reclaim_acquire+0xae/0x150 [ 654.221171][T12621] should_failslab+0xc2/0x120 [ 654.221208][T12621] __kmalloc_noprof+0xeb/0x910 [ 654.221250][T12621] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 654.221289][T12621] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 654.221317][T12621] tomoyo_realpath_from_path+0xc2/0x6e0 [ 654.221352][T12621] ? tomoyo_profile+0x47/0x60 [ 654.221384][T12621] tomoyo_path_number_perm+0x245/0x580 [ 654.221404][T12621] ? tomoyo_path_number_perm+0x237/0x580 [ 654.221425][T12621] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 654.221446][T12621] ? find_held_lock+0x2b/0x80 [ 654.221483][T12621] ? find_held_lock+0x2b/0x80 [ 654.221502][T12621] ? hook_file_ioctl_common+0x144/0x410 [ 654.221528][T12621] ? __fget_files+0x20e/0x3c0 [ 654.221550][T12621] security_file_ioctl+0x9b/0x240 [ 654.221572][T12621] __x64_sys_ioctl+0xb7/0x210 [ 654.221590][T12621] do_syscall_64+0xcd/0xf80 [ 654.221612][T12621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.221627][T12621] RIP: 0033:0x7f42eeb8f7c9 [ 654.221639][T12621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 654.221652][T12621] RSP: 002b:00007f42efa54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 654.221666][T12621] RAX: ffffffffffffffda RBX: 00007f42eede5fa0 RCX: 00007f42eeb8f7c9 [ 654.221675][T12621] RDX: 0000000000000003 RSI: 000000000000560e RDI: 0000000000000003 [ 654.221683][T12621] RBP: 00007f42efa54090 R08: 0000000000000000 R09: 0000000000000000 [ 654.221692][T12621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 654.221700][T12621] R13: 00007f42eede6038 R14: 00007f42eede5fa0 R15: 00007ffc0c76b908 [ 654.221719][T12621] [ 654.222231][T12621] ERROR: Out of memory at tomoyo_realpath_from_path. [ 655.435074][T12639] FAULT_INJECTION: forcing a failure. [ 655.435074][T12639] name failslab, interval 1, probability 0, space 0, times 0 [ 655.483826][T12639] CPU: 0 UID: 0 PID: 12639 Comm: syz.6.1382 Tainted: G U L syzkaller #0 PREEMPT(full) [ 655.483856][T12639] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 655.483862][T12639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 655.483871][T12639] Call Trace: [ 655.483877][T12639] [ 655.483883][T12639] dump_stack_lvl+0x16c/0x1f0 [ 655.483910][T12639] should_fail_ex+0x512/0x640 [ 655.483930][T12639] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 655.483951][T12639] should_failslab+0xc2/0x120 [ 655.483970][T12639] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 655.483986][T12639] ? xfrm_sysctl_init+0x10a/0x2d0 [ 655.484004][T12639] ? kmemdup_noprof+0x29/0x60 [ 655.484023][T12639] kmemdup_noprof+0x29/0x60 [ 655.484042][T12639] xfrm_sysctl_init+0x10a/0x2d0 [ 655.484060][T12639] xfrm_net_init+0x842/0xcc0 [ 655.484077][T12639] ? __pfx_xfrm_net_init+0x10/0x10 [ 655.484091][T12639] ops_init+0x1e2/0x5f0 [ 655.484108][T12639] setup_net+0x11d/0x3a0 [ 655.484123][T12639] ? __pfx_setup_net+0x10/0x10 [ 655.484137][T12639] ? lockdep_init_map_type+0x5c/0x270 [ 655.484155][T12639] ? mutex_init_lockep+0x110/0x150 [ 655.484174][T12639] copy_net_ns+0x351/0x5d0 [ 655.484192][T12639] create_new_namespaces+0x3ea/0xab0 [ 655.484217][T12639] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 655.484239][T12639] ksys_unshare+0x45b/0xa40 [ 655.484261][T12639] ? __pfx_ksys_unshare+0x10/0x10 [ 655.484277][T12639] ? xfd_validate_state+0x61/0x180 [ 655.484297][T12639] __x64_sys_unshare+0x31/0x40 [ 655.484313][T12639] do_syscall_64+0xcd/0xf80 [ 655.484335][T12639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 655.484349][T12639] RIP: 0033:0x7f7c5558f7c9 [ 655.484361][T12639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 655.484375][T12639] RSP: 002b:00007f7c56383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 655.484389][T12639] RAX: ffffffffffffffda RBX: 00007f7c557e5fa0 RCX: 00007f7c5558f7c9 [ 655.484398][T12639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 655.484406][T12639] RBP: 00007f7c55613f91 R08: 0000000000000000 R09: 0000000000000000 [ 655.484414][T12639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 655.484422][T12639] R13: 00007f7c557e6038 R14: 00007f7c557e5fa0 R15: 00007ffdff182b08 [ 655.484440][T12639] [ 655.999939][T12642] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 656.229373][T12644] netlink: 98 bytes leftover after parsing attributes in process `syz.3.1384'. [ 657.809660][T12670] FAULT_INJECTION: forcing a failure. [ 657.809660][T12670] name failslab, interval 1, probability 0, space 0, times 0 [ 657.905872][T12670] CPU: 0 UID: 0 PID: 12670 Comm: syz.5.1393 Tainted: G U L syzkaller #0 PREEMPT(full) [ 657.905898][T12670] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 657.905903][T12670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 657.905911][T12670] Call Trace: [ 657.905917][T12670] [ 657.905922][T12670] dump_stack_lvl+0x16c/0x1f0 [ 657.905947][T12670] should_fail_ex+0x512/0x640 [ 657.905967][T12670] ? fs_reclaim_acquire+0xae/0x150 [ 657.905988][T12670] should_failslab+0xc2/0x120 [ 657.906012][T12670] __kmalloc_noprof+0xeb/0x910 [ 657.906033][T12670] ? tomoyo_encode2+0x100/0x3e0 [ 657.906051][T12670] ? tomoyo_encode2+0x100/0x3e0 [ 657.906064][T12670] tomoyo_encode2+0x100/0x3e0 [ 657.906080][T12670] tomoyo_encode+0x29/0x50 [ 657.906093][T12670] tomoyo_realpath_from_path+0x18f/0x6e0 [ 657.906113][T12670] tomoyo_path_number_perm+0x245/0x580 [ 657.906132][T12670] ? tomoyo_path_number_perm+0x237/0x580 [ 657.906154][T12670] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 657.906175][T12670] ? find_held_lock+0x2b/0x80 [ 657.906212][T12670] ? find_held_lock+0x2b/0x80 [ 657.906231][T12670] ? hook_file_ioctl_common+0x144/0x410 [ 657.906256][T12670] ? __fget_files+0x20e/0x3c0 [ 657.906278][T12670] security_file_ioctl+0x9b/0x240 [ 657.906308][T12670] __x64_sys_ioctl+0xb7/0x210 [ 657.906326][T12670] do_syscall_64+0xcd/0xf80 [ 657.906348][T12670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.906362][T12670] RIP: 0033:0x7f42eeb8f7c9 [ 657.906373][T12670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.906386][T12670] RSP: 002b:00007f42efa54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 657.906400][T12670] RAX: ffffffffffffffda RBX: 00007f42eede5fa0 RCX: 00007f42eeb8f7c9 [ 657.906411][T12670] RDX: 0000000000000003 RSI: 000000000000560e RDI: 0000000000000003 [ 657.906422][T12670] RBP: 00007f42efa54090 R08: 0000000000000000 R09: 0000000000000000 [ 657.906430][T12670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 657.906438][T12670] R13: 00007f42eede6038 R14: 00007f42eede5fa0 R15: 00007ffc0c76b908 [ 657.906458][T12670] [ 657.906475][T12670] ERROR: Out of memory at tomoyo_realpath_from_path. [ 660.380123][T12668] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 660.482897][T12668] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 660.564799][T12668] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 660.689301][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 660.708729][T12668] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 660.813925][T12668] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 660.914714][T12668] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 661.390873][T12719] netlink: 98 bytes leftover after parsing attributes in process `syz.5.1405'. [ 661.410843][T12721] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input94 [ 661.542563][T12722] openvswitch: netlink: Message has 8 unknown bytes. [ 662.529405][ T5834] Bluetooth: hci3: command 0x0c1a tx timeout [ 662.609355][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 662.642621][T12722] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input95 [ 662.769678][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout [ 662.849737][ T5834] Bluetooth: hci5: command 0x0406 tx timeout [ 662.930028][ T5834] Bluetooth: hci6: command 0x0406 tx timeout [ 663.141568][T12742] FAULT_INJECTION: forcing a failure. [ 663.141568][T12742] name failslab, interval 1, probability 0, space 0, times 0 [ 663.217836][T12742] CPU: 0 UID: 0 PID: 12742 Comm: syz.6.1413 Tainted: G U L syzkaller #0 PREEMPT(full) [ 663.217863][T12742] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 663.217868][T12742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 663.217877][T12742] Call Trace: [ 663.217883][T12742] [ 663.217888][T12742] dump_stack_lvl+0x16c/0x1f0 [ 663.217914][T12742] should_fail_ex+0x512/0x640 [ 663.217934][T12742] ? __kmalloc_cache_noprof+0x5f/0x800 [ 663.217957][T12742] should_failslab+0xc2/0x120 [ 663.217975][T12742] __kmalloc_cache_noprof+0x80/0x800 [ 663.217994][T12742] ? do_raw_spin_unlock+0x172/0x230 [ 663.218013][T12742] ? snd_rawmidi_open+0x3c3/0xbf0 [ 663.218026][T12742] ? snd_card_file_add+0x26e/0x340 [ 663.218046][T12742] ? snd_rawmidi_open+0x3c3/0xbf0 [ 663.218057][T12742] snd_rawmidi_open+0x3c3/0xbf0 [ 663.218074][T12742] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 663.218090][T12742] ? kobject_get_unless_zero+0x156/0x1e0 [ 663.218113][T12742] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 663.218125][T12742] snd_open+0x22d/0x4c0 [ 663.218142][T12742] ? __pfx_snd_open+0x10/0x10 [ 663.218158][T12742] chrdev_open+0x234/0x6a0 [ 663.218176][T12742] ? __pfx_apparmor_file_open+0x10/0x10 [ 663.218194][T12742] ? __pfx_chrdev_open+0x10/0x10 [ 663.218213][T12742] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 663.218237][T12742] do_dentry_open+0x748/0x1590 [ 663.218254][T12742] ? __pfx_chrdev_open+0x10/0x10 [ 663.218277][T12742] vfs_open+0x82/0x3f0 [ 663.218293][T12742] path_openat+0x2078/0x3140 [ 663.218317][T12742] ? __pfx_path_openat+0x10/0x10 [ 663.218343][T12742] do_filp_open+0x20b/0x470 [ 663.218361][T12742] ? __pfx_do_filp_open+0x10/0x10 [ 663.218393][T12742] ? alloc_fd+0x471/0x7d0 [ 663.218416][T12742] do_sys_openat2+0x11f/0x280 [ 663.218429][T12742] ? __pfx_do_sys_openat2+0x10/0x10 [ 663.218450][T12742] __x64_sys_openat+0x174/0x210 [ 663.218465][T12742] ? __pfx___x64_sys_openat+0x10/0x10 [ 663.218493][T12742] do_syscall_64+0xcd/0xf80 [ 663.218515][T12742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.218530][T12742] RIP: 0033:0x7f7c5558f7c9 [ 663.218543][T12742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 663.218555][T12742] RSP: 002b:00007f7c56383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 663.218569][T12742] RAX: ffffffffffffffda RBX: 00007f7c557e5fa0 RCX: 00007f7c5558f7c9 [ 663.218578][T12742] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 663.218586][T12742] RBP: 00007f7c55613f91 R08: 0000000000000000 R09: 0000000000000000 [ 663.218594][T12742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 663.218603][T12742] R13: 00007f7c557e6038 R14: 00007f7c557e5fa0 R15: 00007ffdff182b08 [ 663.218622][T12742] [ 664.032385][T12746] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(909128751.0.0), cmd(3) [ 666.102946][T12776] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input96 [ 666.261184][T12779] openvswitch: netlink: Message has 8 unknown bytes. [ 666.556592][T12779] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input97 [ 670.174261][T12831] vhci_hcd: invalid port number 16 [ 670.191338][T12827] Invalid ELF header magic: != ELF [ 670.293132][T12831] vhci_hcd: invalid port number 16 [ 672.105485][T12849] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1438'. [ 672.171860][T12850] netlink: 'syz.6.1438': attribute type 1 has an invalid length. [ 672.326552][T12848] netlink: 98 bytes leftover after parsing attributes in process `syz.4.1437'. [ 674.251664][T12891] vhci_hcd: default hub control req: 2304 v0002 i0002 l8 syzkaller syzkaller login: [ 674.297059][T12890] netlink: 98 bytes leftover after parsing attributes in process `syz.5.1447'. [ 674.970484][T12900] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1449'. [ 675.140773][T12904] block nbd0: Unsupported socket: should be TCP or UNIX. [ 675.377036][T12908] FAULT_INJECTION: forcing a failure. [ 675.377036][T12908] name failslab, interval 1, probability 0, space 0, times 0 [ 675.377087][T12908] CPU: 0 UID: 0 PID: 12908 Comm: syz.3.1452 Tainted: G U L syzkaller #0 PREEMPT(full) [ 675.377108][T12908] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 675.377113][T12908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 675.377122][T12908] Call Trace: [ 675.377126][T12908] [ 675.377132][T12908] dump_stack_lvl+0x16c/0x1f0 [ 675.377156][T12908] should_fail_ex+0x512/0x640 [ 675.377177][T12908] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 675.377194][T12908] should_failslab+0xc2/0x120 [ 675.377213][T12908] kmem_cache_alloc_node_noprof+0x86/0x800 [ 675.377226][T12908] ? do_syscall_64+0xcd/0xf80 [ 675.377245][T12908] ? alloc_vmap_area+0x66f/0x2a50 [ 675.377265][T12908] ? alloc_vmap_area+0x66f/0x2a50 [ 675.377280][T12908] alloc_vmap_area+0x66f/0x2a50 [ 675.377310][T12908] ? __pfx_alloc_vmap_area+0x10/0x10 [ 675.377332][T12908] __get_vm_area_node+0x1ca/0x330 [ 675.377353][T12908] __vmalloc_node_range_noprof+0x247/0x16b0 [ 675.377372][T12908] ? n_tty_open+0x1a/0x170 [ 675.377392][T12908] ? do_raw_spin_lock+0x12c/0x2b0 [ 675.377417][T12908] ? n_tty_open+0x1a/0x170 [ 675.377439][T12908] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 675.377458][T12908] ? __ldsem_down_write_nested+0xfd/0x850 [ 675.377476][T12908] ? __ldsem_down_write_nested+0x10e/0x850 [ 675.377493][T12908] ? lockdep_init_map_type+0x5c/0x270 [ 675.377513][T12908] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 675.377534][T12908] ? n_tty_open+0x1a/0x170 [ 675.377550][T12908] __vmalloc_node_noprof+0xad/0xf0 [ 675.377568][T12908] ? n_tty_open+0x1a/0x170 [ 675.377585][T12908] ? __pfx_n_tty_open+0x10/0x10 [ 675.377603][T12908] n_tty_open+0x1a/0x170 [ 675.377620][T12908] ? __pfx_n_tty_open+0x10/0x10 [ 675.377636][T12908] tty_ldisc_open+0x9f/0x120 [ 675.377650][T12908] tty_ldisc_setup+0x40/0x100 [ 675.377664][T12908] tty_init_dev.part.0+0x1ec/0x500 [ 675.377682][T12908] tty_init_dev+0x60/0x80 [ 675.377698][T12908] ? __pfx_ptmx_open+0x10/0x10 [ 675.377710][T12908] ptmx_open+0x10d/0x360 [ 675.377722][T12908] ? __pfx_ptmx_open+0x10/0x10 [ 675.377734][T12908] chrdev_open+0x234/0x6a0 [ 675.377753][T12908] ? __pfx_apparmor_file_open+0x10/0x10 [ 675.377772][T12908] ? __pfx_chrdev_open+0x10/0x10 [ 675.377791][T12908] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 675.377816][T12908] do_dentry_open+0x748/0x1590 [ 675.377834][T12908] ? __pfx_chrdev_open+0x10/0x10 [ 675.377858][T12908] vfs_open+0x82/0x3f0 [ 675.377873][T12908] path_openat+0x2078/0x3140 [ 675.377899][T12908] ? __pfx_path_openat+0x10/0x10 [ 675.377925][T12908] do_filp_open+0x20b/0x470 [ 675.377944][T12908] ? __pfx_do_filp_open+0x10/0x10 [ 675.377977][T12908] ? alloc_fd+0x471/0x7d0 [ 675.378000][T12908] do_sys_openat2+0x11f/0x280 [ 675.378014][T12908] ? __pfx_do_sys_openat2+0x10/0x10 [ 675.378036][T12908] __x64_sys_openat+0x174/0x210 [ 675.378050][T12908] ? __pfx___x64_sys_openat+0x10/0x10 [ 675.378072][T12908] do_syscall_64+0xcd/0xf80 [ 675.378092][T12908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.378107][T12908] RIP: 0033:0x7f8a7278f7c9 [ 675.378118][T12908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 675.378132][T12908] RSP: 002b:00007f8a735a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 675.378145][T12908] RAX: ffffffffffffffda RBX: 00007f8a729e6090 RCX: 00007f8a7278f7c9 [ 675.378155][T12908] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 675.378163][T12908] RBP: 00007f8a72813f91 R08: 0000000000000000 R09: 0000000000000000 [ 675.378171][T12908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 675.378180][T12908] R13: 00007f8a729e6128 R14: 00007f8a729e6090 R15: 00007fffbd21fcc8 [ 675.378199][T12908] [ 675.403120][T12908] syz.3.1452: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 675.403337][T12908] CPU: 0 UID: 0 PID: 12908 Comm: syz.3.1452 Tainted: G U L syzkaller #0 PREEMPT(full) [ 675.403359][T12908] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 675.403364][T12908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 675.403373][T12908] Call Trace: [ 675.403378][T12908] [ 675.403383][T12908] dump_stack_lvl+0x16c/0x1f0 [ 675.403407][T12908] warn_alloc+0x248/0x3a0 [ 675.403422][T12908] ? __pfx_warn_alloc+0x10/0x10 [ 675.403437][T12908] ? __get_vm_area_node+0x2cd/0x330 [ 675.403462][T12908] ? __get_vm_area_node+0x2cd/0x330 [ 675.403478][T12908] ? __get_vm_area_node+0x208/0x330 [ 675.403499][T12908] __vmalloc_node_range_noprof+0xbe0/0x16b0 [ 675.403524][T12908] ? n_tty_open+0x1a/0x170 [ 675.403547][T12908] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 675.403566][T12908] ? __ldsem_down_write_nested+0xfd/0x850 [ 675.403584][T12908] ? __ldsem_down_write_nested+0x10e/0x850 [ 675.403601][T12908] ? lockdep_init_map_type+0x5c/0x270 [ 675.403623][T12908] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 675.403644][T12908] ? n_tty_open+0x1a/0x170 [ 675.403660][T12908] __vmalloc_node_noprof+0xad/0xf0 [ 675.403678][T12908] ? n_tty_open+0x1a/0x170 [ 675.403695][T12908] ? __pfx_n_tty_open+0x10/0x10 [ 675.403713][T12908] n_tty_open+0x1a/0x170 [ 675.403729][T12908] ? __pfx_n_tty_open+0x10/0x10 [ 675.403746][T12908] tty_ldisc_open+0x9f/0x120 [ 675.403760][T12908] tty_ldisc_setup+0x40/0x100 [ 675.403774][T12908] tty_init_dev.part.0+0x1ec/0x500 [ 675.403793][T12908] tty_init_dev+0x60/0x80 [ 675.403809][T12908] ? __pfx_ptmx_open+0x10/0x10 [ 675.403821][T12908] ptmx_open+0x10d/0x360 [ 675.403833][T12908] ? __pfx_ptmx_open+0x10/0x10 [ 675.403845][T12908] chrdev_open+0x234/0x6a0 [ 675.403864][T12908] ? __pfx_apparmor_file_open+0x10/0x10 [ 675.403883][T12908] ? __pfx_chrdev_open+0x10/0x10 [ 675.403903][T12908] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 675.403928][T12908] do_dentry_open+0x748/0x1590 [ 675.403945][T12908] ? __pfx_chrdev_open+0x10/0x10 [ 675.403969][T12908] vfs_open+0x82/0x3f0 [ 675.403985][T12908] path_openat+0x2078/0x3140 [ 675.404010][T12908] ? __pfx_path_openat+0x10/0x10 [ 675.404036][T12908] do_filp_open+0x20b/0x470 [ 675.404055][T12908] ? __pfx_do_filp_open+0x10/0x10 [ 675.404088][T12908] ? alloc_fd+0x471/0x7d0 [ 675.404112][T12908] do_sys_openat2+0x11f/0x280 [ 675.404125][T12908] ? __pfx_do_sys_openat2+0x10/0x10 [ 675.404147][T12908] __x64_sys_openat+0x174/0x210 [ 675.404161][T12908] ? __pfx___x64_sys_openat+0x10/0x10 [ 675.404184][T12908] do_syscall_64+0xcd/0xf80 [ 675.404205][T12908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.404219][T12908] RIP: 0033:0x7f8a7278f7c9 [ 675.404232][T12908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 675.404244][T12908] RSP: 002b:00007f8a735a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 675.404257][T12908] RAX: ffffffffffffffda RBX: 00007f8a729e6090 RCX: 00007f8a7278f7c9 [ 675.404266][T12908] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 675.404275][T12908] RBP: 00007f8a72813f91 R08: 0000000000000000 R09: 0000000000000000 [ 675.404288][T12908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 675.404296][T12908] R13: 00007f8a729e6128 R14: 00007f8a729e6090 R15: 00007fffbd21fcc8 [ 675.404315][T12908] [ 675.424440][T12908] Mem-Info: [ 675.424461][T12908] active_anon:45741 inactive_anon:2 isolated_anon:0 [ 675.424461][T12908] active_file:13014 inactive_file:46844 isolated_file:0 [ 675.424461][T12908] unevictable:777 dirty:714 writeback:0 [ 675.424461][T12908] slab_reclaimable:11863 slab_unreclaimable:100617 [ 675.424461][T12908] mapped:55019 shmem:22673 pagetables:1668 [ 675.424461][T12908] sec_pagetables:0 bounce:0 [ 675.424461][T12908] kernel_misc_reclaimable:0 [ 675.424461][T12908] free:1252492 free_pcp:6185 free_cma:0 [ 675.424499][T12908] Node 0 active_anon:182960kB inactive_anon:8kB active_file:52056kB inactive_file:187244kB unevictable:1572kB isolated(anon):0kB isolated(file):0kB mapped:220076kB dirty:2856kB writeback:0kB shmem:91176kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:65536kB kernel_stack:13504kB pagetables:6532kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 675.424536][T12908] Node 1 active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 675.424572][T12908] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 675.424613][T12908] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 675.424642][T12908] Node 0 DMA32 free:1097672kB boost:0kB min:34340kB low:42924kB high:51508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:182960kB inactive_anon:8kB active_file:52056kB inactive_file:187244kB unevictable:1572kB writepending:2856kB zspages:556kB present:3129332kB managed:2541844kB mlocked:36kB bounce:0kB free_pcp:15268kB local_pcp:15268kB free_cma:0kB [ 675.424685][T12908] lowmem_reserve[]: 0 0 1 1 1 [ 675.424712][T12908] Node 0 Normal free:4kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 675.424752][T12908] lowmem_reserve[]: 0 0 0 0 0 [ 675.424778][T12908] Node 1 Normal free:3896932kB boost:0kB min:55540kB low:69424kB high:83308kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:9472kB local_pcp:9472kB free_cma:0kB [ 675.424820][T12908] lowmem_reserve[]: 0 0 0 0 0 [ 675.424847][T12908] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 675.424961][T12908] Node 0 DMA32: 8506*4kB (UME) 3838*8kB (UME) 2019*16kB (UME) 916*32kB (UME) 525*64kB (UME) 618*128kB (UME) 350*256kB (UM) 216*512kB (UM) 131*1024kB (UM) 2*2048kB (UM) 127*4096kB (M) = 1097672kB [ 675.425086][T12908] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 675.425166][T12908] Node 1 Normal: 153*4kB (UME) 34*8kB (UME) 31*16kB (UM) 202*32kB (UME) 127*64kB (UME) 44*128kB (UME) 18*256kB (UME) 12*512kB (UME) 2*1024kB (UM) 6*2048kB (UME) 940*4096kB (UM) = 3896932kB [ 675.425296][T12908] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 675.425308][T12908] Node 0 hugepages_total=1 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 675.425319][T12908] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 675.425330][T12908] Node 1 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 675.425341][T12908] 82564 total pagecache pages [ 675.425348][T12908] 38 pages in swap cache [ 675.425353][T12908] Free swap = 124156kB [ 675.425359][T12908] Total swap = 124996kB [ 675.425365][T12908] 2097051 pages RAM [ 675.425370][T12908] 0 pages HighMem/MovableOnly [ 675.425375][T12908] 429564 pages reserved [ 675.425380][T12908] 0 pages cma reserved [ 675.427920][T12908] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 675.763547][T12913] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1454'. [ 677.502182][T12940] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input98 [ 677.629770][T12943] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1463'. [ 677.645214][T12942] openvswitch: netlink: Message has 8 unknown bytes. [ 677.949380][T12942] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input99 [ 678.317945][T12950] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input100 [ 678.552802][T12950] openvswitch: netlink: Message has 8 unknown bytes. [ 678.555764][T12950] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input101 [ 685.811448][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.811518][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.419802][T12957] FAULT_INJECTION: forcing a failure. [ 686.419802][T12957] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 686.530395][T12957] CPU: 0 UID: 0 PID: 12957 Comm: syz.5.1469 Tainted: G U L syzkaller #0 PREEMPT(full) [ 686.530422][T12957] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 686.530427][T12957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 686.530435][T12957] Call Trace: [ 686.530440][T12957] [ 686.530446][T12957] dump_stack_lvl+0x16c/0x1f0 [ 686.530471][T12957] should_fail_ex+0x512/0x640 [ 686.530495][T12957] _copy_from_user+0x2e/0xd0 [ 686.530515][T12957] __sys_bpf+0x248/0x4980 [ 686.530545][T12957] ? __pfx___sys_bpf+0x10/0x10 [ 686.530560][T12957] ? find_held_lock+0x2b/0x80 [ 686.530585][T12957] ? find_held_lock+0x2b/0x80 [ 686.530609][T12957] ? __mutex_unlock_slowpath+0x161/0x790 [ 686.530641][T12957] ? fput+0x70/0xf0 [ 686.530653][T12957] ? ksys_write+0x1ac/0x250 [ 686.530671][T12957] ? __pfx_ksys_write+0x10/0x10 [ 686.530691][T12957] __x64_sys_bpf+0x78/0xc0 [ 686.530708][T12957] ? lockdep_hardirqs_on+0x7c/0x110 [ 686.530727][T12957] do_syscall_64+0xcd/0xf80 [ 686.530747][T12957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 686.530762][T12957] RIP: 0033:0x7f42eeb8f7c9 [ 686.530773][T12957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 686.530787][T12957] RSP: 002b:00007f42efa54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 686.530801][T12957] RAX: ffffffffffffffda RBX: 00007f42eede5fa0 RCX: 00007f42eeb8f7c9 [ 686.530810][T12957] RDX: 0000000000000100 RSI: 0000200000000100 RDI: 0000000000000005 [ 686.530819][T12957] RBP: 00007f42efa54090 R08: 0000000000000000 R09: 0000000000000000 [ 686.530827][T12957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 686.530835][T12957] R13: 00007f42eede6038 R14: 00007f42eede5fa0 R15: 00007ffc0c76b908 [ 686.530854][T12957] [ 687.114876][T12964] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1473'. [ 687.251940][T12967] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input102 [ 687.292573][T12965] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1352123987 (43267967584 ns) > initial count (33667544448 ns). Using initial count to start timer. [ 687.440740][T12971] openvswitch: netlink: Message has 8 unknown bytes. [ 687.773143][T12978] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input103 [ 687.866607][T12981] netlink: 'syz.5.1476': attribute type 2 has an invalid length. [ 690.331276][T13021] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1482'. [ 693.811227][T13050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1488'. [ 693.865251][T13051] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1487'. [ 694.349134][T13058] netlink: 98 bytes leftover after parsing attributes in process `syz.6.1490'. [ 695.053688][ T5834] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18 [ 695.718690][T13076] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input104 [ 696.078950][T13080] openvswitch: netlink: Message has 8 unknown bytes. [ 696.186398][T13071] netlink: set zone limit has 8 unknown bytes [ 696.556252][T13083] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input105 [ 696.959776][T13092] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1497'. [ 697.089419][T10297] Bluetooth: hci5: command 0x0406 tx timeout [ 697.708880][T13100] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1500'. [ 698.862528][T13109] FAULT_INJECTION: forcing a failure. [ 698.862528][T13109] name failslab, interval 1, probability 0, space 0, times 0 [ 699.169515][T10297] Bluetooth: hci5: command 0x0406 tx timeout [ 699.252245][T13109] CPU: 0 UID: 0 PID: 13109 Comm: syz.3.1501 Tainted: G U L syzkaller #0 PREEMPT(full) [ 699.252272][T13109] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 699.252278][T13109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 699.252287][T13109] Call Trace: [ 699.252292][T13109] [ 699.252298][T13109] dump_stack_lvl+0x16c/0x1f0 [ 699.252323][T13109] should_fail_ex+0x512/0x640 [ 699.252343][T13109] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 699.252360][T13109] should_failslab+0xc2/0x120 [ 699.252378][T13109] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 699.252392][T13109] ? __pfx___might_resched+0x10/0x10 [ 699.252406][T13109] ? sock_alloc_inode+0x25/0x1c0 [ 699.252425][T13109] ? __pfx_sock_alloc_inode+0x10/0x10 [ 699.252440][T13109] ? sock_alloc_inode+0x25/0x1c0 [ 699.252455][T13109] sock_alloc_inode+0x25/0x1c0 [ 699.252471][T13109] alloc_inode+0x64/0x240 [ 699.252487][T13109] sock_alloc+0x40/0x280 [ 699.252502][T13109] __sock_create+0xc2/0x8a0 [ 699.252523][T13109] __sys_socket+0x14d/0x260 [ 699.252539][T13109] ? __x64_sys_openat+0x174/0x210 [ 699.252554][T13109] ? __pfx___sys_socket+0x10/0x10 [ 699.252571][T13109] ? xfd_validate_state+0x61/0x180 [ 699.252590][T13109] __x64_sys_socket+0x72/0xb0 [ 699.252606][T13109] ? lockdep_hardirqs_on+0x7c/0x110 [ 699.252625][T13109] do_syscall_64+0xcd/0xf80 [ 699.252645][T13109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.252659][T13109] RIP: 0033:0x7f8a7278f7c9 [ 699.252670][T13109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 699.252683][T13109] RSP: 002b:00007f8a735a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 699.252696][T13109] RAX: ffffffffffffffda RBX: 00007f8a729e6090 RCX: 00007f8a7278f7c9 [ 699.252705][T13109] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 699.252713][T13109] RBP: 00007f8a72813f91 R08: 0000000000000000 R09: 0000000000000000 [ 699.252721][T13109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 699.252729][T13109] R13: 00007f8a729e6128 R14: 00007f8a729e6090 R15: 00007fffbd21fcc8 [ 699.252747][T13109] [ 699.252753][T13109] socket: no more sockets [ 699.869328][T13121] FAULT_INJECTION: forcing a failure. [ 699.869328][T13121] name failslab, interval 1, probability 0, space 0, times 0 [ 699.969473][T13121] CPU: 0 UID: 0 PID: 13121 Comm: syz.6.1503 Tainted: G U L syzkaller #0 PREEMPT(full) [ 699.969500][T13121] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 699.969505][T13121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 699.969514][T13121] Call Trace: [ 699.969519][T13121] [ 699.969525][T13121] dump_stack_lvl+0x16c/0x1f0 [ 699.969552][T13121] should_fail_ex+0x512/0x640 [ 699.969573][T13121] ? __kmalloc_cache_noprof+0x5f/0x800 [ 699.969598][T13121] should_failslab+0xc2/0x120 [ 699.969618][T13121] __kmalloc_cache_noprof+0x80/0x800 [ 699.969638][T13121] ? allocate_file_region_entries+0x1a0/0x620 [ 699.969656][T13121] ? allocate_file_region_entries+0x1a0/0x620 [ 699.969670][T13121] allocate_file_region_entries+0x1a0/0x620 [ 699.969688][T13121] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 