last executing test programs: 4m51.29294851s ago: executing program 0 (id=215): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm1p/sub5/sw_params\x00', 0x8f3b7a51b8360c21, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) readahead$auto(r0, 0x4, 0x4) sysfs$auto(0x3, 0x401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5, &(0x7f00000000c0)={0x0, 0x8001}, 0x400000000000002, 0x0, 0x5, 0x80000001}}, 0x3, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r1, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c00038005000180030000000400028008"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) semtimedop$auto(0x0, 0x0, 0x1f4, 0x0) mprotect$auto(0x0, 0xe6a, 0x6) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC1\x00', 0x80, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TCSBRKP2(r3, 0x5425, 0x0) ioctl$auto_TCSBRKP2(r3, 0x5425, 0x0) ioctl$auto(r2, 0x80dc5521, 0xffffffffffffffff) r4 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000140)='/dev/media11\x00', 0x40, 0x0) read$auto_media_devnode_fops_mc_devnode(r4, 0x0, 0x0) semctl$auto_GETNCNT(0x0, 0x0, 0xe, 0xa8) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = socket(0x2a, 0x2, 0x0) ioctl$auto(r5, 0x8912, 0x38) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f00000001c0)={{@raw=0x3, 0x100110d, 0xffff, 0x6, "e927783f468fa2e92fe8ec7a46cbb766439daa1ee1aa00000000e1800000000000000000040000660e070100", @raw=0x8}, 0x6, 0x0, 0x4, @inferred, @integer64={0x6, 0x4, 0x6}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) mmap$auto(0x800000000000001, 0x8020006, 0x4000000002df, 0xeb1, 0xffffffffffffffff, 0x8000) 4m50.363992412s ago: executing program 0 (id=218): madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/ptybe\x00', 0x6984c0, 0x0) ioctl$auto_FIDEDUPERANGE(r2, 0xc0189436, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x2, 0x801, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop13\x00', 0x2000, 0x0) keyctl$auto(0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x101) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f00000001c0)=ANY=[@ANYRES8=r3, @ANYRES16, @ANYBLOB="01002dbd7000ffdbdf25020000000800010009000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x2000c800) capset$auto(&(0x7f00000002c0)={0xfffffffd, 0xffffffffffffffff}, &(0x7f0000000380)={0x5, 0xf, 0x80000000}) r5 = prctl$auto(0x3, 0xb, r4, 0x8000000000000000, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto_USBDEVFS_BULK(r5, 0xc0185502, &(0x7f00000003c0)={0x1ff, 0x9, 0x0, &(0x7f0000000440)="a3e9177a47235f555dc81b2805aa80b035b6399213780497b49fe426efd65a4c6b3b8790d490d3af6a50b99494322324f105012171714f62c09df6691f498d39f90ec972c982b26c1014ae13b09c5dd4988d95d7976d6cc0af5ff6e0b376a6f7cc479d90fa762aba58b6481587a4f637b34ac47c2b4c806d9fe00775bb93f14a42c5e89b741dc77a7ef3bcc72491b610b36af57335ef3e70a429a9e39c8ec681a000ff3781318ad7463a5af93be99f3c81ddebac532cc73d2133b0a9aee8f9adee382a47543ba2a8f2f9aa42613b14f480de0bbd2dbef5"}) madvise$auto(0x0, 0x2003f2, 0x15) syslog$auto(0x3, 0x0, 0x5) poll$auto(0x0, 0x7f, 0x9) socket(0x25, 0x5, 0x6) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r7, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r8, r8, 0x0, 0x3) 4m48.724219364s ago: executing program 0 (id=222): r0 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x2840, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)=ANY=[@ANYBLOB="05000000", @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf25150000000500120010000000080027000c000000380b2b80330b248004008080ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b98186d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec9904006d80460a8e80b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed548e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41c8e4d5018fca6b1643fc"], 0xb5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x48880) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x55) sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r1, &(0x7f00000003c0)={0x0, 0xffffffffffffff9d, &(0x7f00000019c0)={0x0}, 0x1, 0x0, 0x0, 0x4044}, 0x0) read$auto_proc_mountinfo_operations_mnt_namespace(r0, &(0x7f0000001100)=""/4096, 0x1000) 4m48.598262697s ago: executing program 0 (id=224): madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/ptybe\x00', 0x6984c0, 0x0) ioctl$auto_FIDEDUPERANGE(r2, 0xc0189436, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x2, 0x801, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop13\x00', 0x2000, 0x0) keyctl$auto(0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x101) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f00000001c0)=ANY=[@ANYRES8=r3, @ANYRES16, @ANYBLOB="01002dbd7000ffdbdf25020000000800010009000000"], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x2000c800) capset$auto(&(0x7f00000002c0)={0xfffffffd, 0xffffffffffffffff}, &(0x7f0000000380)={0x5, 0xf, 0x80000000}) r5 = prctl$auto(0x3, 0xb, r4, 0x8000000000000000, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto_USBDEVFS_BULK(r5, 0xc0185502, &(0x7f00000003c0)={0x1ff, 0x9, 0x0, &(0x7f0000000440)="a3e9177a47235f555dc81b2805aa80b035b6399213780497b49fe426efd65a4c6b3b8790d490d3af6a50b99494322324f105012171714f62c09df6691f498d39f90ec972c982b26c1014ae13b09c5dd4988d95d7976d6cc0af5ff6e0b376a6f7cc479d90fa762aba58b6481587a4f637b34ac47c2b4c806d9fe00775bb93f14a42c5e89b741dc77a7ef3bcc72491b610b36af57335ef3e70a429a9e39c8ec681a000ff3781318ad7463a5af93be99f3c81ddebac532cc73d2133b0a9aee8f9adee382a47543ba2a8f2f9aa42613b14f480de0bbd2dbef5"}) madvise$auto(0x0, 0x2003f2, 0x15) syslog$auto(0x3, 0x0, 0x5) poll$auto(0x0, 0x7f, 0x9) keyctl$auto(0x9, 0xfffffffb, 0xfffffffffffffffb, 0x9dc1, 0x200000ffe) socket(0x25, 0x5, 0x6) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r7, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r8, r8, 0x0, 0x3) 4m46.555432943s ago: executing program 0 (id=229): openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x28201, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETDUPLEX(r0, 0x5016, 0x0) open(0x0, 0x261c2, 0x84) socket(0xa, 0x2, 0x73) r1 = socketpair$auto(0x2, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, 0x0, 0xc02, 0x0) write$auto(r2, 0x0, 0xc3) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_NEW(r3, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) gettid() socket(0x23, 0x2, 0xfffffffe) r4 = setfsuid$auto(0xee00) setreuid$auto(r4, 0x0) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r1, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x8084}, 0x10) read$auto_proc_auxv_operations_base(0xffffffffffffffff, &(0x7f0000000240)=""/146, 0x92) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000400), 0xffffffffffffffff) geteuid() openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.12/usb34/34-0:1.0/usb34-port4/power/autosuspend_delay_ms\x00', 0x181942, 0x0) mmap$auto(0x0, 0xf, 0xe3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r5 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x401c5820, 0x0) 4m46.249734863s ago: executing program 0 (id=232): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x11, 0x80003, 0x300) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(r0, 0x107, 0x14, 0x0, 0x4) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x3, 0x1a000}}, 0x22) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000680)='/dev/sg0\x00', 0x40, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x8100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x3, 0x66) madvise$auto(0x0, 0x20000a, 0x4) ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6) ioctl$auto_SG_GET_NUM_WAITING(r1, 0x227d, &(0x7f0000000080)="bfc584bc1492fbafc187445e506cdc96638e0a4ab271c4971474572ad71621986219229bd4578c7544ee030a65185398fe420a137156cbc91c9012f1d5faff6cdd60f4e947ed052aec3ac760e34b4c874f76f7a33c71805ce22d7f812efa2bfe5278f88cfcdddb18976b64875f51a5889f3d254cf11a08a4d68210472ba040cb17560e0e983457edd1d9dc5842056effe4d5e1df7de47f2dd302359f") ioctl$auto_IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) r4 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r4, 0x0, 0xc, 0x0, 0x0) mprotect$auto(0x8000, 0x80, 0x8) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x1, 0x45, 0x0, 0x9) 4m31.204410509s ago: executing program 32 (id=232): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x11, 0x80003, 0x300) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(r0, 0x107, 0x14, 0x0, 0x4) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x3, 0x1a000}}, 0x22) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000680)='/dev/sg0\x00', 0x40, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x8100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x3, 0x66) madvise$auto(0x0, 0x20000a, 0x4) ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6) ioctl$auto_SG_GET_NUM_WAITING(r1, 0x227d, &(0x7f0000000080)="bfc584bc1492fbafc187445e506cdc96638e0a4ab271c4971474572ad71621986219229bd4578c7544ee030a65185398fe420a137156cbc91c9012f1d5faff6cdd60f4e947ed052aec3ac760e34b4c874f76f7a33c71805ce22d7f812efa2bfe5278f88cfcdddb18976b64875f51a5889f3d254cf11a08a4d68210472ba040cb17560e0e983457edd1d9dc5842056effe4d5e1df7de47f2dd302359f") ioctl$auto_IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r2, 0x7b0, 0x0) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) r4 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r4, 0x0, 0xc, 0x0, 0x0) mprotect$auto(0x8000, 0x80, 0x8) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x1, 0x45, 0x0, 0x9) 6.149337084s ago: executing program 4 (id=1358): r0 = socket(0x11, 0x800, 0x1) sendto$auto(r0, 0x0, 0x0, 0x0, 0x0, 0x3) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x16, 0x0, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) 6.019352486s ago: executing program 3 (id=1359): mlock$auto(0xfff, 0xde7f) mmap$auto(0x1, 0x20009, 0x10000010000df, 0x19, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/net/mcfilter\x00', 0x137001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x2, 0x8000) select$auto(0x6, 0x0, &(0x7f0000000340)={[0x9, 0xffff, 0x7bd8, 0x9, 0x7fffffffffffffff, 0x1, 0xfff, 0x622, 0xfffffffffffffffc, 0x308a, 0x2, 0x8, 0x1, 0x1, 0x2, 0x7]}, 0x0, 0x0) pread64$auto(r0, 0x0, 0x8, 0x75e8) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xfffffff8, 0x8, 0xae85, 0xffffffffffffffff, 0x4, 0x7ff}, 0x6f4) r1 = gettid() r2 = socket(0x28, 0x5, 0x0) syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000040), r2) mq_open$auto(&(0x7f0000000000)=',\x00', 0x10001, 0x6, &(0x7f0000000040)={0xffffffff, 0x9, 0x3, 0x1}) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000001440)='/dev/ptyy6\x00', 0x2002, 0x0) ioctl$auto_TCSBRK2(r3, 0x5409, &(0x7f0000001480)) mmap$auto(0x6, 0x400008, 0xcf, 0x9b72, r3, 0x8000) kill$auto(r1, 0x11) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x1ff, 0x20000000) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_trace_fops_debugfs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0006, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x400053, 0x9) 6.011265387s ago: executing program 2 (id=1360): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/machinecheck/machinecheck1/ignore_ce\x00', 0xa0202, 0x0) sendfile$auto(r0, r0, 0x0, 0x20000000a) read$auto(r0, &(0x7f0000000140)='ovs_p\x04\x00\x00\x00\x00\x00', 0xa) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) keyctl$auto(0xffffff82, 0x7, 0x0, 0x0, 0x3) select$auto(0x3, &(0x7f0000000040)={[0x4, 0x2, 0x34, 0x3, 0x9, 0xfffffffffffffffe, 0x7, 0x8, 0x9, 0x0, 0xa044, 0x2, 0x5, 0x213, 0x5, 0xffffffffffffffff]}, 0x0, 0x0, 0x0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004855) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004811}, 0x800) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) ioctl$auto(r0, 0x4b67, r1) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x408000, 0x0) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer2\x00', 0x80091, 0x0) ioctl$auto(0xffffffffffffffff, 0xe, r3) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_IEEE802154_SET_MACPARAMS(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x56cc6a5874233663}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYRESHEX=r1, @ANYRES16=0x0, @ANYRES64=r3, @ANYRESHEX=r2], 0x5c}, 0x1, 0x0, 0x0, 0x40005}, 0x20040080) read$auto(r2, 0x0, 0x4) write$auto(0x3, 0x0, 0xfdef) unshare$auto(0x40000080) unlink$auto(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00') ioctl$auto(0x3, 0x80045439, 0x10000000000402) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x252900, 0x0) read$auto(r5, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) utimes$auto(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000200)={0x0, 0x9}) 5.047268036s ago: executing program 4 (id=1362): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec31\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0xd0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup/cgroup.freeze\x00', 0xb02, 0x0) sendfile$auto(r2, r2, 0x0, 0x5) ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0) ioctl$auto_CEC_DQEVENT(r1, 0xc0506107, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0x7ff, 0x8000, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) write$auto(0xffffffffffffffff, 0x0, 0x7) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x1a3780, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x6, 0x1, 0x948b, 0x3, 0x1, 0x3, 0x80000000, 0x5f, 0x7ffffffd, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x814) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x40044010) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01002bbd7000fddbdf3a04000000050011002e"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x100448b0) 5.002072895s ago: executing program 2 (id=1363): mmap$auto(0x1, 0x4, 0x7ff, 0x8000012, 0xffffffffffffffff, 0x4006) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) (async) io_uring_setup$auto(0x1, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (rerun: 32) unshare$auto(0x40000080) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) setsockopt$auto(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x1e) (async) r0 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/discover\x00', 0x80101, 0x0) writev$auto(r0, &(0x7f0000000140)={0x0, 0xe4}, 0x4) ioctl$auto_USB_RAW_IOCTL_INIT(0xffffffffffffffff, 0x41015500, &(0x7f0000000240)={"7c1861b5e906672646f072ad6f936a912cab72f808eabf6c87dfc3c04706896bde87344da71d006d90aa966aee7a28c59ae829aa8df4de9fdf6a6a0c8eaa2416c306a1fb12b7ef00e6bed1d5304483ee4690a9d34153c7fb0f9b961655def19e05d18f0e72af6f75b78259dd748e28724dde46ba209c45f7b3627dc142f355a2", "6c231ec59f707f046bd0c7249475be27219ec8b8447078bd2f30f0f5648ba56579dd8998262d4e0495010a9f8735988b32689a07638959e7c6bfa3e2ed14191361ec707a9bebd6638ae5b4b6b58a00cec5717c0b3e57de861417d194d7eae7a197584fed7794c8df6ee879aab233fca336394302b8d7cd6e531b2c6572488739", 0x3}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/nr_requests\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x8000) (async) r2 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$auto_vga_arb_device_fops_vgaarb(r2, &(0x7f00000005c0)="d06f0b0b4950fa2645c5a15eea0b104db2ce9ae78d314ca52c728e27440d1e2aedf6559febee2b79f2beba9981e0659269ce6def59c8e06ce6ec059aa7fd8abd", 0x40) (async, rerun: 64) recvfrom$auto(r1, &(0x7f0000000100)="78578b2c1a9b42df2f6e0da5c66f02b28e799a8468f9bfc72dcb32f675baead447217d47515c21840457d97c891550a4f1a557d1662e5cde6282231539a09e5293adca7bbe4acb751c79ff53ee3633f2912c6a17f73500265aefd6baf02ded4da95ac62a0ac33b86f2bc300e51167d76635d78bd38508644bde7839824e3624a2de9d7055fe21b08957c363671f4866799747e2c54f299dc6d2ba84f2857fc110e1091334ed97228ab795d9ddf226e50fa2d9c3752f184947f0221ef8d02c74c8a52", 0x7, 0x2, &(0x7f0000000080)=@ax25={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x3}, &(0x7f00000000c0)=0xfffffc00) (rerun: 64) fstatfs$auto(r2, &(0x7f0000000200)={0xfffffffffffffe00, 0x5, 0x4, 0xffffffffffffffff, 0x7f, 0xf, 0x9835, {[0xc7b, 0x2]}, 0xc806, 0xf, 0x8001, [0x4, 0x6, 0x61, 0x9]}) 4.645630496s ago: executing program 2 (id=1365): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0xe43, 0xd, 0x10400, 0xe, 0x4, 0x80000000, r0, [0x0, 0x0, 0x20000000], {0x5, 0x6, 0x8c4a, 0x2a3, 0x100, 0x7ffffffb, 0x100101, 0x6, 0x9340}, {0xf8, 0x1, 0x1001, 0x1, 0x9, 0x40, 0x76c5, 0x8, 0x9}}) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) setsockopt$auto(r0, 0x0, 0x3, 0x0, 0x1) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x4063c2, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, 0x0, 0xc801) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000800)='./file0\x00', 0x26c1, 0x154) execve$auto(0x0, 0x0, &(0x7f0000000100)=0x0) semctl$auto_GETNCNT(0x80000000, 0xe, 0xe, 0x6) r4 = socket(0x10, 0x3, 0xa) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000007c3a2dbe5c14085af9855dbe39d031543bf615cdddabc7cb28b49241b823fddc071b46c739abdf3a10d8bb208697ee28917d531dfc86935aa6666471000000000000000000", @ANYRES16=0x0, @ANYBLOB="00012cbd7000fedbdf257f0000000600f700050b00000600b10005000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) prctl$auto(0x1d, 0xfffffffffffffffb, 0x8, 0x10000005, 0xfffffffffffffff9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x74, 0x2000000000002) write$auto(0x0, &(0x7f00000000c0)='vlan1\x00', 0x10001) clock_nanosleep$auto(0x7, 0x7fff, &(0x7f0000000000)={0x5, 0x5}, 0x0) write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/mounts\x00', 0xaa080, 0x0) pread64$auto(r2, 0x0, 0x3c02, 0x100007) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) 4.641878405s ago: executing program 3 (id=1366): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000580)='/dev/mtd0\x00', 0x1, 0x0) pwritev2$auto(r0, &(0x7f0000000140)={0x0, 0x24c1e3d9}, 0x3, 0x9, 0x7fff, 0x6) (async) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008001) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) (async) mmap$auto(0x0, 0x400007, 0xb1f, 0x9b72, r0, 0x8000) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async, rerun: 64) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (rerun: 64) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) (async) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) (async) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000180)={0x9, &(0x7f0000000000)={0x50, 