last executing test programs: 13m13.85812034s ago: executing program 2 (id=345): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) unshare$auto(0x40000080) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0\x00', 0x20000, 0x0) ioctl$auto_ECCGETSTATS(r1, 0x80104d12, &(0x7f0000000100)={0x8001, 0x8, 0x7ff, 0x4}) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) r3 = socket(0xa, 0x2, 0x88) r4 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=0x0, 0xffffffffffffffff, 0x4, 0x1, r3, @relative_id=0x13, 0xe600}, 0xf) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000001c0), r0) sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_GET(r4, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="92000000", @ANYRES16=r7, @ANYBLOB="00012cbd7000fddbdf250d0000003400018008000300030000001400020076657468305f6d6163767461700000001400020064766d727030000000000000000000004c00018008000300090000001400020076657468315f746f5f7465616d000000080003000500000008000300ffff000008000100", @ANYRES32=r5, @ANYBLOB="140002006c6f00"/20], 0x94}, 0x1, 0x0, 0x0, 0x800}, 0x40) sendmsg$auto_TIPC_NL_MON_PEER_GET(r6, &(0x7f0000006140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYRESDEC=r0, @ANYRES16=r2, @ANYBLOB="11072cb53000fedbdf25130000000c00098008000200", @ANYRES32=0x0], 0x20}, 0x1, 0x0, 0x0, 0x4405}, 0x4c848) 13m12.928082785s ago: executing program 2 (id=347): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:04.0/broken_parity_status\x00', 0xc3002, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/vmallocinfo\x00', 0x0, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f0000000240)='/proc/Nes\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x88<\xf7\xc2\xed}Rq\x92Bg\xc6\xe3/;O`\xfa\xfc\x11M\x0f\'\xf4\x1c\x1dPj\xca\x9b\"\x13g|\x8f\xe1Svo\xfe\xb1\xf8\x06\x12\x16`\xa2\xc1\xe6\x00\x00\x00\x00\\\xb0\x1f\xd9\xd7H\x0f\xd1J\xca\x1e/z\xeb\x14\xd3\xb5\xff\xb4\xa2\xac\xc5\xd8\x8d\xce\n(\xca\xa9\xa0|\x1a1N\x1f\xe7Rm%w$\x84\xf6\x89\xd9\x90\xbf\xa8\x02b\xf5\xd0\xd5\x01r)i\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x100000001, 0xb6) mmap$auto(0x1, 0x102020009, 0xc, 0xeb1, 0xffffffffffffffff, 0x8005) prctl$auto(0x23, 0x8, 0x2008, 0xfefffffffffffffc, 0x0) process_vm_writev$auto(0x0, &(0x7f0000002980)={0x0, 0x4}, 0x3, &(0x7f0000002a40)={0x0, 0x7}, 0x4, 0x0) madvise$auto(0x0, 0x2003ed, 0x19) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/0000:00:02.0/framebuffer\x00', 0xc8882, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000007ffe) r0 = socket(0xa, 0x80000, 0x3) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000100)={0x0}, 0x3) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) fanotify_init$auto(0xba, 0x0) mprotect$auto(0x2000000000001000, 0x401003, 0x3) prctl$auto(0x6, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x200, 0x3, 0x3, 0x3c, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x23, 0x0) close_range$auto(0x2, 0x8, 0x0) clock_nanosleep$auto(0x183e33b2, 0x800007, 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) prctl$auto(0x1f, 0x200, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x5, 0xffb, 0x8000000008011, 0x3, 0x8000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) setresuid$auto(0x0, 0x0, 0x0) ioctl$auto_FIFREEZE(r2, 0xc0045878, 0xffffffffffffffff) setresuid$auto(0x2, 0x7, 0x0) 13m12.516173949s ago: executing program 2 (id=349): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) socket(0x2, 0x2, 0x1) sendto$auto(0x3, 0x0, 0x8, 0xf950, 0x0, 0x1e) mkdir$auto(&(0x7f0000004440)='./file0\x00', 0x1) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./file0\x00') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x1ffffffffffe, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sysinfo$auto(0x0) setsockopt$auto(r0, 0x10000000084, 0x0, 0x0, 0x10) recvfrom$auto(r0, &(0x7f0000001b40)="ad0b2a1dcae13bfdef462a20211d4f658d371da9716feebdc2a9405d8fa9c20d2fb7b3f098c53b18661d0c02a60779b8e2e858daa536ac984c27afa5542f163adadd438c811c8a7a4472e17e811b9530bf1a5cef29f361a8f6ef751dc9235b06d7e62e5345af7ce0e9e0fddef91ce16c73713ea6f28ce9959a990b3b6d3a2ffac16140f314404be96cab7bf1cc90896fa3c9411357f6ce076740f490c24e461ce124c1f027a87bb771c9bbf67349f91ab76e59688435d82bc795811efe5a60f71984704f68a8e47523ed4bcc691d3a738c4b4015ee09ed352b0e0113aa728869f59b513eccc74f9054eb4c113b17e8ee7e9b1cbaa2cb4289004982284012f904a6f42a64d37d7d37d4b3ef3fae61d4031ddba3a7460aa6ed48e0121b4775521c1234eccb348fcf2c68a7fb1e0f0ac62d4a936d55ddb3950380ca9c26baabd3a209c3488f2741e4a06921951bc2284134df8fd71a365b44e98b383d43a583a25e66b6c22116fa7a7b4031593b999fbcb9f74706a89423436595a28217526c90aede689ba66a0e3890fd6d984892ddac7158a29a9723f4544425891c7e15f63bd4f85d5d5343b805f942434a7eacdb2513e9767c0188f65da02bd41c06c9c46bb5d6f620883a7cf537f8de88ebb9f970200ecd33243e95d1ea28a1fec01787a9217f498a89b1efbaf5613e562ad3d3dc26aa8fca5123a14e37a5b0f6f2d0d61192803aa5db02def221ac2b1f75d2dc388ea405cf348ca4fe70d91b8cc8da46c4f34486e07ed5d3abcafed929b4a21fbd882bfcbba7b2ad5dda6d8b2607bfe4df0c8972d4ee55af2cf9f2ff6a2031b1776059e2b5408003661cf2acfa3a8076c1ee400aada1fc7259332fb5585e61f4e930968360349105b73d24818ee9e45cadeb70ab389f6dd03ba982a1a4291fcc257297364241dc17a684b7ac13ec77a818864e9c2e1bb3ae6e99b606079d9aab26fbee554d8747a461fbe8b76014a108e2fcfa18c9c2b004d7478129b21622ab30df27149d1315231190d1041af525e8f431814fc04864897f3e95a392ca50a0f64ceac15de28080f6213556cf19791af0be4b6b7ff2fa9e59c00161a7693cc9f0c800daa22a10db09b9b72d491dcf33d35213145438dd7119215e24e8f5e614b9513f859cce87c309d6d800ecd4262b88b3237d3b876e013eb2c6ba9d611ea7d35ea7a62d76ba98382c427427ab322bb61d55834689bdfd3a3ad0e1eca99c547adec9e3b1f4aca35fa21341d19fd3b310fb64834e95c3603220e41f9f9ef3aa89f87edd01165303d3bc741fc75fd4f36e2e36dfc66a82c1b710a54cc7d515b9ddf71626b76577f798fad1f44aad213c0a8cb2b1766482c21fa12d42f3f9b35ec2da4300c05ee5f46a6ce903410582b35a0f48c2bb07214db40efe694dacd3d15a4dd31ce6e43cb8cda4c7b122a8c08b74eea94815a09b8579396480d47cf59e2ed934c76c08e9573e85941d67712ea77fc6bf2162dda606120298401903173f53e21f473992ceae5b42c25ce4ff7c8f35399ac90e4dbd41b86b152f2bc0a803513342eece5e29bd38e363bcad6d37303a53984d812f54acb9e55862e9fa876bb95b2225b8d32dbb6e13565caac6ef6048be65aa6187c7576d5d7b3df574be913c3cf81f2a0043213aa0ac0a275e82d3b6126a53cc56c57ffcc5bbde40f9114b54c811eb20466de8dda9bda087474cd6a71d01c3c7b3d7d02bc8b02a52aba20a6ca11012e507693aff4422bc2bd756614932867b9f2d2e219dec0d8e2c61d2a825f1468a03971ec8d26cba1156c554eb58a8e902389a93ab5284aacf4fbc54e7876343f7d05c45fc8162f1c5947684d79b28f1fe891d0dc09fc0af47338a1d5e87a7db5c347701b797e407b2363eec0c70d531e0909d1c4decf0e55527359f73db20fbf8ab8fcdb463eec1e548a4db98c19c9fc1e0c8fc837e3a440b26e93728f83a2e3b78920a5e667113a180b92d5bbdcd70775d964547ddcc383e5190dba8b187430178e84ad12e465e68111c9f47445fb933a7990281d3005a496c460655315eb898ca87eefeac3f3ae38a7224c769a94c5874de44a722ad8ba949239cc6b57101b3b7745636733e0981c9255fb306d1255ea7a9679c5ae463c15a1e82df5ac7108791f23102dd120cd5ed015440d65cd10cf58659d6d878b982e76b7e32e26ecea067af922ca52378f47c70f95f743914ba5b521e659dafa4e4bf48d447b1df28b25c6e11772d89c4f04db63d776ecf6a966455c5b5c5954d545e0910465944f118c5cd56eaf2b4a108fde8c0146185681099461447eec86e95613d430972f6640bcac9203b081357ac7d5491b7efb75c90191e991d61feb12ca497f8803edc14a90a2b45a089a0291d3dce2010e24c51524f362a023c43758928b91ff07a864d8891d1563b6437bd07b7a47641a8caac39c71f33a8e305a224dd12dede238cce042ca29ab2bb780a366f3884e5851b1b623a7fccc494ee7cfff588b79beffff14f5feacaa23c06ee8a20dcf139f1c51bdddd57722ec799f14cceff4da809e847f253626e367f951841c93341264fe43196543e80bdf4554dcaa01e7b6600844bfac1c58c1ea9bf6bd0bc15a91d7a385ac8e08b90af643b17f0521f5e6269b45a6e2e831d98227fa6a41ab3f568ee43462ab25878a86e9c83f0c451cf4878a57c386cde4296aadf8d020ce615de3264f4ed29d78ac0fbb85a8a369ab3185eca1490081ad5300268b1e86b90a3695570bca447267931906ff55052dd41fb30dd45fce11deb8df1fe28be2e0352e18d19482e518d54d575a942e3f0eecc6e7cd60524ccd27e9a19f7a722dd0a6d9bab93032c9b71e9777ff4b65cc64ae1366dc91c944b8450fa0bf2568d1b95cffbfaa93299e8616b9ea396505bd027312298aa5de564cb561f6d027d7bbff3c6b6525541bcd0970a91e40b3e626466faf7985097e90bab75f3fcfdd717f0ffd2823725e3f3a32961e7020d81c5ef3ff404e58abfecbb118d6dc1701005f2a66035be3bc14ff48759f610db028e0f98e5d8d6bde4aeda45851ecce7910061beb144818d60d78a8b44e0454fc44d4be02dc7bd5a16505c3b4eb749bfa9a741731221e8c86178e6ced09ac64fbd0ff17bd7fdae478881719e116be63277f33913f2a38199edde43f664d95560938afc710dc4d7f12513f872c95de8cc55bf3782a6bb26d8671f4265f0df99cb234cb9d68bac78bf3c0d58e0117317a811f42ae65bc383be1c6bcb76878c3d807b7f473b854a824832c46a3f9cd0d5609e07ff4768daec44e425059874392410265a8d9dd1ea42215a6d5f6a49c609ee41ae9ae94c7f12b3b3d268d76f09e278fdcd9fa89bc281297542de6dcc9eeef198a2a2e078e6c901689c442e3f5507b3bcdf053f4f691d062d14b262bed98b291ccbc151be35bc085438ed5a0279741ab2321fdc24b1c9cd87219d17aaeda0b01f8162f4fea7ff1823f6dcecebb3f261b0fbc79fd67bd5423690fb0466f21a6df4d7c3e6e3c541f4713bdaea46800869233c45095b6a49fed15abd868c0eb9e363a07112503f29cbdf4fea8232c41542578c5aea9b04863a6970391895f2484ab38fdd5d3fe01c34648434d211a2e20df964d26ce28ca0c8bbfe89b603798b663fa9829a1d1364cb778352be14117a18448ff6cbb5e4b1f269b0f783338e31cc320365fb387c7d464df5df49e1c8bbc04a08f97c20b9492f48ff57b8d17afb380518626fa3956bb3c25da44a0c6f353e4c69cad403109026e7cd689a4dad57842e7bd2cbf6a2be5ec3fdabbdf3a3e4ca8c8132bb48568654f160e3624efe774b31a331f15e5cd7acc02a4bfefeacfa22760ec057f8e332be05de08695aad230367a2a227d495b797922a1755fb77ce1cfb0370a9beba8325a34b80600913679a6985faf64dddf8a9d65ce60166d15e7e30ae809ed90e9a401c3b8a39397b84beea98006c0c83cde7b34f3e0ab35c42065aa50ab45bed28a4b6d622453df7d55a003277c41064258ea7fef4ed9059d91ff03c1a905ef4058ade6ff51b1bfcddd0d87c119c87dcbc1911ac15e763cd595418ecdaf0a7b03cba53a5d5f1bcf971ccb575ee543fa378659b1375df450ffb77b74d54e8ba26de9e782c9d401be2d0d3454cb032aff055754bec66ddd472bd7edfbc18a4b639c318cc2367f584fd922578276b7f3b5b0a39275937536c30767419d14bccb3df854def9e98179ced9d93c418ef383ec2e59b5b490d48bf6160e0e26ce2f191f29ce4ab458dd62e86a1ebe8bc552fdf7bc2d85d91a682d97d2d1acc88611ea716aa7fcb737490ef06827dff93a37e46d826bd36f82775ec2cdd34b9b138d6e8e1c60478ae54a5fccec936de1e8cee7a9ce299e091c169c54661f997453bd32f5a62f7e9648580fc4a3d3cbf614e6bcf88c0e4d9c9f127df313f355c3266ada00e1625894bc5abdaab170de4f5491ad1c3e5a13e8877e7939f066b3087e2d1e1e06c336324ca7958d0753b203ae771fb1ef15521caebb15195fa14633b18661761e3be25436f996b053ef08144b85120337f100dab6c49be3fbedd2d71a38b38848a53387e1109cd67697c8d7b41ef621f9348ab93e8a487d22beafc8eedf349cfe8cc68c4e45af616e58e5bb538d9944f515fe15702807a12512d6d1b789d8665d0b33841f4f48151c95fbdfe7ac07a7fc36baa1771733cea29f88cbfea9c6279972c9c3f628223102f44d75cd90c6c9f79592e90044f1dcbebc4394ec84aa8fdc186e560f2ca7c2de1cb7e913b89b027043854cf66eb525ac86eeb3f0027796ac8dd2063022ba363ef2acd5c9e72306ef6c975c85578071cb172b2eea9a508f9689c7760cdb5df69fa069ea84bf335066e133257125bd331ef66773bca466601a8d0c517e507ae2f66d29075d89f42d47af46b3a2bd266c45a56dc5c345f025dedd3b6e39c2843300c73521cc6e22eb1e92567ae5d5719c9de20c9e264fb1541bd0b7448d3048657a57036acc19ce49e4434b8cea1b8cdb395c44b745aee1257681e82494d877e0c38c955d89bb4f9909ff70c70946025f7c6e23108cb2da000ccb209422e0e60da7ded117cf8285e4714f376a98721e383f012b1ba4e6aff0883249ebc6632d6bfb6d4808f7da7c66ad61f178be3cc48aa47ad54e0b0e3a05aa6d0abc86055f2d4d8c7018ebe4700a028ffd648d9ee588098a9db05338754f7726e78ca6e5246d05290913edc2341eb93482e39c993fc4062914cda7b7a4d98fe5777b7d80fa5106eaec8c6a69ace27e58299b63ec538ee64c305f72279ad58fa044030e5057e7ed23e4c26760523e8fe2b5c2eca30c84a9b3dfb35eea7c39be44d4a3127b6278f04ff5bb154601a0697ded560fa2599816b09ac4e12d8fdc75d697728680cbd0ba4160903c67b21926776c9ef920bc63ce9663bf863d33883e4d8751e7a61c88e74545e73f82e4c34487745f2e6b5e08bc4797cfe7041f747147db75a047d38c9124bc8e993e2ba5168657ca13de04527ed24eff92c040c961d0f600b80651d110a05accea02b6263c551e71d3b9d3f1bcd6587ec2a21c198ccc53e38cafcff88c56f05b512a026cd51a1fe7c198b1d32948cde59898521037178a9200346c0dd0ce02287632ba252d05227dda32b696d7f59eec9ed1f05970406e69be2e22928183220a46a53e7a32270cd95a8ec2130f1852cf5cb7eff8b84768c29e3a9", 