699.969708][T13121] region_chg+0x85/0x140 [ 699.969723][T13121] __vma_reservation_common+0x43b/0x740 [ 699.969740][T13121] ? __pfx___vma_reservation_common+0x10/0x10 [ 699.969754][T13121] ? filemap_get_entry+0x1a7/0x3b0 [ 699.969778][T13121] alloc_hugetlb_folio+0x8ff/0x14c0 [ 699.969799][T13121] ? __pfx_alloc_hugetlb_folio+0x10/0x10 [ 699.969821][T13121] ? __filemap_get_folio_mpol+0x32f/0xc60 [ 699.969847][T13121] hugetlb_no_page+0x10fa/0x2140 [ 699.969887][T13121] hugetlb_fault+0x5ed/0x1750 [ 699.969916][T13121] ? __pfx_hugetlb_fault+0x10/0x10 [ 699.969943][T13121] ? find_vma+0xbf/0x140 [ 699.969958][T13121] ? __pfx_find_vma+0x10/0x10 [ 699.969974][T13121] handle_mm_fault+0x95d/0xad0 [ 699.969998][T13121] do_user_addr_fault+0x2e4/0xda0 [ 699.970017][T13121] ? rcu_is_watching+0x12/0xc0 [ 699.970033][T13121] exc_page_fault+0x64/0xc0 [ 699.970054][T13121] asm_exc_page_fault+0x26/0x30 [ 699.970067][T13121] RIP: 0010:__put_user_4+0xd/0x20 [ 699.970087][T13121] Code: 66 89 01 31 c9 0f 01 ca e9 50 b8 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 [ 699.970100][T13121] RSP: 0018:ffffc90003f7fd78 EFLAGS: 00050246 [ 699.970112][T13121] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 699.970121][T13121] RDX: 0000000000080000 RSI: ffffffff88f49722 RDI: ffffffff8bf22c00 [ 699.970130][T13121] RBP: 1ffff920007effb1 R08: 000000005a52c59b R09: 00000000ffffffff [ 699.970139][T13121] R10: ffff88802e5a8b30 R11: 00000000ffffffff R12: 0000000000000000 [ 699.970148][T13121] R13: 00000000800455d1 R14: ffff888029de2a10 R15: ffff888029de2a00 [ 699.970163][T13121] ? snd_ctl_ioctl+0x322/0x13c0 [ 699.970182][T13121] snd_ctl_ioctl+0x32c/0x13c0 [ 699.970199][T13121] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 699.970217][T13121] ? find_held_lock+0x2b/0x80 [ 699.970237][T13121] ? hook_file_ioctl_common+0x144/0x410 [ 699.970261][T13121] ? __fget_files+0x20e/0x3c0 [ 699.970282][T13121] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 699.970299][T13121] __x64_sys_ioctl+0x18e/0x210 [ 699.970317][T13121] do_syscall_64+0xcd/0xf80 [ 699.970337][T13121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.970350][T13121] RIP: 0033:0x7f7c5558f7c9 [ 699.970362][T13121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 699.970374][T13121] RSP: 002b:00007f7c56341038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 699.970387][T13121] RAX: ffffffffffffffda RBX: 00007f7c557e6180 RCX: 00007f7c5558f7c9 [ 699.970395][T13121] RDX: 0000000000000000 RSI: 00000000800455d1 RDI: 0000000000000006 [ 699.970403][T13121] RBP: 00007f7c55613f91 R08: 0000000000000000 R09: 0000000000000000 [ 699.970411][T13121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 699.970418][T13121] R13: 00007f7c557e6218 R14: 00007f7c557e6180 R15: 00007ffdff182b08 [ 699.970437][T13121] [ 700.759627][T13123] netlink: 98 bytes leftover after parsing attributes in process `syz.4.1504'. [ 702.210410][T13141] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1507'. [ 702.252275][ T30] audit: type=1326 audit(6442451332.037:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13138 comm="syz.6.1508" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7c5558f7c9 code=0x0 [ 703.340324][T13151] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1511'. [ 703.679476][T13157] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1513'. [ 705.191135][T13171] netlink: 98 bytes leftover after parsing attributes in process `syz.6.1516'. [ 705.263692][T13174] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input106 [ 705.415646][T13176] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1518'. [ 705.508844][T13177] openvswitch: netlink: Message has 8 unknown bytes. [ 706.391163][T13180] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input107 [ 706.570141][T13190] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1521'. [ 707.939062][T13205] FAULT_INJECTION: forcing a failure. [ 707.939062][T13205] name failslab, interval 1, probability 0, space 0, times 0 [ 708.027540][T13205] CPU: 0 UID: 0 PID: 13205 Comm: syz.6.1525 Tainted: G U L syzkaller #0 PREEMPT(full) [ 708.027568][T13205] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 708.027574][T13205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 708.027583][T13205] Call Trace: [ 708.027587][T13205] [ 708.027593][T13205] dump_stack_lvl+0x16c/0x1f0 [ 708.027619][T13205] should_fail_ex+0x512/0x640 [ 708.027640][T13205] ? __kmalloc_cache_noprof+0x5f/0x800 [ 708.027663][T13205] should_failslab+0xc2/0x120 [ 708.027683][T13205] __kmalloc_cache_noprof+0x80/0x800 [ 708.027703][T13205] ? snd_card_file_add+0x52/0x340 [ 708.027725][T13205] ? snd_card_file_add+0x52/0x340 [ 708.027742][T13205] snd_card_file_add+0x52/0x340 [ 708.027762][T13205] snd_rawmidi_open+0x2cc/0xbf0 [ 708.027780][T13205] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 708.027797][T13205] ? kobject_get_unless_zero+0x156/0x1e0 [ 708.027819][T13205] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 708.027832][T13205] snd_open+0x22d/0x4c0 [ 708.027850][T13205] ? __pfx_snd_open+0x10/0x10 [ 708.027866][T13205] chrdev_open+0x234/0x6a0 [ 708.027885][T13205] ? __pfx_apparmor_file_open+0x10/0x10 [ 708.027904][T13205] ? __pfx_chrdev_open+0x10/0x10 [ 708.027923][T13205] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 708.027947][T13205] do_dentry_open+0x748/0x1590 [ 708.027964][T13205] ? __pfx_chrdev_open+0x10/0x10 [ 708.027987][T13205] vfs_open+0x82/0x3f0 [ 708.028003][T13205] path_openat+0x2078/0x3140 [ 708.028028][T13205] ? __pfx_path_openat+0x10/0x10 [ 708.028053][T13205] do_filp_open+0x20b/0x470 [ 708.028072][T13205] ? __pfx_do_filp_open+0x10/0x10 [ 708.028103][T13205] ? alloc_fd+0x471/0x7d0 [ 708.028126][T13205] do_sys_openat2+0x11f/0x280 [ 708.028140][T13205] ? __pfx_do_sys_openat2+0x10/0x10 [ 708.028169][T13205] __x64_sys_openat+0x174/0x210 [ 708.028185][T13205] ? __pfx___x64_sys_openat+0x10/0x10 [ 708.028207][T13205] do_syscall_64+0xcd/0xf80 [ 708.028229][T13205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.028243][T13205] RIP: 0033:0x7f7c5558f7c9 [ 708.028256][T13205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 708.028269][T13205] RSP: 002b:00007f7c56383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 708.028282][T13205] RAX: ffffffffffffffda RBX: 00007f7c557e5fa0 RCX: 00007f7c5558f7c9 [ 708.028292][T13205] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 708.028301][T13205] RBP: 00007f7c55613f91 R08: 0000000000000000 R09: 0000000000000000 [ 708.028309][T13205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 708.028318][T13205] R13: 00007f7c557e6038 R14: 00007f7c557e5fa0 R15: 00007ffdff182b08 [ 708.028337][T13205] [ 709.615392][T13214] FAULT_INJECTION: forcing a failure. [ 709.615392][T13214] name failslab, interval 1, probability 0, space 0, times 0 [ 709.824759][T13214] CPU: 0 UID: 0 PID: 13214 Comm: syz.3.1528 Tainted: G U L syzkaller #0 PREEMPT(full) [ 709.824786][T13214] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 709.824791][T13214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 709.824800][T13214] Call Trace: [ 709.824806][T13214] [ 709.824812][T13214] dump_stack_lvl+0x16c/0x1f0 [ 709.824837][T13214] should_fail_ex+0x512/0x640 [ 709.824857][T13214] ? kmem_cache_alloc_noprof+0x62/0x770 [ 709.824881][T13214] should_failslab+0xc2/0x120 [ 709.824899][T13214] kmem_cache_alloc_noprof+0x83/0x770 [ 709.824921][T13214] ? vm_area_dup+0x27/0x8d0 [ 709.824941][T13214] ? vm_area_dup+0x27/0x8d0 [ 709.824957][T13214] vm_area_dup+0x27/0x8d0 [ 709.824976][T13214] __split_vma+0x18e/0x1050 [ 709.824998][T13214] ? __pfx___split_vma+0x10/0x10 [ 709.825021][T13214] ? __pfx_mas_prev+0x10/0x10 [ 709.825039][T13214] vms_gather_munmap_vmas+0x3aa/0x1340 [ 709.825062][T13214] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 709.825084][T13214] ? mas_walk+0x6f5/0x980 [ 709.825107][T13214] __mmap_region+0x47c/0x2a00 [ 709.825130][T13214] ? __pfx___mmap_region+0x10/0x10 [ 709.825156][T13214] ? lock_acquire+0x179/0x330 [ 709.825172][T13214] ? find_held_lock+0x2b/0x80 [ 709.825192][T13214] ? finish_task_switch.isra.0+0x202/0xbd0 [ 709.825214][T13214] ? rcu_is_watching+0x12/0xc0 [ 709.825227][T13214] ? finish_task_switch.isra.0+0x207/0xbd0 [ 709.825257][T13214] ? lockdep_hardirqs_on+0x7c/0x110 [ 709.825277][T13214] ? finish_task_switch.isra.0+0x207/0xbd0 [ 709.825306][T13214] ? __lock_acquire+0x433/0x22f0 [ 709.825348][T13214] ? rcu_is_watching+0x12/0xc0 [ 709.825366][T13214] mmap_region+0x1ab/0x3f0 [ 709.825380][T13214] ? __get_unmapped_area+0x267/0x3f0 [ 709.825397][T13214] do_mmap+0xa3e/0x1210 [ 709.825415][T13214] ? __pfx_do_mmap+0x10/0x10 [ 709.825430][T13214] ? __pfx_down_write_killable+0x10/0x10 [ 709.825447][T13214] vm_mmap_pgoff+0x29e/0x470 [ 709.825466][T13214] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 709.825485][T13214] ? __x64_sys_futex+0x1e0/0x4c0 [ 709.825502][T13214] ? __x64_sys_futex+0x1e9/0x4c0 [ 709.825523][T13214] ksys_mmap_pgoff+0x7d/0x5c0 [ 709.825537][T13214] ? xfd_validate_state+0x61/0x180 [ 709.825550][T13214] ? __pfx_ksys_write+0x10/0x10 [ 709.825570][T13214] __x64_sys_mmap+0x125/0x190 [ 709.825587][T13214] do_syscall_64+0xcd/0xf80 [ 709.825607][T13214] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.825621][T13214] RIP: 0033:0x7f8a7278f7c9 [ 709.825635][T13214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.825649][T13214] RSP: 002b:00007f8a73581038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 709.825664][T13214] RAX: ffffffffffffffda RBX: 00007f8a729e6180 RCX: 00007f8a7278f7c9 [ 709.825673][T13214] RDX: 00000000000000e2 RSI: 0000000000020009 RDI: 0000000000000000 [ 709.825682][T13214] RBP: 00007f8a72813f91 R08: 0000000000000405 R09: 0000000000008000 [ 709.825690][T13214] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 709.825699][T13214] R13: 00007f8a729e6218 R14: 00007f8a729e6180 R15: 00007fffbd21fcc8 [ 709.825718][T13214] [ 711.715039][T13226] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1531'. [ 712.382955][T13233] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.1534: iget: checksum invalid [ 712.431933][T13235] netlink: 98 bytes leftover after parsing attributes in process `syz.5.1535'. [ 712.479604][T13233] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 712.549444][T13233] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.1534: iget: checksum invalid [ 712.629814][T13233] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 712.699669][T13233] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.1534: iget: checksum invalid [ 712.761747][T13233] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 712.833625][T13233] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.6.1534: iget: checksum invalid [ 712.833882][T13233] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 712.833910][T13233] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 712.833925][T13233] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 713.136063][T13246] openvswitch: netlink: Message has 8 unknown bytes. [ 713.368222][T13252] FAULT_INJECTION: forcing a failure. [ 713.368222][T13252] name failslab, interval 1, probability 0, space 0, times 0 [ 713.449285][T13252] CPU: 0 UID: 0 PID: 13252 Comm: syz.3.1540 Tainted: G U L syzkaller #0 PREEMPT(full) [ 713.449315][T13252] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 713.449320][T13252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 713.449329][T13252] Call Trace: [ 713.449333][T13252] [ 713.449339][T13252] dump_stack_lvl+0x16c/0x1f0 [ 713.449365][T13252] should_fail_ex+0x512/0x640 [ 713.449385][T13252] ? __kmalloc_node_noprof+0xcd/0x930 [ 713.449404][T13252] should_failslab+0xc2/0x120 [ 713.449423][T13252] __kmalloc_node_noprof+0xee/0x930 [ 713.449437][T13252] ? __get_vm_area_node+0x1dc/0x330 [ 713.449454][T13252] ? __vmalloc_node_range_noprof+0x405/0x16b0 [ 713.449476][T13252] ? __vmalloc_node_range_noprof+0x405/0x16b0 [ 713.449494][T13252] __vmalloc_node_range_noprof+0x405/0x16b0 [ 713.449515][T13252] ? process_measurement+0x1e6/0x22d0 [ 713.449536][T13252] ? bpf_prog_alloc_no_stats+0x58/0x600 [ 713.449561][T13252] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 713.449581][T13252] ? __lock_acquire+0x433/0x22f0 [ 713.449609][T13252] ? bpf_prog_alloc_no_stats+0x58/0x600 [ 713.449629][T13252] __vmalloc_node_noprof+0xad/0xf0 [ 713.449647][T13252] ? bpf_prog_alloc_no_stats+0x58/0x600 [ 713.449669][T13252] __vmalloc_noprof+0xa3/0x120 [ 713.449688][T13252] ? __pfx___vmalloc_noprof+0x10/0x10 [ 713.449705][T13252] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 713.449721][T13252] ? is_bpf_text_address+0x94/0x1a0 [ 713.449737][T13252] ? apparmor_capable+0x1d7/0x4e0 [ 713.449756][T13252] bpf_prog_alloc_no_stats+0x58/0x600 [ 713.449776][T13252] ? security_capable+0x7e/0x260 [ 713.449795][T13252] bpf_prog_alloc+0x3b/0x230 [ 713.449814][T13252] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 713.449834][T13252] bpf_prog_load+0x19bc/0x2c70 [ 713.449855][T13252] ? __pfx_bpf_prog_load+0x10/0x10 [ 713.449871][T13252] ? __lock_acquire+0x433/0x22f0 [ 713.449888][T13252] ? find_held_lock+0x2b/0x80 [ 713.449920][T13252] ? bpf_lsm_bpf+0x9/0x10 [ 713.449934][T13252] __sys_bpf+0x3e72/0x4980 [ 713.449954][T13252] ? __pfx___sys_bpf+0x10/0x10 [ 713.449969][T13252] ? find_held_lock+0x2b/0x80 [ 713.449993][T13252] ? find_held_lock+0x2b/0x80 [ 713.450017][T13252] ? __mutex_unlock_slowpath+0x161/0x790 [ 713.450048][T13252] ? fput+0x70/0xf0 [ 713.450060][T13252] ? ksys_write+0x1ac/0x250 [ 713.450078][T13252] ? __pfx_ksys_write+0x10/0x10 [ 713.450098][T13252] __x64_sys_bpf+0x78/0xc0 [ 713.450114][T13252] ? lockdep_hardirqs_on+0x7c/0x110 [ 713.450134][T13252] do_syscall_64+0xcd/0xf80 [ 713.450154][T13252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.450168][T13252] RIP: 0033:0x7f8a7278f7c9 [ 713.450180][T13252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.450193][T13252] RSP: 002b:00007f8a735c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 713.450207][T13252] RAX: ffffffffffffffda RBX: 00007f8a729e5fa0 RCX: 00007f8a7278f7c9 [ 713.450216][T13252] RDX: 0000000000000100 RSI: 0000200000000100 RDI: 0000000000000005 [ 713.450224][T13252] RBP: 00007f8a735c3090 R08: 0000000000000000 R09: 0000000000000000 [ 713.450232][T13252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 713.450240][T13252] R13: 00007f8a729e6038 R14: 00007f8a729e5fa0 R15: 00007fffbd21fcc8 [ 713.450259][T13252] [ 713.451944][T13252] syz.3.1540: vmalloc error: size 4096, failed to allocated page array size 8, mode:0x500dc2(GFP_HIGHUSER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null) [ 714.176156][T13261] device-mapper: ioctl: Invalid ioctl structure: name ¢, dev 200010002 [ 714.393873][T13255] zswap: compressor not available [ 714.890206][T13271] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [65496]. [ 