0xf4, 0xb0, @raw=0xc}}) write$auto(0x3, 0x0, 0xfdef) socket(0x2, 0x1, 0x0) (async, rerun: 32) shutdown$auto(0x200000003, 0x2) (rerun: 32) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) listen$auto(0x3, 0x3) (async) eventfd$auto(0x6) (async, rerun: 32) r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000040), 0x414282, 0x0) (rerun: 32) ioctl$auto_posix_clock_file_operations_posix_clock(r3, 0xc0603d06, 0x0) (async) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x410000, 0x0) (async) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0xfff, 0x7, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x0, 0x0, 0x6, 0x0, 0x0, 0x6}, 0x1fe, 0x81) (async) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/ram5/queue/discard_granularity\x00', 0x0, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, r4, 0x10008000) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 4.152386192s ago: executing program 1 (id=1368): fchdir$auto(0xffffffffffffffff) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) getpid() unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r0 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r0, &(0x7f0000000680)={&(0x7f0000000300)="64074c974bc700bf3e0ea3cb2a0e6fb39becec71e3a4d0a56fd330f661933ddee8f7e24e910a635beff3ee8ee14b1c06ea42210c954dbb2646ec4926a181e72e60e162246177fab5b4ca997754a8c9cddab6d3c54cbfb66c3783772d50cc1e5778975d5b19cb2cf6de8f594e2311768d1b3d94adef00"/136, 0x40200}, 0x3) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYRES16=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB], 0x68}, 0x1, 0x0, 0x0, 0x20000084}, 0x44098) socket(0x18, 0x3, 0x100) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004) r1 = socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x0, 0x4000000df, 0x9b72, 0x2, 0x8000) r2 = io_uring_setup$auto(0x6, 0x0) r3 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x7e, 0x0, 0x7) fsmount$auto(r3, 0xfff, 0x7) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) setsockopt$auto(r1, 0x10000000084, 0x23, 0x0, 0x8) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_NEW(0xffffffffffffffff, 0x0, 0x4000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mbind$auto(0x2000, 0x800000100000004, 0x100000000, 0x0, 0x1003, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) open(&(0x7f0000000080)='./cgroup\x00', 0x101000, 0x0) setsockopt$auto(r2, 0xfffffffe, 0x105, 0x0, 0xaf8) 3.677115512s ago: executing program 3 (id=1369): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000040)={&(0x7f0000000340)={0x678, 0x0, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xc0}, @IPVS_CMD_ATTR_DAEMON={0x236, 0x3, 0x0, 0x1, [@nested={0x18, 0x80, 0x0, 0x1, [@typed={0x14, 0x0, 0x0, 0x0, @ipv6=@private2}]}, @typed={0x7d, 0x32, 0x0, 0x0, @binary="a6e2886fed2825d6964a278615f9add4d5a0628e7c1d6ea023a6eb0655dcc296d84c84829b6e7f16ed8732eccf27f4dbfea55e4f535b2486e2825bfc5a9c73c69b65f4301dfa2f91f48602b21e540f1b1af285b54f89cceb3107f2aeed93cc8e605b5e5e7dacad6994bedfbbd9c6169a9b36503e1f0b772376"}, @nested={0x28, 0x138, 0x0, 0x1, [@generic, @typed={0x8, 0xf2, 0x0, 0x0, @u32=0x9}, @nested={0x4, 0xa7}, @nested={0x4, 0x103}, @typed={0x14, 0x142, 0x0, 0x0, @ipv6=@private1}]}, @generic="1571ce8bef25bbcec3c64f121908e9420ecdba1d88e345d320233008dded439045ba8fd38119172d6eced60fb6ccaae81bc24db47879f5efecde63fcf6b9b8b1564d123e3c0c7a75f2a0092cf5b7e45403f6ff5c33f323cc8facf1f43d1d4ccc97b675d67a88c52b6bfde3c903f77dacdec9acc08b21a5aa5ded87bbbb07615e380b967bf454f65c36fbb318656207dbfde1ccb559e3458fe3b954809382c37a4fa6b088bcdb7009bc51560e9b462a27c0f150cac844c22c2b2ac015ee67a8afd986e06670fbfd686f47ad6d11bc435ea4a2d19bd81976d909931fc31e4a844cfe8987e9f9433c946c6d14ed2c", @generic="f6ad2030fb49923902477ece19245e54243923c39c70c7735ef4915bc448e78c1036a750c9e606de59914e6ab70647e2b36f2c5b4c75b6239507c0f39f8a40fb9ad0b7146e6934e0f38824ca35987aaaf4c952b74cd6068c9a43d9d1993cc3858ef5a4ad6e071f2a6db927e63acb7d67d6d27ecabb497796088d155d1976b9c867bfb16bdc"]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_SERVICE={0x384, 0x1, 0x0, 0x1, [@nested={0x4, 0x90}, @nested={0x67, 0x8e, 0x0, 0x1, [@generic="d149628ce91dd5abb5a256bc71c2ac515a78267e891857123c89d4405d0b773c674495cd33f94eb4cd4e70269315874fb0a2974a63024b4c4c7bcc652b1a639ed8a1f3146e61b3b3bdec8d5dcec563d67f51cb10f971e0ca18e745", @typed={0x8, 0x2f, 0x0, 0x0, @ipv4=@private=0xa010102}]}, @nested={0x99, 0x56, 0x0, 0x1, [@nested={0x4, 0x149}, @typed={0x14, 0x6, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="53f436dfb9955db02bf229763d0dba72597fa3cfd1e1a0c3a3c7ddee15463421751a24d2a92dccfe6b9a2e5823f2cdfb2ad9f75c8094d229d5e3f1bdcc40ef230d8c3491f007ae011d97ba3995f34b5c06ff83f7923385f3458b8edae0063ed2df8d61108fc77630fac194e3c5805d411e825de6b6c149d7f3", @nested={0x4, 0xc0}]}, @typed={0x4, 0x39}, @typed={0x8, 0xe3, 0x0, 0x0, @u32=0x6}, @nested={0x1bd, 0xe7, 0x0, 0x1, [@nested={0x4, 0xa5}, @generic="f06c43806817cfd3edb17fb85612d38e8b48189153d4c3b5615e0b982871f0d632be249cd810012978b2dc068e5a5de2b035edc4405535f393eb6b8ecbb6543036c7395f2bef5387a08cb495f2fb949cc6527ebec9b2d99a45985f3e63695013f8502cc400cd2a32fda50e5bbd2e6a93769a544796459e9371c98fc0b4e73ab4883a0f9eac4a7ad9082e74402783473606c1fb61ec3d7c6425b39f7b2c357d8b58a1cf3b0c019cbad43813b2a4169eb87cd457b3c8db9d7cbc94056eb45fbc21c7ac77019324c869026170ab75c2927eafb7bf919ec3330d10928e84fb600e4f3bb2e08038c5cf2f5a709a58cc2d63aeb23ceb12f7b06444cb51ba", @typed={0xa, 0x4a, 0x0, 0x0, @str='/!#,:\x00'}, @typed={0x8, 0x3e, 0x0, 0x0, @u32=0x8}, @generic="73dcbe3f23d08173f2ea4837943fff028da825a4c1e5fc823a400dba610ef6894430bfcbc392e97af74cb84c224c036234e6be0b8d0da71d96a50e0a7a5487b236e70f744e46455e74806719b1e5431f7a51f730c7fa5b7439818c6f1ab852273358a0be5d4b16ca26d9bd10fcfa7d5d518a3ffd9b2a3ca0b4f64aeea8574e29dc88e7a7d70afb70a01dacc53f81b12729f8d83714d3a0a700e1", @generic, @typed={0xc, 0x50, 0x0, 0x0, @u64=0x9}]}, @nested={0xac, 0x132, 0x0, 0x1, [@generic="cacb237846bd154ebfa973b4bdb915bbe84a7b5e0bff433c134d7ad96ee05e056034800d10d5f7576662ca5368fcb14b2bd447ae6161abda2b9a1fe1b8385d4204384a71c6efdc7f76af440c2cc381ebc934a0de19d1b934937ce84b5b5d0886420f0df9521e4d5df3de497b10d07bc3230d408234babc2fd569e30f1b8c39d4ccbcb947ba4c97d62538716b69c36bd9601fdba7d8e5a70c6be2368481909164c249add4", @nested={0x4, 0xa9}]}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6f19}, @IPVS_CMD_ATTR_DEST={0x86, 0x2, 0x0, 0x1, [@generic="40b68d8c45d9fa9f2837c0706e47dfc2e5900de558636caeaf27e83d467f284bd2a6aba00f9a36e3210b5cb643103f56cdc133", @generic="9aed60064535ed16b1e9034346f858f5d115b61dfab57450788d4ecf9aee91fdc47b1793c7155677ea9cf20acee8e0c9329ca4", @typed={0xc, 0x1d, 0x0, 0x0, @u64=0x7}, @typed={0x8, 0x4e, 0x0, 0x0, @str='-[}\x00'}, @typed={0x8, 0x4a, 0x0, 0x0, @u32=0x3}]}]}, 0x678}, 0x1, 0x0, 0x0, 0x20000000}, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000afd003a5394e965231da1bd312e7af6d67d09340d0a4bd7805e18ac78f35cb77d1029c69e7270148078c13a91f6dff64055ad11608f0fb"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.557442575s ago: executing program 2 (id=1370): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@tipc=@id={0x1e, 0x3, 0x3, {0x4e22, 0x3}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x19, 0x2, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x4, 0x5, 0x0, 0x2005, 0x8007) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000280), 0xffffffffffffffff) mmap$auto(0x2, 0x8000000000000000, 0xdf, 0x471, 0x2, 0x8000) process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000140)={&(0x7f0000000000)="75069306718961289362e447303b5943cb6da353036498c823d4148aeeec98ef1d3c18058651f24eb225ecce17d85d22e4bae47c749fb6da2f5267c2daeb5eaec03b57c3c82ae241c3c6d0ddd2fd220443ef2cd1bde1726c1c5608763de0c70b8b2c44c6b5ff5be2fc1d7ae88f4c29e4e63f543cdc4e3122dab03c9d8934e1947870dddcfc87a9a65d0a36faa2691a4cb3c04e3e4a38cebcf6ce3ffcea8aea93617c8887bf47345489346803c41c0bac9e55d851388657f48debb807c036e0be4858", 0xd7c9}, 0x40000000000200, 0x2, 0xffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_FIOQSIZE(r2, 0x5460, 0x7) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/ip_forward\x00', 0x2002, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/ip_local_port_range\x00', 0x20202, 0x0) sendfile$auto(r3, r4, 0x0, 0x4) munlock$auto(0xffff, 0x1) mprotect$auto(0x10000, 0x2, 0x4000000000000008) mq_getsetattr$auto(r3, &(0x7f0000000100)={0x7, 0x101, 0x5, 0xfffffffffffffffa}, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram7\x00', 0x14f602, 0x0) 3.192151367s ago: executing program 3 (id=1371): mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000a, 0x8e051, 0xffffffffffffffff, 0x0) r0 = ioctl$auto_TUNSETVNETLE2(0xffffffffffffffff, 0x400454dc, &(0x7f0000000180)=0x1) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r1, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d, 0x720, [0x0]}) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_SESSION_DELETE(r0, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="020026bd7000ffdb06001c000000000014001f00fe88000000000000000000000000010100"/49], 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x20000000) pread64$auto(0xffffffffffffffff, 0x0, 0x2, 0x100000005) ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x10000, 0x7, 0xf, 0x40000000008fd6, 0x948b, 0x7, 0x15f4da0a, 0x3, 0x3, 0x62, 0x4, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001100)=""/192, 0xc0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x200, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2000040080000004, 0xe) mmap$auto(0x200004, 0x1, 0x3, 0x19, r4, 0x2fffeffffffc) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) finit_module$auto(0xffffffffffffffff, 0x0, 0x6) unshare$auto(0x40000080) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x147602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0xffffffffffffffff, 0x8000) 3.056761344s ago: executing program 4 (id=1372): close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x10) (async) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x10) r0 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_LINK(r0, 0x40044160, 0x0) (async) ioctl$auto_SNDRV_PCM_IOCTL_LINK(r0, 0x40044160, 0x0) mmap$auto(0x0, 0x4020009, 0x9, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x4020009, 0x9, 0xeb1, 0x401, 0x8000) prctl$auto(0x3e, 0x200000000001, 0x0, 0x0, 0xfffffffffff) (async) prctl$auto(0x3e, 0x200000000001, 0x0, 0x0, 0xfffffffffff) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000eb1, 0xfffffffffffffffa, 0x7) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r2 = socket(0x10, 0x3, 0x6) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x5, 0x84) (async) r3 = socket(0xa, 0x5, 0x84) sendto$auto(r3, 0x0, 0x401, 0x120, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fb8000"}, 0x1c) (async) sendto$auto(r3, 0x0, 0x401, 0x120, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fb8000"}, 0x1c) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) close_range$auto(0x0, 0xe903, 0x2) socket(0x1e, 0x4, 0x0) (async) socket(0x1e, 0x4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) setsockopt$auto(0x2, 0x1, 0x50, &(0x7f0000000000)='\x00', 0x40) close_range$auto(0x2, 0x8, 0x0) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x40080, 0x0) (async) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x40080, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram5\x00', 0xe6e43, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram5\x00', 0xe6e43, 0x0) prctl$auto(0x23, 0x80000000000a, 0x80000001, 0x0, 0x0) ioctl$auto(0xffffffffffffffff, 0x4001af83, r1) ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000080), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'gre0\x00'}) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x40007, 0x1000000005, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) 2.94163541s ago: executing program 1 (id=1373): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer\x00', 0x1c8300, 0x0) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(r0, 0x8004510b, 0x3) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cec29\x00', 0x80, 0x0) ioctl$auto_CEC_ADAP_G_CAPS(r1, 0xc04c6100, &(0x7f0000000180)={"277218c178af9e4660783d6a64eba2e1ebe8bbe2623e391d110a60faba43b40a", "428523ecd76dcdf440e48b85b3a8ca5e803d2962214568a2aab04cdc2dc0a879", 0x4, 0x7, 0x6}) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x6, 0xd, 0xfffffffe, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x10001, 0xb, 0x2de, 0x504, 0x1, 0x101, 0x6, 0x6}, {0xfff7ffff, 0x2, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x8000000000000000}}) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r3 = socket(0xa, 0x2, 0x0) setsockopt$auto(r3, 0x29, 0x30, 0x0, 0x56b) 2.875138106s ago: executing program 1 (id=1374): mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) (async) close_range$auto(0x2, 0x8, 0x0) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x6646aa15}, 0x7}, 0x3, 0x3) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) (async) prctl$auto(0x23, 0x7, 0x0, 0x2, 0x0) (async, rerun: 64) mmap$auto(0x7fff, 0x400008, 0xda, 0x9b72, 0x2, 0x480000000008001) (async, rerun: 64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async) r2 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/kvm/mmu_pde_zapped\x00', 0x2100, 0x0) read$auto_stat_fops_per_vm_kvm_main(r2, 0x0, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) (async) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x2000, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) inotify_init1$auto(0xfff) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) read$auto(r4, 0x0, 0x1f40) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) setsockopt$auto_SO_BSDCOMPAT(r3, 0x6, 0xe, 0x0, 0xdf) 2.301104458s ago: executing program 2 (id=1375): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SG_GET_NUM_WAITING(r0, 0x227d, 0x0) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/ipc\x00') ioctl$auto(0x3, 0x40103e05, r3) close_range$auto(0x2, 0x8, 0x2) mmap$auto(0x0, 0x400005, 0x40df, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x88800, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000080), 0x2140, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r4, 0x5609, r5) 2.123541528s ago: executing program 4 (id=1376): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/loop14/queue/stable_writes\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x2400000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r2 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r2, 0x8955, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', 0x0}) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000140)={0x40, r3, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@OVS_DP_ATTR_IFINDEX={0x8, 0x9, r4}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x80}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_\x12\x00\x00\x00\x00\x00\a\x00\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x2000000) 1.876750464s ago: executing program 4 (id=1377): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SG_GET_NUM_WAITING(r0, 0x227d, 0x0) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/ipc\x00') ioctl$auto(0x3, 0x40103e05, r3) close_range$auto(0x2, 0x8, 0x2) mmap$auto(0x0, 0x400005, 0x40df, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x88800, 0x0) r4 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000080), 0x2140, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto(r5, 0x5609, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, r4, 0x454f, 0x5f, 0x0, 0x3f, r4, 0x80000001}, 0x6d4) 1.625963339s ago: executing program 3 (id=1378): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SG_GET_NUM_WAITING(r0, 0x227d, 0x0) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0) r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000180)='ns/ipc\x00') ioctl$auto(0x3, 0x40103e05, r3) close_range$auto(0x2, 0x8, 0x2) mmap$auto(0x0, 0x400005, 0x40df, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x88800, 0x0) r4 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000080), 0x2140, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto(r5, 0x5609, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, r4, 0x454f, 0x5f, 0x0, 0x3f, r4, 0x80000001}, 0x6d4) 1.501879417s ago: executing program 1 (id=1379): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) (async) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000040)={0x6, [{[0x2, 0xf5e, 0xf, 0xd, 0x7f, 0x8, 0x4, 0x663d349e]}, {[0x2, 0xa6, 0x5c915993, 0xfffffffd, 0x6, 0xe, 0x80000001, 0x3]}, {[0x2, 0xe, 0x2, 0x579c8feb, 0x9, 0x6, 0x7, 0xa53]}], [{[0x75d, 0x9, 0x6, 0x17f29ee4, 0x400, 0x7, 0xc, 0x44]}, {[0x1, 0xeade, 0x1, 0x3, 0xf0, 0x5, 0x101, 0x1]}, {[0x7e61, 0x6, 0x7, 0x0, 0x5, 0x5, 0x100, 0x9]}, {[0x4, 0x5, 0x1, 0xfffffff7, 0x5, 0x0, 0xfffffffb, 0x1]}, {[0x3, 0x1000, 0x8, 0x8, 0x2, 0xe8c, 0xf, 0xd403]}], [{0xfffffffa, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7b, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x61, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x49c5fc8b, 0x0, 0x0, 0x0, 0x1}, {0x7ff, 0x7, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x6, 0x0, 0x1}, {0x7fd, 0x7, 0x0, 0x1, 0x0, 0x1}, {0x7, 0xfffffffd, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x1, 0x1, 0x0, 0x1}], [{0xbe, 0xd2, 0x0, 0x1, 0x0, 0x1}, {0xc2, 0x7fffffff, 0x1, 0x1, 0x1}, {0xbc, 0xbb5e, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x102, 0x12e800, 0x1, 0x1, 0x1, 0x1}, {0x2, 0xf, 0x0, 0x1, 0x1}, {0xffff, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1, 0x1, 0x0, 0x1}, {0x80000000, 0x6, 0x0, 0x1}], 0x100, 0x2, 0x4, 0x9, 0x5, 0x1, 0x8, "938f570ba48ab1df6ea169301a0f4b75", "16fef137d6f6aa1d93e7fd319170d04be4063eb16bddc7a41e5782dfff02104539c9b5e571a002e14933724526d0c013"}) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dri/card2\x00', 0x200100, 0x0) (async) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, 0x0, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) (async) r1 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aab4) flock$auto(r1, 0x1) r2 = open(&(0x7f0000000040)='./file0\x00', 0x4242, 0x59) flock$auto(r2, 0x6) socket(0xa, 0x801, 