0xffff, 0x1, &(0x7f0000000700)=@vsock={0x28, 0x0, 0x2711}, 0x0) setsockopt$auto_SO_PASSCRED(r0, 0x4, 0x10, &(0x7f00000000c0)=']$\x00', 0x40) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) r1 = socket(0x2, 0x1, 0x106) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) open$dir(&(0x7f00000001c0)='./file0\x00', 0x201, 0x14) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_UI_BEGIN_FF_ERASE(r2, 0xc00c55ca, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x400280, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, 0x0, 0x100000a3d9) 13m11.999020762s ago: executing program 2 (id=350): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) write$auto(0x1, 0x0, 0x80000000) (async) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) (async) r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fchdir$auto(r0) (async) r1 = open(&(0x7f0000000080)='./cgroup\x00', 0x101000, 0x0) (async) exit$auto(0x7) (async) r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup\x00', 0x1ad0c3, 0x1) (async) preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5) (async) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) (async) r4 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000001280)='/dev/mixer\x00', 0x80002, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC(r4, 0x80044dff, &(0x7f00000012c0)) (async) ioctl$auto_USB_RAW_IOCTL_EP0_STALL(r1, 0x550c, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) (async) mmap$auto(0x3fc, 0x2020009, 0x2, 0xeb1, 0xffffffffffffffff, 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x28, r6, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @u32=0x80000001}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) socket(0x29, 0x5, 0x0) (async) open_by_handle_at$auto(r2, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) (async) r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) sendfile$auto(r8, r8, 0x0, 0x1f) sendfile$auto(r5, r5, 0x0, 0x2) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xb, 0x1, 0x948b, 0x3, 0x4, 0x10060000000, 0x6, 0x62, 0x8000001d, 0x8, 0x6d3b, 0x9, 0x8, 0x4]}, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10007) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88282, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 13m10.994826933s ago: executing program 2 (id=354): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_RPC_RESPONSE(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x14, r2, 0x100, 0x70bd2c, 0x25dfdbfd, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x814}, 0xab055438e81cbca2) ioctl$auto(0x4000000000000c8, 0x400454cf, 0x3) r3 = socket(0x25, 0x1, 0x0) sendto$auto(r3, 0x0, 0x0, 0x9eb, 0x0, 0x7) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000a, 0x8e051, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff) pread64$auto(0xffffffffffffffff, 0x0, 0x2, 0x100000005) ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0x5410, 0xffffffffffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x10000, 0xc, 0xf, 0x40000000088fd6, 0x948b, 0x7, 0x15f4da0a, 0x3, 0x3, 0x0, 0x4, 0x7, 0x100000008001, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose3/statistics/tx_packets\x00', 0x82200, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2, 0xffffffffffffffff, 0x40eb1, 0x602, 0x300000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto_proc_setgroups_operations_base(0xffffffffffffffff, &(0x7f00000000c0)="15e53a6fdd580f23", 0x8) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/bus/usb/drivers/pctv452e/remove_id\x00', 0x10b142, 0x0) read$auto(0x3, 0x0, 0x80) sendfile$auto(r5, r5, 0x0, 0x5) socket(0x2, 0x4, 0xff) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRES16=r6, @ANYBLOB="010027bd7000f9dbdf250100000006000200000000000500070080000000080009000100000008000a000800000008001700", @ANYRES32, @ANYBLOB="e8b44670501b330f9119a16d5d819754097d9a2f6ec60598ff129fdbca198eff5c511f649348cc0f100c806731807f9041a89e6135e7c2cece6368ca30df4d8b781eb005ba489fc036a4e1acfbc801191fbf9761135e71efe241ee3627930ef415cc3fdcb0b254ab48e3d61f084ed49d31e20a4807795400b0a7e5687dbe2f10b808d6b798e9d3817a6f03a24d9ee31fa8e4f2f42a1863b0a4bb7c9ec14d9574e3c50a4904f67340528405df3beec9295b88eb2ce780f7e103581a1e1f404802f1ec682a261e9e0d20ab31855f5d420d9047817c97aa25fad8e8ad4b4dad44ad04cde057789b911892a04b289e7b1ba4272779c382bfb9eb7fcab31078832a0515b48eefac91c0161309"], 0x3c}}, 0x4008000) 13m8.009246659s ago: executing program 2 (id=363): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) preadv2$auto(r0, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x2e) write$auto(r0, &(0x7f00000001c0)='macvlan1\x00', 0x1) getpgrp(0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20000, 0x0) read$auto(r0, 0x0, 0x21) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0xc0802, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100080a3d6) modify_ldt$auto(0x1, 0x0, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x1e, 0x1, 0x0) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x3ff, 0xed, 0x7, 0x3, 0x95f4da2d, 0x2, 0x6, 0x4, 0x7, 0x7, 0x6d3f, 0x2, 0x0, 0x5]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x20000000) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 12m52.501517035s ago: executing program 32 (id=363): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) preadv2$auto(r0, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x2e) write$auto(r0, &(0x7f00000001c0)='macvlan1\x00', 0x1) getpgrp(0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20000, 0x0) read$auto(r0, 0x0, 0x21) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0xc0802, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100080a3d6) modify_ldt$auto(0x1, 0x0, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x1e, 0x1, 0x0) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x3ff, 0xed, 0x7, 0x3, 0x95f4da2d, 0x2, 0x6, 0x4, 0x7, 0x7, 0x6d3f, 0x2, 0x0, 0x5]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x20000000) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 11.168221173s ago: executing program 0 (id=2683): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x81}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x2, 0x1, 0x70de, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mbind$auto(0x9, 0x84, 0x4, 0x0, 0x80000000, 0x7f) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) mlockall$auto(0x7) modify_ldt$auto(0x1, 0x0, 0x10) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_gtp(0x0, r1) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r1, 0x0, 0x3) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0xfffffffffffffffe) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 10.565758959s ago: executing program 1 (id=2685): r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/mouse0\x00', 0x8000, 0x0) mmap$auto(0xfffffffffffffffd, 0x100001, 0xc61, 0x9b72, r0, 0x8000) r1 = socket(0xb, 0x2, 0xfffffffd) sendmmsg$auto(r1, 0x0, 0x1, 0x9) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000200), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) ioctl$auto_PPPIOCATTACH(r3, 0x4004743d, 0x0) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000240)={0x20, r2, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@HWSIM_ATTR_ADDR_TRANSMITTER={0xa, 0x2, "9e695f99bb0e"}]}, 0x20}, 0x1, 0x0, 0x0, 0x4}, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x22, &(0x7f0000000000), 0x1) 10.217052212s ago: executing program 1 (id=2688): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000006640), 0x2, 0x0) pwrite64$auto(r3, 0x0, 0x4, 0x3) waitid$auto_P_ALL(0x0, 0x1, 0x0, 0x5, &(0x7f00000005c0)={{0xfffffffffffff001, 0x8}, {0x5, 0x7}, 0x7fffffffffffffff, 0x10000, 0x5, 0x2, 0xc00000000, 0x3, 0xb9, 0x9, 0x6, 0xc, 0x0, 0x6, 0xf4, 0x3}) sendmsg$auto_NFC_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000480), 0xc, &(0x7f0000000780)={&(0x7f0000000500)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0x3}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x40}, @NFC_ATTR_LLC_SDP={0x4}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x6}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x84) sendmsg$auto_NFC_CMD_FW_DOWNLOAD(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x180b008}, 0xc, &(0x7f0000000380)={&(0x7f0000000740)={0x90, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NFC_ATTR_SE_APDU={0x74, 0x19, "3d68f56930dfec1e0c9ee2d4ec5cdec5a6617f08331f1e41250fe48416dd92cea0221dc8da3d9efe89fd9d72adf19e0e892f0903c80088663c1275a54ef729132cb8005fda646285b305ef19246d6980ac71aad2e89b11409d9c12c63d7f8f32c7aef96670418e95dd66e8912e6a6af1"}, @NFC_ATTR_TM_PROTOCOLS={0x8}]}, 0x90}, 0x1, 0x0, 0x0, 0x1}, 0x41001) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xa4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY\xad\xd6\xc5\xab`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4[\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r5, 0x80045010, &(0x7f0000004440)) inotify_init1$auto(0x4) ioctl$auto_VHOST_SET_LOG_FD2(r2, 0x4004af07, &(0x7f00000001c0)=r4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r6, 0x8000) r7 = open_by_handle_at$auto(r2, &(0x7f00000002c0)={0x1a, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b"}, 0x7d) setsockopt$auto(r7, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r6, 0x8000) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r8 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r10, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r9, @ANYBLOB="010025bd7000fedbdf257e000000000066004e210000000026800000020004000000000002000000000000000100090000000000010004000000000002000700001f0000980006000000090014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1c"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) sendmsg$auto_NL80211_CMD_GET_KEY(r6, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x21}, 0x51) r11 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/ext4/sda1/first_error_time\x00', 0xe80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r11, &(0x7f0000001280)=""/4124, 0x101c) read$auto(r8, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 9.753953956s ago: executing program 4 (id=2692): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto(r0, 0x5606, 0xffffffffffffffff) 9.435864214s ago: executing program 4 (id=2695): mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x81) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0xe2400, 0x0) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000000c0), 0x151142, 0x0) ioctl$auto(r0, 