715.112249][T13274] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input108 [ 715.626990][T13252] ,cpuset=/,mems_allowed=0-1 [ 715.655486][T13252] CPU: 0 UID: 0 PID: 13252 Comm: syz.3.1540 Tainted: G U L syzkaller #0 PREEMPT(full) [ 715.655512][T13252] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 715.655518][T13252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 715.655526][T13252] Call Trace: [ 715.655531][T13252] [ 715.655537][T13252] dump_stack_lvl+0x16c/0x1f0 [ 715.655562][T13252] warn_alloc+0x248/0x3a0 [ 715.655577][T13252] ? __pfx_warn_alloc+0x10/0x10 [ 715.655591][T13252] ? kasan_quarantine_reduce+0x1be/0x1e0 [ 715.655610][T13252] ? rcu_is_watching+0x12/0xc0 [ 715.655625][T13252] ? trace_kmalloc+0x2b/0xb0 [ 715.655645][T13252] ? __kmalloc_node_noprof+0x372/0x930 [ 715.655660][T13252] ? __get_vm_area_node+0x1dc/0x330 [ 715.655677][T13252] ? __vmalloc_node_range_noprof+0x405/0x16b0 [ 715.655699][T13252] __vmalloc_node_range_noprof+0x1309/0x16b0 [ 715.655720][T13252] ? process_measurement+0x1e6/0x22d0 [ 715.655740][T13252] ? bpf_prog_alloc_no_stats+0x58/0x600 [ 715.655766][T13252] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 715.655786][T13252] ? __lock_acquire+0x433/0x22f0 [ 715.655808][T13252] ? bpf_prog_alloc_no_stats+0x58/0x600 [ 715.655828][T13252] __vmalloc_node_noprof+0xad/0xf0 [ 715.655847][T13252] ? bpf_prog_alloc_no_stats+0x58/0x600 [ 715.655869][T13252] __vmalloc_noprof+0xa3/0x120 [ 715.655889][T13252] ? __pfx___vmalloc_noprof+0x10/0x10 [ 715.655907][T13252] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 715.655923][T13252] ? is_bpf_text_address+0x94/0x1a0 [ 715.655939][T13252] ? apparmor_capable+0x1d7/0x4e0 [ 715.655959][T13252] bpf_prog_alloc_no_stats+0x58/0x600 [ 715.655979][T13252] ? security_capable+0x7e/0x260 [ 715.655997][T13252] bpf_prog_alloc+0x3b/0x230 [ 715.656016][T13252] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 715.656032][T13252] bpf_prog_load+0x19bc/0x2c70 [ 715.656053][T13252] ? __pfx_bpf_prog_load+0x10/0x10 [ 715.656069][T13252] ? __lock_acquire+0x433/0x22f0 [ 715.656086][T13252] ? find_held_lock+0x2b/0x80 [ 715.656119][T13252] ? bpf_lsm_bpf+0x9/0x10 [ 715.656133][T13252] __sys_bpf+0x3e72/0x4980 [ 715.656152][T13252] ? __pfx___sys_bpf+0x10/0x10 [ 715.656167][T13252] ? find_held_lock+0x2b/0x80 [ 715.656191][T13252] ? find_held_lock+0x2b/0x80 [ 715.656214][T13252] ? __mutex_unlock_slowpath+0x161/0x790 [ 715.656246][T13252] ? fput+0x70/0xf0 [ 715.656258][T13252] ? ksys_write+0x1ac/0x250 [ 715.656275][T13252] ? __pfx_ksys_write+0x10/0x10 [ 715.656296][T13252] __x64_sys_bpf+0x78/0xc0 [ 715.656312][T13252] ? lockdep_hardirqs_on+0x7c/0x110 [ 715.656332][T13252] do_syscall_64+0xcd/0xf80 [ 715.656353][T13252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.656366][T13252] RIP: 0033:0x7f8a7278f7c9 [ 715.656378][T13252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.656391][T13252] RSP: 002b:00007f8a735c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 715.656405][T13252] RAX: ffffffffffffffda RBX: 00007f8a729e5fa0 RCX: 00007f8a7278f7c9 [ 715.656414][T13252] RDX: 0000000000000100 RSI: 0000200000000100 RDI: 0000000000000005 [ 715.656422][T13252] RBP: 00007f8a735c3090 R08: 0000000000000000 R09: 0000000000000000 [ 715.656431][T13252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 715.656439][T13252] R13: 00007f8a729e6038 R14: 00007f8a729e5fa0 R15: 00007fffbd21fcc8 [ 715.656457][T13252] [ 715.658659][T13252] Mem-Info: [ 716.381561][T13292] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1548'. [ 716.565028][T13294] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1548'. [ 717.851703][T13252] active_anon:38221 inactive_anon:2 isolated_anon:0 [ 717.851703][T13252] active_file:12952 inactive_file:46994 isolated_file:0 [ 717.851703][T13252] unevictable:768 dirty:725 writeback:0 [ 717.851703][T13252] slab_reclaimable:11884 slab_unreclaimable:100024 [ 717.851703][T13252] mapped:54085 shmem:15012 pagetables:1597 [ 717.851703][T13252] sec_pagetables:0 bounce:0 [ 717.851703][T13252] kernel_misc_reclaimable:0 [ 717.851703][T13252] free:1263464 free_pcp:8449 free_cma:0 [ 718.189392][T13252] Node 0 active_anon:158512kB inactive_anon:8kB active_file:51808kB inactive_file:187852kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:216316kB dirty:2900kB writeback:0kB shmem:63868kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:67584kB kernel_stack:13248kB pagetables:6396kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 718.418523][T13252] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:0kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:140kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 718.615971][T13252] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 718.857528][T13252] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 718.901739][T13252] Node 0 DMA32 free:1128448kB boost:0kB min:34340kB low:42924kB high:51508kB reserved_highatomic:0KB free_highatomic:0KB active_anon:160432kB inactive_anon:8kB active_file:51808kB inactive_file:187852kB unevictable:1536kB writepending:2900kB zspages:556kB present:3129332kB managed:2541844kB mlocked:0kB bounce:0kB free_pcp:27904kB local_pcp:27904kB free_cma:0kB [ 719.181396][T13252] lowmem_reserve[]: 0 0 1 1 1 [ 719.227154][T13252] Node 0 Normal free:4kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 719.497785][T13252] lowmem_reserve[]: 0 0 0 0 0 [ 719.566196][T13252] Node 1 Normal free:3900216kB boost:0kB min:55540kB low:69424kB high:83308kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:6208kB local_pcp:6208kB free_cma:0kB [ 719.829476][T13252] lowmem_reserve[]: 0 0 0 0 0 [ 719.869606][T13252] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 719.974430][T13252] Node 0 DMA32: 4771*4kB (UME) 4764*8kB (UM) 2843*16kB (UME) 1729*32kB (UME) 839*64kB (UM) 513*128kB (UME) 390*256kB (UME) 244*512kB (UME) 150*1024kB (UME) 5*2048kB (UME) 110*4096kB (M) = 1116540kB [ 720.100400][T13252] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 720.190793][T13252] Node 1 Normal: 175*4kB (UME) 65*8kB (UME) 39*16kB (UME) 208*32kB (UME) 126*64kB (UME) 43*128kB (UME) 20*256kB (UME) 13*512kB (UME) 2*1024kB (UM) 5*2048kB (UE) 941*4096kB (UM) = 3900468kB [ 720.320814][T13252] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 720.386597][T13252] Node 0 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 720.474728][T13252] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 720.569754][T13252] Node 1 hugepages_total=3 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 720.602442][T13252] 80599 total pagecache pages [ 720.608023][T13348] FAULT_INJECTION: forcing a failure. [ 720.608023][T13348] name failslab, interval 1, probability 0, space 0, times 0 [ 720.647290][T13252] 38 pages in swap cache [ 720.679281][T13252] Free swap = 124156kB [ 720.709419][T13348] CPU: 0 UID: 0 PID: 13348 Comm: syz.6.1563 Tainted: G U L syzkaller #0 PREEMPT(full) [ 720.709447][T13348] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 720.709452][T13348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 720.709461][T13348] Call Trace: [ 720.709466][T13348] [ 720.709472][T13348] dump_stack_lvl+0x16c/0x1f0 [ 720.709498][T13348] should_fail_ex+0x512/0x640 [ 720.709519][T13348] ? __kmalloc_cache_noprof+0x5f/0x800 [ 720.709543][T13348] should_failslab+0xc2/0x120 [ 720.709560][T13348] __kmalloc_cache_noprof+0x80/0x800 [ 720.709579][T13348] ? do_raw_spin_unlock+0x172/0x230 [ 720.709598][T13348] ? snd_rawmidi_open+0x3c3/0xbf0 [ 720.709612][T13348] ? snd_card_file_add+0x26e/0x340 [ 720.709631][T13348] ? snd_rawmidi_open+0x3c3/0xbf0 [ 720.709643][T13348] snd_rawmidi_open+0x3c3/0xbf0 [ 720.709659][T13348] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 720.709676][T13348] ? kobject_get_unless_zero+0x156/0x1e0 [ 720.709699][T13348] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 720.709711][T13348] snd_open+0x22d/0x4c0 [ 720.709729][T13348] ? __pfx_snd_open+0x10/0x10 [ 720.709745][T13348] chrdev_open+0x234/0x6a0 [ 720.709763][T13348] ? __pfx_apparmor_file_open+0x10/0x10 [ 720.709782][T13348] ? __pfx_chrdev_open+0x10/0x10 [ 720.709801][T13348] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 720.709831][T13348] do_dentry_open+0x748/0x1590 [ 720.709850][T13348] ? __pfx_chrdev_open+0x10/0x10 [ 720.709881][T13348] vfs_open+0x82/0x3f0 [ 720.709897][T13348] path_openat+0x2078/0x3140 [ 720.709924][T13348] ? __pfx_path_openat+0x10/0x10 [ 720.709949][T13348] do_filp_open+0x20b/0x470 [ 720.709968][T13348] ? __pfx_do_filp_open+0x10/0x10 [ 720.709999][T13348] ? alloc_fd+0x471/0x7d0 [ 720.710023][T13348] do_sys_openat2+0x11f/0x280 [ 720.710036][T13348] ? __pfx_do_sys_openat2+0x10/0x10 [ 720.710057][T13348] __x64_sys_openat+0x174/0x210 [ 720.710072][T13348] ? __pfx___x64_sys_openat+0x10/0x10 [ 720.710093][T13348] do_syscall_64+0xcd/0xf80 [ 720.710114][T13348] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.710128][T13348] RIP: 0033:0x7f7c5558f7c9 [ 720.710141][T13348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 720.710154][T13348] RSP: 002b:00007f7c56383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 720.710167][T13348] RAX: ffffffffffffffda RBX: 00007f7c557e5fa0 RCX: 00007f7c5558f7c9 [ 720.710176][T13348] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 720.710185][T13348] RBP: 00007f7c55613f91 R08: 0000000000000000 R09: 0000000000000000 [ 720.710193][T13348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.710201][T13348] R13: 00007f7c557e6038 R14: 00007f7c557e5fa0 R15: 00007ffdff182b08 [ 720.710220][T13348] [ 720.715709][T13252] Total swap = 124996kB [ 721.115566][ T8126] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 933 with max blocks 6 with error 117 [ 721.177990][ T8126] EXT4-fs (sda1): This should not happen!! Data will be lost [ 721.177990][ T8126] [ 721.316310][T13354] futex_wake_op: syz.5.1564 tries to shift op by -2048; fix this program [ 721.469219][T13354] futex_wake_op: syz.5.1564 tries to shift op by -2048; fix this program [ 722.518270][T13252] 2097051 pages RAM [ 722.540549][T13252] 0 pages HighMem/MovableOnly [ 722.570200][T13252] 429564 pages reserved [ 722.593998][T13252] 0 pages cma reserved [ 723.535708][T13376] FAULT_INJECTION: forcing a failure. [ 723.535708][T13376] name failslab, interval 1, probability 0, space 0, times 0 [ 723.630552][T13376] CPU: 0 UID: 0 PID: 13376 Comm: syz.3.1569 Tainted: G U L syzkaller #0 PREEMPT(full) [ 723.630590][T13376] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 723.630596][T13376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 723.630605][T13376] Call Trace: [ 723.630610][T13376] [ 723.630615][T13376] dump_stack_lvl+0x16c/0x1f0 [ 723.630642][T13376] should_fail_ex+0x512/0x640 [ 723.630662][T13376] ? __kmalloc_cache_noprof+0x5f/0x800 [ 723.630685][T13376] should_failslab+0xc2/0x120 [ 723.630703][T13376] __kmalloc_cache_noprof+0x80/0x800 [ 723.630723][T13376] ? lock_acquire+0x179/0x330 [ 723.630740][T13376] ? open_substream+0xec/0x9d0 [ 723.630758][T13376] ? find_held_lock+0x2b/0x80 [ 723.630779][T13376] ? open_substream+0xec/0x9d0 [ 723.630796][T13376] open_substream+0xec/0x9d0 [ 723.630814][T13376] ? lockdep_hardirqs_on+0x7c/0x110 [ 723.630835][T13376] rawmidi_open_priv+0x543/0x6e0 [ 723.630851][T13376] snd_rawmidi_open+0x4cb/0xbf0 [ 723.630867][T13376] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 723.630881][T13376] ? __pfx_default_wake_function+0x10/0x10 [ 723.630903][T13376] ? kobject_get_unless_zero+0x156/0x1e0 [ 723.630926][T13376] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 723.630938][T13376] snd_open+0x22d/0x4c0 [ 723.630955][T13376] ? __pfx_snd_open+0x10/0x10 [ 723.630971][T13376] chrdev_open+0x234/0x6a0 [ 723.630989][T13376] ? __pfx_apparmor_file_open+0x10/0x10 [ 723.631008][T13376] ? __pfx_chrdev_open+0x10/0x10 [ 723.631027][T13376] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 723.631050][T13376] do_dentry_open+0x748/0x1590 [ 723.631068][T13376] ? __pfx_chrdev_open+0x10/0x10 [ 723.631091][T13376] vfs_open+0x82/0x3f0 [ 723.631107][T13376] path_openat+0x2078/0x3140 [ 723.631132][T13376] ? __pfx_path_openat+0x10/0x10 [ 723.631157][T13376] do_filp_open+0x20b/0x470 [ 723.631175][T13376] ? __pfx_do_filp_open+0x10/0x10 [ 723.631207][T13376] ? alloc_fd+0x471/0x7d0 [ 723.631230][T13376] do_sys_openat2+0x11f/0x280 [ 723.631244][T13376] ? __pfx_do_sys_openat2+0x10/0x10 [ 723.631265][T13376] __x64_sys_openat+0x174/0x210 [ 723.631279][T13376] ? __pfx___x64_sys_openat+0x10/0x10 [ 723.631301][T13376] do_syscall_64+0xcd/0xf80 [ 723.631321][T13376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 723.631336][T13376] RIP: 0033:0x7f8a7278f7c9 [ 723.631348][T13376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 723.631361][T13376] RSP: 002b:00007f8a735c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 723.631374][T13376] RAX: ffffffffffffffda RBX: 00007f8a729e5fa0 RCX: 00007f8a7278f7c9 [ 723.631384][T13376] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 723.631393][T13376] RBP: 00007f8a72813f91 R08: 0000000000000000 R09: 0000000000000000 [ 723.631402][T13376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 723.631410][T13376] R13: 00007f8a729e6038 R14: 00007f8a729e5fa0 R15: 00007fffbd21fcc8 [ 723.631429][T13376] [ 724.805692][T13397] openvswitch: netlink: Message has 8 unknown bytes. [ 724.847240][T13397] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input110 [ 724.858199][T13399] program syz.6.1576 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 725.488005][T13413] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1579'. [ 725.977392][T13426] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1583'. [ 726.134838][T13429] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1584'. [ 727.513223][T13459] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1591'. [ 727.785154][T13463] openvswitch: netlink: Message has 8 unknown bytes. [ 728.671539][ T5834] Bluetooth: hci5: SCO packet for unknown connection handle 0 [ 728.706471][T13479] FAULT_INJECTION: forcing a failure. [ 728.706471][T13479] name failslab, interval 1, probability 0, space 0, times 0 [ 728.853943][T13479] CPU: 0 UID: 0 PID: 13479 Comm: syz.5.1599 Tainted: G U L syzkaller #0 PREEMPT(full) [ 728.853971][T13479] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 728.853976][T13479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 728.853984][T13479] Call Trace: [ 728.853989][T13479] [ 728.853994][T13479] dump_stack_lvl+0x16c/0x1f0 [ 728.854019][T13479] should_fail_ex+0x512/0x640 [ 728.854040][T13479] ? fs_reclaim_acquire+0xae/0x150 [ 728.854060][T13479] should_failslab+0xc2/0x120 [ 728.854079][T13479] __kmalloc_noprof+0xeb/0x910 [ 728.854099][T13479] ? tomoyo_encode2+0x100/0x3e0 [ 728.854116][T13479] ? tomoyo_encode2+0x100/0x3e0 [ 728.854129][T13479] tomoyo_encode2+0x100/0x3e0 [ 728.854150][T13479] tomoyo_encode+0x29/0x50 [ 