0x84) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff}) (async) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/nbd6/queue/iosched/front_merges\x00', 0x0, 0x0) (async) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)=""/44, 0x2c) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) get_robust_list$auto(0x0, 0x0, 0x0) (async) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) (async) read$auto(0x3, 0x0, 0xfdef) (async) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) (async) madvise$auto(0x98, 0x401, 0x1000) 1.059528553s ago: executing program 1 (id=1380): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) r0 = socket(0xa, 0x1, 0x100) mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0x2, 0x8000) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r1, 0xc1004111, 0x0) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', &(0x7f0000000240)=0x7) r2 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0040, 0x0) pread64$auto(r2, 0x0, 0x7ff, 0x400) r3 = socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) inotify_init1$auto(0x401) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) sendmsg$auto_IPVS_CMD_FLUSH(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000440)={&(0x7f0000000640)=ANY=[@ANYBLOB="b2f40700", @ANYRES16=0x0, @ANYBLOB="080025bd7000ffdbdf25110000000800050006000000", @ANYRES32, @ANYBLOB="0c00290084660000000000008d1083b7312d58c5ebaf487bb998f3418a8151bb07f2443548e4f835120dabebd9cfacb4df6c09d5c51d5a796dcd884b3e930a755c3e6e9a8bf602ba954dddf50ba937da8e0eb88ee25349d036733e829ade17deaae15e1e9298ffa9cd09d12467d4b27c2248f3edabe64261dd558c1b9e518a124437c3303efdaea14284ea051911d982703916a3f34e0c89480014f473c0ff7dc811d675c55aafeab4d5d79dd93004732cfecf02265e2993274e159f1788f1f775bbefa7dc340bd198fa7cfeb7b5eee7dae5e118a7f160e9e3f016e93bc1cf8d297c2528030dee4f73abb51c22b64bbc744da934cb7396ef4d43cef20800a100", @ANYRES32, @ANYBLOB="00bc576579826533b0bf28dd4ab3bcbd8ab5ba0fef7e0cc364fe58f8dce18c9872044366c6c84580eba54f8d10371bdd8d9c3b9cd34547896c43028f757e0ebcee414737920c57bdbfeb5dac56de76bbb8958687c8e6a28f2abc7cc8b762a5d35a6adf6b86f6c64098412ef2a1137df6118438a22b93d46511faa2adbedbeb746ee2febf170ea395f95cedf50bb882f27d931c0d42c0263d9e9b4b8ce9ffac38dcd248d43d327efaa1b5753cb899958a8e58816005f1070c4b7bef97d4d6ae8b03a52cddde678d47b2330642be41e367b50a91537e5dd302dd19b6b9bd1d5cab5ea5580f2578b1485e192a2ceb5e044e4124ca2f0c1e2aea865081c49ef300000008000400040000000800060000000000300101802901048004000d80040049800400488004002600ad5d079172db3691f31015fadd64b9c931790efa342d19514b7503daebc29a40309d5c7953853d16920c55059408001e00ac1414aa0500460000000000f746e4ceb215f9ad8a0b3d3c0291e872c69279e298f2763cecc21bca1d5023aa95adcffdd1d45d17d23664c07ccd27046599633761ae38dd2d1382aff1a1163982df04f1f23275332711104e421d771ddda8fcee19e1ed3f79f52e0fe787d2f2af50f256747bd0aaa67390631906ed21ba4bfd683b69ab229223cdc1f014e2c991d7213b162d3b7c4860fb679b7e0d5cea2b70b470b6f02ceb846f607067dcdd158a0d9afebd432fe560f985b78cb61d88d2b3145a74736efee47c57ec42c7cc71dd1e4f0e47807f02e40efbd83114a8032604911d92e4df0000000800050004000000"], 0x390}, 0x1, 0x0, 0x0, 0x20018810}, 0x44040) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x20000, 0x0) ioctl$auto(r6, 0xab04, 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_NEW_SEC_DEVKEY(r5, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="8c020000", @ANYRES16=0x0, @ANYBLOB="02002dbd7000fcdbdf251d0000004301188014002100fc0200000000000000000000000000003600bd0068f76224d76fcedd858a40d2e4daac3a906310b4882866e15a38c714c9301ed5c7bc670cf749f0cdf4d958ac4a46c983cc4f0000018afb34431813703fe999e41360aa2f78624f27b11e5a80a7355d38b6a4c7eca4adda34ea7b2c60ffec2b34de68f8ff238429af8ce6285ab588c4cbe1d1b9824702b1b3566b51eb0437240289d7fdcbf3ef53cadf457e49070342cb80a88f3f14dca7b272e3137c4e10ce76365024e974704d9a5595511d1f39495f2163c2230d709bd2265fdf2d1186082017d28e03ab27269c84a9209ad6f713d57101963260539b122401c9b87400fb6d4b3bc1372583932e221d8f717a5356013ff43bd8a3750baecad4d4d3deafe0a6cf783bfeaedc61d5f02142c3cd9d90bd596f2170c6488482f92288f2c3490acdd285c57f422cb30008000300", @ANYRES32=0x0, @ANYBLOB="0500130007000000080005000100000008000c000000000009012d80a5ca9112889325b0c8661ebfd9ad2ed199a9b628e3617382962fdc96c34aa897bcc83deef20dd984de67ae3d5a5d4a06992d0699d4efc32f6923c9be7d8858527813c36b30663b4465d9eb4e39181111b2b18856ea65d1a0c018ac82c6b94ab4e73f9d02f95b6c993617bc1eb3a4558664ed4e51cc4684b9b41e6b612fa82e47cd5fc066b868c63d38cd86b63bb7c58ee9ec42e236dbc1c11bc14e26f4d919d8d1f2c1eaff022be67e0a547095352408041115232ca104987f3ad017e5fbedf242614fc3516cbaf8b04f67af939fd5afa0ed2b79ca0fe2dd7bd2d309fedb91bee08465276fed95f55e6aa4070b434ec04a14f2578fddfd0ce63c9d001208008b00", @ANYRES32=r6, @ANYBLOB="00000005043891ec44d3d7"], 0x28c}, 0x1, 0x0, 0x0, 0x20048000}, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x3a) 901.210974ms ago: executing program 4 (id=1381): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) r4 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4, @old_map_fd=r3}, 0xa3) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, r4, 0x8003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mremap$auto(0x4fff, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x1, 0x8000f1, 0x101, 0x13, 0xffffffffffffffff, 0x10000a) sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000340)={&(0x7f00000007c0)=ANY=[@ANYBLOB="c4010000", @ANYRES16=0x0, @ANYBLOB="00012cbd7000fcdbdf2531000000a0011780d3000500360fea02144ddefd482f7b0364ebc7c6de647d9d6f5f79d25f326fc41e4b6d70eddaee39d59a2d692dc6800c4d521f96dd673a253d03c3a1a1855a99b0fa2bc6da4e3c634b9bf2e55705edd4ed252766532beb64bc4de54026bbfec4ce25b1fff4955900701f2ceded613381be1ac2f38cfcbcaa4582dadeaecc201bf69cfe21e0ce81ba5cadfad72260355f71c0a63c80f5f722280183bf36cabbf2c5a3c9297dd4084d37156e3cb3dcc2984f019a0cc77acd8f58e4c29af841fd61e0579b0452d094e74786336d6f0a2ed8893b8d00050002007f0000000500020000000000b8000400d313029a24aa7a7840f7fff4209e641f3e6343f2cf0a4ca76d1e5421cb7a2dc92865f3eb8cfec6f78ce4b7108efef7379cb6654f3f5bfe515a001ecfd17c736b955d5d7c08d1a600973f633874e1ffbd936c2ee5c2a2add57ba23f0a06ec9467ead1da90930cab5caa3df388d64380020aab8d959d07b524ef017fb217159224b7b1844603f77d476042a76337d3cf377af34452c4057f1220eeaf7ab58ac4d2c379d241badfe3306a57931c2f85f4a25ea417010600ed00070000000400d000040008014ed7e127a87e310af9df80c358f7c0e97d893fc13fbc27714e"], 0x1c4}, 0x1, 0x0, 0x0, 0x20000040}, 0x440d1) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r5, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) close_range$auto(0x2, 0x8, 0x0) 590.793302ms ago: executing program 2 (id=1382): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000180)=""/231, 0xe7) bpf$auto_BPF_MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)=@link_create={@prog_fd, @target_fd, 0xaba, 0x6, @perf_event={0x7fffffff}}, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_DEL(r0, 0x0, 0x40000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_REWIND(r1, 0x40084146, 0x0) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop12\x00', 0x8202, 0x0) fadvise64$auto(r2, 0xffffffffffffff80, 0x400000000000006, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x81, 0x0, 0x0, 0x0, 0x0) write$auto(r3, &(0x7f0000000240)='//ev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) r5 = io_uring_setup$auto(0x1, 0x0) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/net/tunl0/napi_defer_hard_irqs\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x5) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'gretap0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="13002cbd7000dddbdf251700000008000300", @ANYRES32=r8], 0x2c}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) sendmsg$auto_NL80211_CMD_ASSOCIATE(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="02002abd7000fddbdf252600000d775d4c0006000000ee64063de898d52548df170efc0eb10ca282e2859812d484d0cf798c8c7a465de18f692476582c01846b5c67c452e1a46824e704ca4b566caef3af1937fc469c4b5511f4125d50a3b73da0d16bd05c7ffe3cdf1b50000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x24000060) 332.309769ms ago: executing program 3 (id=1383): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) (async, rerun: 64) connect$auto(0x3, &(0x7f0000000080)=@generic={0xf, "25b22ffb20938b5bc1a16800"}, 0x54) (async, rerun: 64) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) (async, rerun: 32) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (rerun: 32) unshare$auto(0x20000) unshare$auto(0x20000) (async) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) (async) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0xffffffffffffffff, 0x9) pread64$auto(0xffffffffffffffff, &(0x7f0000000540)='veth1\x00\xe0,\x17\xa0\xf7\x89Pl\x84K?\x01\x84\xa1i\xe00\x81p\xa0U \f\xdbP`:\xe2\'\xa7\xbf\xbd\x04\x18\xad\x90I^\x99M\xe0W\x14\x11\xf4\xeb\x90:\v\xc5\x13*\xfe\x90\xb1\xa9O\xa5\x05\xaa\x8fTi\xd6\x88Q\xda\xca', 0x20000000003f, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) setresgid$auto(0x81, 0x800000a0, 0x8) (async) socket(0x2, 0x2, 0x1) (async, rerun: 64) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (rerun: 64) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/usbip-host/match_busid\x00', 0x28b42, 0x0) sendfile$auto(r1, r1, 0x0, 0x4f64a1d2) (async) madvise$auto(0x0, 0x80000001, 0x8) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000080), r0) (async) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/current_tracer\x00', 0x40482, 0x0) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64) read$auto(0x3, 0x0, 0xfffffdef) (async, rerun: 64) write$auto(0x3, 0x0, 0xfdef) msgctl$auto_IPC_STAT(0x839c, 0x2, &(0x7f0000000240)={{0x9, 0xffffffffffffffff, 0xee01, 0x9, 0xb822, 0xffffffff, 0x5}, &(0x7f0000000180)=0x80, &(0x7f00000001c0)=0x7f, 0x4, 0x4d805b98, 0x1, 0xc1be, 0x6, 0x8d, 0x4, 0x5, @raw=0x10000, @raw=0x8}) 0s ago: executing program 1 (id=1384): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x4, 0x0) r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r0, 0x0, 0xe) unshare$auto(0x40000080) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0) socket(0xa, 0x2, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r1, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x2000c082) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) kernel console output (not intermixed with test programs):                                                                                                                                                          syzkaller syzkaller login: [ 213.611702][ T8507] __vm_enough_memory: pid: 8507, comm: syz.2.470, bytes: 4398046511104 not enough memory for the allocation [ 214.346381][ T8514] netlink: 28 bytes leftover after parsing attributes in process `syz.3.471'. [ 214.360184][ T8514] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 214.369674][ T8514] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 214.378763][ T8514] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 214.387467][ T8514] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 214.418113][ T8531] ICMPv6: process `syz.1.474' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 215.870541][ T8576] [U] [ 216.901362][ T8590] openvswitch: netlink: nsh attr 68 is out of range max 3 [ 217.003965][ T8594] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 217.026948][ T8588] FAULT_INJECTION: forcing a failure. [ 217.026948][ T8588] name failslab, interval 1, probability 0, space 0, times 0 [ 217.049590][ T8588] CPU: 1 UID: 0 PID: 8588 Comm: syz.2.486 Tainted: G U syzkaller #0 PREEMPT(full) [ 217.049635][ T8588] Tainted: [U]=USER [ 217.049649][ T8588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 217.049673][ T8588] Call Trace: [ 217.049681][ T8588] [ 217.049692][ T8588] dump_stack_lvl+0x16c/0x1f0 [ 217.049732][ T8588] should_fail_ex+0x512/0x640 [ 217.049771][ T8588] should_failslab+0xc2/0x120 [ 217.049806][ T8588] __kmalloc_cache_noprof+0x6a/0x3e0 [ 217.049836][ T8588] ? sctp_auth_shkey_create+0x9e/0x210 [ 217.049874][ T8588] sctp_auth_shkey_create+0x9e/0x210 [ 217.049908][ T8588] sctp_endpoint_new+0x562/0xcd0 [ 217.049946][ T8588] sctp_init_sock+0xe2d/0x1330 [ 217.049975][ T8588] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 217.050006][ T8588] sctp_v6_init_sock+0x16/0x70 [ 217.050036][ T8588] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 217.050067][ T8588] inet6_create+0xb2d/0x12b0 [ 217.050110][ T8588] ? inet6_create+0x7f/0x12b0 [ 217.050150][ T8588] __sock_create+0x338/0x8d0 [ 217.050179][ T8588] inet_ctl_sock_create+0x94/0x230 [ 217.050220][ T8588] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 217.050264][ T8588] ? lockdep_init_map_type+0x5c/0x280 [ 217.050303][ T8588] ? do_init_timer+0xc9/0x110 [ 217.050334][ T8588] ? __pfx_sctp_ctrlsock_init+0x10/0x10 [ 217.050365][ T8588] sctp_ctrlsock_init+0x40/0xf0 [ 217.050395][ T8588] ops_init+0x1df/0x5f0 [ 217.050431][ T8588] setup_net+0x10f/0x380 [ 217.050468][ T8588] ? lockdep_init_map_type+0x5c/0x280 [ 217.050507][ T8588] ? __pfx_setup_net+0x10/0x10 [ 217.050562][ T8588] ? debug_mutex_init+0x37/0x70 [ 217.050593][ T8588] copy_net_ns+0x2a6/0x5f0 [ 217.050638][ T8588] create_new_namespaces+0x3ea/0xa90 [ 217.050764][ T8588] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 217.050805][ T8588] ksys_unshare+0x45b/0xa40 [ 217.050845][ T8588] ? __pfx_ksys_unshare+0x10/0x10 [ 217.050883][ T8588] ? syscall_user_dispatch+0x78/0x140 [ 217.050932][ T8588] __x64_sys_unshare+0x31/0x40 [ 217.050970][ T8588] do_syscall_64+0xcd/0x490 [ 217.051009][ T8588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.051038][ T8588] RIP: 0033:0x7f77e978ebe9 [ 217.051061][ T8588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.051089][ T8588] RSP: 002b:00007f77ea5d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 217.051118][ T8588] RAX: ffffffffffffffda RBX: 00007f77e99b5fa0 RCX: 00007f77e978ebe9 [ 217.051139][ T8588] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 217.051157][ T8588] RBP: 00007f77e9811e19 R08: 0000000000000000 R09: 0000000000000000 [ 217.051175][ T8588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.051192][ T8588] R13: 00007f77e99b6038 R14: 00007f77e99b5fa0 R15: 00007ffe80a23128 [ 217.051219][ T8588] [ 217.660174][ T8622] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 217.841555][ T8624] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 219.482196][ T8650] Invalid ELF header magic: != ELF [ 220.964770][ T8686] Invalid ELF header magic: != ELF [ 221.276810][ T8695] FAULT_INJECTION: forcing a failure. [ 221.276810][ T8695] name failslab, interval 1, probability 0, space 0, times 0 [ 221.322041][ T8695] CPU: 1 UID: 0 PID: 8695 Comm: syz.2.506 Tainted: G U syzkaller #0 PREEMPT(full) [ 221.322091][ T8695] Tainted: [U]=USER [ 221.322101][ T8695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 221.322119][ T8695] Call Trace: [ 221.322128][ T8695] [ 221.322139][ T8695] dump_stack_lvl+0x16c/0x1f0 [ 221.322181][ T8695] should_fail_ex+0x512/0x640 [ 221.322224][ T8695] should_failslab+0xc2/0x120 [ 221.322264][ T8695] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 221.322304][ T8695] ? create_new_namespaces+0x30/0xa90 [ 221.322341][ T8695] create_new_namespaces+0x30/0xa90 [ 221.322374][ T8695] ? bpf_lsm_capable+0x9/0x10 [ 221.322397][ T8695] ? security_capable+0x7e/0x260 [ 221.322427][ T8695] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 221.322461][ T8695] ksys_unshare+0x45b/0xa40 [ 221.322502][ T8695] ? __pfx_ksys_unshare+0x10/0x10 [ 221.322541][ T8695] ? xfd_validate_state+0x61/0x180 [ 221.322588][ T8695] __x64_sys_unshare+0x31/0x40 [ 221.322627][ T8695] do_syscall_64+0xcd/0x490 [ 221.322675][ T8695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.322704][ T8695] RIP: 0033:0x7f77e978ebe9 [ 221.322727][ T8695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.322756][ T8695] RSP: 002b:00007f77ea5d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 221.322785][ T8695] RAX: ffffffffffffffda RBX: 00007f77e99b5fa0 RCX: 00007f77e978ebe9 [ 221.322806][ T8695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 221.322823][ T8695] RBP: 00007f77e9811e19 R08: 0000000000000000 R09: 0000000000000000 [ 221.322841][ T8695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.322857][ T8695] R13: 00007f77e99b6038 R14: 00007f77e99b5fa0 R15: 00007ffe80a23128 [ 221.322885][ T8695] [ 221.585979][ T8698] netlink: 36 bytes leftover after parsing attributes in process `syz.4.502'. [ 222.403075][ T8721] random: crng reseeded on system resumption [ 223.455974][ T8740] zswap: compressor not available [ 223.542334][ T8740] FAULT_INJECTION: forcing a failure. [ 223.542334][ T8740] name fail_futex, interval 1, probability 0, space 0, times 0 [ 223.555522][ T8740] CPU: 1 UID: 0 PID: 8740 Comm: syz.1.515 Tainted: G U syzkaller #0 PREEMPT(full) [ 223.555552][ T8740] Tainted: [U]=USER [ 223.555557][ T8740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 223.555567][ T8740] Call Trace: [ 223.555573][ T8740] [ 223.555579][ T8740] dump_stack_lvl+0x16c/0x1f0 [ 223.555605][ T8740] should_fail_ex+0x512/0x640 [ 223.555630][ T8740] get_futex_key+0xff0/0x1560 [ 223.555651][ T8740] ? __pfx_get_futex_key+0x10/0x10 [ 223.555670][ T8740] ? __mutex_trylock_common+0xe9/0x250 [ 223.555695][ T8740] ? __pfx___mutex_trylock_common+0x10/0x10 [ 223.555719][ T8740] futex_wake+0xea/0x530 [ 223.555743][ T8740] ? __pfx_futex_wake+0x10/0x10 [ 223.555766][ T8740] ? rcu_is_watching+0x12/0xc0 [ 223.555783][ T8740] ? rcu_is_watching+0x12/0xc0 [ 223.555800][ T8740] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 223.555823][ T8740] do_futex+0x1e3/0x350 [ 223.555843][ T8740] ? __pfx_do_futex+0x10/0x10 [ 223.555863][ T8740] ? lock_release+0x201/0x2f0 [ 223.555885][ T8740] mm_release+0x24e/0x300 [ 223.555903][ T8740] do_exit+0x68e/0x2bf0 [ 223.555927][ T8740] ? __pfx_do_exit+0x10/0x10 [ 223.555949][ T8740] ? do_raw_spin_lock+0x12c/0x2b0 [ 223.555974][ T8740] ? get_signal+0x8f5/0x26d0 [ 223.555992][ T8740] ? rcu_is_watching+0x12/0xc0 [ 223.556009][ T8740] do_group_exit+0xd3/0x2a0 [ 223.556032][ T8740] get_signal+0x2673/0x26d0 [ 223.556052][ T8740] ? rcu_is_watching+0x12/0xc0 [ 223.556067][ T8740] ? lock_release+0x201/0x2f0 [ 223.556088][ T8740] ? __pfx_get_signal+0x10/0x10 [ 223.556106][ T8740] ? do_futex+0x122/0x350 [ 223.556126][ T8740] ? __pfx_do_futex+0x10/0x10 [ 223.556147][ T8740] arch_do_signal_or_restart+0x8f/0x790 [ 223.556173][ T8740] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 223.556197][ T8740] ? __pfx_do_pwritev+0x10/0x10 [ 223.556216][ T8740] exit_to_user_mode_loop+0x84/0x110 [ 223.556241][ T8740] do_syscall_64+0x3f6/0x490 [ 223.556263][ T8740] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.556280][ T8740] RIP: 0033:0x7f262338ebe9 [ 223.556293][ T8740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 223.556310][ T8740] RSP: 002b:00007f26242700e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 223.556328][ T8740] RAX: fffffffffffffe00 RBX: 00007f26235b5fa8 RCX: 00007f262338ebe9 [ 223.556339][ T8740] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f26235b5fa8 [ 223.556349][ T8740] RBP: 00007f26235b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 223.556359][ T8740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.556369][ T8740] R13: 00007f26235b6038 R14: 00007fff4cc57690 R15: 00007fff4cc57778 [ 223.556384][ T8740] [ 226.360893][ T24] Process accounting resumed [ 227.000284][ T8835] netlink: 24 bytes leftover after parsing attributes in process `syz.1.532'. [ 227.037431][ T8841] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 227.058129][ T8841] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 227.205467][ T8843] ptrace attach of "./syz-executor exec"[8845] was attempted by "./syz-executor exec"[8843] [ 227.279440][ T8844] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 229.008381][ T7332] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 229.017978][ T7332] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0' [ 229.027370][ T7332] CPU: 0 UID: 0 PID: 7332 Comm: kworker/u11:2 Tainted: G U syzkaller #0 PREEMPT(full) [ 229.027416][ T7332] Tainted: [U]=USER [ 229.027425][ T7332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 229.027443][ T7332] Workqueue: hci2 hci_rx_work [ 229.027477][ T7332] Call Trace: [ 229.027486][ T7332] [ 229.027497][ T7332] dump_stack_lvl+0x16c/0x1f0 [ 229.027535][ T7332] sysfs_warn_dup+0x7f/0xa0 [ 229.027567][ T7332] sysfs_create_dir_ns+0x24b/0x2b0 [ 229.027610][ T7332] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 229.027645][ T7332] ? kobject_add_internal+0x25b/0x9b0 [ 229.027686][ T7332] ? lock_release+0x201/0x2f0 [ 229.027725][ T7332] ? do_raw_spin_unlock+0x172/0x230 [ 229.027767][ T7332] kobject_add_internal+0x2c4/0x9b0 [ 229.027804][ T7332] kobject_add+0x16e/0x240 [ 229.027843][ T7332] ? __pfx_kobject_add+0x10/0x10 [ 229.027882][ T7332] ? lock_release+0x201/0x2f0 [ 229.027919][ T7332] ? do_raw_spin_unlock+0x172/0x230 [ 229.027963][ T7332] ? kobject_put+0xab/0x5a0 [ 229.028006][ T7332] device_add+0x288/0x1aa0 [ 229.028033][ T7332] ? __pfx_dev_set_name+0x10/0x10 [ 229.028063][ T7332] ? __pfx_device_add+0x10/0x10 [ 229.028089][ T7332] ? mgmt_send_event_skb+0x2fb/0x460 [ 229.028122][ T7332] hci_conn_add_sysfs+0x17e/0x230 [ 229.028159][ T7332] le_conn_complete_evt+0x1075/0x1d70 [ 229.028205][ T7332] ? __pfx___might_resched+0x10/0x10 [ 229.028240][ T7332] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 229.028270][ T7332] ? bt_warn+0xe4/0x120 [ 229.028295][ T7332] ? __pfx_bt_warn+0x10/0x10 [ 229.028326][ T7332] hci_le_conn_complete_evt+0x23c/0x370 [ 229.028359][ T7332] hci_le_meta_evt+0x357/0x5e0 [ 229.028391][ T7332] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 229.028425][ T7332] hci_event_packet+0x682/0x11c0 [ 229.028454][ T7332] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 229.028488][ T7332] ? __pfx_hci_event_packet+0x10/0x10 [ 229.028516][ T7332] ? kcov_remote_start+0x36a/0x6d0 [ 229.028557][ T7332] ? rcu_watching_snap_stopped_since+0x100/0x110 [ 229.028601][ T7332] ? rcu_is_watching+0x12/0xc0 [ 229.028635][ T7332] hci_rx_work+0x2c5/0x16b0 [ 229.028670][ T7332] ? rcu_is_watching+0x12/0xc0 [ 229.028701][ T7332] process_one_work+0x9cf/0x1b70 [ 229.028751][ T7332] ? __pfx_rxrpc_service_connection_reaper+0x10/0x10 [ 229.028787][ T7332] ? __pfx_process_one_work+0x10/0x10 [ 229.028838][ T7332] ? assign_work+0x1a0/0x250 [ 229.028882][ T7332] worker_thread+0x6c8/0xf10 [ 229.028912][ T7332] ? __kthread_parkme+0x19e/0x250 [ 229.028949][ T7332] ? __pfx_worker_thread+0x10/0x10 [ 229.028974][ T7332] kthread+0x3c5/0x780 [ 229.029016][ T7332] ? __pfx_kthread+0x10/0x10 [ 229.029055][ T7332] ? ret_from_fork+0x25/0x6f0 [ 229.029098][ T7332] ? rcu_is_watching+0x12/0xc0 [ 229.029127][ T7332] ? rcu_is_watching+0x12/0xc0 [ 229.029153][ T7332] ? __pfx_kthread+0x10/0x10 [ 229.029195][ T7332] ret_from_fork+0x5d4/0x6f0 [ 229.029237][ T7332] ? __pfx_kthread+0x10/0x10 [ 229.029278][ T7332] ret_from_fork_asm+0x1a/0x30 [ 229.029313][ T7332] [ 229.029337][ T7332] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 229.341542][ T7332] Bluetooth: hci2: failed to register connection device [ 230.046396][ T8890] netlink: 32 bytes leftover after parsing attributes in process `syz.1.542'. [ 230.055408][ T8890] netlink: 120 bytes leftover after parsing attributes in process `syz.1.542'. [ 231.192363][ T8921] vivid-003: ================= START STATUS ================= [ 231.227833][ T8921] vivid-003: Radio HW Seek Mode: Bounded [ 231.266884][ T8921] vivid-003: Radio Programmable HW Seek: false [ 231.273322][ T8921] vivid-003: RDS Rx I/O Mode: Block I/O [ 231.351712][ T8921] vivid-003: Generate RBDS Instead of RDS: false [ 231.358939][ T8921] vivid-003: RDS Reception: true [ 231.397318][ T8921] vivid-003: RDS Program Type: 0 inactive [ 231.403107][ T8921] vivid-003: RDS PS Name: inactive [ 231.458599][ T8921] vivid-003: RDS Radio Text: inactive [ 231.509552][ T8921] vivid-003: RDS Traffic Announcement: false inactive [ 231.516684][ T8921] vivid-003: RDS Traffic Program: false inactive [ 231.523723][ T8921] vivid-003: RDS Music: false inactive [ 231.530493][ T8921] vivid-003: ================== END STATUS ================== [ 233.450597][ T8983] netlink: 330 bytes leftover after parsing attributes in process `syz.3.559'. [ 234.968022][ T30] audit: type=1800 audit(6050831433.564:6): pid=8999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=26597 res=0 errno=0 [ 235.198441][ T9013] netlink: 28 bytes leftover after parsing attributes in process `syz.1.566'. [ 235.215394][ T9013] veth0_macvtap: left promiscuous mode [ 235.281917][ T9016] random: crng reseeded on system resumption [ 235.746716][ T30] audit: type=1800 audit(6050831434.344:7): pid=9019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.568" name="features" dev="configfs" ino=26782 res=0 errno=0 [ 237.774654][ T9041] ima: policy update failed [ 237.789891][ T30] audit: type=1802 audit(6050831436.383:8): pid=9041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.572" res=0 errno=0 [ 237.995455][ T9047] FAULT_INJECTION: forcing a failure. [ 237.995455][ T9047] name failslab, interval 1, probability 0, space 0, times 0 [ 238.031026][ T9047] CPU: 1 UID: 0 PID: 9047 Comm: syz.1.573 Tainted: G U syzkaller #0 PREEMPT(full) [ 238.031077][ T9047] Tainted: [U]=USER [ 238.031086][ T9047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 238.031102][ T9047] Call Trace: [ 238.031110][ T9047] [ 238.031121][ T9047] dump_stack_lvl+0x16c/0x1f0 [ 238.031162][ T9047] should_fail_ex+0x512/0x640 [ 238.031205][ T9047] should_failslab+0xc2/0x120 [ 238.031240][ T9047] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 238.031273][ T9047] ? set_normalized_timespec64+0x69/0xc0 [ 238.031307][ T9047] ? __d_alloc+0x32/0xae0 [ 238.031343][ T9047] __d_alloc+0x32/0xae0 [ 238.031388][ T9047] d_alloc_pseudo+0x1c/0xc0 [ 238.031431][ T9047] alloc_file_pseudo+0xcf/0x230 [ 238.031474][ T9047] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 238.031523][ T9047] ? security_inode_init_security_anon+0x79/0x240 [ 238.031562][ T9047] __anon_inode_getfile+0xe8/0x280 [ 238.031599][ T9047] new_userfaultfd+0x25e/0x3d0 [ 238.031641][ T9047] __x64_sys_userfaultfd+0x4b/0xb0 [ 238.031669][ T9047] do_syscall_64+0xcd/0x490 [ 238.031708][ T9047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.031737][ T9047] RIP: 0033:0x7f262338ebe9 [ 238.031760][ T9047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.031788][ T9047] RSP: 002b:00007f262422e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000143 [ 238.031816][ T9047] RAX: ffffffffffffffda RBX: 00007f26235b6180 RCX: 00007f262338ebe9 [ 238.031836][ T9047] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 238.031853][ T9047] RBP: 00007f2623411e19 R08: 0000000000000000 R09: 0000000000000000 [ 238.031870][ T9047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.031887][ T9047] R13: 00007f26235b6218 R14: 00007f26235b6180 R15: 00007fff4cc57778 [ 238.031914][ T9047] [ 239.336082][ T9068] openvswitch: netlink: Message has 390 unknown bytes. [ 239.420339][ T9078] syz.4.578 uses obsolete (PF_INET,SOCK_PACKET) [ 239.580664][ T9078] FAULT_INJECTION: forcing a failure. [ 239.580664][ T9078] name failslab, interval 1, probability 0, space 0, times 0 [ 239.630788][ T9078] CPU: 0 UID: 0 PID: 9078 Comm: syz.4.578 Tainted: G U syzkaller #0 PREEMPT(full) [ 239.630830][ T9078] Tainted: [U]=USER [ 239.630835][ T9078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 239.630846][ T9078] Call Trace: [ 239.630851][ T9078] [ 239.630859][ T9078] dump_stack_lvl+0x16c/0x1f0 [ 239.630886][ T9078] should_fail_ex+0x512/0x640 [ 239.630911][ T9078] should_failslab+0xc2/0x120 [ 239.630934][ T9078] __kmalloc_cache_noprof+0x6a/0x3e0 [ 239.630952][ T9078] ? vsnprintf+0x318/0x1160 [ 239.630970][ T9078] ? __alloc_workqueue+0xda2/0x1810 [ 239.630991][ T9078] __alloc_workqueue+0xda2/0x1810 [ 239.631012][ T9078] ? __pfx_vsnprintf+0x10/0x10 [ 239.631030][ T9078] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 239.631056][ T9078] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 239.631075][ T9078] alloc_workqueue_noprof+0xd2/0x200 [ 239.631096][ T9078] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 239.631120][ T9078] ? __pfx___debug_object_init+0x10/0x10 [ 239.631140][ T9078] nci_register_device+0x511/0xb80 [ 239.631159][ T9078] ? __pfx_nci_register_device+0x10/0x10 [ 239.631177][ T9078] ? lockdep_init_map_type+0x5c/0x280 [ 239.631201][ T9078] virtual_ncidev_open+0x141/0x220 [ 239.631219][ T9078] ? misc_open+0x8d/0x420 [ 239.631236][ T9078] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 239.631253][ T9078] misc_open+0x35a/0x420 [ 239.631270][ T9078] ? __pfx_misc_open+0x10/0x10 [ 239.631286][ T9078] chrdev_open+0x231/0x6a0 [ 239.631306][ T9078] ? __pfx_apparmor_file_open+0x10/0x10 [ 239.631324][ T9078] ? __pfx_chrdev_open+0x10/0x10 [ 239.631345][ T9078] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 239.631365][ T9078] do_dentry_open+0x97f/0x1530 [ 239.631385][ T9078] ? __pfx_chrdev_open+0x10/0x10 [ 239.631407][ T9078] vfs_open+0x82/0x3f0 [ 239.631430][ T9078] path_openat+0x1de4/0x2cb0 [ 239.631452][ T9078] ? __pfx_path_openat+0x10/0x10 [ 239.631472][ T9078] do_filp_open+0x20b/0x470 [ 239.631491][ T9078] ? __pfx_do_filp_open+0x10/0x10 [ 239.631516][ T9078] ? alloc_fd+0x471/0x7d0 [ 239.631543][ T9078] do_sys_openat2+0x11b/0x1d0 [ 239.631568][ T9078] ? __pfx_do_sys_openat2+0x10/0x10 [ 239.631595][ T9078] __x64_sys_openat+0x174/0x210 [ 239.631620][ T9078] ? __pfx___x64_sys_openat+0x10/0x10 [ 239.631649][ T9078] do_syscall_64+0xcd/0x490 [ 239.631671][ T9078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.631689][ T9078] RIP: 0033:0x7f28b578ebe9 [ 239.631703][ T9078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.631719][ T9078] RSP: 002b:00007f28b6642038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 239.631737][ T9078] RAX: ffffffffffffffda RBX: 00007f28b59b5fa0 RCX: 00007f28b578ebe9 [ 239.631747][ T9078] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 239.631758][ T9078] RBP: 00007f28b5811e19 R08: 0000000000000000 R09: 0000000000000000 [ 239.631768][ T9078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.631778][ T9078] R13: 00007f28b59b6038 R14: 00007f28b59b5fa0 R15: 00007ffc2c54c2f8 [ 239.631793][ T9078] [ 242.334551][ T9131] netlink: 12 bytes leftover after parsing attributes in process `syz.3.587'. [ 242.911434][ T9145] ecryptfs_miscdev_write: Error while inspecting packet size [ 243.649805][ T9173] netlink: 16 bytes leftover after parsing attributes in process `syz.3.596'. [ 243.812012][ T7107] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 243.928553][ T7107] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.064616][ T7107] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.284556][ T7107] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.593682][ T7107] bridge_slave_0: left allmulticast mode [ 244.603642][ T7107] bridge_slave_0: left promiscuous mode [ 244.627446][ T7107] bridge0: port 1(bridge_slave_0) entered disabled state [ 244.787902][ T7096] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 244.797260][ T7096] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 244.804671][ T7096] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 244.817271][ T7096] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 244.824814][ T7096] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 245.020526][ T7107] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 245.168195][ T7107] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 245.233190][ T7107] bond0 (unregistering): Released all slaves [ 245.290436][ T9206] netlink: 342 bytes leftover after parsing attributes in process `syz.4.602'. [ 245.778640][ T9196] chnl_net:caif_netlink_parms(): no params data found [ 246.316153][ T9196] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.323498][ T9196] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.362812][ T9196] bridge_slave_0: entered allmulticast mode [ 246.378892][ T9196] bridge_slave_0: entered promiscuous mode [ 246.602656][ T7107] hsr_slave_0: left promiscuous mode [ 246.643921][ T7107] hsr_slave_1: left promiscuous mode [ 246.702028][ T7107] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 246.709831][ T7107] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 246.743297][ T7107] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 246.758417][ T9243] FAULT_INJECTION: forcing a failure. [ 246.758417][ T9243] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 246.784674][ T7107] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 246.804656][ T9243] CPU: 1 UID: 0 PID: 9243 Comm: syz.4.606 Tainted: G U syzkaller #0 PREEMPT(full) [ 246.804704][ T9243] Tainted: [U]=USER [ 246.804713][ T9243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 246.804731][ T9243] Call Trace: [ 246.804740][ T9243] [ 246.804752][ T9243] dump_stack_lvl+0x16c/0x1f0 [ 246.804792][ T9243] should_fail_ex+0x512/0x640 [ 246.804834][ T9243] should_fail_alloc_page+0xe7/0x130 [ 246.804875][ T9243] prepare_alloc_pages+0x3c2/0x610 [ 246.804918][ T9243] ? rcu_is_watching+0x12/0xc0 [ 246.804950][ T9243] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 246.804985][ T9243] ? stack_depot_save_flags+0x29/0x9c0 [ 246.805026][ T9243] ? kasan_save_stack+0x33/0x60 [ 246.805058][ T9243] ? kasan_save_track+0x14/0x30 [ 246.805090][ T9243] ? __kasan_slab_alloc+0x89/0x90 [ 246.805126][ T9243] ? kasan_save_stack+0x42/0x60 [ 246.805157][ T9243] ? kasan_save_stack+0x33/0x60 [ 246.805187][ T9243] ? kasan_save_track+0x14/0x30 [ 246.805218][ T9243] ? __kasan_slab_alloc+0x89/0x90 [ 246.805252][ T9243] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 246.805283][ T9243] ? __anon_vma_prepare+0x344/0x5e0 [ 246.805312][ T9243] ? __vmf_anon_prepare+0x11c/0x240 [ 246.805351][ T9243] ? do_pte_missing+0x10bd/0x3ba0 [ 246.805378][ T9243] ? __handle_mm_fault+0x152a/0x2a50 [ 246.805405][ T9243] ? handle_mm_fault+0x589/0xd10 [ 246.805443][ T9243] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 246.805478][ T9243] ? vm_mmap_pgoff+0x37f/0x470 [ 246.805511][ T9243] ? __x64_sys_mmap+0x125/0x190 [ 246.805551][ T9243] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.805578][ T9243] ? rcu_is_watching+0x12/0xc0 [ 246.805607][ T9243] ? local_lock_release+0x99/0x140 [ 246.805641][ T9243] ? rcu_is_watching+0x12/0xc0 [ 246.805668][ T9243] ? rcu_is_watching+0x12/0xc0 [ 246.805696][ T9243] ? lock_acquire+0x2cd/0x350 [ 246.805732][ T9243] ? rcu_is_watching+0x12/0xc0 [ 246.805761][ T9243] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 246.805807][ T9243] ? policy_nodemask+0xea/0x4e0 [ 246.805846][ T9243] alloc_pages_mpol+0x1fb/0x550 [ 246.805885][ T9243] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 246.805922][ T9243] ? lock_release+0x201/0x2f0 [ 246.805963][ T9243] folio_alloc_mpol_noprof+0x36/0x2f0 [ 246.806008][ T9243] vma_alloc_folio_noprof+0xed/0x1e0 [ 246.806051][ T9243] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 246.806097][ T9243] ? rcu_is_watching+0x12/0xc0 [ 246.806128][ T9243] do_pte_missing+0x2230/0x3ba0 [ 246.806163][ T9243] __handle_mm_fault+0x152a/0x2a50 [ 246.806195][ T9243] ? __pfx___handle_mm_fault+0x10/0x10 [ 246.806226][ T9243] ? __pte_offset_map_lock+0x174/0x310 [ 246.806272][ T9243] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 246.806322][ T9243] handle_mm_fault+0x589/0xd10 [ 246.806354][ T9243] __get_user_pages+0x551/0x34a0 [ 246.806404][ T9243] ? __pfx___get_user_pages+0x10/0x10 [ 246.806457][ T9243] ? __pfx___might_resched+0x10/0x10 [ 246.806485][ T9243] ? cap_capable+0xb3/0x250 [ 246.806518][ T9243] populate_vma_page_range+0x267/0x3f0 [ 246.806564][ T9243] ? __pfx_populate_vma_page_range+0x10/0x10 [ 246.806607][ T9243] ? __pfx_find_vma_intersection+0x10/0x10 [ 246.806647][ T9243] ? do_mmap+0x69c/0x1210 [ 246.806689][ T9243] __mm_populate+0x1d8/0x380 [ 246.806735][ T9243] ? __pfx___mm_populate+0x10/0x10 [ 246.806781][ T9243] ? up_write+0x1b2/0x520 [ 246.806824][ T9243] vm_mmap_pgoff+0x37f/0x470 [ 246.806866][ T9243] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 246.806911][ T9243] ? __x64_sys_futex+0x1e0/0x4c0 [ 246.806947][ T9243] ? __x64_sys_futex+0x1e9/0x4c0 [ 246.806986][ T9243] ksys_mmap_pgoff+0x7d/0x5c0 [ 246.807025][ T9243] ? xfd_validate_state+0x61/0x180 [ 246.807068][ T9243] ? __pfx_do_writev+0x10/0x10 [ 246.807101][ T9243] __x64_sys_mmap+0x125/0x190 [ 246.807147][ T9243] do_syscall_64+0xcd/0x490 [ 246.807183][ T9243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.807207][ T9243] RIP: 0033:0x7f28b578ebe9 [ 246.807229][ T9243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 246.807253][ T9243] RSP: 002b:00007f28b6621038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 246.807278][ T9243] RAX: ffffffffffffffda RBX: 00007f28b59b6090 RCX: 00007f28b578ebe9 [ 246.807296][ T9243] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 246.807314][ T9243] RBP: 00007f28b5811e19 R08: 0000000000000007 R09: 0000000000028000 [ 246.807332][ T9243] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 246.807350][ T9243] R13: 00007f28b59b6128 R14: 00007f28b59b6090 R15: 00007ffc2c54c2f8 [ 246.807377][ T9243] [ 247.258873][ C1] vkms_vblank_simulate: vblank timer overrun [ 247.275055][ T7096] Bluetooth: hci4: command tx timeout [ 247.295240][ T7107] veth1_macvtap: left promiscuous mode [ 247.300989][ T7107] veth0_macvtap: left promiscuous mode [ 247.310540][ T7107] veth1_vlan: left promiscuous mode [ 247.320665][ T7107] veth0_vlan: left promiscuous mode                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     syzkaller syzkaller login: [ 283.673612][ T9967] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 287.604125][T10042] Setting dangerous option i915.mitigations - tainting kernel [ 288.278986][T10045] Invalid ELF header magic: != ELF [ 288.308089][T10045] netlink: 'syz.1.755': attribute type 2 has an invalid length. [ 288.315970][T10045] netlink: 8 bytes leftover after parsing attributes in process `syz.1.755'. [ 288.651543][T10065] netlink: 246 bytes leftover after parsing attributes in process `syz.1.759'. [ 288.749606][T10070] ICMPv6: process `syz.2.761' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 289.741588][T10105] netlink: 16 bytes leftover after parsing attributes in process `syz.2.768'. [ 290.750623][T10123] netlink: 'syz.1.774': attribute type 1 has an invalid length. [ 291.150800][T10144] MTRR 1 not used [ 292.250874][T10138] kexec: Could not allocate control_code_buffer [ 292.505510][T10167] FAULT_INJECTION: forcing a failure. [ 292.505510][T10167] name failslab, interval 1, probability 0, space 0, times 0 [ 292.518934][T10167] CPU: 1 UID: 0 PID: 10167 Comm: syz.4.785 Tainted: G U syzkaller #0 PREEMPT(full) [ 292.518965][T10167] Tainted: [U]=USER [ 292.518971][T10167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 292.518981][T10167] Call Trace: [ 292.518987][T10167] [ 292.518993][T10167] dump_stack_lvl+0x16c/0x1f0 [ 292.519020][T10167] should_fail_ex+0x512/0x640 [ 292.519044][T10167] should_failslab+0xc2/0x120 [ 292.519066][T10167] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 292.519086][T10167] ? __d_alloc+0x32/0xae0 [ 292.519108][T10167] __d_alloc+0x32/0xae0 [ 292.519128][T10167] d_alloc_parallel+0x111/0x1480 [ 292.519152][T10167] ? lock_release+0x201/0x2f0 [ 292.519175][T10167] ? _raw_spin_unlock+0x28/0x50 [ 292.519192][T10167] ? __d_add+0x403/0xa50 [ 292.519212][T10167] ? __pfx_d_alloc_parallel+0x10/0x10 [ 292.519238][T10167] ? lockdep_init_map_type+0x5c/0x280 [ 292.519261][T10167] ? lockdep_init_map_type+0x5c/0x280 [ 292.519284][T10167] __lookup_slow+0x193/0x460 [ 292.519308][T10167] ? __pfx___lookup_slow+0x10/0x10 [ 292.519332][T10167] ? irq_entries_start+0xd0/0xcb0 [ 292.519350][T10167] ? irq_entries_start+0xd0/0xcb0 [ 292.519366][T10167] ? lookup_fast+0x156/0x610 [ 292.519381][T10167] ? __pfx_kernfs_iop_permission+0x10/0x10 [ 292.519401][T10167] walk_component+0x353/0x5b0 [ 292.519418][T10167] link_path_walk+0x627/0xe20 [ 292.519437][T10167] path_openat+0x1b0/0x2cb0 [ 292.519454][T10167] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.519473][T10167] ? __pfx_path_openat+0x10/0x10 [ 292.519493][T10167] do_filp_open+0x20b/0x470 [ 292.519521][T10167] ? __pfx_do_filp_open+0x10/0x10 [ 292.519546][T10167] ? alloc_fd+0x471/0x7d0 [ 292.519565][T10167] do_sys_openat2+0x11b/0x1d0 [ 292.519590][T10167] ? __pfx_do_sys_openat2+0x10/0x10 [ 292.519618][T10167] __x64_sys_openat+0x174/0x210 [ 292.519643][T10167] ? __pfx___x64_sys_openat+0x10/0x10 [ 292.519671][T10167] do_syscall_64+0xcd/0x490 [ 292.519693][T10167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.519710][T10167] RIP: 0033:0x7f28b578ebe9 [ 292.519723][T10167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.519740][T10167] RSP: 002b:00007f28b6621038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 292.519757][T10167] RAX: ffffffffffffffda RBX: 00007f28b59b6090 RCX: 00007f28b578ebe9 [ 292.519768][T10167] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 292.519778][T10167] RBP: 00007f28b5811e19 R08: 0000000000000000 R09: 0000000000000000 [ 292.519788][T10167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 292.519798][T10167] R13: 00007f28b59b6128 R14: 00007f28b59b6090 R15: 00007ffc2c54c2f8 [ 292.519818][T10167] [ 293.265763][ T30] audit: type=1800 audit(6050832514.830:10): pid=10166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.782" name="features" dev="configfs" ino=34161 res=0 errno=0 [ 293.987243][T10197] FAULT_INJECTION: forcing a failure. [ 293.987243][T10197] name failslab, interval 1, probability 0, space 0, times 0 [ 294.004619][T10197] CPU: 0 UID: 0 PID: 10197 Comm: syz.2.791 Tainted: G U syzkaller #0 PREEMPT(full) [ 294.004673][T10197] Tainted: [U]=USER [ 294.004683][T10197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 294.004699][T10197] Call Trace: [ 294.004706][T10197] [ 294.004712][T10197] dump_stack_lvl+0x16c/0x1f0 [ 294.004738][T10197] should_fail_ex+0x512/0x640 [ 294.004763][T10197] should_failslab+0xc2/0x120 [ 294.004785][T10197] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 294.004804][T10197] ? ima_inode_get+0x120/0x580 [ 294.004823][T10197] ima_inode_get+0x120/0x580 [ 294.004841][T10197] process_measurement+0x18a7/0x23e0 [ 294.004860][T10197] ? __pfx_process_measurement+0x10/0x10 [ 294.004889][T10197] ? rcu_is_watching+0x12/0xc0 [ 294.004916][T10197] ima_bprm_check+0xe7/0x210 [ 294.004933][T10197] ? rcu_is_watching+0x12/0xc0 [ 294.004948][T10197] ? __pfx_ima_bprm_check+0x10/0x10 [ 294.004967][T10197] security_bprm_check+0xa5/0x1e0 [ 294.004984][T10197] bprm_execve+0x81a/0x1640 [ 294.005004][T10197] ? __pfx_bprm_execve+0x10/0x10 [ 294.005021][T10197] ? copy_string_kernel+0x460/0x520 [ 294.005040][T10197] do_execveat_common.isra.0+0x4a5/0x610 [ 294.005060][T10197] __x64_sys_execve+0x8e/0xb0 [ 294.005078][T10197] do_syscall_64+0xcd/0x490 [ 294.005099][T10197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.005116][T10197] RIP: 0033:0x7f0067f8ebe9 [ 294.005132][T10197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.005149][T10197] RSP: 002b:00007f0068d92038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 294.005166][T10197] RAX: ffffffffffffffda RBX: 00007f00681b6090 RCX: 00007f0067f8ebe9 [ 294.005177][T10197] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 294.005187][T10197] RBP: 00007f0068011e19 R08: 0000000000000000 R09: 0000000000000000 [ 294.005197][T10197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 294.005206][T10197] R13: 00007f00681b6128 R14: 00007f00681b6090 R15: 00007fff62e551a8 [ 294.005221][T10197] [ 294.447816][T10203] mkiss: ax0: crc mode is auto. [ 295.516558][T10228] netlink: Conntrack attr has 16 unknown bytes [ 295.873083][T10240] FAULT_INJECTION: forcing a failure. [ 295.873083][T10240] name failslab, interval 1, probability 0, space 0, times 0 [ 295.987417][T10240] CPU: 1 UID: 0 PID: 10240 Comm: syz.3.803 Tainted: G U syzkaller #0 PREEMPT(full) [ 295.987454][T10240] Tainted: [U]=USER [ 295.987460][T10240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 295.987470][T10240] Call Trace: [ 295.987476][T10240] [ 295.987482][T10240] dump_stack_lvl+0x16c/0x1f0 [ 295.987508][T10240] should_fail_ex+0x512/0x640 [ 295.987533][T10240] should_failslab+0xc2/0x120 [ 295.987556][T10240] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 295.987575][T10240] ? lock_release+0x201/0x2f0 [ 295.987597][T10240] ? __proc_create+0x2ce/0x8e0 [ 295.987637][T10240] __proc_create+0x2ce/0x8e0 [ 295.987660][T10240] ? __pfx___proc_create+0x10/0x10 [ 295.987683][T10240] ? _raw_write_unlock+0x28/0x50 [ 295.987704][T10240] proc_create_reg+0x7d/0x180 [ 295.987729][T10240] proc_create_data+0x86/0x110 [ 295.987762][T10240] ? __pfx_proc_create_data+0x10/0x10 [ 295.987786][T10240] ? lock_release+0x201/0x2f0 [ 295.987808][T10240] gss_svc_init_net+0x238/0x660 [ 295.987825][T10240] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 295.987849][T10240] ? __pfx_rpcsec_gss_init_net+0x10/0x10 [ 295.987867][T10240] ops_init+0x1df/0x5f0 [ 295.987892][T10240] setup_net+0x10f/0x380 [ 295.987912][T10240] ? lockdep_init_map_type+0x5c/0x280 [ 295.987934][T10240] ? __pfx_setup_net+0x10/0x10 [ 295.987956][T10240] ? debug_mutex_init+0x37/0x70 [ 295.987972][T10240] copy_net_ns+0x2a6/0x5f0 [ 295.987997][T10240] create_new_namespaces+0x3ea/0xa90 [ 295.988020][T10240] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 295.988039][T10240] ksys_unshare+0x45b/0xa40 [ 295.988061][T10240] ? __pfx_ksys_unshare+0x10/0x10 [ 295.988082][T10240] ? xfd_validate_state+0x61/0x180 [ 295.988109][T10240] __x64_sys_unshare+0x31/0x40 [ 295.988130][T10240] do_syscall_64+0xcd/0x490 [ 295.988151][T10240] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.988168][T10240] RIP: 0033:0x7f8c30d8ebe9 [ 295.988181][T10240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.988198][T10240] RSP: 002b:00007f8c31cb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 295.988215][T10240] RAX: ffffffffffffffda RBX: 00007f8c30fb5fa0 RCX: 00007f8c30d8ebe9 [ 295.988226][T10240] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 295.988236][T10240] RBP: 00007f8c30e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 295.988246][T10240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.988255][T10240] R13: 00007f8c30fb6038 R14: 00007f8c30fb5fa0 R15: 00007ffd554eee68 [ 295.988270][T10240] syzkaller syzkaller login: [ 297.866628][T10280] blktrace: Concurrent blktraces are not allowed on loop2 [ 298.293106][T10261] ptrace attach of "./syz-executor exec"[5855] was attempted by "./syz-executor exec"[10261] [ 298.306302][T10274] ALSA: mixer_oss: invalid OSS volume '' [ 300.949889][ T7332] Bluetooth: hci4: Malformed Event: 0x02 [ 301.136515][T10338] netlink: 28 bytes leftover after parsing attributes in process `syz.3.821'. [ 301.217862][T10338] veth0_macvtap: left promiscuous mode [ 301.585572][T10354] netlink: zone id is out of range [ 301.606543][T10354] netlink: zone id is out of range [ 301.648013][T10354] netlink: zone id is out of range [ 301.721184][T10354] netlink: zone id is out of range [ 301.758027][T10354] netlink: zone id is out of range [ 301.814626][T10354] netlink: zone id is out of range [ 301.842996][T10354] netlink: zone id is out of range [ 301.848495][T10354] netlink: zone id is out of range [ 301.949649][T10354] netlink: zone id is out of range [ 302.005447][T10354] netlink: zone id is out of range [ 305.698003][T10438] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 306.025805][T10443] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 306.464601][T10448] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 307.242582][T10467] futex_wake_op: syz.1.843 tries to shift op by -2048; fix this program [ 307.321923][T10467] futex_wake_op: syz.1.843 tries to shift op by -2048; fix this program [ 307.702715][T10485] netlink: 4 bytes leftover after parsing attributes in process `syz.3.847'. [ 307.749418][T10485] netlink: 354 bytes leftover after parsing attributes in process `syz.3.847'. [ 307.880782][T10487] netlink: 342 bytes leftover after parsing attributes in process `syz.2.846'. [ 309.779633][T10507] netlink: 16 bytes leftover after parsing attributes in process `syz.1.852'. [ 309.788837][T10507] macvtap0: entered promiscuous mode [ 309.794747][T10507] macvtap0: entered allmulticast mode [ 309.982134][T10511] Invalid ELF header magic: != ELF [ 311.671387][T10550] usb usb36: usbfs: process 10550 (syz.4.862) did not claim interface 0 before use [ 312.154307][T10564] bond0: option all_slaves_active: invalid value () [ 312.578985][T10569] netlink: 28 bytes leftover after parsing attributes in process `syz.2.867'. [ 313.552053][T10604] netlink: 8 bytes leftover after parsing attributes in process `syz.2.874'. [ 313.714933][T10612] netlink: 'syz.3.875': attribute type 4 has an invalid length. [ 313.753110][T10612] netlink: 314 bytes leftover after parsing attributes in process `syz.3.875'. [ 313.784140][T10612] netlink: 346 bytes leftover after parsing attributes in process `syz.3.875'. [ 314.379654][T10627] ubi0: detaching mtd0 [ 314.395901][T10627] ubi0: mtd0 is detached [ 315.011308][T10634] sysfs_service_op_store: Client not running :-5: [ 315.093867][T10634] sysfs_service_op_store: Client not running :-5: [ 315.808168][T10652] can: request_module (can-proto-0) failed. [ 316.210341][T10645] zswap: compressor not available [ 317.465231][T10693] can: request_module (can-proto-0) failed. [ 317.639048][T10723] netlink: 20 bytes leftover after parsing attributes in process `syz.3.896'. [ 317.880087][T10729] Invalid ELF header magic: != ELF [ 318.533275][ T30] audit: type=1800 audit(6050832540.078:11): pid=10740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.894" name="dbroot" dev="configfs" ino=36560 res=0 errno=0 [ 320.432583][ T30] audit: type=1800 audit(6050832541.918:12): pid=10794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.910" name="features" dev="configfs" ino=36633 res=0 errno=0 [ 321.866475][T10822] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 321.936905][T10825] ptrace attach of "./syz-executor exec"[10830] was attempted by "./syz-executor exec"[10825] [ 321.959003][T10822] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 322.623559][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.630526][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.252815][T10853] FAULT_INJECTION: forcing a failure. [ 323.252815][T10853] name failslab, interval 1, probability 0, space 0, times 0 [ 323.418412][T10853] CPU: 1 UID: 0 PID: 10853 Comm: syz.4.923 Tainted: G U syzkaller #0 PREEMPT(full) [ 323.418442][T10853] Tainted: [U]=USER [ 323.418448][T10853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 323.418458][T10853] Call Trace: [ 323.418463][T10853] [ 323.418469][T10853] dump_stack_lvl+0x16c/0x1f0 [ 323.418495][T10853] should_fail_ex+0x512/0x640 [ 323.418528][T10853] should_failslab+0xc2/0x120 [ 323.418550][T10853] __kmalloc_cache_noprof+0x6a/0x3e0 [ 323.418568][T10853] ? tty_alloc_file+0x3f/0xa0 [ 323.418590][T10853] ? __pfx_ptmx_open+0x10/0x10 [ 323.418608][T10853] tty_alloc_file+0x3f/0xa0 [ 323.418630][T10853] ptmx_open+0x61/0x360 [ 323.418647][T10853] ? __pfx_ptmx_open+0x10/0x10 [ 323.418664][T10853] chrdev_open+0x231/0x6a0 [ 323.418685][T10853] ? __pfx_apparmor_file_open+0x10/0x10 [ 323.418704][T10853] ? __pfx_chrdev_open+0x10/0x10 [ 323.418726][T10853] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 323.418747][T10853] do_dentry_open+0x97f/0x1530 [ 323.418768][T10853] ? __pfx_chrdev_open+0x10/0x10 [ 323.418790][T10853] vfs_open+0x82/0x3f0 [ 323.418814][T10853] path_openat+0x1de4/0x2cb0 [ 323.418836][T10853] ? __pfx_path_openat+0x10/0x10 [ 323.418857][T10853] do_filp_open+0x20b/0x470 [ 323.418876][T10853] ? __pfx_do_filp_open+0x10/0x10 [ 323.418901][T10853] ? alloc_fd+0x471/0x7d0 [ 323.418920][T10853] do_sys_openat2+0x11b/0x1d0 [ 323.418944][T10853] ? __pfx_do_sys_openat2+0x10/0x10 [ 323.418972][T10853] __x64_sys_openat+0x174/0x210 [ 323.418997][T10853] ? __pfx___x64_sys_openat+0x10/0x10 [ 323.419026][T10853] do_syscall_64+0xcd/0x490 [ 323.419048][T10853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.419065][T10853] RIP: 0033:0x7f28b578ebe9 [ 323.419078][T10853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.419094][T10853] RSP: 002b:00007f28b6621038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 323.419111][T10853] RAX: ffffffffffffffda RBX: 00007f28b59b6090 RCX: 00007f28b578ebe9 [ 323.419123][T10853] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 323.419133][T10853] RBP: 00007f28b5811e19 R08: 0000000000000000 R09: 0000000000000000 [ 323.419144][T10853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.419153][T10853] R13: 00007f28b59b6128 R14: 00007f28b59b6090 R15: 00007ffc2c54c2f8 [ 323.419168][T10853] [ 323.660477][T10850] netlink: 4 bytes leftover after parsing attributes in process `syz.1.922'. [ 324.575504][T10872] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 325.111613][T10882] kvm: kvm [10881]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x2 [ 325.213609][T10887] svc: failed to register nfsdv3 RPC service (errno 111). [ 325.227436][T10887] svc: failed to register nfsaclv3 RPC service (errno 111). [ 325.761706][T10893] CIFS: VFS: Invalid SecurityFlags: [ 326.284873][T10899] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 326.526489][T10908] bridge0: port 3(hsr_slave_0) entered blocking state [ 326.569912][T10908] bridge0: port 3(hsr_slave_0) entered disabled state [ 326.577208][T10908] hsr_slave_0: entered allmulticast mode [ 326.586915][T10908] hsr_slave_0: left allmulticast mode [ 330.501649][T10980] FAULT_INJECTION: forcing a failure. [ 330.501649][T10980] name failslab, interval 1, probability 0, space 0, times 0 [ 330.565649][T10980] CPU: 0 UID: 0 PID: 10980 Comm: syz.2.948 Tainted: G U syzkaller #0 PREEMPT(full) [ 330.565699][T10980] Tainted: [U]=USER [ 330.565709][T10980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 330.565726][T10980] Call Trace: [ 330.565735][T10980] [ 330.565746][T10980] dump_stack_lvl+0x16c/0x1f0 [ 330.565786][T10980] should_fail_ex+0x512/0x640 [ 330.565837][T10980] should_failslab+0xc2/0x120 [ 330.565874][T10980] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 330.565911][T10980] ? __pfx__proc_mkdir+0x10/0x10 [ 