0xfffffe00, r1) connect$auto(0x3, &(0x7f0000000080)=@ax25={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x8}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x4) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) 6.636195565s ago: executing program 0 (id=2703): r0 = openat$auto_ecryptfs_dir_fops_ecryptfs_kernel(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/rfkill6\x00', 0x28080, 0x0) ioctl$auto_FS_IOC_SETFLAGS2(r0, 0x40086602, &(0x7f0000000040)=0x3) (async) r1 = timerfd_create$auto_CLOCK_BOOTTIME(0x7, 0x4) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x70, 0x0, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0xb}, @NL80211_ATTR_FILS_ERP_RRK={0x31, 0xfc, "845fd145366544f139a5e1ee35427341802464d073e16d603358ebfdb4a36867e2d9ac94dd890094e4a8a9f460"}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "2e380e0ceebc7415d0651880fc242d6484d7cb77fe406e58e208"}]}, 0x70}, 0x1, 0x0, 0x0, 0x8801}, 0x40000) r2 = prctl$auto_PR_SET_MM_BRK(0x800, 0x7, 0xffffffffffffffff, 0x1, 0xf) setsockopt$auto_SO_KEEPALIVE(r2, 0x4, 0x9, &(0x7f00000001c0)='/sys/devices/virtual/bluetooth/hci1/rfkill6\x00', 0x0) (async) read$auto_mon_fops_binary_mon_bin(r1, &(0x7f0000000200)=""/27, 0x1b) (async) sendmsg$auto_NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, 0x0, 0x10, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x51) bpf$auto_BPF_MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)=@query={@target_fd=r1, 0x3, 0xfffffffe, 0x5, 0x1, @count=0x200, 0x0, 0x9, 0x8, 0x8000000000000001, 0x79}, 0x80000000) (async) r4 = signalfd4$auto(r1, &(0x7f0000000400)={0x8}, 0x6, 0x81) (async) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000480), r1) sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f0000000640)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000600)={&(0x7f00000004c0)={0x120, r5, 0x800, 0x70bd2a, 0x25dfdbfb, {}, [@NL80211_ATTR_EHT_CAPABILITY={0xc2, 0x136, "021907018ee1bd853a042d6f9c047c520b15ae14ed47c8fb6f66d141e552b2f5edf119db97858004ad39cae262cb9b5fa3adec58de510fb3eae1c8860adcb4c40ee42f008b05658edaf53df7c056d960bc3fd3c399c68290d96918a52b17b33dcf53cafd941d85479316dbb019d18f7f3901191ea158b521e666c81dab86803183dc6d68e16d01d7cc2dfba6a59e9f4ea666cd2adc63447ac5ef816226e68911b5992b6dd49f0a19a0e32f3e266b1178f97e72b91ba9b0a0f6945ed8af90"}, @NL80211_ATTR_S1G_CAPABILITY_MASK={0x3d, 0x129, "f757f213b962205c64fb486a789cfa457cad77405f9ff4731c06f374de901a97060590394443bad6d196f19457541992b53a595f061482723e"}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x7}]}, 0x120}, 0x1, 0x0, 0x0, 0x4000}, 0xc8d5a1343ed0c72f) (async) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000680)='/sys/kernel/debug/usb/usbmon/37t\x00', 0x200, 0x0) (async, rerun: 64) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000006c0), 0x628480, 0x0) (rerun: 64) ioctl$auto_FS_IOC_FIEMAP(r6, 0xc020660b, 0x1) (async, rerun: 32) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000700)={'veth0_to_bridge\x00', 0x0}) (rerun: 32) r8 = bpf$auto_BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)=@query={@target_ifindex=r7, 0x9, 0xffffffff, 0x2, 0xfffffffffffffffd, @prog_cnt=0xaab, 0x0, 0x8001, 0x2, 0x9ff0, 0x7}, 0x7) (async, rerun: 64) r9 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000840), r4) (rerun: 64) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r4, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x14, r9, 0x2, 0x70bd2d, 0x25dfdbfb, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x2}, 0x40041) r10 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000940), 0x0, 0x0) (async) r11 = landlock_create_ruleset$auto(&(0x7f0000000980)={0x6f868990, 0x200, 0xffffffff}, 0x27, 0x0) close_range$auto(r10, r11, 0x3a2) bind$auto(r3, &(0x7f00000009c0)=@ethernet={0x6, @remote}, 0xfe3a) (async) r12 = gettid() ptrace$auto_PTRACE_GET_SYSCALL_INFO(0x420e, r12, 0x10000, 0x8) write$auto(r4, &(0x7f0000000a00)='\x05+[*.$\x00', 0xfffffffffffffff8) (async) ioctl$auto_BTRFS_IOC_QUOTA_RESCAN_STATUS(r2, 0x8040942d, &(0x7f0000000a40)={0x800, 0xfffffffffffffff9, [0x7f, 0x7a4, 0x4, 0x400, 0xff, 0x100000000]}) r13 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000ac0), r4) sendmsg$auto_GTP_CMD_DELPDP(r3, &(0x7f0000000bc0)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000b80)={&(0x7f0000000b00)={0x68, r13, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@GTPA_O_TEI={0x8, 0x9, 0x7ff}, @GTPA_PEER_ADDR6={0x14, 0xb, @remote}, @GTPA_FAMILY={0x5, 0xd, 0x5}, @GTPA_FAMILY={0x5, 0xd, 0x8d}, @GTPA_MS_ADDRESS={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x16}}, @GTPA_NET_NS_FD={0x8, 0x7, r8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}, @GTPA_NET_NS_FD={0x8, 0x7, r3}, @GTPA_PEER_ADDRESS={0x8, 0x4, @rand_addr=0x64010102}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) write$auto(r3, &(0x7f0000000c00)='veth0_to_bridge\x00', 0x8) 5.876477729s ago: executing program 4 (id=2705): mmap$auto(0x0, 0x400008, 0x4, 0xa910, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x2, 0x80002, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12de82, 0x0) ioctl$auto(0x3, 0x80046f49, r2) sendmsg$auto_NL80211_CMD_GET_POWER_SAVE(r0, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x481000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="040027bd7000ffdbdf253e00000008000d00030000002300be00f4a38c328c82223acbfd27e87ca2399691e4f9bf9a46fb9f7efae72be185780005005900000000000400d800"], 0x4c}, 0x1, 0x0, 0x0, 0x20000008}, 0x4000011) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0xa0681, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LOCK(r3, 0x40405514, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r3, 0x40405515, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000002c0), 0x20000, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyxf\x00', 0x109401, 0x0) ioctl$auto(r5, 0x540a, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000004c0)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x80400, 0x0) sendfile$auto(r6, r6, 0x0, 0x3) 5.263372061s ago: executing program 1 (id=2708): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x11, 0x80003, 0x2) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4) r1 = socket(0x10, 0x2, 0x4) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0x4, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x0, 0x0, 0xf89, 0x9, 0x80837, 0x8}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYRES64=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x40408c4) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008) socket(0x29, 0x2, 0x4) r4 = socket(0x1d, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, 0x0, 0x40000) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, 0x0, 0x80) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r5 = socket(0x29, 0x2, 0x0) r6 = socket(0x10, 0x2, 0x87f) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r6, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) setuid$auto(0xe) ioctl$auto(r5, 0x89f1, 0x24) recvmmsg$auto(r3, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x7, 0x15}, 0x807}, 0xfffffff9, 0x81, 0x0) r7 = ioctl$auto_TUNSETOWNER(0xffffffffffffffff, 0x400454cc, &(0x7f0000000000)=0xa) r8 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000040)='/dev/media18\x00', 0x8000, 0x0) sendfile$auto(r7, r8, &(0x7f0000000080)=0x100000001, 0x7fffffff) r9 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r7) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r7, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000380)={0xc8, r9, 0x100, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_PEER={0xa9, 0x28, 0x0, 0x1, [@generic="057db4403c2890d4b135313e092a8dbf473da044db328ea7a94a7a45b2ef926d93dec6e462cbe851aecd05e1d948e484adbcc7933e83593290d462e9b399dffbb7b399c42a1822673a8bc777836e7b60bc380fa58d2e942939c4f7e736abcde5a6f68d2019bc1461b52c712c594b12a4acff9f6fa77a5cc3025a24fbb5f51a643f69610e996c5a40091d447d6e650a85bc464ab5ae4e1f1a64fe7dec364ddb601dcf7e3635"]}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xfffffffd}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) 5.253619012s ago: executing program 4 (id=2709): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x55, 0x0) io_uring_register$auto(r0, 0x7, 0x0, 0x4) 4.192132311s ago: executing program 1 (id=2710): madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, 0x0, 0x1013) poll$auto(0x0, 0x7f, 0x9) socket(0x25, 0x5, 0x6) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000000c0)={"58f99464", 0x8, 0x6, 0x1, 0x3, 0x5, "4bb69ec4b3f4c14539898e4c5682f5", "347f00", "a630df9d", "a0ed9959", ["cd9196b8fe1a8a7eb90401a9", "2f9c30017721de33c560b95a", "d3fe6c55a78d6932211c9b69", "ea334f1f1e5e27a1320d6edb"]}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, 0x0, 0x7, 0x8) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00 \x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 4.081790354s ago: executing program 4 (id=2720): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x55, 0x0) io_uring_register$auto(r0, 0x7, 0x0, 0x4) 3.931987072s ago: executing program 0 (id=2713): r0 = fcntl$auto_F_WRLCK(0xffffffffffffffff, 0x32, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'ip6_vti0\x00', 0x0}) r2 = openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy17/netdev:wlan1/stations/08:02:11:00:00:00/rc_stats_csv\x00', 0x8442, 0x0) r3 = openat$auto_ima_htable_violations_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000000c0), 0x400100, 0x0) bpf$auto_BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000100)=@bpf_attr_0={0x7, 0x7, 0x7, 0x2, 0x7, r0, 0x1, "97966c9bf614e417118fa963f8e2055a", r1, 0xffffffffffffffff, 0x4, 0x1, 0x10001, 0x8, r2, r3}, 0xff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_ratio\x00', 0x201, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000240), r4) r9 = wait4$auto(0xffffffffffffffff, &(0x7f0000000280)=0x8, 0x81, &(0x7f00000002c0)={{0x542, 0x5}, {0xb62, 0x2}, 0xac, 0x100000001, 0x5, 0x7ff, 0x9, 0xfd9a, 0xfffffffffffffff8, 0x8, 0x0, 0xe, 0x5b26, 0x0, 0xfffffffffffffff6, 0x5}) r10 = fcntl$getown(r3, 0x9) msgctl$auto(0x1, 0x5, &(0x7f0000000400)={{0x3, 0xee00, 0xee00, 0xfffffff1, 0xfff, 0x4, 0x7}, &(0x7f0000000380)=0xf, &(0x7f00000003c0)=0x2, 0x3, 0x0, 0x8, 0x6, 0x0, 0x4, 0xfffc, 0x0, @inferred, @raw=0x2}) ioctl$auto_XFS_IOC_COMMIT_RANGE(r4, 0x40585883, &(0x7f0000000480)={r0, 0x0, 0xb, 0xd00000000, 0x8, 0xffffffffffffffc0, [0xfffffffffffffff9, 0xe3, 0xc, 0x8, 0x80, 0x60af]}) sendmsg$auto_TIPC_NL_SOCK_GET(r7, &(0x7f0000001480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001440)={&(0x7f0000000500)={0xf2c, r8, 0xf4eecf6edf601ce9, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x25a, 0x9, 0x0, 0x1, [@nested={0x102, 0x96, 0x0, 0x1, [@typed={0x8, 0xf0, 0x0, 0x0, @ipv4=@private=0xa010101}, @nested={0x4, 0x74}, @nested={0x4, 0x4}, @nested={0x4, 0xed}, @generic="7888e7ed34f0828e8adcdebde6a153d4d0207796ff87a7db0fb9b8932934f9b0ba8fc46eed1687628fd7075f41fd25625d16cb7de1bd4e802c55f3a7552b06a12452fd0c9358f69d419b757cac28bec1f43a39ed8905f21fea0261b44c1db9cea3e0414657d3a08de1b56e9abdfaae9c6118cadd068a1152606c47", @generic="6422f24da85012a847c82573f156cb83c7586aeef8ffbd7b9bd5216b313573f7db74e4d7cfbbfa7b4ca2c34a95424b43979a059d14508a09a473d9926bfaa5aa671808c02b41be57e9687fc3b338a24d0c53bc0b7ffe5afeef25013e87f3d9b196af4f688d1f78", @typed={0x5, 