728.854164][T13479] tomoyo_realpath_from_path+0x18f/0x6e0 [ 728.854184][T13479] tomoyo_check_open_permission+0x2ab/0x3c0 [ 728.854206][T13479] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 728.854243][T13479] ? lock_acquire+0x179/0x330 [ 728.854260][T13479] ? find_held_lock+0x2b/0x80 [ 728.854282][T13479] ? mnt_get_write_access+0x52/0x2f0 [ 728.854299][T13479] tomoyo_file_open+0x6b/0x90 [ 728.854316][T13479] security_file_open+0x84/0x1e0 [ 728.854330][T13479] do_dentry_open+0x597/0x1590 [ 728.854351][T13479] ? security_inode_permission+0xbf/0x260 [ 728.854374][T13479] vfs_open+0x82/0x3f0 [ 728.854390][T13479] path_openat+0x2078/0x3140 [ 728.854415][T13479] ? __pfx_path_openat+0x10/0x10 [ 728.854440][T13479] do_filp_open+0x20b/0x470 [ 728.854460][T13479] ? __pfx_do_filp_open+0x10/0x10 [ 728.854492][T13479] ? alloc_fd+0x471/0x7d0 [ 728.854516][T13479] do_sys_openat2+0x11f/0x280 [ 728.854530][T13479] ? __pfx_do_sys_openat2+0x10/0x10 [ 728.854551][T13479] __x64_sys_openat+0x174/0x210 [ 728.854566][T13479] ? __pfx___x64_sys_openat+0x10/0x10 [ 728.854588][T13479] do_syscall_64+0xcd/0xf80 [ 728.854610][T13479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.854623][T13479] RIP: 0033:0x7f42eeb8f7c9 [ 728.854635][T13479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 728.854648][T13479] RSP: 002b:00007f42efa54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 728.854662][T13479] RAX: ffffffffffffffda RBX: 00007f42eede5fa0 RCX: 00007f42eeb8f7c9 [ 728.854671][T13479] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 728.854680][T13479] RBP: 00007f42eec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 728.854688][T13479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 728.854696][T13479] R13: 00007f42eede6038 R14: 00007f42eede5fa0 R15: 00007ffc0c76b908 [ 728.854715][T13479] [ 728.854731][T13479] ERROR: Out of memory at tomoyo_realpath_from_path. [ 730.102845][T13503] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1604'. [ 730.212963][T13504] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1605'. [ 730.285091][T13505] Trying to write to read-only block-device sda1 [ 731.463334][T13520] zswap: compressor 000 not available [ 731.921704][T13530] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1613'. [ 732.951106][T13537] openvswitch: netlink: Message has 8 unknown bytes. [ 733.245363][T13539] nvme_fabrics: unknown parameter or missing value 'û@è' in ctrl creation request [ 733.337844][T13541] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input111 [ 733.681666][T13547] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1618'. [ 734.109288][T13541] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input112 [ 735.696154][T13582] openvswitch: netlink: Message has 8 unknown bytes. [ 736.151681][T13586] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1629'. [ 737.207241][T13601] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1634'. [ 738.581146][T13622] FAULT_INJECTION: forcing a failure. [ 738.581146][T13622] name failslab, interval 1, probability 0, space 0, times 0 [ 738.798960][T13622] CPU: 0 UID: 0 PID: 13622 Comm: syz.5.1637 Tainted: G U L syzkaller #0 PREEMPT(full) [ 738.798987][T13622] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 738.798993][T13622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 738.799004][T13622] Call Trace: [ 738.799009][T13622] [ 738.799016][T13622] dump_stack_lvl+0x16c/0x1f0 [ 738.799042][T13622] should_fail_ex+0x512/0x640 [ 738.799062][T13622] ? __kmalloc_cache_noprof+0x5f/0x800 [ 738.799086][T13622] should_failslab+0xc2/0x120 [ 738.799105][T13622] __kmalloc_cache_noprof+0x80/0x800 [ 738.799130][T13622] ? do_raw_spin_unlock+0x172/0x230 [ 738.799149][T13622] ? snd_rawmidi_open+0x3c3/0xbf0 [ 738.799166][T13622] ? snd_card_file_add+0x26e/0x340 [ 738.799186][T13622] ? snd_rawmidi_open+0x3c3/0xbf0 [ 738.799198][T13622] snd_rawmidi_open+0x3c3/0xbf0 [ 738.799214][T13622] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 738.799232][T13622] ? kobject_get_unless_zero+0x156/0x1e0 [ 738.799256][T13622] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 738.799270][T13622] snd_open+0x22d/0x4c0 [ 738.799287][T13622] ? __pfx_snd_open+0x10/0x10 [ 738.799303][T13622] chrdev_open+0x234/0x6a0 [ 738.799322][T13622] ? __pfx_apparmor_file_open+0x10/0x10 [ 738.799341][T13622] ? __pfx_chrdev_open+0x10/0x10 [ 738.799360][T13622] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 738.799384][T13622] do_dentry_open+0x748/0x1590 [ 738.799402][T13622] ? __pfx_chrdev_open+0x10/0x10 [ 738.799425][T13622] vfs_open+0x82/0x3f0 [ 738.799442][T13622] path_openat+0x2078/0x3140 [ 738.799466][T13622] ? __pfx_path_openat+0x10/0x10 [ 738.799492][T13622] do_filp_open+0x20b/0x470 [ 738.799511][T13622] ? __pfx_do_filp_open+0x10/0x10 [ 738.799543][T13622] ? alloc_fd+0x471/0x7d0 [ 738.799566][T13622] do_sys_openat2+0x11f/0x280 [ 738.799580][T13622] ? __pfx_do_sys_openat2+0x10/0x10 [ 738.799601][T13622] __x64_sys_openat+0x174/0x210 [ 738.799616][T13622] ? __pfx___x64_sys_openat+0x10/0x10 [ 738.799638][T13622] do_syscall_64+0xcd/0xf80 [ 738.799659][T13622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 738.799674][T13622] RIP: 0033:0x7f42eeb8f7c9 [ 738.799687][T13622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 738.799701][T13622] RSP: 002b:00007f42efa54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 738.799715][T13622] RAX: ffffffffffffffda RBX: 00007f42eede5fa0 RCX: 00007f42eeb8f7c9 [ 738.799725][T13622] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 738.799734][T13622] RBP: 00007f42eec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 738.799742][T13622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 738.799751][T13622] R13: 00007f42eede6038 R14: 00007f42eede5fa0 R15: 00007ffc0c76b908 [ 738.799771][T13622] [ 741.374987][T13644] openvswitch: netlink: Message has 8 unknown bytes. [ 741.712753][T13653] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1644'. [ 741.863057][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1646'. [ 741.883483][T13653] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 743.594096][T13682] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input113 [ 743.740364][T13688] netlink: 330 bytes leftover after parsing attributes in process `syz.5.1655'. [ 743.769730][T13683] openvswitch: netlink: Message has 8 unknown bytes. [ 743.804283][T13689] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1654'. [ 743.999315][T13683] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input114 [ 744.666632][T13697] FAULT_INJECTION: forcing a failure. [ 744.666632][T13697] name failslab, interval 1, probability 0, space 0, times 0 [ 744.762646][T13697] CPU: 0 UID: 0 PID: 13697 Comm: syz.3.1657 Tainted: G U L syzkaller #0 PREEMPT(full) [ 744.762674][T13697] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 744.762680][T13697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 744.762689][T13697] Call Trace: [ 744.762695][T13697] [ 744.762700][T13697] dump_stack_lvl+0x16c/0x1f0 [ 744.762726][T13697] should_fail_ex+0x512/0x640 [ 744.762750][T13697] ? __kmalloc_cache_noprof+0x5f/0x800 [ 744.762773][T13697] should_failslab+0xc2/0x120 [ 744.762792][T13697] __kmalloc_cache_noprof+0x80/0x800 [ 744.762811][T13697] ? do_raw_spin_unlock+0x172/0x230 [ 744.762831][T13697] ? snd_rawmidi_open+0x3c3/0xbf0 [ 744.762844][T13697] ? snd_card_file_add+0x26e/0x340 [ 744.762864][T13697] ? snd_rawmidi_open+0x3c3/0xbf0 [ 744.762876][T13697] snd_rawmidi_open+0x3c3/0xbf0 [ 744.762892][T13697] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 744.762910][T13697] ? kobject_get_unless_zero+0x156/0x1e0 [ 744.762932][T13697] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 744.762945][T13697] snd_open+0x22d/0x4c0 [ 744.762962][T13697] ? __pfx_snd_open+0x10/0x10 [ 744.762978][T13697] chrdev_open+0x234/0x6a0 [ 744.762997][T13697] ? __pfx_apparmor_file_open+0x10/0x10 [ 744.763016][T13697] ? __pfx_chrdev_open+0x10/0x10 [ 744.763036][T13697] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 744.763060][T13697] do_dentry_open+0x748/0x1590 [ 744.763077][T13697] ? __pfx_chrdev_open+0x10/0x10 [ 744.763101][T13697] vfs_open+0x82/0x3f0 [ 744.763117][T13697] path_openat+0x2078/0x3140 [ 744.763141][T13697] ? __pfx_path_openat+0x10/0x10 [ 744.763166][T13697] do_filp_open+0x20b/0x470 [ 744.763186][T13697] ? __pfx_do_filp_open+0x10/0x10 [ 744.763218][T13697] ? alloc_fd+0x471/0x7d0 [ 744.763241][T13697] do_sys_openat2+0x11f/0x280 [ 744.763255][T13697] ? __pfx_do_sys_openat2+0x10/0x10 [ 744.763277][T13697] __x64_sys_openat+0x174/0x210 [ 744.763291][T13697] ? __pfx___x64_sys_openat+0x10/0x10 [ 744.763313][T13697] do_syscall_64+0xcd/0xf80 [ 744.763334][T13697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.763348][T13697] RIP: 0033:0x7f8a7278f7c9 [ 744.763360][T13697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 744.763375][T13697] RSP: 002b:00007f8a735c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 744.763388][T13697] RAX: ffffffffffffffda RBX: 00007f8a729e5fa0 RCX: 00007f8a7278f7c9 [ 744.763398][T13697] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 744.763408][T13697] RBP: 00007f8a72813f91 R08: 0000000000000000 R09: 0000000000000000 [ 744.763417][T13697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 744.763426][T13697] R13: 00007f8a729e6038 R14: 00007f8a729e5fa0 R15: 00007fffbd21fcc8 [ 744.763446][T13697] [ 745.182051][T13705] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input115 [ 745.379507][T13706] binder: 13694:13706 ioctl c018620c 0 returned -22 [ 745.441454][T13707] openvswitch: netlink: Message has 8 unknown bytes. [ 746.166278][T13707] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input116 [ 747.258640][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.266436][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.929571][T13746] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1667'. [ 749.028263][T13763] usb usb37: usbfs: process 13763 (syz.5.1668) did not claim interface 0 before use [ 749.148444][T13768] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input117 [ 749.423070][T13774] openvswitch: netlink: Message has 8 unknown bytes. [ 749.680407][T13774] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input118 [ 750.357410][T13794] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 754.947559][T13856] FAULT_INJECTION: forcing a failure. [ 754.947559][T13856] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 755.141449][T13856] CPU: 0 UID: 0 PID: 13856 Comm: syz.3.1687 Tainted: G U L syzkaller #0 PREEMPT(full) [ 755.141476][T13856] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 755.141482][T13856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 755.141491][T13856] Call Trace: [ 755.141496][T13856] [ 755.141502][T13856] dump_stack_lvl+0x16c/0x1f0 [ 755.141532][T13856] should_fail_ex+0x512/0x640 [ 755.141557][T13856] _copy_from_user+0x2e/0xd0 [ 755.141578][T13856] __sys_bpf+0x248/0x4980 [ 755.141599][T13856] ? __pfx___sys_bpf+0x10/0x10 [ 755.141615][T13856] ? find_held_lock+0x2b/0x80 [ 755.141640][T13856] ? find_held_lock+0x2b/0x80 [ 755.141665][T13856] ? __mutex_unlock_slowpath+0x161/0x790 [ 755.141697][T13856] ? fput+0x70/0xf0 [ 755.141710][T13856] ? ksys_write+0x1ac/0x250 [ 755.141728][T13856] ? __pfx_ksys_write+0x10/0x10 [ 755.141749][T13856] __x64_sys_bpf+0x78/0xc0 [ 755.141766][T13856] ? lockdep_hardirqs_on+0x7c/0x110 [ 755.141786][T13856] do_syscall_64+0xcd/0xf80 [ 755.141807][T13856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.141822][T13856] RIP: 0033:0x7f8a7278f7c9 [ 755.141834][T13856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.141848][T13856] RSP: 002b:00007f8a735c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 755.141862][T13856] RAX: ffffffffffffffda RBX: 00007f8a729e5fa0 RCX: 00007f8a7278f7c9 [ 755.141872][T13856] RDX: 0000000000000100 RSI: 0000200000000100 RDI: 0000000000000005 [ 755.141881][T13856] RBP: 00007f8a735c3090 R08: 0000000000000000 R09: 0000000000000000 [ 755.141890][T13856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 755.141898][T13856] R13: 00007f8a729e6038 R14: 00007f8a729e5fa0 R15: 00007fffbd21fcc8 [ 755.141917][T13856] [ 755.869666][T13860] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input119 [ 756.051093][T13861] openvswitch: netlink: Message has 8 unknown bytes. [ 756.545905][T13861] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input120 [ 756.916238][T13867] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1690'. [ 757.795735][T13879] FAULT_INJECTION: forcing a failure. [ 757.795735][T13879] name failslab, interval 1, probability 0, space 0, times 0 [ 757.901345][T13879] CPU: 0 UID: 0 PID: 13879 Comm: syz.6.1694 Tainted: G U L syzkaller #0 PREEMPT(full) [ 757.901373][T13879] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 757.901379][T13879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 757.901388][T13879] Call Trace: [ 757.901394][T13879] [ 757.901400][T13879] dump_stack_lvl+0x16c/0x1f0 [ 757.901425][T13879] should_fail_ex+0x512/0x640 [ 757.901446][T13879] ? __kmalloc_cache_noprof+0x5f/0x800 [ 757.901470][T13879] should_failslab+0xc2/0x120 [ 757.901489][T13879] __kmalloc_cache_noprof+0x80/0x800 [ 757.901509][T13879] ? lock_acquire+0x179/0x330 [ 757.901525][T13879] ? open_substream+0xec/0x9d0 [ 757.901545][T13879] ? find_held_lock+0x2b/0x80 [ 757.901566][T13879] ? open_substream+0xec/0x9d0 [ 757.901584][T13879] open_substream+0xec/0x9d0 [ 757.901602][T13879] ? lockdep_hardirqs_on+0x7c/0x110 [ 757.901623][T13879] rawmidi_open_priv+0x543/0x6e0 [ 757.901639][T13879] snd_rawmidi_open+0x4cb/0xbf0 [ 757.901655][T13879] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 757.901669][T13879] ? __pfx_default_wake_function+0x10/0x10 [ 757.901692][T13879] ? kobject_get_unless_zero+0x156/0x1e0 [ 757.901715][T13879] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 757.901728][T13879] snd_open+0x22d/0x4c0 [ 757.901746][T13879] ? __pfx_snd_open+0x10/0x10 [ 757.901762][T13879] chrdev_open+0x234/0x6a0 [ 757.901781][T13879] ? __pfx_apparmor_file_open+0x10/0x10 [ 757.901800][T13879] ? __pfx_chrdev_open+0x10/0x10 [ 757.901819][T13879] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 757.901843][T13879] do_dentry_open+0x748/0x1590 [ 757.901861][T13879] ? __pfx_chrdev_open+0x10/0x10 [ 757.901888][T13879] vfs_open+0x82/0x3f0 [ 757.901905][T13879] path_openat+0x2078/0x3140 [ 757.901931][T13879] ? __pfx_path_openat+0x10/0x10 [ 757.901957][T13879] do_filp_open+0x20b/0x470 [ 757.901976][T13879] ? __pfx_do_filp_open+0x10/0x10 [ 757.902008][T13879] ? alloc_fd+0x471/0x7d0 [ 757.902032][T13879] do_sys_openat2+0x11f/0x280 [ 757.902046][T13879] ? __pfx_do_sys_openat2+0x10/0x10 [ 757.902067][T13879] __x64_sys_openat+0x174/0x210 [ 757.902081][T13879] ? __pfx___x64_sys_openat+0x10/0x10 [ 757.902103][T13879] do_syscall_64+0xcd/0xf80 [ 