330.565947][T10980] ? nf_lwtunnel_net_init+0x38/0xf0 [ 330.565985][T10980] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 330.566021][T10980] kmemdup_noprof+0x29/0x60 [ 330.566056][T10980] nf_lwtunnel_net_init+0x38/0xf0 [ 330.566095][T10980] ops_init+0x1df/0x5f0 [ 330.566134][T10980] setup_net+0x10f/0x380 [ 330.566170][T10980] ? lockdep_init_map_type+0x5c/0x280 [ 330.566210][T10980] ? __pfx_setup_net+0x10/0x10 [ 330.566247][T10980] ? debug_mutex_init+0x37/0x70 [ 330.566276][T10980] copy_net_ns+0x2a6/0x5f0 [ 330.566317][T10980] create_new_namespaces+0x3ea/0xa90 [ 330.566352][T10980] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 330.566384][T10980] ksys_unshare+0x45b/0xa40 [ 330.566420][T10980] ? __pfx_ksys_unshare+0x10/0x10 [ 330.566454][T10980] ? xfd_validate_state+0x61/0x180 [ 330.566496][T10980] __x64_sys_unshare+0x31/0x40 [ 330.566536][T10980] do_syscall_64+0xcd/0x490 [ 330.566576][T10980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.566606][T10980] RIP: 0033:0x7f0067f8ebe9 [ 330.566628][T10980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.566657][T10980] RSP: 002b:00007f0068db3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 330.566684][T10980] RAX: ffffffffffffffda RBX: 00007f00681b5fa0 RCX: 00007f0067f8ebe9 [ 330.566704][T10980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 330.566721][T10980] RBP: 00007f0068011e19 R08: 0000000000000000 R09: 0000000000000000 [ 330.566738][T10980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.566754][T10980] R13: 00007f00681b6038 R14: 00007f00681b5fa0 R15: 00007fff62e551a8 [ 330.566781][T10980] [ 331.132618][T10982] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 331.209960][T10987] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string [ 333.093973][T11030] FAULT_INJECTION: forcing a failure. [ 333.093973][T11030] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 333.153034][T11030] CPU: 0 UID: 0 PID: 11030 Comm: syz.2.957 Tainted: G U syzkaller #0 PREEMPT(full) [ 333.153085][T11030] Tainted: [U]=USER [ 333.153097][T11030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 333.153114][T11030] Call Trace: [ 333.153124][T11030] [ 333.153134][T11030] dump_stack_lvl+0x16c/0x1f0 [ 333.153175][T11030] should_fail_ex+0x512/0x640 [ 333.153218][T11030] should_fail_alloc_page+0xe7/0x130 [ 333.153258][T11030] prepare_alloc_pages+0x3c2/0x610 [ 333.153301][T11030] ? stack_depot_save_flags+0x29/0x9c0 [ 333.153345][T11030] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 333.153394][T11030] ? __update_page_owner_handle+0x395/0x550 [ 333.153428][T11030] ? rcu_is_watching+0x12/0xc0 [ 333.153457][T11030] ? lock_release+0x201/0x2f0 [ 333.153496][T11030] ? rcu_is_watching+0x12/0xc0 [ 333.153535][T11030] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 333.153573][T11030] ? unwind_next_frame+0x3f4/0x20a0 [ 333.153601][T11030] ? rcu_is_watching+0x12/0xc0 [ 333.153634][T11030] ? is_bpf_text_address+0x8a/0x1a0 [ 333.153669][T11030] ? rcu_is_watching+0x12/0xc0 [ 333.153696][T11030] ? lock_release+0x201/0x2f0 [ 333.153731][T11030] ? bpf_ksym_find+0x124/0x1c0 [ 333.153758][T11030] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 333.153801][T11030] ? policy_nodemask+0xea/0x4e0 [ 333.153839][T11030] alloc_pages_mpol+0x1fb/0x550 [ 333.153875][T11030] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 333.153919][T11030] folio_alloc_mpol_noprof+0x36/0x2f0 [ 333.153962][T11030] shmem_alloc_folio+0x135/0x160 [ 333.154008][T11030] shmem_alloc_and_add_folio+0x499/0xc20 [ 333.154044][T11030] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 333.154080][T11030] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 333.154117][T11030] shmem_get_folio_gfp+0x67f/0x1600 [ 333.154153][T11030] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 333.154187][T11030] ? css_rstat_updated+0x1c2/0x510 [ 333.154219][T11030] shmem_fault+0x1fe/0xa30 [ 333.154251][T11030] ? __pfx_shmem_fault+0x10/0x10 [ 333.154282][T11030] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 333.154330][T11030] ? rcu_read_unlock+0x17/0x60 [ 333.154365][T11030] ? rcu_is_watching+0x12/0xc0 [ 333.154394][T11030] ? rcu_is_watching+0x12/0xc0 [ 333.154422][T11030] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 333.154467][T11030] ? __pfx_filemap_map_pages+0x10/0x10 [ 333.154501][T11030] __do_fault+0x10d/0x490 [ 333.154541][T11030] ? do_raw_spin_lock+0x12c/0x2b0 [ 333.154584][T11030] ? __pfx_filemap_map_pages+0x10/0x10 [ 333.154620][T11030] do_pte_missing+0xf50/0x3ba0 [ 333.154649][T11030] ? do_raw_spin_unlock+0x172/0x230 [ 333.154694][T11030] ? __pmd_alloc+0x3fb/0x930 [ 333.154738][T11030] __handle_mm_fault+0x152a/0x2a50 [ 333.154768][T11030] ? mt_find+0x3ef/0xa30 [ 333.154807][T11030] ? __pfx___handle_mm_fault+0x10/0x10 [ 333.154835][T11030] ? __pfx_mt_find+0x10/0x10 [ 333.154872][T11030] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 333.154916][T11030] ? find_vma+0xbf/0x140 [ 333.154952][T11030] ? __pfx_find_vma+0x10/0x10 [ 333.154989][T11030] handle_mm_fault+0x589/0xd10 [ 333.155020][T11030] ? __bpf_trace_exceptions+0x1/0x40 [ 333.155066][T11030] do_user_addr_fault+0x7a6/0x1370 [ 333.155111][T11030] ? rcu_is_watching+0x12/0xc0 [ 333.155142][T11030] exc_page_fault+0x5c/0xb0 [ 333.155177][T11030] asm_exc_page_fault+0x26/0x30 [ 333.155204][T11030] RIP: 0010:check_zeroed_user+0x90/0x1c0 [ 333.155252][T11030] Code: 00 00 00 e8 22 5c da fc 48 89 de 4c 89 ef e8 c7 56 da fc 4d 85 ff 0f 85 a5 00 00 00 e8 09 5c da fc 0f 01 cb 0f ae e8 45 31 e4 <49> 8b 45 00 31 ff 44 89 e6 48 89 c3 e8 2f 57 da fc 45 85 e4 75 79 [ 333.155280][T11030] RSP: 0018:ffffc9000b9afc00 EFLAGS: 00050246 [ 333.155311][T11030] RAX: 000000000000000a RBX: 00000000000006f4 RCX: ffffc9000f901000 [ 333.155331][T11030] RDX: 0000000000080000 RSI: ffffffff84e0ac87 RDI: 0000000000000006 [ 333.155349][T11030] RBP: 0000000000000000 R08: 0000000000000006 R09: 0000000000000098 [ 333.155366][T11030] R10: 00000000000006f4 R11: 0000000000000000 R12: 0000000000000000 [ 333.155383][T11030] R13: 0000000000000098 R14: 000000000000065c R15: 0000000000000000 [ 333.155405][T11030] ? check_zeroed_user+0x87/0x1c0 [ 333.155454][T11030] bpf_check_uarg_tail_zero+0x16e/0x1b0 [ 333.155494][T11030] ? __pfx_bpf_check_uarg_tail_zero+0x10/0x10 [ 333.155539][T11030] ? futex_private_hash_put+0x11c/0x300 [ 333.155576][T11030] __sys_bpf+0x140/0x4de0 [ 333.155621][T11030] ? __pfx___sys_bpf+0x10/0x10 [ 333.155661][T11030] ? ksys_write+0x190/0x250 [ 333.155692][T11030] ? rcu_is_watching+0x12/0xc0 [ 333.155720][T11030] ? lock_release+0x201/0x2f0 [ 333.155760][T11030] ? do_futex+0x122/0x350 [ 333.155795][T11030] ? __pfx_do_futex+0x10/0x10 [ 333.155835][T11030] ? fput+0x9b/0xd0 [ 333.155873][T11030] ? xfd_validate_state+0x61/0x180 [ 333.155916][T11030] ? __pfx_ksys_write+0x10/0x10 [ 333.155950][T11030] __x64_sys_bpf+0x78/0xc0 [ 333.155992][T11030] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 333.156036][T11030] do_syscall_64+0xcd/0x490 [ 333.156074][T11030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.156103][T11030] RIP: 0033:0x7f0067f8ebe9 [ 333.156125][T11030] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 333.156151][T11030] RSP: 002b:00007f0068db3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 333.156178][T11030] RAX: ffffffffffffffda RBX: 00007f00681b5fa0 RCX: 00007f0067f8ebe9 [ 333.156197][T11030] RDX: 00000000000006f4 RSI: 0000000000000000 RDI: 0000000000000000 [ 333.156213][T11030] RBP: 00007f0068011e19 R08: 0000000000000000 R09: 0000000000000000 [ 333.156231][T11030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.156247][T11030] R13: 00007f00681b6038 R14: 00007f00681b5fa0 R15: 00007fff62e551a8 [ 333.156275][T11030] [ 335.364524][T11079] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 335.407658][T11081] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 335.517302][T11082] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 335.727948][T11095] FAULT_INJECTION: forcing a failure. [ 335.727948][T11095] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 335.799650][T11095] CPU: 1 UID: 0 PID: 11095 Comm: syz.3.971 Tainted: G U syzkaller #0 PREEMPT(full) [ 335.799696][T11095] Tainted: [U]=USER [ 335.799706][T11095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 335.799722][T11095] Call Trace: [ 335.799731][T11095] [ 335.799740][T11095] dump_stack_lvl+0x16c/0x1f0 [ 335.799773][T11095] should_fail_ex+0x512/0x640 [ 335.799814][T11095] _copy_to_user+0x32/0xd0 [ 335.799841][T11095] simple_read_from_buffer+0xcb/0x170 [ 335.799872][T11095] proc_fail_nth_read+0x197/0x240 [ 335.799899][T11095] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 335.799926][T11095] ? security_file_permission+0x71/0x210 [ 335.799963][T11095] ? rw_verify_area+0xcf/0x6c0 [ 335.799990][T11095] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 335.800017][T11095] vfs_read+0x1e1/0xcf0 [ 335.800043][T11095] ? __pfx___mutex_lock+0x10/0x10 [ 335.800075][T11095] ? __pfx_vfs_read+0x10/0x10 [ 335.800102][T11095] ? __fget_files+0x204/0x3c0 [ 335.800127][T11095] ? rcu_is_watching+0x12/0xc0 [ 335.800158][T11095] ? __fget_files+0x20e/0x3c0 [ 335.800189][T11095] ksys_read+0x12a/0x250 [ 335.800218][T11095] ? __pfx_ksys_read+0x10/0x10 [ 335.800251][T11095] do_syscall_64+0xcd/0x490 [ 335.800286][T11095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.800312][T11095] RIP: 0033:0x7f8c30d8d5fc [ 335.800332][T11095] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 335.800357][T11095] RSP: 002b:00007f8c31c96030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 335.800375][T11095] RAX: ffffffffffffffda RBX: 00007f8c30fb6090 RCX: 00007f8c30d8d5fc [ 335.800386][T11095] RDX: 000000000000000f RSI: 00007f8c31c960a0 RDI: 0000000000000007 [ 335.800396][T11095] RBP: 00007f8c31c96090 R08: 0000000000000000 R09: 0000000000000000 [ 335.800406][T11095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 335.800416][T11095] R13: 00007f8c30fb6128 R14: 00007f8c30fb6090 R15: 00007ffd554eee68 [ 335.800431][T11095] [ 337.128931][T11118] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 338.738942][T11153] netlink: 12 bytes leftover after parsing attributes in process `syz.1.982'. [ 340.257840][T11177] FAULT_INJECTION: forcing a failure. [ 340.257840][T11177] name failslab, interval 1, probability 0, space 0, times 0 [ 340.272527][T11177] CPU: 1 UID: 0 PID: 11177 Comm: syz.1.988 Tainted: G U syzkaller #0 PREEMPT(full) [ 340.272575][T11177] Tainted: [U]=USER [ 340.272583][T11177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 340.272599][T11177] Call Trace: [ 340.272607][T11177] [ 340.272617][T11177] dump_stack_lvl+0x16c/0x1f0 [ 340.272657][T11177] should_fail_ex+0x512/0x640 [ 340.272683][T11177] ? quirks_param_set+0x200/0x750 [ 340.272704][T11177] should_failslab+0xc2/0x120 [ 340.272726][T11177] __kmalloc_noprof+0xd2/0x510 [ 340.272747][T11177] quirks_param_set+0x200/0x750 [ 340.272769][T11177] ? __pfx_quirks_param_set+0x10/0x10 [ 340.272791][T11177] ? extract_iter_to_sg+0x1d00/0x20c0 [ 340.272817][T11177] param_attr_store+0x196/0x300 [ 340.272836][T11177] ? __pfx_param_attr_store+0x10/0x10 [ 340.272854][T11177] module_attr_store+0x55/0x80 [ 340.272868][T11177] ? __pfx_module_attr_store+0x10/0x10 [ 340.272883][T11177] sysfs_kf_write+0xef/0x150 [ 340.272901][T11177] kernfs_fop_write_iter+0x351/0x510 [ 340.272917][T11177] ? __pfx_sysfs_kf_write+0x10/0x10 [ 340.272935][T11177] vfs_write+0x7d3/0x11d0 [ 340.272953][T11177] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 340.272969][T11177] ? __pfx___mutex_lock+0x10/0x10 [ 340.272991][T11177] ? __pfx_vfs_write+0x10/0x10 [ 340.273014][T11177] ksys_write+0x12a/0x250 [ 340.273032][T11177] ? __pfx_ksys_write+0x10/0x10 [ 340.273053][T11177] do_syscall_64+0xcd/0x490 [ 340.273074][T11177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.273091][T11177] RIP: 0033:0x7f262338ebe9 [ 340.273105][T11177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.273121][T11177] RSP: 002b:00007f2624270038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 340.273138][T11177] RAX: ffffffffffffffda RBX: 00007f26235b5fa0 RCX: 00007f262338ebe9 [ 340.273149][T11177] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 000000000000000c [ 340.273159][T11177] RBP: 00007f2623411e19 R08: 0000000000000000 R09: 0000000000000000 [ 340.273169][T11177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 340.273179][T11177] R13: 00007f26235b6038 R14: 00007f26235b5fa0 R15: 00007fff4cc57778 [ 340.273194][T11177] [ 341.041598][T11192] netlink: 4 bytes leftover after parsing attributes in process `syz.1.991'. [ 346.290808][T11266] queue_state_write: operation too long [ 346.319723][T11266] queue_state_write: use 'run', 'start' or 'kick' [ 346.559252][T11272] ICMPv6: process `syz.1.1010' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 347.442726][T11296] __vm_enough_memory: pid: 11296, comm: syz.1.1013, bytes: 9223372036854775808 not enough memory for the allocation [ 347.790284][T11306] ptrace attach of "./syz-executor exec"[11309] was attempted by "./syz-executor exec"[11306] [ 349.825553][T11366] FAULT_INJECTION: forcing a failure. [ 349.825553][T11366] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 349.865133][T11366] CPU: 1 UID: 0 PID: 11366 Comm: syz.3.1029 Tainted: G U syzkaller #0 PREEMPT(full) [ 349.865181][T11366] Tainted: [U]=USER [ 349.865190][T11366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 349.865206][T11366] Call Trace: [ 349.865215][T11366] [ 349.865224][T11366] dump_stack_lvl+0x16c/0x1f0 [ 349.865260][T11366] should_fail_ex+0x512/0x640 [ 349.865297][T11366] should_fail_alloc_page+0xe7/0x130 [ 349.865350][T11366] prepare_alloc_pages+0x3c2/0x610 [ 349.865388][T11366] ? rcu_is_watching+0x12/0xc0 [ 349.865416][T11366] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 349.865449][T11366] ? rcu_is_watching+0x12/0xc0 [ 349.865475][T11366] ? trace_mm_page_alloc+0x11f/0x1a0 [ 349.865515][T11366] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 349.865548][T11366] ? rcu_is_watching+0x12/0xc0 [ 349.865574][T11366] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 349.865610][T11366] ? rcu_is_watching+0x12/0xc0 [ 349.865636][T11366] ? rcu_is_watching+0x12/0xc0 [ 349.865660][T11366] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 349.865706][T11366] ? trace_sched_exit_tp+0xd1/0x120 [ 349.865747][T11366] ? __schedule+0x11a3/0x5de0 [ 349.865780][T11366] alloc_pages_bulk_noprof+0x71c/0x1410 [ 349.865811][T11366] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 349.865852][T11366] ? policy_nodemask+0xea/0x4e0 [ 349.865886][T11366] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 349.865919][T11366] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 349.865961][T11366] kasan_populate_vmalloc+0xf1/0x1f0 [ 349.865994][T11366] alloc_vmap_area+0x959/0x29c0 [ 349.866038][T11366] ? __pfx_alloc_vmap_area+0x10/0x10 [ 349.866074][T11366] __get_vm_area_node+0x1ca/0x330 [ 349.866114][T11366] __vmalloc_node_range_noprof+0x271/0x14b0 [ 349.866142][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 349.866169][T11366] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 349.866208][T11366] ? policy_nodemask+0xea/0x4e0 [ 349.866241][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 349.866270][T11366] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 349.866297][T11366] ? ___kmalloc_large_node+0xed/0x160 [ 349.866348][T11366] __kvmalloc_node_noprof+0x30a/0x620 [ 349.866379][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 349.866404][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 349.866431][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 349.866455][T11366] __do_sys_listmount+0x1c2/0xf80 [ 349.866483][T11366] ? __x64_sys_futex+0x1e0/0x4c0 [ 349.866516][T11366] ? __x64_sys_futex+0x1e9/0x4c0 [ 349.866550][T11366] ? __pfx___do_sys_listmount+0x10/0x10 [ 349.866577][T11366] ? __x64_sys_openat+0x174/0x210 [ 349.866623][T11366] do_syscall_64+0xcd/0x490 [ 349.866660][T11366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.866688][T11366] RIP: 0033:0x7f8c30d8ebe9 [ 349.866710][T11366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 349.866737][T11366] RSP: 002b:00007f8c31c96038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 349.866764][T11366] RAX: ffffffffffffffda RBX: 00007f8c30fb6090 RCX: 00007f8c30d8ebe9 [ 349.866783][T11366] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 349.866800][T11366] RBP: 00007f8c30e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 349.866817][T11366] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 349.866833][T11366] R13: 00007f8c30fb6128 R14: 00007f8c30fb6090 R15: 00007ffd554eee68 [ 349.866859][T11366] [ 350.210674][T11366] syz.3.1029: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 350.249817][T11366] CPU: 0 UID: 0 PID: 11366 Comm: syz.3.1029 Tainted: G U syzkaller #0 PREEMPT(full) [ 350.249867][T11366] Tainted: [U]=USER [ 350.249876][T11366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 350.249892][T11366] Call Trace: [ 350.249901][T11366] [ 350.249910][T11366] dump_stack_lvl+0x16c/0x1f0 [ 350.249948][T11366] warn_alloc+0x248/0x3a0 [ 350.249981][T11366] ? __pfx_warn_alloc+0x10/0x10 [ 350.250013][T11366] ? kfree+0x2b4/0x4d0 [ 350.250042][T11366] ? __get_vm_area_node+0x208/0x330 [ 350.250086][T11366] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 350.250114][T11366] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 350.250156][T11366] ? policy_nodemask+0xea/0x4e0 [ 350.250193][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 350.250225][T11366] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 350.250255][T11366] ? ___kmalloc_large_node+0xed/0x160 [ 350.250299][T11366] __kvmalloc_node_noprof+0x30a/0x620 [ 350.250329][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 350.250356][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 350.250385][T11366] ? __do_sys_listmount+0x1c2/0xf80 [ 350.250419][T11366] __do_sys_listmount+0x1c2/0xf80 [ 350.250449][T11366] ? __x64_sys_futex+0x1e0/0x4c0 [ 350.250484][T11366] ? __x64_sys_futex+0x1e9/0x4c0 [ 350.250518][T11366] ? __pfx___do_sys_listmount+0x10/0x10 [ 350.250550][T11366] ? __x64_sys_openat+0x174/0x210 [ 350.250600][T11366] do_syscall_64+0xcd/0x490 [ 350.250637][T11366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.250664][T11366] RIP: 0033:0x7f8c30d8ebe9 [ 350.250686][T11366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.250714][T11366] RSP: 002b:00007f8c31c96038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 350.250742][T11366] RAX: ffffffffffffffda RBX: 00007f8c30fb6090 RCX: 00007f8c30d8ebe9 [ 350.250761][T11366] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 350.250779][T11366] RBP: 00007f8c30e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 350.250796][T11366] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 350.250812][T11366] R13: 00007f8c30fb6128 R14: 00007f8c30fb6090 R15: 00007ffd554eee68 [ 350.250838][T11366] [ 350.250907][T11366] Mem-Info: [ 350.532976][T11366] active_anon:5743 inactive_anon:9201 isolated_anon:0 [ 350.532976][T11366] active_file:15817 inactive_file:39942 isolated_file:0 [ 350.532976][T11366] unevictable:768 dirty:505 writeback:0 [ 350.532976][T11366] slab_reclaimable:12560 slab_unreclaimable:95633 [ 350.532976][T11366] mapped:24648 shmem:1396 pagetables:1384 [ 350.532976][T11366] sec_pagetables:0 bounce:0 [ 350.532976][T11366] kernel_misc_reclaimable:0 [ 350.532976][T11366] free:1299540 free_pcp:24117 free_cma:0 [ 350.580239][T11366] Node 0 active_anon:22972kB inactive_anon:36604kB active_file:63264kB inactive_file:159636kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98592kB dirty:2016kB writeback:0kB shmem:4048kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12572kB pagetables:5476kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 350.613763][T11366] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 350.652664][T11366] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 350.741612][T11366] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 350.747999][T11366] Node 0 DMA32 free:1271532kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:22928kB inactive_anon:37004kB active_file:62604kB inactive_file:158980kB unevictable:1536kB writepending:2016kB present:3129332kB managed:2539596kB mlocked:0kB bounce:0kB free_pcp:90412kB local_pcp:45204kB free_cma:0kB [ 350.849649][T11366] lowmem_reserve[]: 0 0 1 1 1 [ 350.872284][T11366] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:660kB inactive_file:656kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:8kB free_cma:0kB [ 350.952989][T11366] lowmem_reserve[]: 0 0 0 0 0 [ 350.988342][T11366] Node 1 Normal free:3910988kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:132kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:6400kB local_pcp:1492kB free_cma:0kB [ 351.029845][T11366] lowmem_reserve[]: 0 0 0 0 0 [ 351.039307][T11366] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 351.119781][T11366] Node 0 DMA32: 4283*4kB (UM) 2000*8kB (UM) 1365*16kB (UME) 1128*32kB (UME) 838*64kB (UME) 390*128kB (UME) 321*256kB (UME) 220*512kB (UME) 151*1024kB (UME) 13*2048kB (UME) 170*4096kB (UM) = 1267004kB [ 351.212789][T11366] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 351.351808][T11366] Node 1 Normal: 209*4kB (UM) 61*8kB (UME) 32*16kB (UME) 171*32kB (UME) 93*64kB (UME) 45*128kB (UME) 17*256kB (UME) 5*512kB (UME) 2*1024kB (ME) 4*2048kB (UME) 946*4096kB (M) = 3910988kB [ 351.500033][T11366] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 351.512915][T11366] Node 0 hugepages_total=5 hugepages_free=4 hugepages_surp=3 hugepages_size=2048kB [ 351.526253][T11366] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 351.574119][T11366] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 351.629897][T11366] 68340 total pagecache pages [ 351.660112][T11366] 23 pages in swap cache [ 351.664559][T11366] Free swap = 108520kB [ 351.668813][T11366] Total swap = 124996kB [ 351.673498][T11366] 2097051 pages RAM [ 351.677431][T11366] 0 pages HighMem/MovableOnly [ 351.689740][T11366] 430190 pages reserved [ 351.694194][T11366] 0 pages cma reserved [ 351.772115][T11396] vhci_hcd: invalid port number 16 [ 351.790682][T11396] vhci_hcd: invalid port number 16 [ 351.816711][T11392] can: request_module (can-proto-0) failed. [ 351.856109][T11392] svc: failed to register nfsdv3 RPC service (errno 111). [ 351.875999][T11392] svc: failed to register nfsaclv3 RPC service (errno 111). [ 354.305501][T11451] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 354.864079][T11452] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 356.807942][T11499] FAULT_INJECTION: forcing a failure. [ 356.807942][T11499] name failslab, interval 1, probability 0, space 0, times 0 [ 356.939743][T11499] CPU: 0 UID: 0 PID: 11499 Comm: syz.1.1054 Tainted: G U syzkaller #0 PREEMPT(full) [ 356.939788][T11499] Tainted: [U]=USER [ 356.939796][T11499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 356.939808][T11499] Call Trace: [ 356.939813][T11499] [ 356.939820][T11499] dump_stack_lvl+0x16c/0x1f0 [ 356.939845][T11499] should_fail_ex+0x512/0x640 [ 356.939869][T11499] ? lsm_blob_alloc+0x68/0x90 [ 356.939894][T11499] should_failslab+0xc2/0x120 [ 356.939916][T11499] __kmalloc_noprof+0xd2/0x510 [ 356.939936][T11499] lsm_blob_alloc+0x68/0x90 [ 356.939961][T11499] security_sk_alloc+0x30/0x270 [ 356.939980][T11499] sk_prot_alloc+0x1c7/0x2a0 [ 356.940006][T11499] sk_alloc+0x36/0xc20 [ 356.940025][T11499] __netlink_create+0x5e/0x2c0 [ 356.940042][T11499] ? __wake_up+0x3f/0x60 [ 356.940060][T11499] netlink_create+0x39e/0x620 [ 356.940079][T11499] ? __pfx_genl_bind+0x10/0x10 [ 356.940101][T11499] ? __pfx_genl_unbind+0x10/0x10 [ 356.940122][T11499] ? __pfx_genl_release+0x10/0x10 [ 356.940147][T11499] __sock_create+0x338/0x8d0 [ 356.940163][T11499] __sys_socket+0x14d/0x260 [ 356.940178][T11499] ? lock_release+0x201/0x2f0 [ 356.940198][T11499] ? __pfx___sys_socket+0x10/0x10 [ 356.940215][T11499] ? do_user_addr_fault+0x843/0x1370 [ 356.940242][T11499] __x64_sys_socket+0x72/0xb0 [ 356.940258][T11499] do_syscall_64+0xcd/0x490 [ 356.940280][T11499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.940296][T11499] RIP: 0033:0x7f2623390b07 [ 356.940310][T11499] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 356.940326][T11499] RSP: 002b:00007f262426efa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 356.940347][T11499] RAX: ffffffffffffffda RBX: 00007f26235b5fa0 RCX: 00007f2623390b07 [ 356.940358][T11499] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 356.940368][T11499] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 356.940379][T11499] R10: 0000200000000040 R11: 0000000000000286 R12: 0000000000000000 [ 356.940389][T11499] R13: 00007f26235b6038 R14: 00007f26235b5fa0 R15: 00007fff4cc57778 [ 356.940409][T11499] [ 357.490531][T11489] FAULT_INJECTION: forcing a failure. [ 357.490531][T11489] name failslab, interval 1, probability 0, space 0, times 0 [ 357.534850][T11489] CPU: 0 UID: 0 PID: 11489 Comm: syz.2.1053 Tainted: G U syzkaller #0 PREEMPT(full) [ 357.534904][T11489] Tainted: [U]=USER [ 357.534914][T11489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 357.534933][T11489] Call Trace: [ 357.534942][T11489] [ 357.534952][T11489] dump_stack_lvl+0x16c/0x1f0 [ 357.534995][T11489] should_fail_ex+0x512/0x640 [ 357.535040][T11489] ? snd_pcm_plugin_build+0x434/0x650 [ 357.535072][T11489] should_failslab+0xc2/0x120 [ 357.535111][T11489] __kmalloc_noprof+0xd2/0x510 [ 357.535145][T11489] ? __mutex_unlock_slowpath+0x141/0x7b0 [ 357.535187][T11489] snd_pcm_plugin_build+0x434/0x650 [ 357.535220][T11489] snd_pcm_plugin_build_linear+0x29d/0x850 [ 357.535256][T11489] ? pm_qos_update_target+0x19f/0x4e0 [ 357.535285][T11489] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 357.535319][T11489] ? snd_pcm_hw_params+0xcd/0x1ba0 [ 357.535339][T11489] snd_pcm_plug_format_plugins+0x7f8/0x1430 [ 357.535361][T11489] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 357.535382][T11489] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 357.535411][T11489] snd_pcm_oss_change_params_locked+0x2dec/0x3a30 [ 357.535444][T11489] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 357.535471][T11489] ? rcu_is_watching+0x12/0xc0 [ 357.535494][T11489] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 357.535522][T11489] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 357.535538][T11489] ? __fget_files+0x204/0x3c0 [ 357.535555][T11489] ? hook_file_ioctl_common+0x145/0x410 [ 357.535576][T11489] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 357.535593][T11489] ? __fget_files+0x20e/0x3c0 [ 357.535617][T11489] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 357.535633][T11489] __x64_sys_ioctl+0x18b/0x210 [ 357.535659][T11489] do_syscall_64+0xcd/0x490 [ 357.535680][T11489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 357.535697][T11489] RIP: 0033:0x7f0067f8ebe9 [ 357.535711][T11489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 357.535736][T11489] RSP: 002b:00007f0068db3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 357.535753][T11489] RAX: ffffffffffffffda RBX: 00007f00681b5fa0 RCX: 00007f0067f8ebe9 [ 357.535764][T11489] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000009 [ 357.535774][T11489] RBP: 00007f0068011e19 R08: 0000000000000000 R09: 0000000000000000 [ 357.535784][T11489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 357.535794][T11489] R13: 00007f00681b6038 R14: 00007f00681b5fa0 R15: 00007fff62e551a8 [ 357.535809][T11489] [ 358.202578][T11520] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 360.426809][T11578] serio: Serial port pty233 [ 360.866599][T11586] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1070'. [ 361.990124][T11606] FAULT_INJECTION: forcing a failure. [ 361.990124][T11606] name fail_futex, interval 1, probability 0, space 0, times 0 [ 362.033471][T11606] CPU: 1 UID: 0 PID: 11606 Comm: syz.1.1074 Tainted: G U syzkaller #0 PREEMPT(full) [ 362.033519][T11606] Tainted: [U]=USER [ 362.033527][T11606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 362.033542][T11606] Call Trace: [ 362.033550][T11606] [ 362.033560][T11606] dump_stack_lvl+0x16c/0x1f0 [ 362.033597][T11606] should_fail_ex+0x512/0x640 [ 362.033632][T11606] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 362.033672][T11606] get_futex_key+0x1d0/0x1560 [ 362.033703][T11606] ? __pfx_get_futex_key+0x10/0x10 [ 362.033731][T11606] ? lock_release+0x201/0x2f0 [ 362.033765][T11606] futex_wake+0xea/0x530 [ 362.033795][T11606] ? futex_wait+0x120/0x380 [ 362.033830][T11606] ? __pfx_futex_wait+0x10/0x10 [ 362.033864][T11606] ? __pfx_futex_wake+0x10/0x10 [ 362.033899][T11606] ? rcu_is_watching+0x12/0xc0 [ 362.033923][T11606] ? __might_fault+0xe3/0x190 [ 362.033949][T11606] ? lock_release+0x201/0x2f0 [ 362.033982][T11606] do_futex+0x1e3/0x350 [ 362.034012][T11606] ? __pfx_do_futex+0x10/0x10 [ 362.034044][T11606] ? __pfx_do_utimes+0x10/0x10 [ 362.034076][T11606] ? __pfx_get_timespec64+0x10/0x10 [ 362.034110][T11606] __x64_sys_futex+0x1e0/0x4c0 [ 362.034144][T11606] ? __do_sys_openat2+0x1c8/0x2d0 [ 362.034182][T11606] ? __pfx___x64_sys_futex+0x10/0x10 [ 362.034219][T11606] do_syscall_64+0xcd/0x490 [ 362.034265][T11606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.034293][T11606] RIP: 0033:0x7f262338ebe9 [ 362.034314][T11606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 362.034341][T11606] RSP: 002b:00007f26242700e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 362.034367][T11606] RAX: ffffffffffffffda RBX: 00007f26235b5fa8 RCX: 00007f262338ebe9 [ 362.034385][T11606] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f26235b5fac [ 362.034401][T11606] RBP: 00007f26235b5fa0 R08: 00007f2624271000 R09: 0000000000000000 [ 362.034417][T11606] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 362.034434][T11606] R13: 00007f26235b6038 R14: 00007fff4cc57690 R15: 00007fff4cc57778 [ 362.034456][T11606] [ 362.355530][T11619] can: request_module (can-proto-3) failed. [ 363.404960][T11635] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1080'. [ 364.242598][T11653] vmstat_refresh: nr_hugetlb -10752 [ 367.437193][T11716] program syz.2.1097 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 367.914725][T11734] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 370.101146][T11761] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 370.348243][T11769] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1107'. [ 370.468030][T11772] program syz.4.1108 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 373.571315][ T30] audit: type=1806 audit(6050832595.138:13): xattr="" res=-22 [ 374.275529][ T7332] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 374.773341][T11840] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(3647433984.304310249.3137871722), cmd(3) [ 375.233426][T11856] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1124'. [ 375.243176][T11856] mac80211_hwsim hwsim19 : renamed from wlan0 (while UP) [ 377.266705][T11892] FAULT_INJECTION: forcing a failure. [ 377.266705][T11892] name fail_futex, interval 1, probability 0, space 0, times 0 [ 377.299588][T11892] CPU: 1 UID: 0 PID: 11892 Comm: syz.4.1131 Tainted: G U syzkaller #0 PREEMPT(full) [ 377.299635][T11892] Tainted: [U]=USER [ 377.299644][T11892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 377.299661][T11892] Call Trace: [ 377.299669][T11892] [ 377.299680][T11892] dump_stack_lvl+0x16c/0x1f0 [ 377.299724][T11892] should_fail_ex+0x512/0x640 [ 377.299764][T11892] get_futex_key+0x1d0/0x1560 [ 377.299795][T11892] ? kvm_sched_clock_read+0x11/0x20 [ 377.299836][T11892] ? __pfx_get_futex_key+0x10/0x10 [ 377.299866][T11892] ? sched_clock_cpu+0x6c/0x530 [ 377.299902][T11892] ? __pick_eevdf+0x30a/0x670 [ 377.299939][T11892] futex_wait_setup+0x9d/0x550 [ 377.299985][T11892] __futex_wait+0x194/0x2f0 [ 377.300026][T11892] ? __pfx___futex_wait+0x10/0x10 [ 377.300067][T11892] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 377.300113][T11892] ? __pfx_futex_wake_mark+0x10/0x10 [ 377.300166][T11892] ? lock_release+0x201/0x2f0 [ 377.300204][T11892] ? futex_private_hash_put+0x11c/0x300 [ 377.300239][T11892] futex_wait+0xe8/0x380 [ 377.300281][T11892] ? __pfx_futex_wait+0x10/0x10 [ 377.300326][T11892] ? aa_sk_perm+0x2f4/0xb10 [ 377.300361][T11892] ? tipc_setsockopt+0x5de/0xdb0 [ 377.300400][T11892] do_futex+0x229/0x350 [ 377.300430][T11892] ? __pfx_do_futex+0x10/0x10 [ 377.300456][T11892] ? rcu_is_watching+0x12/0xc0 [ 377.300472][T11892] ? kfree+0x24f/0x4d0 [ 377.300489][T11892] __x64_sys_futex+0x1e0/0x4c0 [ 377.300510][T11892] ? __pfx___x64_sys_futex+0x10/0x10 [ 377.300531][T11892] ? __sys_setsockopt+0x140/0x1a0 [ 377.300553][T11892] do_syscall_64+0xcd/0x490 [ 377.300575][T11892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.300591][T11892] RIP: 0033:0x7f28b578ebe9 [ 377.300605][T11892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 377.300621][T11892] RSP: 002b:00007f28b66420e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 377.300639][T11892] RAX: ffffffffffffffda RBX: 00007f28b59b5fa8 RCX: 00007f28b578ebe9 [ 377.300650][T11892] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f28b59b5fa8 [ 377.300660][T11892] RBP: 00007f28b59b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 377.300669][T11892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 377.300679][T11892] R13: 00007f28b59b6038 R14: 00007ffc2c54c210 R15: 00007ffc2c54c2f8 [ 377.300694][T11892] [ 379.751006][T11945] deleting an unspecified loop device is not supported. [ 380.212777][T11961] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1146'. [ 380.234865][T11961] mac80211_hwsim hwsim15 : renamed from wlan0 (while UP) [ 381.973366][ T7096] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11 [ 381.991329][ T30] audit: type=1800 audit(6050832603.528:14): pid=11984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1153" name="dbroot" dev="configfs" ino=43844 res=0 errno=0 [ 382.377597][T11993] FAULT_INJECTION: forcing a failure. [ 382.377597][T11993] name failslab, interval 1, probability 0, space 0, times 0 [ 382.390898][T11993] CPU: 1 UID: 0 PID: 11993 Comm: syz.4.1154 Tainted: G U syzkaller #0 PREEMPT(full) [ 382.390950][T11993] Tainted: [U]=USER [ 382.390959][T11993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 382.390975][T11993] Call Trace: [ 382.390984][T11993] [ 382.390994][T11993] dump_stack_lvl+0x16c/0x1f0 [ 382.391036][T11993] should_fail_ex+0x512/0x640 [ 382.391078][T11993] should_failslab+0xc2/0x120 [ 382.391115][T11993] __kmalloc_cache_noprof+0x6a/0x3e0 [ 382.391146][T11993] ? read_tsc+0x9/0x20 [ 382.391176][T11993] ? ktime_get_mono_fast_ns+0x1be/0x3c0 [ 382.391209][T11993] ? init_srcu_struct_fields+0x97a/0xde0 [ 382.391249][T11993] ? do_init_timer+0xc9/0x110 [ 382.391279][T11993] init_srcu_struct_fields+0x97a/0xde0 [ 382.391321][T11993] ? lockdep_init_map_type+0x5c/0x280 [ 382.391373][T11993] kvm_dev_ioctl+0x7a0/0x1af0 [ 382.391412][T11993] ? rcu_is_watching+0x12/0xc0 [ 382.391439][T11993] ? __fget_files+0x204/0x3c0 [ 382.391467][T11993] ? hook_file_ioctl_common+0x145/0x410 [ 382.391504][T11993] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 382.391534][T11993] ? __fget_files+0x20e/0x3c0 [ 382.391563][T11993] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 382.391592][T11993] __x64_sys_ioctl+0x18b/0x210 [ 382.391636][T11993] do_syscall_64+0xcd/0x490 [ 382.391673][T11993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 382.391702][T11993] RIP: 0033:0x7f28b578ebe9 [ 382.391723][T11993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 382.391749][T11993] RSP: 002b:00007f28b65df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 382.391777][T11993] RAX: ffffffffffffffda RBX: 00007f28b59b6270 RCX: 00007f28b578ebe9 [ 382.391796][T11993] RDX: 0000000000000a00 RSI: 000000000000ae01 RDI: 0000000000000005 [ 382.391813][T11993] RBP: 00007f28b5811e19 R08: 0000000000000000 R09: 0000000000000000 [ 382.391830][T11993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 382.391844][T11993] R13: 00007f28b59b6308 R14: 00007f28b59b6270 R15: 00007ffc2c54c2f8 [ 382.391868][T11993] [ 384.071301][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.079630][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 