0x57, 0x0, 0x0, @str='\x00'}]}, @nested={0x8, 0xa8, 0x0, 0x1, [@nested={0x4, 0x53}]}, @nested={0xa8, 0xd7, 0x0, 0x1, [@typed={0x14, 0x1c, 0x0, 0x0, @ipv6=@local}, @typed={0xd, 0xdf, 0x0, 0x0, @str='ip6_vti0\x00'}, @nested={0x4, 0x28}, @generic="6095e74e9f72d8259cdbd8f9985cc15f047270b183d83fdb93531c8e384a0221676cab284aa75437e07d7c80305a70b0400c868c24347dc7efc9d452926d06302995a5b14530db6cb0ee093566c696680d407f5b7340b3308cb9fa2c316c8cb115d5b0ea1578", @nested={0x4, 0x126}, @generic="51feb595a51e9ad98e827e0d4a7b9ce1c5c0"]}, @typed={0x3c, 0x2d, 0x0, 0x0, @str='/sys/module/kvm/parameters/nx_huge_pages_recovery_ratio\x00'}, @typed={0x4, 0xc8}, @generic="1c196c1eae4318bbcae3338f6f1b7712cba52370c46ae8d9aa956f4d469185b23974fec0165c740dd5e694e6210b6d6f5b812c82d62c48ac3cdc32cc1df7cb3a99b3c968f6d07be4c079a4b0", @generic="99a0c603eb95966a31fafc0fd25d52e0e45e", @typed={0x4, 0x41}]}, @TIPC_NLA_NODE={0x1c, 0x6, 0x0, 0x1, [@typed={0xc, 0x129, 0x0, 0x0, @u64=0x4}, @typed={0xc, 0x13, 0x0, 0x0, @u64=0x2}]}, @TIPC_NLA_LINK={0x3ba, 0x4, 0x0, 0x1, [@generic="21934f5259ac59f1ae04558cf2bc7cc31299ba301b5f280d1cc26eaf64d2597fd30b2729fb95a2ae18b470d6caeb2302022f6e54bcf8c6926d4254bba0a81459a9d2562287d309734b7c2da9ac9466bfcc4b082f9475f2f66bc61b6d1ac10f7c0a02d241fd220ae1a368bc2d6125efcc1dfd5cf96d874aa292a61e8d9fa2b3ee8aeb681ad6153b65bb080182de47a9c0d84f36", @generic="dff865c0c38d159611d5a579f4d6ef1e34642524399b69485b30261ce7f13cd83bbd42a8672a332906c42920e761dd3e995b6aaf61319fcd487f8a140ae0e36f3d20f811f1ced240b981519dcd47dd0cfb3a22c36096616f12225b2d2954f94ba8e4b3b89dc70979a964b858e33c187c968b5bdea2d635ac56226b3aa0b6c7bbf3e7580f993dda922f54e8ae74932ab3bbe96c2035df61e8aa985a665f44b833dfa5cf80211cff14937839e2adebd5ec533643ae4fda47c5dd9221999b2b751a410fa37512d35af1c4422b", @typed={0x8, 0xde, 0x0, 0x0, @str='*}{\x00'}, @nested={0x50, 0x4c, 0x0, 0x1, [@nested={0x4, 0x7}, @typed={0x8, 0x1b, 0x0, 0x0, @u32=0x8001}, @typed={0x8, 0xcf, 0x0, 0x0, @fd=r0}, @nested={0x4, 0x67}, @typed={0x7, 0xfc, 0x0, 0x0, @str='&,\x00'}, @typed={0x14, 0x92, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @typed={0x8, 0x2, 0x0, 0x0, @u32=0x81}, @typed={0xc, 0x11f, 0x0, 0x0, @u64=0x80}, @nested={0x4, 0x78}]}, @typed={0x6b, 0xa5, 0x0, 0x0, @binary="2c21c60f9dd2447eb3744c1efe2963adfaabe387712ff4fc032210cbc7d40d3ba8a999a020d7fa59b7c8b8883d3d2528104944bc5fe89ff53a55189d39210eb0d7daed9f16ef9858fe2571ebf5d7ce0bf013f901058fd7b4d6dbe6ae56708d07584ace296a6d22"}, @generic="6210dda64a038f07583a789f48b6a78c4b25dd16b3913b4490750c9e83fa42185abd22ef3b1173ff11857fdab5bfe417b495025b05cb1e04fa03be986e335f4fc5f95c988115277c948202c6dc4e44d68a554b89901fe703d4c155436148bb09c742666a65c7d5675370cff4de4608520f34da941541fa345dc63ccb548195fc46fd6eb3f5a006d9e6cfc3624b0119a49c4280f6471c58cf8748725365022bcfc39c76d1db82f7af6b1bc309c87f2d026e6784a50b9cb259", @nested={0x94, 0xee, 0x0, 0x1, [@nested={0x4, 0xde}, @generic="e60adcc8e60cc5d89104ad923955b6b5b79a0cb57dc4d4c246bbc439c527b3b0cab66400ac37db97be2c9d855079d80a2c76747980ad8a5318bb683c2d1878ec41b5ad276c208e1cecb3b282f5a27c789e5c20c5026b83096d072d371f25b8329cccc6654de4cdf0d6c8ab58f0d04911f11d61d50b67e892fcc66b2f2b00cd7e548fef51be823ef2", @typed={0x4, 0x11c}]}, @nested={0x2c, 0xa1, 0x0, 0x1, [@generic="61da86a96185ab5eff738a45ff79ee76eb329de9a62484763c16c7ad1110990f8fadb5adb404234e"]}, @typed={0x14, 0xfa, 0x0, 0x0, @ipv6=@loopback}, @typed={0x8, 0xf6, 0x0, 0x0, @pid=r9}]}, @TIPC_NLA_SOCK={0x2c5, 0x2, 0x0, 0x1, [@nested={0x12a, 0x4a, 0x0, 0x1, [@generic="30fe76d40ba0d29440efe362de5cfbdaf3e1c6db796bd1e401c138ecc9ff4a7a1a447896bdc267f6f4a60b292ddb5b3c5ca6b8557aa83b90458e783a40605b7855640474f13483a1d148f5e97ed2d598dcd48da51b12568903f28a8f799a1cbca039ae22288b8320", @generic="7d7536dc6004f9cbe22e8e7a881a20e2d2b7be32d1420c5fc12efca41884a3aa5f1e2015974fceb58e73592c6438f6f15256c533ccdb6234cb95e5553b22a35481f648eebf3fc97486b1dd4ac2af3d5a33b89a04d1fefae1d04f47e3633f06faeb1d2ea3402a3e1b2f6ea262b4762d47f33ca8f11be5fea9a39a31beb94121d6e57b25362bb5d239dba1d726a5f2c6d6c5c73da28c8df742ea33d14332f40adf506d", @nested={0x4, 0x54}, @typed={0x8, 0x3b, 0x0, 0x0, @pid=r10}, @generic="c4f09f16", @nested={0x4, 0x108}, @nested={0x4, 0x9f}, @nested={0x4, 0xc0}]}, @generic="5f137fd7b75c7035a495acc2402325f0a68165ec9a85e61469205ae87781101948edf343091424eaa0cc40d22a4878d1bcfad5ac609a8dbfa828209c34e7c2a85f68c51e200eda183c1a40e58246857729c96a0b543849", @generic="24f3f0851223cd88330d5cb1635272c03ed1749c16fc6262a1a8134af1115827ad4dbfde6b1cd2e3b0fa87d940012c418c30c167fb80294b1ca57151363eff7aa7025fe108f0d069531d9a0736fdb717ec238c9eeb14ab5e127ff520f1830c58c595426d9bdd89620e76bc4b2ad42dae05e5f793fc05121c9df4ee35ea740967c9da005c2f7495e0e4e370f18fc22a17e57d52db6127ddb5194ed9e6e59ac757aea376c7f22ffa915837424be0a2b034f4d138e8b5071d3a8ceba99b5e316e905eac0cba3d6a693d3f285491798c1f934d3644b3ddb6", @generic="9b7f9a5ab262db0ca02da29ddcd530ec0a30026bd6b591a6f371ccc497360484d774aa12cca3cb94da013fe6be264cf1f58e75d2f976544c5bcf51890cefafb6c188e5cc84344477fc0446de235b23909e4d2cce94bbb845cd62562d3ad261560927ec1136f37f97"]}, @TIPC_NLA_MEDIA={0x1bc, 0x5, 0x0, 0x1, [@generic="02faad73d9928170eff11f20d265571a30685db77458eacf87275e9ce5f57bae5a63585ff77ef876f4398298daf8b9d1b0d971c2571b21eaaed61278faaeb5b7cfb2a7760b4aefe2ef102c1102ae7181bc0916e45599efdf2220de685869c8e8eb910bdbf07917c4fc3039b0d0b9c47d1f41510e390980d988db5a2fc9770002b809fd75016f1e1b84cd1c37c333ea410418f3a793ea5e5948d7043d1e2b7acaaaef131b708aec066a635e275a2a6ca0a3abe3ce3dec29cfb4b5982324aab6dc3b34e4e0b662508dd4fe27308d408c398c7a75893c19d13dc3dce06ad2f9e3f3c0", @generic="6c507517a1447c179b1e30d0f138daeb76bcdc5479b524ff8da2977f771801054d5133641998e9056d271f00363a44814bb0b67461750442ee5a986477e1cbaf293496bb44233e5afe489624c1a4546ab81f2b4535d2a49f6bbda9b358891972ef98a751ab16d293a146cb5b2820e8e57686f1f242d0191de16b018f1cc440149b6d86136cc00bf313b77c48de0b838fe8493fad066acc173932c73b3a6a6b253be80f66d01bd86041e514f4f0edf3717f6839f91ce0fc91cca418ceb2f5a8b6d2abcfdcab23392c1bd345c9a391d5", @typed={0x8, 0xf7, 0x0, 0x0, @uid=r11}]}, @TIPC_NLA_LINK={0x44c, 0x4, 0x0, 0x1, [@generic="3471ee72e9257064f9a88c00df71cc14b3db459a50656e2ff9b6395930489628ce56d694c277f7f7e1e361f1ec82398632f77a7bb46d853c0d3aca5cf1e88f65d6ab376b7b0ee0bf34e78902a710f2037715ab2dc3405cd2be3ce393d30ff79de4a79764ffbb6e4b280949f1fe403e25d4d8c9d9fe4fc28af2fc8a8c9295e3bc305baf6cc527fb8c36c0b6e22547e669a1e534fdc58fff4b69d762cd34174161efab824d94856d6344cab7c5ffc6830d84cd81c688ec0828b0df86b5d7c2b63c0c6e8576a1ea1e4ec879a36b3c83596caee5e4c2e19ecbd8", @generic="6a9e66eb6e62a4d902e030f9a6ba0c8d880ce8b9f3a59003354958caddc0ed241dd10a1491d1309a2c1ba059854dd73ca29d80e5f2ca6c4cdae9a501c4deaecd8b8d82094c8cccdd4ae7a299d249919f3fc75868965e099a58df732e6b", @nested={0xcf, 0x13d, 0x0, 0x1, [@generic="2aa5e90341803178245b397fb4277affa1239a3926f4068b296e65b9a65c002f1d1c5be8ae7ed40f763519da52c604907dda85ad608ef82266d36941cd429918de756bd6d5f6b2077da049112b9b3cde3e550e67a993a08ccd1b580f22a30c515a39ad9e651c85afc30e1a2c3652dd9ff4ccfdbe668025c74992a3de52bf7a75389833bce4d4d418b2d0ab077fdf9d4333596924adcbface328d2805fd4f9e716941537fc6e0b5f1fdabfd9c8df33a37ef5028f0f64148472021d8686d80c38505de19", @typed={0x8, 0xc4, 0x0, 0x0, @fd=r12}]}, @typed={0x14, 0xd3, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @generic="8b8be164b82e3fbfcc41a9a89c9852f4d17c8e44efea0ee80def73c5bc15cd4bfba8e410c00ff86530aee8d6d2a7594d35ce9b901da234de0e5b86384e39149b96805ca2ff1882d206b710ddea419eb03b48e670c917c589d1c9b22a895373875bbeaee05e60aa48b36838da8f0a095a54f55a6d82dcf47a7491a7e3849c37f8419ee8", @generic="2515ed5f8c387687cb75bd8b35c1f90e47e6a5e5ed3a02890df2e74270b1e5ec7e7d0f7e780289a202e47bb1c5e86efdf619e8d53a06d780f19c46cb2156e78fc7efad8d0c1d19b0d7dbeda742b3c72a1d302574170e283f60311a5c2f2ed4292603eb0f2aa52486ddb3689ae16e3dadd25bbf6fdc2072efd78ec757dce19c0d93eda4", @generic="5eec83221d5ed47304f8f59827629fb243f478c5233dd5e52c94c95503aaed8788e7bbb64f3c281589e56a32e4e4d563d673caf3865cc3a11b", @nested={0xef, 0x18, 0x0, 0x1, [@nested={0x4, 0x130}, @nested={0x4, 0x19}, @generic="932feb2fcb9f0b4c4367c9df5e30b460e8db00f459de0374b9cd5f17c2fd89fafa4ff74c899735b434dfd6e597a7bb6d4d0792404123b169d76b54c833240c5a8842a1eac4f8a467af3a2241aecb1644c998bc2a858f5e1646bcfc6b08297dbfb7a08a1e1fe625d87840c2441b0cabd747e43bc58c3b8146540800ffcce4e98bfbe74bf59992f5da932e1d7af1ecbb67d59082686f7f1357071ee340b1d8657328d33c3be7e0639b31716aca9799e1010a25ceb3961dc7b33009e083aac49776844c647609a588a9c81c45f73563ede13a256a47ae783547499bf5cf4be53d", @nested={0x4, 0x84}]}]}, @TIPC_NLA_NAME_TABLE={0x9, 0x8, 0x0, 0x1, [@generic="365a22e7ef"]}, @TIPC_NLA_NAME_TABLE={0x8, 0x8, 0x0, 0x1, [@typed={0x4, 0xdb}]}]}, 0xf2c}, 0x1, 0x0, 0x0, 0x890}, 0xc001) ioctl$auto_VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000001500)=r5) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000014c0), r13) r14 = openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000001540)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x24000, 0x0) ioctl$auto_UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000001600)={r6, 0x6, 0x3ff, 0x7fffffff}) mq_notify$auto(r14, &(0x7f0000001700)={@sival_ptr=&(0x7f0000001580)="96ff9cac1bffb0c7c9aa75b03903e304aaef5a6df928251873f8cd1f7dbe8b01a5e29942cef1da86ccf764a12004bd619da153540d91e7e8819cf909035ff277c0d3701eec251121e73b1b220db095b9efc891d2147c40a23be06307e4cd2bec785e", @inferred=r15, 0x3, @_sigev_thread={&(0x7f0000001680)=&(0x7f0000001640), &(0x7f00000016c0)="3fcfd8aeaf54895c7d7e08440f"}}) r16 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000001740), 0x0, 0x0) close_range$auto(r16, r4, 0x4) r17 = prctl$auto(0x101, 0x5, 0xffffffffffffffff, 0x8, 0x6) ioctl$auto_TIOCMBIS(r17, 