757.902124][T13879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 757.902139][T13879] RIP: 0033:0x7f7c5558f7c9 [ 757.902151][T13879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 757.902165][T13879] RSP: 002b:00007f7c56383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 757.902179][T13879] RAX: ffffffffffffffda RBX: 00007f7c557e5fa0 RCX: 00007f7c5558f7c9 [ 757.902189][T13879] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 757.902198][T13879] RBP: 00007f7c55613f91 R08: 0000000000000000 R09: 0000000000000000 [ 757.902207][T13879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 757.902216][T13879] R13: 00007f7c557e6038 R14: 00007f7c557e5fa0 R15: 00007ffdff182b08 [ 757.902236][T13879] [ 758.925117][T13893] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input121 [ 759.133257][T13898] openvswitch: netlink: Message has 8 unknown bytes. [ 759.775191][T13898] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input122 [ 760.389969][T13917] netlink: zone id is out of range [ 760.439262][T13917] netlink: del zone limit has 4 unknown bytes [ 760.528368][T13917] HfR: entered promiscuous mode [ 760.858113][T13923] FAULT_INJECTION: forcing a failure. [ 760.858113][T13923] name failslab, interval 1, probability 0, space 0, times 0 [ 760.922901][T13930] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1702'. [ 761.040119][T13923] CPU: 0 UID: 0 PID: 13923 Comm: syz.5.1701 Tainted: G U L syzkaller #0 PREEMPT(full) [ 761.040146][T13923] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 761.040152][T13923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 761.040161][T13923] Call Trace: [ 761.040167][T13923] [ 761.040172][T13923] dump_stack_lvl+0x16c/0x1f0 [ 761.040198][T13923] should_fail_ex+0x512/0x640 [ 761.040219][T13923] ? __kmalloc_cache_noprof+0x5f/0x800 [ 761.040243][T13923] should_failslab+0xc2/0x120 [ 761.040262][T13923] __kmalloc_cache_noprof+0x80/0x800 [ 761.040283][T13923] ? allocate_file_region_entries+0x1a0/0x620 [ 761.040302][T13923] ? allocate_file_region_entries+0x1a0/0x620 [ 761.040317][T13923] allocate_file_region_entries+0x1a0/0x620 [ 761.040335][T13923] ? __pfx_allocate_file_region_entries+0x10/0x10 [ 761.040356][T13923] region_chg+0x85/0x140 [ 761.040371][T13923] __vma_reservation_common+0x43b/0x740 [ 761.040388][T13923] ? __pfx___vma_reservation_common+0x10/0x10 [ 761.040402][T13923] ? filemap_get_entry+0x1a7/0x3b0 [ 761.040427][T13923] alloc_hugetlb_folio+0x8ff/0x14c0 [ 761.040448][T13923] ? __pfx_alloc_hugetlb_folio+0x10/0x10 [ 761.040469][T13923] ? __filemap_get_folio_mpol+0x32f/0xc60 [ 761.040494][T13923] hugetlb_no_page+0x10fa/0x2140 [ 761.040520][T13923] hugetlb_fault+0x5ed/0x1750 [ 761.040543][T13923] ? __pfx_hugetlb_fault+0x10/0x10 [ 761.040569][T13923] ? find_vma+0xbf/0x140 [ 761.040583][T13923] ? __pfx_find_vma+0x10/0x10 [ 761.040599][T13923] handle_mm_fault+0x95d/0xad0 [ 761.040621][T13923] do_user_addr_fault+0x2e4/0xda0 [ 761.040641][T13923] ? rcu_is_watching+0x12/0xc0 [ 761.040658][T13923] exc_page_fault+0x64/0xc0 [ 761.040679][T13923] asm_exc_page_fault+0x26/0x30 [ 761.040693][T13923] RIP: 0010:__put_user_4+0xd/0x20 [ 761.040713][T13923] Code: 66 89 01 31 c9 0f 01 ca e9 50 b8 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 [ 761.040726][T13923] RSP: 0018:ffffc90003657d78 EFLAGS: 00050246 [ 761.040738][T13923] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 761.040747][T13923] RDX: 0000000000080000 RSI: ffffffff88f49722 RDI: ffffffff8bf22c00 [ 761.040756][T13923] RBP: 1ffff920006cafb1 R08: 000000005a52c59b R09: 00000000ffffffff [ 761.040765][T13923] R10: ffff888060f2e6b0 R11: 00000000ffffffff R12: 0000000000000000 [ 761.040774][T13923] R13: 00000000800455d1 R14: ffff888030e03e10 R15: ffff888030e03e00 [ 761.040789][T13923] ? snd_ctl_ioctl+0x322/0x13c0 [ 761.040809][T13923] snd_ctl_ioctl+0x32c/0x13c0 [ 761.040825][T13923] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 761.040844][T13923] ? find_held_lock+0x2b/0x80 [ 761.040865][T13923] ? hook_file_ioctl_common+0x144/0x410 [ 761.040890][T13923] ? __fget_files+0x20e/0x3c0 [ 761.040912][T13923] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 761.040929][T13923] __x64_sys_ioctl+0x18e/0x210 [ 761.040954][T13923] do_syscall_64+0xcd/0xf80 [ 761.040976][T13923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 761.040990][T13923] RIP: 0033:0x7f42eeb8f7c9 [ 761.041003][T13923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 761.041016][T13923] RSP: 002b:00007f42efa33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 761.041028][T13923] RAX: ffffffffffffffda RBX: 00007f42eede6090 RCX: 00007f42eeb8f7c9 [ 761.041041][T13923] RDX: 0000000000000000 RSI: 00000000800455d1 RDI: 0000000000000006 [ 761.041050][T13923] RBP: 00007f42eec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 761.041058][T13923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 761.041067][T13923] R13: 00007f42eede6128 R14: 00007f42eede6090 R15: 00007ffc0c76b908 [ 761.041086][T13923] [ 764.583972][T13974] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1711'. [ 764.598089][T13975] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1712'. [ 764.907291][T13978] FAULT_INJECTION: forcing a failure. [ 764.907291][T13978] name failslab, interval 1, probability 0, space 0, times 0 [ 764.992874][T13978] CPU: 0 UID: 0 PID: 13978 Comm: syz.6.1713 Tainted: G U L syzkaller #0 PREEMPT(full) [ 764.992905][T13978] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 764.992912][T13978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 764.992921][T13978] Call Trace: [ 764.992927][T13978] [ 764.992933][T13978] dump_stack_lvl+0x16c/0x1f0 [ 764.992962][T13978] should_fail_ex+0x512/0x640 [ 764.992985][T13978] ? __kmalloc_cache_noprof+0x5f/0x800 [ 764.993012][T13978] should_failslab+0xc2/0x120 [ 764.993032][T13978] __kmalloc_cache_noprof+0x80/0x800 [ 764.993054][T13978] ? do_raw_spin_unlock+0x172/0x230 [ 764.993075][T13978] ? snd_rawmidi_open+0x3c3/0xbf0 [ 764.993090][T13978] ? snd_card_file_add+0x26e/0x340 [ 764.993112][T13978] ? snd_rawmidi_open+0x3c3/0xbf0 [ 764.993125][T13978] snd_rawmidi_open+0x3c3/0xbf0 [ 764.993143][T13978] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 764.993161][T13978] ? kobject_get_unless_zero+0x156/0x1e0 [ 764.993186][T13978] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 764.993201][T13978] snd_open+0x22d/0x4c0 [ 764.993221][T13978] ? __pfx_snd_open+0x10/0x10 [ 764.993240][T13978] chrdev_open+0x234/0x6a0 [ 764.993262][T13978] ? __pfx_apparmor_file_open+0x10/0x10 [ 764.993283][T13978] ? __pfx_chrdev_open+0x10/0x10 [ 764.993306][T13978] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 764.993333][T13978] do_dentry_open+0x748/0x1590 [ 764.993353][T13978] ? __pfx_chrdev_open+0x10/0x10 [ 764.993380][T13978] vfs_open+0x82/0x3f0 [ 764.993397][T13978] path_openat+0x2078/0x3140 [ 764.993425][T13978] ? __pfx_path_openat+0x10/0x10 [ 764.993452][T13978] do_filp_open+0x20b/0x470 [ 764.993474][T13978] ? __pfx_do_filp_open+0x10/0x10 [ 764.993508][T13978] ? alloc_fd+0x471/0x7d0 [ 764.993534][T13978] do_sys_openat2+0x11f/0x280 [ 764.993550][T13978] ? __pfx_do_sys_openat2+0x10/0x10 [ 764.993573][T13978] __x64_sys_openat+0x174/0x210 [ 764.993589][T13978] ? __pfx___x64_sys_openat+0x10/0x10 [ 764.993613][T13978] do_syscall_64+0xcd/0xf80 [ 764.993637][T13978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.993653][T13978] RIP: 0033:0x7f7c5558f7c9 [ 764.993666][T13978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 764.993681][T13978] RSP: 002b:00007f7c56383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 764.993696][T13978] RAX: ffffffffffffffda RBX: 00007f7c557e5fa0 RCX: 00007f7c5558f7c9 [ 764.993707][T13978] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 764.993717][T13978] RBP: 00007f7c55613f91 R08: 0000000000000000 R09: 0000000000000000 [ 764.993725][T13978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 764.993734][T13978] R13: 00007f7c557e6038 R14: 00007f7c557e5fa0 R15: 00007ffdff182b08 [ 764.993754][T13978] [ 765.286921][T13981] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input123 [ 765.345368][T13982] openvswitch: netlink: Message has 8 unknown bytes. [ 765.690121][T13985] afs: Bad value for 'source' [ 766.303150][T13982] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input124 [ 766.831228][ T30] audit: type=1804 audit(6442451396.567:18): pid=14001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.1718" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=47 res=1 errno=0 [ 767.199312][T14005] futex_wake_op: syz.3.1719 tries to shift op by -2048; fix this program [ 767.207905][T14005] futex_wake_op: syz.3.1719 tries to shift op by -2048; fix this program [ 767.321717][T14009] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input125 [ 767.371505][T14005] 0x000000000001-0x000000020000 : "" [ 767.550617][T14005] ftl_cs: FTL header corrupt! [ 767.622076][T14013] openvswitch: netlink: Message has 8 unknown bytes. [ 767.935832][T14018] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input126 [ 768.370927][T14023] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1722'. [ 768.634474][T14031] FAULT_INJECTION: forcing a failure. [ 768.634474][T14031] name failslab, interval 1, probability 0, space 0, times 0 [ 768.690101][T14032] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1725'. [ 768.740766][T14031] CPU: 0 UID: 0 PID: 14031 Comm: syz.3.1726 Tainted: G U L syzkaller #0 PREEMPT(full) [ 768.740815][T14031] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 768.740827][T14031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 768.740845][T14031] Call Trace: [ 768.740854][T14031] [ 768.740866][T14031] dump_stack_lvl+0x16c/0x1f0 [ 768.740921][T14031] should_fail_ex+0x512/0x640 [ 768.740955][T14031] ? __kmalloc_cache_noprof+0x5f/0x800 [ 768.740981][T14031] should_failslab+0xc2/0x120 [ 768.741001][T14031] __kmalloc_cache_noprof+0x80/0x800 [ 768.741023][T14031] ? do_raw_spin_unlock+0x172/0x230 [ 768.741045][T14031] ? snd_rawmidi_open+0x3c3/0xbf0 [ 768.741060][T14031] ? snd_card_file_add+0x26e/0x340 [ 768.741082][T14031] ? snd_rawmidi_open+0x3c3/0xbf0 [ 768.741095][T14031] snd_rawmidi_open+0x3c3/0xbf0 [ 768.741113][T14031] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 768.741132][T14031] ? kobject_get_unless_zero+0x156/0x1e0 [ 768.741157][T14031] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 768.741171][T14031] snd_open+0x22d/0x4c0 [ 768.741191][T14031] ? __pfx_snd_open+0x10/0x10 [ 768.741219][T14031] chrdev_open+0x234/0x6a0 [ 768.741243][T14031] ? __pfx_apparmor_file_open+0x10/0x10 [ 768.741265][T14031] ? __pfx_chrdev_open+0x10/0x10 [ 768.741288][T14031] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 768.741315][T14031] do_dentry_open+0x748/0x1590 [ 768.741335][T14031] ? __pfx_chrdev_open+0x10/0x10 [ 768.741361][T14031] vfs_open+0x82/0x3f0 [ 768.741378][T14031] path_openat+0x2078/0x3140 [ 768.741405][T14031] ? __pfx_path_openat+0x10/0x10 [ 768.741433][T14031] do_filp_open+0x20b/0x470 [ 768.741455][T14031] ? __pfx_do_filp_open+0x10/0x10 [ 768.741489][T14031] ? alloc_fd+0x471/0x7d0 [ 768.741514][T14031] do_sys_openat2+0x11f/0x280 [ 768.741530][T14031] ? __pfx_do_sys_openat2+0x10/0x10 [ 768.741553][T14031] __x64_sys_openat+0x174/0x210 [ 768.741569][T14031] ? __pfx___x64_sys_openat+0x10/0x10 [ 768.741593][T14031] do_syscall_64+0xcd/0xf80 [ 768.741617][T14031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.741633][T14031] RIP: 0033:0x7f8a7278f7c9 [ 768.741647][T14031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.741661][T14031] RSP: 002b:00007f8a735c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 768.741676][T14031] RAX: ffffffffffffffda RBX: 00007f8a729e5fa0 RCX: 00007f8a7278f7c9 [ 768.741687][T14031] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 768.741696][T14031] RBP: 00007f8a72813f91 R08: 0000000000000000 R09: 0000000000000000 [ 768.741705][T14031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 768.741714][T14031] R13: 00007f8a729e6038 R14: 00007f8a729e5fa0 R15: 00007fffbd21fcc8 [ 768.741733][T14031] [ 769.888236][T14039] FAULT_INJECTION: forcing a failure. [ 769.888236][T14039] name failslab, interval 1, probability 0, space 0, times 0 [ 769.989308][T14039] CPU: 0 UID: 0 PID: 14039 Comm: syz.5.1735 Tainted: G U L syzkaller #0 PREEMPT(full) [ 769.989336][T14039] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 769.989342][T14039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 769.989352][T14039] Call Trace: [ 769.989358][T14039] [ 769.989363][T14039] dump_stack_lvl+0x16c/0x1f0 [ 769.989389][T14039] should_fail_ex+0x512/0x640 [ 769.989409][T14039] ? __kmalloc_cache_noprof+0x5f/0x800 [ 769.989433][T14039] should_failslab+0xc2/0x120 [ 769.989452][T14039] __kmalloc_cache_noprof+0x80/0x800 [ 769.989471][T14039] ? do_raw_spin_unlock+0x172/0x230 [ 769.989490][T14039] ? snd_rawmidi_open+0x3c3/0xbf0 [ 769.989504][T14039] ? snd_card_file_add+0x26e/0x340 [ 769.989524][T14039] ? snd_rawmidi_open+0x3c3/0xbf0 [ 769.989535][T14039] snd_rawmidi_open+0x3c3/0xbf0 [ 769.989552][T14039] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 769.989569][T14039] ? kobject_get_unless_zero+0x156/0x1e0 [ 769.989591][T14039] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 769.989604][T14039] snd_open+0x22d/0x4c0 [ 769.989622][T14039] ? __pfx_snd_open+0x10/0x10 [ 769.989638][T14039] chrdev_open+0x234/0x6a0 [ 769.989657][T14039] ? __pfx_apparmor_file_open+0x10/0x10 [ 769.989676][T14039] ? __pfx_chrdev_open+0x10/0x10 [ 769.989696][T14039] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 769.989720][T14039] do_dentry_open+0x748/0x1590 [ 769.989737][T14039] ? __pfx_chrdev_open+0x10/0x10 [ 769.989761][T14039] vfs_open+0x82/0x3f0 [ 769.989777][T14039] path_openat+0x2078/0x3140 [ 769.989802][T14039] ? __pfx_path_openat+0x10/0x10 [ 769.989834][T14039] do_filp_open+0x20b/0x470 [ 769.989855][T14039] ? __pfx_do_filp_open+0x10/0x10 [ 769.989890][T14039] ? alloc_fd+0x471/0x7d0 [ 769.989914][T14039] do_sys_openat2+0x11f/0x280 [ 769.989929][T14039] ? __pfx_do_sys_openat2+0x10/0x10 [ 769.989951][T14039] __x64_sys_openat+0x174/0x210 [ 769.989966][T14039] ? __pfx___x64_sys_openat+0x10/0x10 [ 769.989988][T14039] do_syscall_64+0xcd/0xf80 [ 769.990009][T14039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 769.990023][T14039] RIP: 0033:0x7f42eeb8f7c9 [ 769.990036][T14039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 769.990049][T14039] RSP: 002b:00007f42efa54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 769.990063][T14039] RAX: ffffffffffffffda RBX: 00007f42eede5fa0 RCX: 00007f42eeb8f7c9 [ 769.990074][T14039] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 769.990083][T14039] RBP: 00007f42eec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 769.990091][T14039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 769.990100][T14039] R13: 