385.972024][T12018] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 386.019748][T12018] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 388.764911][T12090] sd 0:0:1:0: PR command failed: 1026 [ 388.770581][T12090] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 388.777819][T12090] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 389.381993][T12101] sd 0:0:1:0: PR command failed: 1026 [ 389.433105][T12101] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 389.457215][T12101] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 390.844072][T12128] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 390.930489][T12127] netlink: 25 bytes leftover after parsing attributes in process `syz.4.1188'. [ 391.130603][T12131] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 392.418745][T12159] __vm_enough_memory: pid: 12159, comm: syz.3.1196, bytes: 4398046511104 not enough memory for the allocation [ 395.670483][T12219] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1209'. [ 395.695372][T12219] bond0: (slave bond_slave_0): Releasing backup interface [ 395.985197][T12226] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1212'. [ 399.853379][T12316] vivid-003: ================= START STATUS ================= [ 399.919679][T12316] vivid-003: Radio HW Seek Mode: Bounded [ 399.929664][T12316] vivid-003: Radio Programmable HW Seek: false [ 399.935966][T12316] vivid-003: RDS Rx I/O Mode: Block I/O [ 399.982542][T12316] vivid-003: Generate RBDS Instead of RDS: false [ 399.999645][T12316] vivid-003: RDS Reception: true [ 400.014183][T12316] vivid-003: RDS Program Type: 0 inactive [ 400.049674][T12316] vivid-003: RDS PS Name: inactive [ 400.070590][T12316] vivid-003: RDS Radio Text: inactive [ 400.079876][T12316] vivid-003: RDS Traffic Announcement: false inactive [ 400.102367][T12316] vivid-003: RDS Traffic Program: false inactive [ 400.119064][T12316] vivid-003: RDS Music: false inactive [ 400.129310][T12316] vivid-003: ================== END STATUS ================== [ 401.210509][T12338] syz.4.1231 (12338): drop_caches: 0 [ 401.330924][T12337] netlink: 'syz.4.1231': attribute type 2 has an invalid length. [ 401.806883][T12357] sg_write: data in/out 2359516/158 bytes for SCSI command 0x0-- guessing data in; [ 401.806883][T12357] program syz.2.1235 not setting count and/or reply_len properly [ 402.536496][T12370] binder: 12367:12370 ioctl 5380 2000000000c0 returned -22 [ 402.602541][T12370] sd 0:0:1:0: PR command failed: 1026 [ 402.635681][T12370] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 402.701051][T12370] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 403.340978][T12392] FAULT_INJECTION: forcing a failure. [ 403.340978][T12392] name failslab, interval 1, probability 0, space 0, times 0 [ 403.392555][T12392] CPU: 0 UID: 0 PID: 12392 Comm: syz.2.1243 Tainted: G U syzkaller #0 PREEMPT(full) [ 403.392587][T12392] Tainted: [U]=USER [ 403.392593][T12392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 403.392603][T12392] Call Trace: [ 403.392609][T12392] [ 403.392615][T12392] dump_stack_lvl+0x16c/0x1f0 [ 403.392642][T12392] should_fail_ex+0x512/0x640 [ 403.392667][T12392] ? fib_default_rule_add+0x4f/0x420 [ 403.392691][T12392] should_failslab+0xc2/0x120 [ 403.392712][T12392] __kmalloc_noprof+0xd2/0x510 [ 403.392734][T12392] fib_default_rule_add+0x4f/0x420 [ 403.392757][T12392] ? __pfx_fib6_rules_net_init+0x10/0x10 [ 403.392775][T12392] fib6_rules_net_init+0x52/0x140 [ 403.392792][T12392] ops_init+0x1df/0x5f0 [ 403.392814][T12392] setup_net+0x10f/0x380 [ 403.392835][T12392] ? lockdep_init_map_type+0x5c/0x280 [ 403.392858][T12392] ? __pfx_setup_net+0x10/0x10 [ 403.392880][T12392] ? debug_mutex_init+0x37/0x70 [ 403.392896][T12392] copy_net_ns+0x2a6/0x5f0 [ 403.392921][T12392] create_new_namespaces+0x3ea/0xa90 [ 403.392943][T12392] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 403.392962][T12392] ksys_unshare+0x45b/0xa40 [ 403.392993][T12392] ? __pfx_ksys_unshare+0x10/0x10 [ 403.393015][T12392] ? xfd_validate_state+0x61/0x180 [ 403.393041][T12392] __x64_sys_unshare+0x31/0x40 [ 403.393064][T12392] do_syscall_64+0xcd/0x490 [ 403.393085][T12392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 403.393103][T12392] RIP: 0033:0x7f0067f8ebe9 [ 403.393116][T12392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 403.393134][T12392] RSP: 002b:00007f0068db3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 403.393151][T12392] RAX: ffffffffffffffda RBX: 00007f00681b5fa0 RCX: 00007f0067f8ebe9 [ 403.393162][T12392] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 403.393172][T12392] RBP: 00007f0068011e19 R08: 0000000000000000 R09: 0000000000000000 [ 403.393182][T12392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 403.393192][T12392] R13: 00007f00681b6038 R14: 00007f00681b5fa0 R15: 00007fff62e551a8 [ 403.393207][T12392] [ 403.619259][ C0] vkms_vblank_simulate: vblank timer overrun [ 403.896224][T12397] ecryptfs_miscdev_write: Invalid packet size [192] [ 404.499122][T12414] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input32 [ 404.709022][T12412] bond0: Unable to set down delay as MII monitoring is disabled [ 406.316970][T12456] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 407.298483][ T30] audit: type=1807 audit(6050832628.858:15): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 407.433483][ T30] audit: type=1802 audit(6050832628.858:16): pid=12470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.1259" res=0 errno=0 [ 407.463920][T12466] ima: policy update failed [ 407.481311][ T30] audit: type=1802 audit(6050832629.048:17): pid=12466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1259" res=0 errno=0 [ 410.451528][T12548] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1273'. [ 411.027580][T12578] ovs_: entered promiscuous mode [ 411.042236][T12578] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 411.126155][T12581] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 411.127021][T12580] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1278'. [ 411.195078][T12582] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 413.166753][T12626] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1291'. [ 418.545578][T12719] aoe: could not set interface list: too many interfaces [ 418.871160][T12722] netlink: 350 bytes leftover after parsing attributes in process `syz.1.1315'. [ 418.892675][T12727] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1316'. [ 418.924380][T12726] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1316'. [ 419.843578][ T30] audit: type=1806 audit(6050832641.408:18): xattr="" res=-22 [ 424.160053][T12832] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1335'. [ 424.247855][T12832] veth0_macvtap: left promiscuous mode [ 424.912310][T12867] syz.1.1343 (12867): /proc/12861/oom_adj is deprecated, please use /proc/12861/oom_score_adj instead. [ 425.334174][T12891] EXT4-fs error (device sda1): trigger_test_error:129: comm syz.3.1348: 7 [ 425.371758][ T7096] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 425.675664][T12904] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1349'. [ 427.518155][T12935] ptrace attach of "./syz-executor exec"[9196] was attempted by "./syz-executor exec"[12935] [ 429.232606][T12983] Invalid ELF header magic: != ELF [ 430.095692][T13005] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1369'. [ 430.951930][T13026] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1374'. [ 433.058475][T13063] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 433.369295][T13069] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 433.876286][T13091] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1382'. [ 433.978018][T13092] ================================================================== [ 433.986665][T13092] BUG: KASAN: slab-use-after-free in force_devcd_write+0x312/0x340 [ 433.994818][T13092] Read of size 8 at addr ffff888028e35800 by task syz.1.1384/13092 [ 434.003181][T13092] [ 434.005637][T13092] CPU: 1 UID: 0 PID: 13092 Comm: syz.1.1384 Tainted: G U syzkaller #0 PREEMPT(full) [ 434.005666][T13092] Tainted: [U]=USER [ 434.005672][T13092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 434.005683][T13092] Call Trace: [ 434.005691][T13092] [ 434.005699][T13092] dump_stack_lvl+0x116/0x1f0 [ 434.005726][T13092] print_report+0xcd/0x630 [ 434.005748][T13092] ? __virt_addr_valid+0x81/0x610 [ 434.005770][T13092] ? __phys_addr+0xe8/0x180 [ 434.005791][T13092] ? force_devcd_write+0x312/0x340 [ 434.005812][T13092] kasan_report+0xe0/0x110 [ 434.005842][T13092] ? force_devcd_write+0x312/0x340 [ 434.005882][T13092] force_devcd_write+0x312/0x340 [ 434.005904][T13092] ? __pfx_force_devcd_write+0x10/0x10 [ 434.005927][T13092] ? __debugfs_file_get+0x1fe/0x840 [ 434.005953][T13092] ? __pfx___debugfs_file_get+0x10/0x10 [ 434.005978][T13092] ? rcu_is_watching+0x12/0xc0 [ 434.005997][T13092] full_proxy_write+0x12e/0x1a0 [ 434.006023][T13092] ? __pfx_full_proxy_write+0x10/0x10 [ 434.006047][T13092] vfs_write+0x29d/0x11d0 [ 434.006067][T13092] ? __pfx___mutex_lock+0x10/0x10 [ 434.006088][T13092] ? __pfx_vfs_write+0x10/0x10 [ 434.006106][T13092] ? __fget_files+0x204/0x3c0 [ 434.006122][T13092] ? rcu_is_watching+0x12/0xc0 [ 434.006140][T13092] ? __fget_files+0x20e/0x3c0 [ 434.006159][T13092] ksys_write+0x12a/0x250 [ 434.006177][T13092] ? __pfx_ksys_write+0x10/0x10 [ 434.006198][T13092] do_syscall_64+0xcd/0x490 [ 434.006220][T13092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.006238][T13092] RIP: 0033:0x7f262338ebe9 [ 434.006253][T13092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.006270][T13092] RSP: 002b:00007f2624270038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 434.006287][T13092] RAX: ffffffffffffffda RBX: 00007f26235b5fa0 RCX: 00007f262338ebe9 [ 434.006298][T13092] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000005 [ 434.006308][T13092] RBP: 00007f2623411e19 R08: 0000000000000000 R09: 0000000000000000 [ 434.006318][T13092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 434.006328][T13092] R13: 00007f26235b6038 R14: 00007f26235b5fa0 R15: 00007fff4cc57778 [ 434.006343][T13092] [ 434.006349][T13092] [ 434.237462][T13092] Allocated by task 7579: [ 434.241972][T13092] kasan_save_stack+0x33/0x60 [ 434.246857][T13092] kasan_save_track+0x14/0x30 [ 434.251722][T13092] __kasan_kmalloc+0xaa/0xb0 [ 434.256393][T13092] __kmalloc_noprof+0x223/0x510 [ 434.261290][T13092] ieee802_11_parse_elems_full+0x1db/0x3780 [ 434.267225][T13092] ieee80211_inform_bss+0x10b/0x1140 [ 434.272645][T13092] cfg80211_inform_single_bss_data+0x8e7/0x1df0 [ 434.278922][T13092] cfg80211_inform_bss_data+0x224/0x3bd0 [ 434.284584][T13092] cfg80211_inform_bss_frame_data+0x26f/0x750 [ 434.290693][T13092] ieee80211_bss_info_update+0x310/0xab0 [ 434.296529][T13092] ieee80211_ibss_rx_queued_mgmt+0x1905/0x2fd0 [ 434.302937][T13092] ieee80211_iface_work+0xe2e/0x1360 [ 434.308343][T13092] cfg80211_wiphy_work+0x2c4/0x580 [ 434.314000][T13092] process_one_work+0x9cf/0x1b70 [ 434.319141][T13092] worker_thread+0x6c8/0xf10 [ 434.323905][T13092] kthread+0x3c5/0x780 [ 434.328380][T13092] ret_from_fork+0x5d4/0x6f0 [ 434.333962][T13092] ret_from_fork_asm+0x1a/0x30 [ 434.338870][T13092] [ 434.341407][T13092] Freed by task 7579: [ 434.345589][T13092] kasan_save_stack+0x33/0x60 [ 434.350433][T13092] kasan_save_track+0x14/0x30 [ 434.355124][T13092] kasan_save_free_info+0x3b/0x60 [ 434.360434][T13092] __kasan_slab_free+0x60/0x70 [ 434.365389][T13092] kfree+0x2b4/0x4d0 [ 434.369471][T13092] ieee80211_inform_bss+0x77c/0x1140 [ 434.374888][T13092] cfg80211_inform_single_bss_data+0x8e7/0x1df0 [ 434.381145][T13092] cfg80211_inform_bss_data+0x224/0x3bd0 [ 434.387156][T13092] cfg80211_inform_bss_frame_data+0x26f/0x750 [ 434.393431][T13092] ieee80211_bss_info_update+0x310/0xab0 [ 434.399292][T13092] ieee80211_ibss_rx_queued_mgmt+0x1905/0x2fd0 [ 434.406374][T13092] ieee80211_iface_work+0xe2e/0x1360 [ 434.411872][T13092] cfg80211_wiphy_work+0x2c4/0x580 [ 434.417633][T13092] process_one_work+0x9cf/0x1b70 [ 434.423032][T13092] worker_thread+0x6c8/0xf10 [ 434.427919][T13092] kthread+0x3c5/0x780 [ 434.432128][T13092] ret_from_fork+0x5d4/0x6f0 [ 434.436843][T13092] ret_from_fork_asm+0x1a/0x30 [ 434.442357][T13092] [ 434.444769][T13092] The buggy address belongs to the object at ffff888028e35800 [ 434.444769][T13092] which belongs to the cache kmalloc-1k of size 1024 [ 434.459095][T13092] The buggy address is located 0 bytes inside of [ 434.459095][T13092] freed 1024-byte region [ffff888028e35800, ffff888028e35c00) [ 434.472907][T13092] [ 434.475237][T13092] The buggy address belongs to the physical page: [ 434.481731][T13092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28e30 [ 434.490679][T13092] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 434.499712][T13092] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 434.507697][T13092] page_type: f5(slab) [ 434.511953][T13092] raw: 00fff00000000040 ffff88801b841dc0 ffffea0001e4d800 dead000000000002 [ 434.520814][T13092] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 434.529558][T13092] head: 00fff00000000040 ffff88801b841dc0 ffffea0001e4d800 dead000000000002 [ 434.538496][T13092] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 434.547348][T13092] head: 00fff00000000003 ffffea0000a38c01 00000000ffffffff 00000000ffffffff [ 434.556226][T13092] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 434.565193][T13092] page dumped because: kasan: bad access detected [ 434.571682][T13092] page_owner tracks the page as allocated [ 434.577577][T13092] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 154, tgid 154 (kworker/u8:5), ts 14384429344, free_ts 0 [ 434.596538][T13092] post_alloc_hook+0x1c0/0x230 [ 434.601684][T13092] get_page_from_freelist+0x132b/0x38e0 [ 434.607345][T13092] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 434.613886][T13092] new_slab+0x94/0x330 [ 434.618694][T13092] ___slab_alloc+0xcf2/0x1740 [ 434.623464][T13092] __slab_alloc.constprop.0+0x56/0xb0 [ 434.628969][T13092] __kmalloc_node_noprof+0x2ed/0x500 [ 434.634443][T13092] blk_alloc_flush_queue+0x11e/0x2d0 [ 434.639748][T13092] blk_mq_alloc_and_init_hctx+0xc70/0x11c0 [ 434.645661][T13092] __blk_mq_realloc_hw_ctxs+0x495/0x610 [ 434.651846][T13092] blk_mq_init_allocated_queue+0x3af/0x1240 [ 434.657972][T13092] blk_mq_alloc_queue+0x1bb/0x280 [ 434.663523][T13092] scsi_alloc_sdev+0x888/0xd70 [ 434.668395][T13092] scsi_probe_and_add_lun+0x76b/0xd80 [ 434.673939][T13092] __scsi_scan_target+0x1e8/0x580 [ 434.679006][T13092] scsi_scan_channel+0x149/0x1e0 [ 434.684087][T13092] page_owner free stack trace missing [ 434.689471][T13092] [ 434.691812][T13092] Memory state around the buggy address: [ 434.697543][T13092] ffff888028e35700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 434.705742][T13092] ffff888028e35780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 434.714210][T13092] >ffff888028e35800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 434.722491][T13092] ^ [ 434.726576][T13092] ffff888028e35880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 434.734650][T13092] ffff888028e35900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 434.743094][T13092] ================================================================== [ 434.751415][ C1] vkms_vblank_simulate: vblank timer overrun [ 434.781365][T13092] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 434.788670][T13092] CPU: 1 UID: 0 PID: 13092 Comm: syz.1.1384 Tainted: G U syzkaller #0 PREEMPT(full) [ 434.800121][T13092] Tainted: [U]=USER [ 434.803929][T13092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 434.814179][T13092] Call Trace: [ 434.817485][T13092] [ 434.820595][T13092] dump_stack_lvl+0x3d/0x1f0 [ 434.825218][T13092] vpanic+0x6e8/0x7a0 [ 434.829210][T13092] ? __pfx_vpanic+0x10/0x10 [ 434.833815][T13092] ? __pfx_vprintk_emit+0x10/0x10 [ 434.838990][T13092] ? force_devcd_write+0x312/0x340 [ 434.844150][T13092] panic+0xca/0xd0 [ 434.847888][T13092] ? __pfx_panic+0x10/0x10 [ 434.852307][T13092] ? force_devcd_write+0x312/0x340 [ 434.857526][T13092] ? preempt_schedule_common+0x44/0xc0 [ 434.863027][T13092] ? preempt_schedule_thunk+0x16/0x30 [ 434.868600][T13092] check_panic_on_warn+0xab/0xb0 [ 434.873685][T13092] end_report+0x107/0x170 [ 434.878040][T13092] kasan_report+0xee/0x110 [ 434.882471][T13092] ? force_devcd_write+0x312/0x340 [ 434.887683][T13092] force_devcd_write+0x312/0x340 [ 434.892650][T13092] ? __pfx_force_devcd_write+0x10/0x10 [ 434.898141][T13092] ? __debugfs_file_get+0x1fe/0x840 [ 434.903379][T13092] ? __pfx___debugfs_file_get+0x10/0x10 [ 434.908967][T13092] ? rcu_is_watching+0x12/0xc0 [ 434.914120][T13092] full_proxy_write+0x12e/0x1a0 [ 434.919302][T13092] ? __pfx_full_proxy_write+0x10/0x10 [ 434.924694][T13092] vfs_write+0x29d/0x11d0 [ 434.929057][T13092] ? __pfx___mutex_lock+0x10/0x10 [ 434.934096][T13092] ? __pfx_vfs_write+0x10/0x10 [ 434.938870][T13092] ? __fget_files+0x204/0x3c0 [ 434.943652][T13092] ? rcu_is_watching+0x12/0xc0 [ 434.948483][T13092] ? __fget_files+0x20e/0x3c0 [ 434.953195][T13092] ksys_write+0x12a/0x250 [ 434.957742][T13092] ? __pfx_ksys_write+0x10/0x10 [ 434.962658][T13092] do_syscall_64+0xcd/0x490 [ 434.967248][T13092] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.973175][T13092] RIP: 0033:0x7f262338ebe9 [ 434.977687][T13092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.997415][T13092] RSP: 002b:00007f2624270038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 435.005853][T13092] RAX: ffffffffffffffda RBX: 00007f26235b5fa0 RCX: 00007f262338ebe9 [ 435.014013][T13092] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000005 [ 435.022029][T13092] RBP: 00007f2623411e19 R08: 0000000000000000 R09: 0000000000000000 [ 435.030371][T13092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 435.038395][T13092] R13: 00007f26235b6038 R14: 00007f26235b5fa0 R15: 00007fff4cc57778 [ 435.046399][T13092] [ 435.049858][T13092] Kernel Offset: disabled [ 435.054217][T13092] Rebooting in 86400 seconds..