0x5416, &(0x7f0000001780)="055d7d9711bfc36695840220aeb4be9450a5683a4f953123bb8167d94dea5d914f93f9a496e57bfd894b95d0ab9e72f7f6ecad3b4bd7814b6322e8b1e2975c2e253b2d93e97fed7c3287e2cfd0d3a5673a107e932045ffc759f5750b886f377874fb3d0b0b37f95f7cde6729bd419037accc97a0b7c2e890e96407b1b115787445ec97161ce0fb47df06a33e4c0fcc67528cc998d56a302579b1670136cea07c4e1e57a65fbabbeaee45f2e69a96d1a5ed20ef0aa399cd6f9e272ab5d1d6455cfa14cb93010528d160541dbbe31a570c33c5dba694d8531088a5eb13e73ee4a12e1ac157be1f63f64c8243f95b1eeda72fcdfadbcbf0bbba1edf26b3635c1d85ed65f04bdcf191152d60b539650caec4c91e559cd67687257747488962f0292d7591d50b7d046a4c35d6164d37db90fbbf7d99a2b46568694604b7fbc5f559f9c7d084a58e4c732cc17fb1f9cc766dce7cf1aee00a0dada9a0f404e22c7c4949db1b8011508a3220167046d66e1f6fd3248ffaedd2d4e16e0fb5e24b2e6730eba4a6f4bdb92abbb6af672293b257f712b613dd719ce9d860e9000b609feab120bc601eb0815606292f7c115978f7a2119b3a4369c847f6d70dfcf5879f8a5e6278029c30acdf7a317683f455a24a34e6fe779db6b4b5b611faaeb5712076dc616d5c1b327fb3332137d80455403bb9c6beee991878779d3e1e9a84f8c8f6e63fe4a353ccf40a85026029ec66833b0acdd977c16ecae535a03bb3e0e1af36190958c13af8a99d6337413f49493ababa840889b7ea832291b3323c7709f636847da9874254034b9c58aeff026960eaf089cf3456751bf5ba76f35bf8dde1c69e732bfa88bf9fce73432da214b396ea1099ee4355cfa681adeda27d4a94c0cbb0be671e3490d24ed26bb9a5868deaa15f27d752e240943a761fd89818042b0f851d4de4a7c7f18a650ae7cbcfdb344551ec303bf33ef6801d5f1fa4879ac9af6f160dd8464ea0c1a672b67526b3c830c20b2e10a253f3956f64957e34a66a1abe7ad2958db997affd96179ded0281eddd2fee37f5f09cafd8acd29fd93a24e1b807e41695f9d334628c8310801f8f9a9cd35fd4adf766c279232a8adebe3dc99805e1a50bc373f2b696f5596ec3fb07434dcf3367ced1fcaeecdc2d5230871e5ce99fc9e1750ae718dd357635d327e4deb44ba3620e44bf06bb38d5b365c57d70deefbf7f3366ad0be7d6a9955dea908b679181965f3627f4eb8a762c77a3c018862bc44ed3d411cee3c4b8cb816f51c6703b01c0e8f63bb7186f71a04b82449b26f75cf8708c0766389e8a91e57b98de020efbc4b1d49f3305feecaefb587d8f2d07b14c43c928a134d0667af6b9388394a607c518238130b62798c1541bf91b67b123cd5c7eae4b1fcbb811e7fd622c758eb0072aa26f0fe69623fe8cec330d9a900ce87646a2d90729e3f85132c6f25341277f5d40c90c7088799820a9edfc14d5fb045ad6e1f3f0a71ee0800872af967d7f5cbf792a03b045aaca8e3ad869b0a9ea65e781041ee6c4e083926c40e41ad838e259eda8253778ba6efec90d23c3589f6f5718cac266e5253b36a0d04b4956b02d49189c4d479ab68b45940499e329cb7940fc995e352ad4bf66315e45200fe2afd2f566c401203bc2c1b8f4cf70f77e55c4349393661771da003673cd6a5b4ed11366467e5a93966873ac190c09fc97bb648048e261a8139f44e568177d715d81f2c5771643b21bfa3bc26af6eab3da989766f5edea5bae25acf67a21f2b994636196f5cd24b7e4bd3cf6837f79593578f8b5087af7b265ff32d23e1f3ed5834bdef66402f9acb17dc201a2ddff2c87761f1fe73bc2e6ae2c61506bf92b24784ff8ef4545896edbc54b9bc7ed822b0b38f36f76c11b4d32ac4c7b180857e79eda01965ab1f0859d1ba7742547c8306e31b68e5034a848f9d9fe9865e083970596d61992edecf1c3e3790039d62cef6174a13cce3343a0087a874cd7516817919a4a3cab853b637d0446848d48e4e9f058bab90e43fa77560fe9a697a81a135a8c9a833a4ecc3ccad6a07ea652bc29da8137c1712e540428f3520337819e8b93f6f18b74346dd7d48a4305fdee4242c0305604945bdafc7d9c6a8c89da31eb73c38ed31e0d5c5bfcf9a8f091a0194fb104f068fd2d6caf49c938d5d4858e751de74d98e90e78e3606057af616b26f021c714079899d35f26a737fa84368407f1a099a14f9e635aa803475a6bd2ab4ef1d4cea63b6411417fc2c2adc73c7b323235db637f5d573e4bbf997f89b29863cf1521a47062dad47eef4d6e677988f0b0cb717f9ac1bd21e01982eb9579b67e9c606db70c83940bd244ecebb0cf53ab4b20edcc3f7e78ed6b97b55fb588fa537c781c4f5a914a1ce610718669a8201ccc4a4562de45bcb4e654d8f7c95a00ba83b2a56445a133f177017770c9f0a86d572499d40eb9c80b8f6d88569c1baa6905d3f28be9aa5f41963bbca14a1dfd24f29225bcc8957b16be3f555e5bf9d2b04137f721678525ce36fc301bbefbfc6720c56a37e657c00217bc7552e1de8225318268957b4ab68c83a546bfc7dfdc8371148d8b1ddb4cee596169a1f16fea5f9f89078e8e3afa118054f9c17c5e8c3fb2526ac3745f1cf5febbb9452d4196b1aa2bebe4dd760fbd3d7e91d79ec8871baeae0c86a7690e8b5140f1ef4c67a51066cfeb59bb5da86c4e416aeee5c09e2ece944fb2fd95f170d01de0b3d832fb5ee43f90638d5accaa9ab713cd670c70992e7e0f77004b17e7378e8497ce32d88e4e82d89696878db58de4ed3ed74cf106505acb37523292f7d5f101b046f6e009e2f86168075259d18616ba5fa705323b0450109d11250edc46ddc049e92f07ee7dac4b3400c30cd225a8e6ec07760d2d3cdbbb317033c1f0a4d77bd76d7b25d6e95886dc653b5be9f66abfadd37f6a161b230dddcae8228b16c6ab44ae09219db4c81921e7f8d8ca8ac3eef37c235b5e222e5c259ceb96f60b29448b6295ad3d44a3bb68f0e00e65bf37918ecbbbb7b399f7c4d4f25559701e952ef243c4b8a9e3c3b5a4207ac83532883b7626d06e97b0ff713bf71fb8506f969cd6c1900f8f029c3b8a170ed7713392cba7f054642e94c0a20fc1e499186933369c7fff7040ae50227fd9db1f95d785fdeb105622895ac002735754a96dcf10d083b78dcb8d66bd12d8bbe73d653cc1ddb17f9aa12b2acfc5a0e6803fc5683b766fe7a259afb3219f6b2f5b41f5ecb86429f10a4bd338c20e2a79bc78f227fe9fb046073091dfe24001d2a42439f11b4844c716e87dfb832c95952e47eb577ec15cc87ee96fe90eaef787292ab9c7d268f562ac2e132fd984e2b7630f960ae0224aec4fd39c961950c3abc1b9cdf33b4403865efdce03aedaa1bfb1e32621358a726c4de1e836018d3f1ea9e2dd166454f5d120482abe704fd3806c6822979c2a2ce510300e20b78e0075f13039a4695718354dcfc2e26d60b0ea3304d62decd8f9e986060f597fa47f86d0a2d796fb0bd465071b1feebad6cae9e86671d6c8744952b56788584519bed0ffc0f7af3afeb54356bc9a22b6700f6eac570d821c75b5e47bf9866aba3352fbb32ada7c7c08dd7c583c872dc398a0b746437883704f325bca999a561158a5b2077205d6143c76fd370e81ebaa1a9233659cfa2af3cc8e3ba81fca765ceb34e7ef00ce0111de6862fbb9edbffaacc01c96067196871c5224699aabbf7b0e85a5c335343ef0cc29c1fa7c1078514ac1f76cb15da46e12b27eac35e626898b40dc1b9ada91e0e25df1d664fc0b43df58284135f8a3c1a903fef3bdfcf2d79236cb5836f3e68590a74f416f523d7ddd2aeb0be73b62e9f4baade38a13659dd55191f898c30dbe7aa4b5a03a9f071e5497d5e041c06cc4ed4e991eb1ffe2a35ff744b11d99fa123e9b1ac04c1788ca8010dd894f308d4b10c04553e5be375e40881d451e8aa04ec4660a48a98d470dcaf43795cb940eb31888ddec98ead75042717bd6db1afe815b5f897e53f35a5884b0f95b754216a797f404c8c5753ffd83d57970cad9bc07a44c29dcd3499a3bfdd2b427b569097780c60bbbaa6d0e5f66db1b5d8bf22afab00e5c703dd36ecea687421db65c33dea01231f28b5bf2b8521d651ca6a379ecb3dac866293169531e216e2406f159523cabdbdb464d0aba3a668153fafccb0bb70baf2d06ecd677ba499adaef40d308d07cf623dd056b8e4189eca4d8db77a6ec7b19abb18dc23f3e9502741fb9f89730e7f2968970a1945d7241b7bd5725c1babe6ee2486f6f3176df63acd4b536243e24ac4acf6dcf16caf6020dc2f499e563450d1415c72c970e2abb221c4b777847aeec1058030dec8d50c5d96c628f19887e8ff90c86a5ae1a2b5ae148b2e373cbae15f006ac39731655afba53247c155cdb4ac063e82bb00cf181d07d4cf631bd88c722633e04cd8df985df0131e51255fd1e4742d730a7ff1d215fd60f637a2c0cd9f60b93e4c773588fb4238d716f559d4a3f7376060c4b85820116d096467bee83e8319f8e558705116ff2080337ba9fa695c90548b77a57fc87c59083e75edc754ad9c668e4fd5f0ccf0f2e319f31917772335556b64f38f59e027d498a596b284f91d7174e7f1bb19d4eb09adbf522be569294b480ed85b476b06018cec4b9b12cde3b47016842389aa0ba3bc6cc8e651b9d0ceaad41b601ea4924de8ea0112898287b6401e89f2354e52909f11cfc4f26b05f2161836330069ad8267d67229c40f8ee2a05a55edd777b42c4220ee66e62088f77ba84f3deffeae06f8cd5a12f307f9a466c382a37a05b1e9bba97c8d170b0aa4ccec2c58e51740fe5fe9b33e9b6321a2873187af3fd79d490bfdab58a2ce965ec68776db304f639340964596610b5b37489e1c4f64cdbd2d83b92a4cb5632ccdb8b273c2dc6d8fc7f83fec65a5003d864ae9296b4887aef8b34f5bb4cb21d47950e6c3f7dc32c420cd1b2638402ce250ea8d3b4549c417c69fd6521d25280fb2a366fee3fb78fa802d786d1fe04a39d4feee76ed8ae727b6ccfd974e6b819b5b3014b021c27db74c30b43c2b24320089a2c362d5adac5c1cbcb0ababcd926eabaa397eb14430eddc13ad90f92d89752f47ed4c51aed5dbf9ae03bd604e5b06820a0e4080bb22db1660346bb313ecfd7a641b08601a1f484c6d3d2e2b645f7ac325597f44c54ebd297e26984d82974bd96d91e879ffab303286d7c2a2cf53dd8c8429f735c3bb05c475b6defa691d923d903be27270628724f90e4ae1ac9f8e063817b63957399d10496c45ac72f95369a6985ad1b2ef8bd0ed4801c0e9d28337f63cbb3f58a97dd69b840ceb15846010e0966fbf3a0509eb2616efda2f879d432592e55b66b6cd8c2e5ece80a03f10e50b13c815d31bf92dfbd762d67c70aec54ca45e4f69d3ef662caab4ebebf7f8199b06157d22b560c14f59dba35e59976bee9642ccb5d570f4b243632094eb13d383abe488963f4a9b9b75d9865256d4bd2e104883bcb4d768e5e99ed03e220f86988e21da3ac6d68773392acd6ce4bba85e7f7b2714bc5d21366e5fb7bdec05cae1bf4ba49327df5c4b4deb8ab8989951e1a3c4e8e39d3da81908f186b24e467dd6da17dead77e747e5642dc52ae2050dd5ef79c2612e798ff243214df9a643f4d9cacb303f192348b9c5e96cb77dae2055c2e13fe8f3eddbbaa076ad341b750a798debfb16f5f279c446ecafb9bbd336a86761affeada84a716bbd50d57ab") fcntl$auto_F_SET_RW_HINT(r12, 0x40c, 0x6) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000002780)='/sys/kernel/debug/usb/usbmon/35t\x00', 0x701000, 0x0) ioctl$auto_FICLONE(r5, 0x40049409, r16) rt_tgsigqueueinfo$auto_SIGCONT(r10, 0xffffffffffffffff, 0x12, &(0x7f00000027c0)={@_si_pad}) r18 = socket$nl_generic(0x10, 0x3, 0x10) r19 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000002880), r13) sendmsg$auto_NL80211_CMD_MODIFY_LINK_STA(r18, &(0x7f0000002a00)={&(0x7f0000002840), 0xc, &(0x7f00000029c0)={&(0x7f00000028c0)={0xc4, r19, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_BG_SCAN_PERIOD={0x6, 0x98, 0x743b}, @NL80211_ATTR_STA_VLAN={0x8, 0x14, 0xce3f}, @NL80211_ATTR_HT_CAPABILITY={0x1f, 0x1f, "8c0408c276ad2f1788e578c511731a2185c7928de5f93d1a96ad6c"}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xc}, @NL80211_ATTR_ROAM_SUPPORT={0x4}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x1}, @NL80211_ATTR_EHT_CAPABILITY={0x6b, 0x136, "4a37d4346010198093460b3afb61cca6830933145bd5be973628ad9e20285d29158cc5d69e05380f6fd977b3983c6342dbd8af51e6d57269361f2609973ff33c1497fa926ea69d1fd3659b5685044ff7826a27375148dd161df601e37f6b9d20c44cc3fb1a36d7"}]}, 0xc4}, 0x1, 0x0, 0x0, 0x14}, 0x0) io_uring_register$auto_IORING_UNREGISTER_PERSONALITY(r12, 0xa, &(0x7f0000002a40)="a7f518877f9e477b75a4a985f2b69140259d31845b0c5d2b9b8a342611752a29896e", 0xa6) 3.104624464s ago: executing program 3 (id=2714): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/mode\x00', 0x121102, 0x0) write$auto(r0, &(0x7f0000000040)='\\\x00', 0x2) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000afd003a5394e965231da1bd312e7af6d67d09340d0a4bd7805e18ac78f35cb77d1029c69e7270148078c13a91f6dff64055ad11608f0fb"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x9, 0x9}, 0x7}, 0x8, 0x0) 3.087455043s ago: executing program 0 (id=2715): r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/mouse0\x00', 0x8000, 0x0) mmap$auto(0xfffffffffffffffd, 0x100001, 0xc61, 0x9b72, r0, 0x8000) r1 = socket(0xb, 0x2, 0xfffffffd) sendmmsg$auto(r1, 0x0, 0x1, 0x9) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000200), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x74, r2, 0xc, 0x70bd25, 0x25dfdbfb, {}, [@HWSIM_ATTR_RX_RATE={0x8, 0x5, 0xe98}, @HWSIM_ATTR_PMSR_SUPPORT={0x1c, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}, @NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x4}, @NL80211_PMSR_ATTR_MAX_PEERS={0x8, 0x1, 0x7}, @NL80211_PMSR_ATTR_REPORT_AP_TSF={0x4}]}, @HWSIM_ATTR_REG_HINT_ALPHA2={0x31, 0xb, '\x05i\xf5\xa1\xaf|\xaes\x03\xc71rp\x9e\xe1\xda,\x8a\x85{\xf8MT\x0e\x03G1\xa7\xae\xda\xe9mM\x10\xac\xc5}\x84t\x88A\x04\x00\x00\x00'}, @HWSIM_ATTR_TX_INFO={0x8, 0x7, [{0x0, 0x6}, {0xf, 0x18}]}]}, 0x74}}, 0x80c0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x22, &(0x7f0000000000), 0x1) 2.988442398s ago: executing program 3 (id=2716): openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x40081271, 0x38) recvmmsg$auto(0x3, 0x0, 0xb5d, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x400001, 0x4, 0x3, 0xed1, 0xfffffffffffffffa, 0x8000) shmctl$auto_IPC_SET(0xc, 0x1, &(0x7f0000000300)={{0xffffffff, 0xffffffffffffffff, 0xee01, 0x1000, 0xae, 0x9, 0x6}, 0x1, 0x7, 0x2, 0x280, @raw, @raw=0x5, 0x3, 0x0, &(0x7f0000000140)="4666def67af41b4f051e39fd6511fd6cfab11faa93fdd757f3a42ab52c0db46c7c57737a54cb9ad1fccd9f47e3400debebecee8c4b3ab4b0ecd15cb89799d7a8a423d738e2914ff98f43b494873650cfa841ca9b379cdbceb067f222f9852e4e248e519e6e2d25bc83b3fb9ec16cbc5fe503b9662d19861c9bb377749418140efde7024c7215d323a6c79c5be94bc04ed0d9afbb9c9574ff829522a54b91ef7bcef85e226564639c87b944203a6814a00eea8134d42bc137511ab276827b7ee17d85c2722c34b6d9cd3c095bd1094df859fd44defb05f086d48e42b8cfe4f20b057126cfb78738004716a5e21149cc372c89149624db4102", &(0x7f0000000240)="41b431f15aa64d11716c2908cc9f948827ddb702f4ae4ad578a4d9e2fa81507ca870d066e25696b0b2ac35abb53a8fc6e9df9fdbbc11fe705ab85e88111e5684e28f8599bc486b93eea020ee76a340a548c82e805e2d182d741e51d53c799f7bb722a591e8ac4c48f3317ac8926b8bfb8d1ffa178e0f324273421083410618838dc3"}) socket(0xb, 0xa, 0xd9) setpgid$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(r1, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x8a403, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) prctl$auto_PR_GET_TSC(0x19, 0xa, 0x2, 0x0, 0xe) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r2, 