00007f42eede6038 R14: 00007f42eede5fa0 R15: 00007ffc0c76b908 [ 769.990125][T14039] [ 770.683062][T14049] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1728'. [ 771.016292][T14053] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input127 [ 771.304768][T14058] openvswitch: netlink: Message has 8 unknown bytes. [ 771.733636][T14058] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input128 [ 774.040917][T14111] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1744'. [ 774.119689][T14111] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1744'. [ 774.877403][T14132] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1750'. [ 775.935406][T14150] FAULT_INJECTION: forcing a failure. [ 775.935406][T14150] name failslab, interval 1, probability 0, space 0, times 0 [ 776.033585][T14150] CPU: 0 UID: 0 PID: 14150 Comm: syz.5.1753 Tainted: G U L syzkaller #0 PREEMPT(full) [ 776.033614][T14150] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 776.033620][T14150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 776.033629][T14150] Call Trace: [ 776.033634][T14150] [ 776.033641][T14150] dump_stack_lvl+0x16c/0x1f0 [ 776.033667][T14150] should_fail_ex+0x512/0x640 [ 776.033689][T14150] ? __kmalloc_cache_noprof+0x5f/0x800 [ 776.033713][T14150] should_failslab+0xc2/0x120 [ 776.033733][T14150] __kmalloc_cache_noprof+0x80/0x800 [ 776.033752][T14150] ? do_raw_spin_unlock+0x172/0x230 [ 776.033771][T14150] ? snd_rawmidi_open+0x3c3/0xbf0 [ 776.033785][T14150] ? snd_card_file_add+0x26e/0x340 [ 776.033805][T14150] ? snd_rawmidi_open+0x3c3/0xbf0 [ 776.033818][T14150] snd_rawmidi_open+0x3c3/0xbf0 [ 776.033835][T14150] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 776.033852][T14150] ? kobject_get_unless_zero+0x156/0x1e0 [ 776.033874][T14150] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 776.033887][T14150] snd_open+0x22d/0x4c0 [ 776.033905][T14150] ? __pfx_snd_open+0x10/0x10 [ 776.033921][T14150] chrdev_open+0x234/0x6a0 [ 776.033940][T14150] ? __pfx_apparmor_file_open+0x10/0x10 [ 776.033958][T14150] ? __pfx_chrdev_open+0x10/0x10 [ 776.033978][T14150] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 776.034002][T14150] do_dentry_open+0x748/0x1590 [ 776.034019][T14150] ? __pfx_chrdev_open+0x10/0x10 [ 776.034043][T14150] vfs_open+0x82/0x3f0 [ 776.034059][T14150] path_openat+0x2078/0x3140 [ 776.034084][T14150] ? __pfx_path_openat+0x10/0x10 [ 776.034109][T14150] do_filp_open+0x20b/0x470 [ 776.034129][T14150] ? __pfx_do_filp_open+0x10/0x10 [ 776.034160][T14150] ? alloc_fd+0x471/0x7d0 [ 776.034184][T14150] do_sys_openat2+0x11f/0x280 [ 776.034198][T14150] ? __pfx_do_sys_openat2+0x10/0x10 [ 776.034220][T14150] __x64_sys_openat+0x174/0x210 [ 776.034234][T14150] ? __pfx___x64_sys_openat+0x10/0x10 [ 776.034256][T14150] do_syscall_64+0xcd/0xf80 [ 776.034277][T14150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 776.034291][T14150] RIP: 0033:0x7f42eeb8f7c9 [ 776.034304][T14150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 776.034318][T14150] RSP: 002b:00007f42efa54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 776.034332][T14150] RAX: ffffffffffffffda RBX: 00007f42eede5fa0 RCX: 00007f42eeb8f7c9 [ 776.034342][T14150] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 776.034352][T14150] RBP: 00007f42eec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 776.034360][T14150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 776.034369][T14150] R13: 00007f42eede6038 R14: 00007f42eede5fa0 R15: 00007ffc0c76b908 [ 776.034389][T14150] [ 778.690674][T14183] input: f¬ as /devices/virtual/input/input129 [ 779.461090][T14196] could not allocate digest TFM handle [ 780.606966][T14223] netlink: 98 bytes leftover after parsing attributes in process `syz.4.1767'. [ 780.873622][ T30] audit: type=1326 audit(6442451410.657:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14224 comm="syz.5.1769" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f42eeb8f7c9 code=0x0 [ 781.195274][T14233] FAULT_INJECTION: forcing a failure. [ 781.195274][T14233] name failslab, interval 1, probability 0, space 0, times 0 [ 781.374196][T14233] CPU: 0 UID: 0 PID: 14233 Comm: syz.4.1770 Tainted: G U L syzkaller #0 PREEMPT(full) [ 781.374223][T14233] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 781.374229][T14233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 781.374239][T14233] Call Trace: [ 781.374244][T14233] [ 781.374251][T14233] dump_stack_lvl+0x16c/0x1f0 [ 781.374276][T14233] should_fail_ex+0x512/0x640 [ 781.374297][T14233] ? __kmalloc_cache_noprof+0x5f/0x800 [ 781.374321][T14233] should_failslab+0xc2/0x120 [ 781.374339][T14233] __kmalloc_cache_noprof+0x80/0x800 [ 781.374360][T14233] ? do_raw_spin_unlock+0x172/0x230 [ 781.374380][T14233] ? snd_rawmidi_open+0x3c3/0xbf0 [ 781.374394][T14233] ? snd_card_file_add+0x26e/0x340 [ 781.374414][T14233] ? snd_rawmidi_open+0x3c3/0xbf0 [ 781.374426][T14233] snd_rawmidi_open+0x3c3/0xbf0 [ 781.374442][T14233] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 781.374459][T14233] ? kobject_get_unless_zero+0x156/0x1e0 [ 781.374482][T14233] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 781.374495][T14233] snd_open+0x22d/0x4c0 [ 781.374512][T14233] ? __pfx_snd_open+0x10/0x10 [ 781.374528][T14233] chrdev_open+0x234/0x6a0 [ 781.374547][T14233] ? __pfx_apparmor_file_open+0x10/0x10 [ 781.374566][T14233] ? __pfx_chrdev_open+0x10/0x10 [ 781.374585][T14233] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 781.374610][T14233] do_dentry_open+0x748/0x1590 [ 781.374628][T14233] ? __pfx_chrdev_open+0x10/0x10 [ 781.374652][T14233] vfs_open+0x82/0x3f0 [ 781.374668][T14233] path_openat+0x2078/0x3140 [ 781.374693][T14233] ? __pfx_path_openat+0x10/0x10 [ 781.374718][T14233] do_filp_open+0x20b/0x470 [ 781.374737][T14233] ? __pfx_do_filp_open+0x10/0x10 [ 781.374769][T14233] ? alloc_fd+0x471/0x7d0 [ 781.374793][T14233] do_sys_openat2+0x11f/0x280 [ 781.374807][T14233] ? __pfx_do_sys_openat2+0x10/0x10 [ 781.374828][T14233] __x64_sys_openat+0x174/0x210 [ 781.374843][T14233] ? __pfx___x64_sys_openat+0x10/0x10 [ 781.374865][T14233] do_syscall_64+0xcd/0xf80 [ 781.374886][T14233] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 781.374901][T14233] RIP: 0033:0x7f410138f7c9 [ 781.374913][T14233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 781.374927][T14233] RSP: 002b:00007f41022e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 781.374941][T14233] RAX: ffffffffffffffda RBX: 00007f41015e5fa0 RCX: 00007f410138f7c9 [ 781.374950][T14233] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 781.374959][T14233] RBP: 00007f4101413f91 R08: 0000000000000000 R09: 0000000000000000 [ 781.374968][T14233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 781.374976][T14233] R13: 00007f41015e6038 R14: 00007f41015e5fa0 R15: 00007ffc8a1a09e8 [ 781.374996][T14233] [ 781.995915][T14218] cgroup: fork rejected by pids controller in /syz6 [ 782.493085][T14285] FAULT_INJECTION: forcing a failure. [ 782.493085][T14285] name failslab, interval 1, probability 0, space 0, times 0 [ 782.509290][T14286] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input130 [ 782.621780][T14285] CPU: 0 UID: 0 PID: 14285 Comm: syz.5.1776 Tainted: G U L syzkaller #0 PREEMPT(full) [ 782.621809][T14285] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 782.621815][T14285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 782.621824][T14285] Call Trace: [ 782.621830][T14285] [ 782.621850][T14285] dump_stack_lvl+0x16c/0x1f0 [ 782.621876][T14285] should_fail_ex+0x512/0x640 [ 782.621896][T14285] ? __kmalloc_cache_noprof+0x5f/0x800 [ 782.621920][T14285] should_failslab+0xc2/0x120 [ 782.621943][T14285] __kmalloc_cache_noprof+0x80/0x800 [ 782.621962][T14285] ? do_raw_spin_unlock+0x172/0x230 [ 782.621982][T14285] ? snd_rawmidi_open+0x3c3/0xbf0 [ 782.621996][T14285] ? snd_card_file_add+0x26e/0x340 [ 782.622016][T14285] ? snd_rawmidi_open+0x3c3/0xbf0 [ 782.622028][T14285] snd_rawmidi_open+0x3c3/0xbf0 [ 782.622044][T14285] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 782.622061][T14285] ? kobject_get_unless_zero+0x156/0x1e0 [ 782.622084][T14285] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 782.622096][T14285] snd_open+0x22d/0x4c0 [ 782.622114][T14285] ? __pfx_snd_open+0x10/0x10 [ 782.622130][T14285] chrdev_open+0x234/0x6a0 [ 782.622150][T14285] ? __pfx_apparmor_file_open+0x10/0x10 [ 782.622169][T14285] ? __pfx_chrdev_open+0x10/0x10 [ 782.622189][T14285] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 782.622212][T14285] do_dentry_open+0x748/0x1590 [ 782.622230][T14285] ? __pfx_chrdev_open+0x10/0x10 [ 782.622253][T14285] vfs_open+0x82/0x3f0 [ 782.622269][T14285] path_openat+0x2078/0x3140 [ 782.622294][T14285] ? __pfx_path_openat+0x10/0x10 [ 782.622319][T14285] do_filp_open+0x20b/0x470 [ 782.622339][T14285] ? __pfx_do_filp_open+0x10/0x10 [ 782.622370][T14285] ? alloc_fd+0x471/0x7d0 [ 782.622394][T14285] do_sys_openat2+0x11f/0x280 [ 782.622408][T14285] ? __pfx_do_sys_openat2+0x10/0x10 [ 782.622429][T14285] __x64_sys_openat+0x174/0x210 [ 782.622444][T14285] ? __pfx___x64_sys_openat+0x10/0x10 [ 782.622466][T14285] do_syscall_64+0xcd/0xf80 [ 782.622487][T14285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.622502][T14285] RIP: 0033:0x7f42eeb8f7c9 [ 782.622515][T14285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 782.622528][T14285] RSP: 002b:00007f42efa54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 782.622542][T14285] RAX: ffffffffffffffda RBX: 00007f42eede5fa0 RCX: 00007f42eeb8f7c9 [ 782.622552][T14285] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 782.622561][T14285] RBP: 00007f42eec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 782.622571][T14285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 782.622579][T14285] R13: 00007f42eede6038 R14: 00007f42eede5fa0 R15: 00007ffc0c76b908 [ 782.622600][T14285] [ 783.132424][T14292] openvswitch: netlink: Message has 8 unknown bytes. [ 783.868793][T14292] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input131 [ 784.577546][T14316] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1782'. [ 785.138242][T14332] FAULT_INJECTION: forcing a failure. [ 785.138242][T14332] name failslab, interval 1, probability 0, space 0, times 0 [ 785.254038][T14332] CPU: 0 UID: 0 PID: 14332 Comm: syz.3.1787 Tainted: G U L syzkaller #0 PREEMPT(full) [ 785.254066][T14332] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 785.254072][T14332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 785.254081][T14332] Call Trace: [ 785.254086][T14332] [ 785.254092][T14332] dump_stack_lvl+0x16c/0x1f0 [ 785.254118][T14332] should_fail_ex+0x512/0x640 [ 785.254139][T14332] ? __kmalloc_cache_noprof+0x5f/0x800 [ 785.254163][T14332] should_failslab+0xc2/0x120 [ 785.254181][T14332] __kmalloc_cache_noprof+0x80/0x800 [ 785.254200][T14332] ? lock_acquire+0x179/0x330 [ 785.254216][T14332] ? open_substream+0xec/0x9d0 [ 785.254235][T14332] ? find_held_lock+0x2b/0x80 [ 785.254256][T14332] ? open_substream+0xec/0x9d0 [ 785.254274][T14332] open_substream+0xec/0x9d0 [ 785.254292][T14332] ? lockdep_hardirqs_on+0x7c/0x110 [ 785.254314][T14332] rawmidi_open_priv+0x543/0x6e0 [ 785.254330][T14332] snd_rawmidi_open+0x4cb/0xbf0 [ 785.254346][T14332] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 785.254360][T14332] ? __pfx_default_wake_function+0x10/0x10 [ 785.254383][T14332] ? kobject_get_unless_zero+0x156/0x1e0 [ 785.254406][T14332] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 785.254419][T14332] snd_open+0x22d/0x4c0 [ 785.254437][T14332] ? __pfx_snd_open+0x10/0x10 [ 785.254453][T14332] chrdev_open+0x234/0x6a0 [ 785.254472][T14332] ? __pfx_apparmor_file_open+0x10/0x10 [ 785.254490][T14332] ? __pfx_chrdev_open+0x10/0x10 [ 785.254510][T14332] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 785.254534][T14332] do_dentry_open+0x748/0x1590 [ 785.254552][T14332] ? __pfx_chrdev_open+0x10/0x10 [ 785.254575][T14332] vfs_open+0x82/0x3f0 [ 785.254591][T14332] path_openat+0x2078/0x3140 [ 785.254624][T14332] ? __pfx_path_openat+0x10/0x10 [ 785.254651][T14332] do_filp_open+0x20b/0x470 [ 785.254672][T14332] ? __pfx_do_filp_open+0x10/0x10 [ 785.254704][T14332] ? alloc_fd+0x471/0x7d0 [ 785.254729][T14332] do_sys_openat2+0x11f/0x280 [ 785.254744][T14332] ? __pfx_do_sys_openat2+0x10/0x10 [ 785.254765][T14332] __x64_sys_openat+0x174/0x210 [ 785.254780][T14332] ? __pfx___x64_sys_openat+0x10/0x10 [ 785.254805][T14332] do_syscall_64+0xcd/0xf80 [ 785.254826][T14332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 785.254840][T14332] RIP: 0033:0x7f8a7278f7c9 [ 785.254852][T14332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 785.254866][T14332] RSP: 002b:00007f8a735c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 785.254879][T14332] RAX: ffffffffffffffda RBX: 00007f8a729e5fa0 RCX: 00007f8a7278f7c9 [ 785.254888][T14332] RDX: 0000000000000141 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 785.254898][T14332] RBP: 00007f8a72813f91 R08: 0000000000000000 R09: 0000000000000000 [ 785.254907][T14332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 785.254915][T14332] R13: 00007f8a729e6038 R14: 00007f8a729e5fa0 R15: 00007fffbd21fcc8 [ 785.254934][T14332] [ 786.274371][T14345] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1788'. [ 787.295112][T14354] netlink: 326 bytes leftover after parsing attributes in process `syz.6.1791'. [ 787.443114][T14357] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1792'. [ 787.611586][T14364] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input132 [ 787.636704][T14362] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1792'. [ 787.738046][T14367] openvswitch: netlink: Message has 8 unknown bytes. [ 787.752834][T14362] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 787.981858][T14370] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input133 [ 789.003393][T14382] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1797'. [ 789.811770][T14390] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.1799: iget: checksum invalid [ 789.935004][T14390] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 790.029749][T14390] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.1799: iget: checksum invalid [ 790.134664][T14390] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 790.228360][T14390] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.1799: iget: checksum invalid [ 790.383012][T14390] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 790.507027][T14390] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.5.1799: iget: checksum invalid [ 790.582319][T14390] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 790.653851][T14390] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 790.730620][T14390] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 791.342133][T14408] futex_wake_op: syz.5.1806 tries to shift op by -2048; fix this program [ 791.391422][T14408] futex_wake_op: syz.5.1806 tries to shift op by -2048; fix this program [ 791.459854][T14408] 0x000000000001-0x000000020000 : "" [ 791.498422][T14408] ftl_cs: FTL header corrupt! [ 792.070048][T14419] WARNING! power/level is deprecated; use power/control instead [ 792.164266][T14419] hub 1-0:1.0: USB hub found [ 792.203578][T14419] hub 1-0:1.0: 1 port detected [ 792.337597][T14417] hub 1-0:1.0: USB hub found [ 792.370219][T14417] hub 1-0:1.0: 1 port detected [ 793.142837][T14437] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(8.0.1), cmd(2) [ 793.413054][T14428] zswap: compressor not available [ 794.915593][T14457] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1814'. [ 796.181206][T14481] FAULT_INJECTION: forcing a failure. [ 796.181206][T14481] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 796.456515][T14481] CPU: 0 UID: 0 PID: 14481 Comm: syz.5.1818 Tainted: G U L syzkaller #0 PREEMPT(full) [ 796.456543][T14481] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 796.456549][T14481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 796.456566][T14481] Call Trace: [ 796.456572][T14481] [ 796.456578][T14481] dump_stack_lvl+0x16c/0x1f0 [ 796.456604][T14481] should_fail_ex+0x512/0x640 [ 796.456628][T14481] _copy_from_user+0x2e/0xd0 [ 796.456650][T14481] do_timer_create+0xed9/0x14c0 [ 796.456671][T14481] ? do_futex+0x122/0x350 [ 796.456690][T14481] ? __pfx_do_timer_create+0x10/0x10 [ 796.456709][T14481] ? __pfx_do_futex+0x10/0x10 [ 796.456728][T14481] ? cap_task_prctl+0x2af/0xa80 [ 796.456749][T14481] __x64_sys_timer_create+0x199/0x1d0 [ 796.456770][T14481] ? __pfx___x64_sys_timer_create+0x10/0x10 [ 796.456792][T14481] ? xfd_validate_state+0x61/0x180 [ 796.456806][T14481] ? __pfx___do_sys_prctl+0x10/0x10 [ 796.456829][T14481] do_syscall_64+0xcd/0xf80 [ 796.456850][T14481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 796.456864][T14481] RIP: 0033:0x7f42eeb8f7c9 [ 796.456876][T14481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 796.456889][T14481] RSP: 002b:00007f42ef9f1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000de [ 796.456904][T14481] RAX: ffffffffffffffda RBX: 00007f42eede6270 RCX: 00007f42eeb8f7c9 [ 796.456913][T14481] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 796.456921][T14481] RBP: 00007f42eec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 796.456929][T14481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 796.456937][T14481] R13: 00007f42eede6308 R14: 00007f42eede6270 R15: 00007ffc0c76b908 [ 796.456956][T14481] [ 797.240722][T14496] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1823'. [ 797.310682][T14497] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1822'. [ 797.664877][T14502] ecryptfs_miscdev_write: Error while inspecting packet size [ 798.547522][T14513] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1827'. [ 798.816472][T14517] Console: switching to colour VGA+ 80x25 [ 798.846136][T14510] openvswitch: netlink: Flow key attribute not present in set flow. [ 800.126734][T14524] ================================================================== [ 800.126747][T14524] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 800.126774][T14524] Read of size 62 at addr ffff88805b5b078e by task syz.4.1826/14524 [ 800.126787][T14524] [ 800.126797][T14524] CPU: 0 UID: 0 PID: 14524 Comm: syz.4.1826 Tainted: G U L syzkaller #0 PREEMPT(full) [ 800.126819][T14524] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 800.126824][T14524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 800.126833][T14524] Call Trace: [ 800.126838][T14524] [ 800.126844][T14524] dump_stack_lvl+0x116/0x1f0 [ 800.126866][T14524] print_report+0xcd/0x630 [ 800.126883][T14524] ? __virt_addr_valid+0x81/0x610 [ 800.126899][T14524] ? __phys_addr+0xe8/0x180 [ 800.126912][T14524] ? fbcon_prepare_logo+0xa03/0xc70 [ 800.126931][T14524] kasan_report+0xe0/0x110 [ 800.126948][T14524] ? fbcon_prepare_logo+0xa03/0xc70 [ 800.126969][T14524] kasan_check_range+0x100/0x1b0 [ 800.126989][T14524] __asan_memcpy+0x23/0x60 [ 800.127004][T14524] fbcon_prepare_logo+0xa03/0xc70 [ 800.127024][T14524] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 800.127041][T14524] fbcon_init+0xda0/0x1930 [ 800.127062][T14524] visual_init+0x320/0x620 [ 800.127083][T14524] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 800.127101][T14524] store_bind+0x61d/0x760 [ 800.127115][T14524] ? sysfs_file_kobj+0xe4/0x290 [ 800.127130][T14524] ? __pfx_store_bind+0x10/0x10 [ 800.127143][T14524] dev_attr_store+0x58/0x80 [ 800.127158][T14524] ? __pfx_dev_attr_store+0x10/0x10 [ 800.127173][T14524] sysfs_kf_write+0xf2/0x150 [ 800.127186][T14524] kernfs_fop_write_iter+0x3af/0x570 [ 800.127205][T14524] ? __pfx_sysfs_kf_write+0x10/0x10 [ 800.127224][T14524] iter_file_splice_write+0xa24/0x12b0 [ 800.127249][T14524] ? copy_splice_read+0x89c/0xc20 [ 800.127266][T14524] ? __pfx_iter_file_splice_write+0x10/0x10 [ 800.127288][T14524] ? __pfx_copy_splice_read+0x10/0x10 [ 800.127310][T14524] ? __pfx_iter_file_splice_write+0x10/0x10 [ 800.127330][T14524] direct_splice_actor+0x192/0x6c0 [ 800.127350][T14524] splice_direct_to_actor+0x345/0xa30 [ 800.127368][T14524] ? __pfx_direct_splice_actor+0x10/0x10 [ 800.127389][T14524] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 800.127410][T14524] do_splice_direct+0x174/0x240 [ 800.127429][T14524] ? __pfx_do_splice_direct+0x10/0x10 [ 800.127447][T14524] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 800.127466][T14524] ? rw_verify_area+0xcf/0x6c0 [ 800.127484][T14524] do_sendfile+0xb06/0xe50 [ 800.127501][T14524] ? __pfx_do_sendfile+0x10/0x10 [ 800.127518][T14524] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 800.127532][T14524] ? count_memcg_events+0x122/0x290 [ 800.127552][T14524] __x64_sys_sendfile64+0x1d8/0x220 [ 800.127572][T14524] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 800.127595][T14524] do_syscall_64+0xcd/0xf80 [ 800.127616][T14524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 800.127630][T14524] RIP: 0033:0x7f410138f7c9 [ 800.127642][T14524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 800.127656][T14524] RSP: 002b:00007f4102261038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 800.127670][T14524] RAX: ffffffffffffffda RBX: 00007f41015e6360 RCX: 00007f410138f7c9 [ 800.127680][T14524] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000003 [ 800.127689][T14524] RBP: 00007f4101413f91 R08: 0000000000000000 R09: 0000000000000000 [ 800.127698][T14524] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 800.127707][T14524] R13: 00007f41015e63f8 R14: 00007f41015e6360 R15: 00007ffc8a1a09e8 [ 800.127721][T14524] [ 800.127726][T14524] [ 800.127729][T14524] Allocated by task 14524: [ 800.127736][T14524] kasan_save_stack+0x33/0x60 [ 800.127751][T14524] kasan_save_track+0x14/0x30 [ 800.127765][T14524] __kasan_kmalloc+0xaa/0xb0 [ 800.127778][T14524] __kmalloc_noprof+0x33d/0x910 [ 800.127798][T14524] vc_do_resize+0x1de/0x10e0 [ 800.127810][T14524] fbcon_init+0xd7c/0x1930 [ 800.127827][T14524] visual_init+0x320/0x620 [ 800.127845][T14524] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 800.127859][T14524] store_bind+0x61d/0x760 [ 800.127871][T14524] dev_attr_store+0x58/0x80 [ 800.127884][T14524] sysfs_kf_write+0xf2/0x150 [ 800.127895][T14524] kernfs_fop_write_iter+0x3af/0x570 [ 800.127914][T14524] iter_file_splice_write+0xa24/0x12b0 [ 800.127932][T14524] direct_splice_actor+0x192/0x6c0 [ 800.127949][T14524] splice_direct_to_actor+0x345/0xa30 [ 800.127966][T14524] do_splice_direct+0x174/0x240 [ 800.127983][T14524] do_sendfile+0xb06/0xe50 [ 800.127998][T14524] __x64_sys_sendfile64+0x1d8/0x220 [ 800.128017][T14524] do_syscall_64+0xcd/0xf80 [ 800.128035][T14524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 800.128047][T14524] [ 800.128051][T14524] The buggy address belongs to the object at ffff88805b5b0400 [ 800.128051][T14524] which belongs to the cache kmalloc-512 of size 512 [ 800.128062][T14524] The buggy address is located 538 bytes to the right of [ 800.128062][T14524] allocated 372-byte region [ffff88805b5b0400, ffff88805b5b0574) [ 800.128076][T14524] [ 800.128080][T14524] The buggy address belongs to the physical page: [ 800.128087][T14524] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5b5b0 [ 800.128100][T14524] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 800.128111][T14524] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 800.128124][T14524] page_type: f5(slab) [ 800.128137][T14524] raw: 00fff00000000040 ffff88813ff26c80 dead000000000100 dead000000000122 [ 800.128150][T14524] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 800.128162][T14524] head: 00fff00000000040 ffff88813ff26c80 dead000000000100 dead000000000122 [ 800.128175][T14524] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 800.128187][T14524] head: 00fff00000000002 ffffea00016d6c01 00000000ffffffff 00000000ffffffff [ 800.128199][T14524] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 800.128207][T14524] page dumped because: kasan: bad access detected [ 800.128218][T14524] page_owner tracks the page as allocated [ 800.128223][T14524] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5831, tgid 5831 (syz-executor), ts 84558189878, free_ts 27806326095 [ 800.128249][T14524] post_alloc_hook+0x1af/0x220 [ 800.128268][T14524] get_page_from_freelist+0xd0b/0x31a0 [ 800.128288][T14524] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 800.128301][T14524] alloc_pages_mpol+0x1fb/0x550 [ 800.128316][T14524] new_slab+0x2c3/0x430 [ 800.128334][T14524] ___slab_alloc+0xe18/0x1c90 [ 800.128351][T14524] __slab_alloc.constprop.0+0x63/0x110 [ 800.128370][T14524] __kmalloc_cache_noprof+0x485/0x800 [ 800.128388][T14524] __ipv6_dev_mc_inc+0x2f1/0xbc0 [ 800.128403][T14524] ipv6_add_dev+0xbc6/0x1590 [ 800.128420][T14524] addrconf_notify+0x53e/0x19b0 [ 800.128433][T14524] notifier_call_chain+0xbc/0x3e0 [ 800.128448][T14524] call_netdevice_notifiers_info+0xbe/0x110 [ 800.128467][T14524] register_netdevice+0x1792/0x21d0 [ 800.128482][T14524] veth_newlink+0x44d/0xa00 [ 800.128497][T14524] rtnl_newlink+0xc19/0x1f50 [ 800.128512][T14524] page last free pid 1 tgid 1 stack trace: [ 800.128520][T14524] __free_frozen_pages+0x7df/0x1170 [ 800.128537][T14524] free_contig_range+0x183/0x4a0 [ 800.128554][T14524] destroy_args+0xc59/0x14d0 [ 800.128568][T14524] debug_vm_pgtable+0x19d7/0x33a0 [ 800.128580][T14524] do_one_initcall+0x123/0x680 [ 800.128598][T14524] kernel_init_freeable+0x5c8/0x920 [ 800.128613][T14524] kernel_init+0x1c/0x2b0 [ 800.128627][T14524] ret_from_fork+0x983/0xb10 [ 800.128640][T14524] ret_from_fork_asm+0x1a/0x30 [ 800.128658][T14524] [ 800.128662][T14524] Memory state around the buggy address: [ 800.128669][T14524] ffff88805b5b0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 800.128679][T14524] ffff88805b5b0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 800.128689][T14524] >ffff88805b5b0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 800.128696][T14524] ^ [ 800.128703][T14524] ffff88805b5b0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 800.128713][T14524] ffff88805b5b0880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 800.128721][T14524] ================================================================== [ 800.128729][T14524] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 800.128739][T14524] CPU: 0 UID: 0 PID: 14524 Comm: syz.4.1826 Tainted: G U L syzkaller #0 PREEMPT(full) [ 800.128759][T14524] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 800.128765][T14524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 800.128774][T14524] Call Trace: [ 800.128778][T14524] [ 800.128783][T14524] dump_stack_lvl+0x3d/0x1f0 [ 800.128803][T14524] vpanic+0x640/0x6f0 [ 800.128819][T14524] panic+0xca/0xd0 [ 800.128834][T14524] ? __pfx_panic+0x10/0x10 [ 800.128852][T14524] ? check_panic_on_warn+0x1f/0xb0 [ 800.128870][T14524] check_panic_on_warn+0xab/0xb0 [ 800.128887][T14524] end_report+0x107/0x160 [ 800.128903][T14524] kasan_report+0xee/0x110 [ 800.128920][T14524] ? fbcon_prepare_logo+0xa03/0xc70 [ 800.128942][T14524] kasan_check_range+0x100/0x1b0 [ 800.128962][T14524] __asan_memcpy+0x23/0x60 [ 800.128976][T14524] fbcon_prepare_logo+0xa03/0xc70 [ 800.128996][T14524] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 800.129013][T14524] fbcon_init+0xda0/0x1930 [ 800.129034][T14524] visual_init+0x320/0x620 [ 800.129054][T14524] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 800.129072][T14524] store_bind+0x61d/0x760 [ 800.129087][T14524] ? sysfs_file_kobj+0xe4/0x290 [ 800.129100][T14524] ? __pfx_store_bind+0x10/0x10 [ 800.129114][T14524] dev_attr_store+0x58/0x80 [ 800.129128][T14524] ? __pfx_dev_attr_store+0x10/0x10 [ 800.129143][T14524] sysfs_kf_write+0xf2/0x150 [ 800.129159][T14524] kernfs_fop_write_iter+0x3af/0x570 [ 800.129178][T14524] ? __pfx_sysfs_kf_write+0x10/0x10 [ 800.129193][T14524] iter_file_splice_write+0xa24/0x12b0 [ 800.129219][T14524] ? copy_splice_read+0x89c/0xc20 [ 800.129237][T14524] ? __pfx_iter_file_splice_write+0x10/0x10 [ 800.129259][T14524] ? __pfx_copy_splice_read+0x10/0x10 [ 800.129281][T14524] ? __pfx_iter_file_splice_write+0x10/0x10 [ 800.129301][T14524] direct_splice_actor+0x192/0x6c0 [ 800.129321][T14524] splice_direct_to_actor+0x345/0xa30 [ 800.129340][T14524] ? __pfx_direct_splice_actor+0x10/0x10 [ 800.129361][T14524] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 800.129382][T14524] do_splice_direct+0x174/0x240 [ 800.129401][T14524] ? __pfx_do_splice_direct+0x10/0x10 [ 800.129420][T14524] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 800.129439][T14524] ? rw_verify_area+0xcf/0x6c0 [ 800.129456][T14524] do_sendfile+0xb06/0xe50 [ 800.129474][T14524] ? __pfx_do_sendfile+0x10/0x10 [ 800.129490][T14524] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 800.129505][T14524] ? count_memcg_events+0x122/0x290 [ 800.129524][T14524] __x64_sys_sendfile64+0x1d8/0x220 [ 800.129544][T14524] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 800.129568][T14524] do_syscall_64+0xcd/0xf80 [ 800.129587][T14524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 800.129601][T14524] RIP: 0033:0x7f410138f7c9 [ 800.129611][T14524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 800.129625][T14524] RSP: 002b:00007f4102261038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 800.129637][T14524] RAX: ffffffffffffffda RBX: 00007f41015e6360 RCX: 00007f410138f7c9 [ 800.129647][T14524] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000003 [ 800.129656][T14524] RBP: 00007f4101413f91 R08: 0000000000000000 R09: 0000000000000000 [ 800.129665][T14524] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 800.129674][T14524] R13: 00007f41015e63f8 R14: 00007f41015e6360 R15: 00007ffc8a1a09e8 [ 800.129688][T14524] [ 800.129741][T14524] Kernel Offset: disabled