0x7af, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) 2.553113068s ago: executing program 4 (id=2717): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000006640), 0x2, 0x0) pwrite64$auto(r3, 0x0, 0x4, 0x3) waitid$auto_P_ALL(0x0, 0x1, 0x0, 0x5, &(0x7f00000005c0)={{0xfffffffffffff001, 0x8}, {0x5, 0x7}, 0x7fffffffffffffff, 0x10000, 0x5, 0x2, 0xc00000000, 0x3, 0xb9, 0x9, 0x6, 0xc, 0x0, 0x6, 0xf4, 0x3}) sendmsg$auto_NFC_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000480), 0xc, &(0x7f0000000780)={&(0x7f0000000500)={0x38, 0x0, 0x800, 0x70bd29, 0x25dfdbfe, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0x3}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x40}, @NFC_ATTR_LLC_SDP={0x4}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x6}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004000}, 0x84) sendmsg$auto_NFC_CMD_FW_DOWNLOAD(r0, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x180b008}, 0xc, &(0x7f0000000380)={&(0x7f0000000740)={0x90, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@NFC_ATTR_SE_APDU={0x74, 0x19, "3d68f56930dfec1e0c9ee2d4ec5cdec5a6617f08331f1e41250fe48416dd92cea0221dc8da3d9efe89fd9d72adf19e0e892f0903c80088663c1275a54ef729132cb8005fda646285b305ef19246d6980ac71aad2e89b11409d9c12c63d7f8f32c7aef96670418e95dd66e8912e6a6af1"}, @NFC_ATTR_TM_PROTOCOLS={0x8}]}, 0x90}, 0x1, 0x0, 0x0, 0x1}, 0x41001) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xa4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY\xad\xd6\xc5\xab`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4[\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r5, 0x80045010, &(0x7f0000004440)) inotify_init1$auto(0x4) ioctl$auto_VHOST_SET_LOG_FD2(r2, 0x4004af07, &(0x7f00000001c0)=r4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r6, 0x8000) r7 = open_by_handle_at$auto(r2, &(0x7f00000002c0)={0x1a, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b"}, 0x7d) setsockopt$auto(r7, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r6, 0x8000) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r8 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r10, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r9, @ANYBLOB="010025bd7000fedbdf257e000000000066004e210000000026800000020004000000000002000000000000000100090000000000010004000000000002000700001f00009800060000000a0014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1c"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) sendmsg$auto_NL80211_CMD_GET_KEY(r6, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x21}, 0x51) r11 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/ext4/sda1/first_error_time\x00', 0xe80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r11, &(0x7f0000001280)=""/4124, 0x101c) read$auto(r8, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 2.419597669s ago: executing program 1 (id=2718): r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) shmctl$auto(0xa0000000, 0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x4, 0x0, 0x100082) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfd, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) execve$auto(0x0, 0x0, 0x0) r1 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000000c0), 0x109002, 0x0) sendfile$auto(r1, r1, 0x0, 0x10000800000003) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 2.316532973s ago: executing program 0 (id=2719): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x0) (async) r0 = pipe2$auto(0x0, 0x80) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) ioctl$auto(r0, 0x5761, 0x4) (async) mmap$auto(0x0, 0xfffffffffffffffd, 0x3, 0x11, 0xfffffffffffffffa, 0x8000) (async) r1 = socket(0x22, 0x2, 0x3) mmap$auto(0x100000000000000, 0x2009, 0x9, 0x10000000eb1, r1, 0x3) (async) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) (async) mq_open$auto(0x0, 0xffffffff, 0xa, 0x0) setuid$auto(0xe) (async) mq_unlink$auto(0x0) 1.795245555s ago: executing program 3 (id=2721): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x22, 0x3, 0x8000000000000000, 0x0) pipe$auto(0x0) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x80000000002}, 0x3, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) 1.631727967s ago: executing program 3 (id=2722): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) socket(0x23, 0x1, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0xa) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x109401, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x180b03, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) unshare$auto(0x40000080) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r2, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000003680)={0x14, r3, 0x32f, 0x70bd2a, 0x25dfdbff, {0x12, 0x0, 0xf0}}, 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080) ioctl$auto(r1, 0x540a, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x8, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) 1.543758489s ago: executing program 0 (id=2723): mmap$auto(0x0, 0xc, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/netdevsim2/hop_limit\x00', 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x8001, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/tunl0/disable_policy\x00', 0xd02, 0x0) sendfile$auto(r1, r2, 0x0, 0x800048) close_range$auto(r2, 0x8, 0x0) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r3 = socket(0x2, 0x1, 0x0) bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x2, 0x801, 0x100) mmap$auto(0x0, 0x40009, 0xdc, 0x9b72, 0x7, 0x28000) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c83, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0x100085) socket(0x2d, 0x2, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x142, 0x0) 788.358402ms ago: executing program 1 (id=2724): madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, 0x0, 0x1013) poll$auto(0x0, 0x7f, 0x9) socket(0x25, 0x5, 0x6) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x101000, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f00000000c0)={"58f99464", 0x8, 0x6, 0x1, 0x3, 0x5, "4bb69ec4b3f4c14539898e4c5682f5", "347f00", "a630df9d", "a0ed9959", ["cd9196b8fe1a8a7eb90401a9", "2f9c30017721de33c560b95a", "d3fe6c55a78d6932211c9b69", "ea334f1f1e5e27a1320d6edb"]}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000048c0)='/dev/dsp1\x00', 0x20000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00 \x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 236.612948ms ago: executing program 3 (id=2725): sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003dc0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000080}, 0x80) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/etherd/flush\x00', 0x1, 0x0) fchown$auto(r0, 0xee00, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000)) (async) close_range$auto(0x2, 0x8000, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00') setrlimit$auto(0x7, &(0x7f0000000280)={0x0, 0x2}) (async) ioctl$auto(r2, 0xb701, 0x7fffffff) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram7\x00', 0x60742, 0x0) mmap$auto(0x0, 0x10000, 0xde, 0x11, r3, 0x28000) (async) mlock$auto(0xfbe8, 0x4) write$auto(r0, &(0x7f0000000080)=']\x00', 0xffffffffffffffff) 0s ago: executing program 3 (id=2726): mmap$auto(0xfffffffffffffffe, 0x20009, 0x2, 0x16, 0xffffffffffffffff, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/scsi_mod/parameters/scan\x00', 0x102, 0x0) shmctl$auto_IPC_INFO(0x400, 0x3, &(0x7f00000001c0)={{0x5, 0xee00, 0xee01, 0x888, 0x3, 0xffffffe7, 0x6}, 0xafb, 0xfa2, 0x80000000, 0x2, @inferred, @inferred=0x0, 0x6, 0x0, &(0x7f0000001240)="a11b56b38ed603f24c53a638d018bb66c1f5a99b38acf3f0109e571976b0963d26"}) ioprio_set$auto(0x8, r1, 0xbb96) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/virtual/block/loop12/integrity/protection_interval_bytes\x00', 0x80000, 0x0) mmap$auto(0x8000000000000000, 0x400008, 0x4, 0x12, 0xffffffffffffffff, 0x8000) mmap$auto(0x2000000000000, 0xf4, 0x4000000000df, 0xeb1, r4, 0x8000) io_uring_setup$auto(0x6, 0x0) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0xa0681, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LOCK(r5, 0x40405514, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r5, 0x40405515, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) openat$nci(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r6 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0) writev$auto(r6, &(0x7f0000000140)={0x0, 0x6}, 0x4) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, r2, 0x9, 0x5, 0x8, 0x9}, &(0x7f00000001c0)=0x7, &(0x7f0000000480)=0x1, 0x201, 0x2000000000ffb, 0x7, 0x7, 0x9, 0x4, 0x6, 0x813, @inferred=r3}) r7 = prctl$auto(0xffff, 0x3, 0x0, 0x1, 0x10000) r8 = socket(0x0, 0xf849a023978a3504, 0x84) getsockopt$auto(r8, 0x84, 0x14, 0x0, 0x0) pipe$auto(&(0x7f0000000040)) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000300), r7) sendmsg$auto_TCP_METRICS_CMD_GET(r8, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000003c0)={&(0x7f00000010c0)=ANY=[@ANYBLOB="af23218dff78bbec5500fae3a7c5aa3f58ad66eb89a9606b876f7dc02f55910ce964da2ac87632", @ANYRES32, @ANYBLOB="d87f92fe23b1f78873822abd7c8f07b512eea42b764142efbaf2055b35df464396e4d143ddf9927299f97b0340ab8bf32e886c274c870b80c4cbd29f99129cb0b1d655930d5e58a7eaaf7cf37bf52ba9bab49c6b01cbfc0d23e36c647e2926a089de0ec8feb936e5a42dd5eae8b4a47e48c4105e0ecd2914b223100cb8cd86590d40401576", @ANYRESDEC=r7, @ANYBLOB="f550dcab7eefb9eb07460af77f8dabe849114e5ec8dee248192e9645111f31d132f26b05c1eec15eca9dde7a57db4db1a9d453573b8edce4f00a0ea182c782c9e70fe73843"], 0x44}, 0x1, 0x0, 0x0, 0x80}, 0xe57c91ee1bde9e58) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyxf\x00', 0x4000, 0x0) kernel console output (not intermixed with test programs): 3][T15773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 798.772517][T15773] RIP: 0033:0x7f0bf1d8eec9 [ 798.772535][T15773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 798.772558][T15773] RSP: 002b:00007f0bf2cf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 798.772580][T15773] RAX: ffffffffffffffda RBX: 00007f0bf1fe5fa0 RCX: 00007f0bf1d8eec9 [ 798.772596][T15773] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 798.772609][T15773] RBP: 00007f0bf2cf9090 R08: 0000000000000000 R09: 0000000000000000 [ 798.772622][T15773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 798.772635][T15773] R13: 00007f0bf1fe6038 R14: 00007f0bf1fe5fa0 R15: 00007fff712b6e88 [ 798.772667][T15773] [ 798.983755][ C1] vkms_vblank_simulate: vblank timer overrun [ 799.092158][T15776] binder: BINDER_SET_CONTEXT_MGR already set [ 799.098304][T15776] binder: 15774:15776 ioctl 4018620d 9 returned -16 [ 799.590475][T15782] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 799.606138][T15782] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2095'. [ 799.802385][T14873] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 800.099987][T15791] cougar: G6 mapped to space [ 800.625141][T15795] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 800.637876][T15795] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2097'. [ 801.111812][T15802] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 801.373576][T15806] netlink: 130 bytes leftover after parsing attributes in process `syz.0.2099'. [ 801.399769][T15808] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2102'. [ 801.521317][T15808] team0 (unregistering): Port device team_slave_0 removed [ 801.552472][T15808] team0 (unregistering): Port device team_slave_1 removed [ 801.666289][T15810] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2103'. [ 801.862858][T15814] FAULT_INJECTION: forcing a failure. [ 801.862858][T15814] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 801.876096][T15814] CPU: 0 UID: 0 PID: 15814 Comm: syz.3.2105 Tainted: G U syzkaller #0 PREEMPT(full) [ 801.876132][T15814] Tainted: [U]=USER [ 801.876139][T15814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 801.876153][T15814] Call Trace: [ 801.876160][T15814] [ 801.876169][T15814] dump_stack_lvl+0x16c/0x1f0 [ 801.876201][T15814] should_fail_ex+0x512/0x640 [ 801.876234][T15814] _copy_from_user+0x2e/0xd0 [ 801.876265][T15814] copy_msghdr_from_user+0x98/0x160 [ 801.876294][T15814] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 801.876326][T15814] ? kfree+0x252/0x6d0 [ 801.876361][T15814] ? __pfx__kstrtoull+0x10/0x10 [ 801.876404][T15814] ___sys_sendmsg+0xfe/0x1d0 [ 801.876432][T15814] ? __pfx____sys_sendmsg+0x10/0x10 [ 801.876488][T15814] ? __pfx___might_resched+0x10/0x10 [ 801.876519][T15814] __sys_sendmmsg+0x200/0x420 [ 801.876550][T15814] ? __pfx___sys_sendmmsg+0x10/0x10 [ 801.876588][T15814] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 801.876630][T15814] ? fput+0x9b/0xd0 [ 801.876662][T15814] ? ksys_write+0x1ac/0x250 [ 801.876686][T15814] ? __pfx_ksys_write+0x10/0x10 [ 801.876723][T15814] __x64_sys_sendmmsg+0x9c/0x100 [ 801.876750][T15814] ? lockdep_hardirqs_on+0x7c/0x110 [ 801.876777][T15814] do_syscall_64+0xcd/0xfa0 [ 801.876805][T15814] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.876829][T15814] RIP: 0033:0x7fee12f8eec9 [ 801.876847][T15814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 801.876871][T15814] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 801.876892][T15814] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 801.876908][T15814] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 801.876921][T15814] RBP: 00007fee13e7f090 R08: 0000000000000000 R09: 0000000000000000 [ 801.876935][T15814] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 801.876949][T15814] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 801.876980][T15814] [ 802.251958][T15815] binder: BINDER_SET_CONTEXT_MGR already set [ 802.301298][T15815] binder: 15813:15815 ioctl 4018620d 9 returned -16 [ 802.405743][T15825] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 802.783274][T15823] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2107'. [ 803.136791][T15820] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 803.154616][T15820] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2106'. [ 803.856556][T15840] FAULT_INJECTION: forcing a failure. [ 803.856556][T15840] name failslab, interval 1, probability 0, space 0, times 0 [ 803.869736][T15840] CPU: 0 UID: 0 PID: 15840 Comm: syz.1.2111 Tainted: G U syzkaller #0 PREEMPT(full) [ 803.869782][T15840] Tainted: [U]=USER [ 803.869791][T15840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 803.869808][T15840] Call Trace: [ 803.869818][T15840] [ 803.869830][T15840] dump_stack_lvl+0x16c/0x1f0 [ 803.869871][T15840] should_fail_ex+0x512/0x640 [ 803.869915][T15840] should_failslab+0xc2/0x120 [ 803.869959][T15840] kmem_cache_alloc_noprof+0x75/0x6e0 [ 803.869992][T15840] ? dst_alloc+0x99/0x1a0 [ 803.870030][T15840] ? dst_alloc+0x99/0x1a0 [ 803.870059][T15840] dst_alloc+0x99/0x1a0 [ 803.870095][T15840] rt_dst_alloc+0x35/0x3a0 [ 803.870141][T15840] ip_route_output_key_hash_rcu+0x87a/0x28e0 [ 803.870189][T15840] ip_route_output_key_hash+0x10f/0x2b0 [ 803.870224][T15840] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 803.870274][T15840] vti_tunnel_xmit+0xda1/0x1f50 [ 803.870333][T15840] ? __pfx_vti_tunnel_xmit+0x10/0x10 [ 803.870398][T15840] ? rcu_lockdep_current_cpu_online+0x35/0x150 [ 803.870453][T15840] dev_hard_start_xmit+0x97/0x740 [ 803.870513][T15840] __dev_queue_xmit+0xa46/0x4490 [ 803.870573][T15840] ? find_held_lock+0x2b/0x80 [ 803.870606][T15840] ? __might_fault+0xe3/0x190 [ 803.870636][T15840] ? __might_fault+0xe3/0x190 [ 803.870665][T15840] ? __might_fault+0x13b/0x190 [ 803.870697][T15840] ? __pfx___dev_queue_xmit+0x10/0x10 [ 803.870756][T15840] ? _copy_from_iter+0x15d/0x1720 [ 803.870814][T15840] ? packet_parse_headers+0x79a/0xb10 [ 803.870863][T15840] ? packet_parse_headers+0x7a6/0xb10 [ 803.870916][T15840] ? packet_parse_headers+0x21d/0xb10 [ 803.870968][T15840] ? irqentry_exit+0x3b/0x90 [ 803.871004][T15840] ? lockdep_hardirqs_on+0x7c/0x110 [ 803.871045][T15840] ? __pfx_packet_parse_headers+0x10/0x10 [ 803.871095][T15840] ? skb_copy_datagram_from_iter+0x4f0/0x740 [ 803.871137][T15840] packet_xmit+0x23e/0x360 [ 803.871192][T15840] packet_sendmsg+0x2756/0x5850 [ 803.871269][T15840] ? aa_sk_perm+0x1c0/0xb10 [ 803.871305][T15840] ? aa_sk_perm+0x2f4/0xb10 [ 803.871339][T15840] ? __pfx_packet_sendmsg+0x10/0x10 [ 803.871390][T15840] ? __pfx_aa_sk_perm+0x10/0x10 [ 803.871439][T15840] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 803.871494][T15840] ____sys_sendmsg+0xa98/0xc70 [ 803.871547][T15840] ? __pfx_____sys_sendmsg+0x10/0x10 [ 803.871616][T15840] ___sys_sendmsg+0x134/0x1d0 [ 803.871657][T15840] ? __pfx____sys_sendmsg+0x10/0x10 [ 803.871693][T15840] ? find_held_lock+0x2b/0x80 [ 803.871779][T15840] __sys_sendmmsg+0x200/0x420 [ 803.871824][T15840] ? __pfx___sys_sendmmsg+0x10/0x10 [ 803.871878][T15840] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 803.871937][T15840] ? fput+0x9b/0xd0 [ 803.871981][T15840] ? ksys_write+0x1ac/0x250 [ 803.872015][T15840] ? __pfx_ksys_write+0x10/0x10 [ 803.872053][T15840] __x64_sys_sendmmsg+0x9c/0x100 [ 803.872091][T15840] ? lockdep_hardirqs_on+0x7c/0x110 [ 803.872125][T15840] do_syscall_64+0xcd/0xfa0 [ 803.872165][T15840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.872197][T15840] RIP: 0033:0x7f4f5f98eec9 [ 803.872224][T15840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 803.872255][T15840] RSP: 002b:00007f4f6076a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 803.872286][T15840] RAX: ffffffffffffffda RBX: 00007f4f5fbe5fa0 RCX: 00007f4f5f98eec9 [ 803.872308][T15840] RDX: 000000000001a000 RSI: 0000200000000640 RDI: 0000000000000003 [ 803.872327][T15840] RBP: 00007f4f6076a090 R08: 0000000000000000 R09: 0000000000000000 [ 803.872347][T15840] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 803.872367][T15840] R13: 00007f4f5fbe6038 R14: 00007f4f5fbe5fa0 R15: 00007fff9eeca328 [ 803.872414][T15840] [ 804.324669][T15847] cougar: G6 mapped to space [ 805.980722][T15854] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 807.574619][T15893] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2117'. [ 807.611398][T15891] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 807.915470][T15890] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2120'. [ 808.602373][T15904] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 808.759888][T15907] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 808.992815][T15903] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2122'. [ 809.739622][T15917] cougar: G6 mapped to space [ 809.814121][T15919] sysfs_service_op_show: Client not running :-5: [ 810.889622][T15925] binder: BINDER_SET_CONTEXT_MGR already set [ 810.898775][T15925] binder: 15924:15925 ioctl 4018620d 9 returned -16 [ 811.595311][T15943] binder: 15942:15943 ioctl 40046210 0 returned -14 [ 812.013125][T15944] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 812.075427][T15944] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2133'. [ 813.037713][T15958] FAULT_INJECTION: forcing a failure. [ 813.037713][T15958] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 813.074047][T15958] CPU: 1 UID: 0 PID: 15958 Comm: syz.1.2136 Tainted: G U syzkaller #0 PREEMPT(full) [ 813.074100][T15958] Tainted: [U]=USER [ 813.074111][T15958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 813.074129][T15958] Call Trace: [ 813.074139][T15958] [ 813.074152][T15958] dump_stack_lvl+0x16c/0x1f0 [ 813.074198][T15958] should_fail_ex+0x512/0x640 [ 813.074244][T15958] _copy_from_user+0x2e/0xd0 [ 813.074288][T15958] copy_msghdr_from_user+0x98/0x160 [ 813.074329][T15958] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 813.074390][T15958] ? kfree+0x252/0x6d0 [ 813.074438][T15958] ? __pfx__kstrtoull+0x10/0x10 [ 813.074498][T15958] ___sys_sendmsg+0xfe/0x1d0 [ 813.074540][T15958] ? __pfx____sys_sendmsg+0x10/0x10 [ 813.074617][T15958] ? __pfx___might_resched+0x10/0x10 [ 813.074662][T15958] __sys_sendmmsg+0x200/0x420 [ 813.074707][T15958] ? __pfx___sys_sendmmsg+0x10/0x10 [ 813.074761][T15958] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 813.074803][T15958] ? fput+0x9b/0xd0 [ 813.074835][T15958] ? ksys_write+0x1ac/0x250 [ 813.074859][T15958] ? __pfx_ksys_write+0x10/0x10 [ 813.074889][T15958] __x64_sys_sendmmsg+0x9c/0x100 [ 813.074916][T15958] ? lockdep_hardirqs_on+0x7c/0x110 [ 813.074942][T15958] do_syscall_64+0xcd/0xfa0 [ 813.074970][T15958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.074994][T15958] RIP: 0033:0x7f4f5f98eec9 [ 813.075016][T15958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 813.075044][T15958] RSP: 002b:00007f4f6076a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 813.075066][T15958] RAX: ffffffffffffffda RBX: 00007f4f5fbe5fa0 RCX: 00007f4f5f98eec9 [ 813.075081][T15958] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 813.075095][T15958] RBP: 00007f4f6076a090 R08: 0000000000000000 R09: 0000000000000000 [ 813.075109][T15958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 813.075123][T15958] R13: 00007f4f5fbe6038 R14: 00007f4f5fbe5fa0 R15: 00007fff9eeca328 [ 813.075157][T15958] [ 813.545259][T15964] binder: BINDER_SET_CONTEXT_MGR already set [ 813.585190][T15964] binder: 15963:15964 ioctl 4018620d 9 returned -16 [ 815.337466][T15997] FAULT_INJECTION: forcing a failure. [ 815.337466][T15997] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 815.358663][T15997] CPU: 1 UID: 0 PID: 15997 Comm: syz.3.2146 Tainted: G U syzkaller #0 PREEMPT(full) [ 815.358710][T15997] Tainted: [U]=USER [ 815.358720][T15997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 815.358737][T15997] Call Trace: [ 815.358748][T15997] [ 815.358760][T15997] dump_stack_lvl+0x16c/0x1f0 [ 815.358802][T15997] should_fail_ex+0x512/0x640 [ 815.358847][T15997] _copy_to_user+0x32/0xd0 [ 815.358892][T15997] simple_read_from_buffer+0xcb/0x170 [ 815.358944][T15997] proc_fail_nth_read+0x197/0x240 [ 815.358980][T15997] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 815.359016][T15997] ? rw_verify_area+0xcf/0x6c0 [ 815.359045][T15997] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 815.359079][T15997] vfs_read+0x1e1/0xcf0 [ 815.359119][T15997] ? __pfx___mutex_lock+0x10/0x10 [ 815.359160][T15997] ? __pfx_vfs_read+0x10/0x10 [ 815.359222][T15997] ? __fget_files+0x20e/0x3c0 [ 815.359266][T15997] ksys_read+0x12a/0x250 [ 815.359298][T15997] ? __pfx_ksys_read+0x10/0x10 [ 815.359345][T15997] do_syscall_64+0xcd/0xfa0 [ 815.359386][T15997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.359418][T15997] RIP: 0033:0x7fee12f8d8dc [ 815.359443][T15997] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 815.359474][T15997] RSP: 002b:00007fee13e7f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 815.359505][T15997] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8d8dc [ 815.359527][T15997] RDX: 000000000000000f RSI: 00007fee13e7f0a0 RDI: 0000000000000004 [ 815.359547][T15997] RBP: 00007fee13e7f090 R08: 0000000000000000 R09: 0000000000000000 [ 815.359566][T15997] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000002 [ 815.359586][T15997] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 815.359632][T15997] [ 815.577585][T15994] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 815.680096][T15994] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2144'. [ 815.964938][T16005] FAULT_INJECTION: forcing a failure. [ 815.964938][T16005] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 815.985019][T16005] CPU: 0 UID: 0 PID: 16005 Comm: syz.3.2150 Tainted: G U syzkaller #0 PREEMPT(full) [ 815.985070][T16005] Tainted: [U]=USER [ 815.985081][T16005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 815.985100][T16005] Call Trace: [ 815.985110][T16005] [ 815.985122][T16005] dump_stack_lvl+0x16c/0x1f0 [ 815.985168][T16005] should_fail_ex+0x512/0x640 [ 815.985216][T16005] _copy_from_user+0x2e/0xd0 [ 815.985260][T16005] copy_msghdr_from_user+0x98/0x160 [ 815.985300][T16005] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 815.985346][T16005] ? kfree+0x252/0x6d0 [ 815.985402][T16005] ? __pfx__kstrtoull+0x10/0x10 [ 815.985463][T16005] ___sys_sendmsg+0xfe/0x1d0 [ 815.985505][T16005] ? __pfx____sys_sendmsg+0x10/0x10 [ 815.985580][T16005] ? __pfx___might_resched+0x10/0x10 [ 815.985622][T16005] __sys_sendmmsg+0x200/0x420 [ 815.985663][T16005] ? __pfx___sys_sendmmsg+0x10/0x10 [ 815.985715][T16005] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 815.985771][T16005] ? fput+0x9b/0xd0 [ 815.985812][T16005] ? ksys_write+0x1ac/0x250 [ 815.985846][T16005] ? __pfx_ksys_write+0x10/0x10 [ 815.985887][T16005] __x64_sys_sendmmsg+0x9c/0x100 [ 815.985926][T16005] ? lockdep_hardirqs_on+0x7c/0x110 [ 815.985962][T16005] do_syscall_64+0xcd/0xfa0 [ 815.986002][T16005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.986035][T16005] RIP: 0033:0x7fee12f8eec9 [ 815.986059][T16005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 815.986091][T16005] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 815.986120][T16005] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 815.986141][T16005] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 815.986159][T16005] RBP: 00007fee13e7f090 R08: 0000000000000000 R09: 0000000000000000 [ 815.986178][T16005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 815.986197][T16005] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 815.986240][T16005] [ 816.451906][T16016] nbd: must specify a size in bytes for the device [ 816.488946][T16013] nbd: must specify a size in bytes for the device [ 816.962808][T16033] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 817.048285][T16038] cougar: G6 mapped to space [ 818.218251][T16055] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 818.256918][T16052] FAULT_INJECTION: forcing a failure. [ 818.256918][T16052] name failslab, interval 1, probability 0, space 0, times 0 [ 818.281201][T16052] CPU: 0 UID: 0 PID: 16052 Comm: syz.0.2159 Tainted: G U syzkaller #0 PREEMPT(full) [ 818.281248][T16052] Tainted: [U]=USER [ 818.281258][T16052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 818.281277][T16052] Call Trace: [ 818.281287][T16052] [ 818.281298][T16052] dump_stack_lvl+0x16c/0x1f0 [ 818.281339][T16052] should_fail_ex+0x512/0x640 [ 818.281378][T16052] ? __kmalloc_cache_noprof+0x5f/0x780 [ 818.281436][T16052] should_failslab+0xc2/0x120 [ 818.281478][T16052] __kmalloc_cache_noprof+0x72/0x780 [ 818.281528][T16052] ? rcu_is_watching+0x12/0xc0 [ 818.281560][T16052] ? call_usermodehelper_setup+0xaf/0x360 [ 818.281593][T16052] ? __pfx_free_modprobe_argv+0x10/0x10 [ 818.281644][T16052] ? call_usermodehelper_setup+0xaf/0x360 [ 818.281675][T16052] call_usermodehelper_setup+0xaf/0x360 [ 818.281714][T16052] __request_module+0x3bd/0x690 [ 818.281763][T16052] ? __pfx___request_module+0x10/0x10 [ 818.281829][T16052] ? rcu_is_watching+0x12/0xc0 [ 818.281863][T16052] ? lockdep_hardirqs_on+0x7c/0x110 [ 818.281918][T16052] netlink_create+0x226/0x620 [ 818.281962][T16052] __sock_create+0x338/0x8d0 [ 818.282018][T16052] __sys_socket+0x14d/0x260 [ 818.282069][T16052] ? __pfx___sys_socket+0x10/0x10 [ 818.282117][T16052] ? xfd_validate_state+0x61/0x180 [ 818.282162][T16052] ? __pfx_ksys_write+0x10/0x10 [ 818.282207][T16052] __x64_sys_socket+0x72/0xb0 [ 818.282253][T16052] ? lockdep_hardirqs_on+0x7c/0x110 [ 818.282290][T16052] do_syscall_64+0xcd/0xfa0 [ 818.282329][T16052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 818.282361][T16052] RIP: 0033:0x7f6b2e58eec9 [ 818.282388][T16052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 818.282419][T16052] RSP: 002b:00007f6b2f37c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 818.282449][T16052] RAX: ffffffffffffffda RBX: 00007f6b2e7e5fa0 RCX: 00007f6b2e58eec9 [ 818.282471][T16052] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010 [ 818.282491][T16052] RBP: 00007f6b2e611f91 R08: 0000000000000000 R09: 0000000000000000 [ 818.282510][T16052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 818.282530][T16052] R13: 00007f6b2e7e6038 R14: 00007f6b2e7e5fa0 R15: 00007ffc1a644c68 [ 818.282576][T16052] [ 819.151981][T16061] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 819.167252][T16070] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 819.362893][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 819.370012][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 819.529751][T16061] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2161'. [ 819.589999][T16072] FAULT_INJECTION: forcing a failure. [ 819.589999][T16072] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 819.709128][T16072] CPU: 0 UID: 0 PID: 16072 Comm: syz.1.2163 Tainted: G U syzkaller #0 PREEMPT(full) [ 819.709179][T16072] Tainted: [U]=USER [ 819.709187][T16072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 819.709200][T16072] Call Trace: [ 819.709208][T16072] [ 819.709216][T16072] dump_stack_lvl+0x16c/0x1f0 [ 819.709247][T16072] should_fail_ex+0x512/0x640 [ 819.709280][T16072] _copy_from_user+0x2e/0xd0 [ 819.709311][T16072] copy_msghdr_from_user+0x98/0x160 [ 819.709340][T16072] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 819.709372][T16072] ? kfree+0x252/0x6d0 [ 819.709406][T16072] ? __pfx__kstrtoull+0x10/0x10 [ 819.709449][T16072] ___sys_sendmsg+0xfe/0x1d0 [ 819.709477][T16072] ? __pfx____sys_sendmsg+0x10/0x10 [ 819.709533][T16072] ? __pfx___might_resched+0x10/0x10 [ 819.709565][T16072] __sys_sendmmsg+0x200/0x420 [ 819.709596][T16072] ? __pfx___sys_sendmmsg+0x10/0x10 [ 819.709634][T16072] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 819.709676][T16072] ? fput+0x9b/0xd0 [ 819.709707][T16072] ? ksys_write+0x1ac/0x250 [ 819.709731][T16072] ? __pfx_ksys_write+0x10/0x10 [ 819.709761][T16072] __x64_sys_sendmmsg+0x9c/0x100 [ 819.709788][T16072] ? lockdep_hardirqs_on+0x7c/0x110 [ 819.709815][T16072] do_syscall_64+0xcd/0xfa0 [ 819.709844][T16072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 819.709868][T16072] RIP: 0033:0x7f4f5f98eec9 [ 819.709886][T16072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 819.709909][T16072] RSP: 002b:00007f4f6076a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 819.709931][T16072] RAX: ffffffffffffffda RBX: 00007f4f5fbe5fa0 RCX: 00007f4f5f98eec9 [ 819.709947][T16072] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 819.709960][T16072] RBP: 00007f4f6076a090 R08: 0000000000000000 R09: 0000000000000000 [ 819.709974][T16072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 819.709987][T16072] R13: 00007f4f5fbe6038 R14: 00007f4f5fbe5fa0 R15: 00007fff9eeca328 [ 819.710019][T16072] [ 820.041711][T16081] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 820.290809][T16093] Unable to find swap-space signature [ 820.300313][T16093] Unable to find swap-space signature [ 820.306346][T16093] Unable to find swap-space signature [ 820.312789][T16093] Unable to find swap-space signature [ 820.319264][T16093] Unable to find swap-space signature [ 820.325198][T16093] Unable to find swap-space signature [ 820.331623][T16093] Unable to find swap-space signature [ 820.337783][T16093] Unable to find swap-space signature [ 820.353234][T16093] Unable to find swap-space signature [ 820.359491][T16093] Unable to find swap-space signature [ 820.366161][T16093] Unable to find swap-space signature [ 820.372503][T16093] Unable to find swap-space signature [ 820.378532][T16093] Unable to find swap-space signature [ 820.384758][T16093] Unable to find swap-space signature [ 820.390683][T16093] Unable to find swap-space signature [ 820.396660][T16093] Unable to find swap-space signature [ 820.402743][T16093] Unable to find swap-space signature [ 820.408747][T16093] Unable to find swap-space signature [ 820.414791][T16093] Unable to find swap-space signature [ 820.420702][T16093] Unable to find swap-space signature [ 820.426567][T16093] Unable to find swap-space signature [ 820.432492][T16093] Unable to find swap-space signature [ 820.438349][T16093] Unable to find swap-space signature [ 820.444349][T16093] Unable to find swap-space signature [ 820.450529][T16093] Unable to find swap-space signature [ 820.457118][T16093] Unable to find swap-space signature [ 820.463130][T16093] Unable to find swap-space signature [ 820.469402][T16093] Unable to find swap-space signature [ 820.475545][T16093] Unable to find swap-space signature [ 820.481557][T16093] Unable to find swap-space signature [ 820.487398][T16093] Unable to find swap-space signature [ 820.493385][T16093] Unable to find swap-space signature [ 820.499425][T16093] Unable to find swap-space signature [ 820.505387][T16093] Unable to find swap-space signature [ 820.511393][T16093] Unable to find swap-space signature [ 820.517264][T16093] Unable to find swap-space signature [ 820.523315][T16093] Unable to find swap-space signature [ 820.529397][T16093] Unable to find swap-space signature [ 820.535340][T16093] Unable to find swap-space signature [ 820.541313][T16093] Unable to find swap-space signature [ 820.547186][T16093] Unable to find swap-space signature [ 820.553464][T16093] Unable to find swap-space signature [ 820.560186][T16093] Unable to find swap-space signature [ 820.566178][T16093] Unable to find swap-space signature [ 820.574900][T16093] Unable to find swap-space signature [ 820.581109][T16093] Unable to find swap-space signature [ 820.587007][T16093] Unable to find swap-space signature [ 820.592898][T16093] Unable to find swap-space signature [ 820.598854][T16093] Unable to find swap-space signature [ 820.604647][T16093] Unable to find swap-space signature [ 820.610582][T16093] Unable to find swap-space signature [ 820.616406][T16093] Unable to find swap-space signature [ 820.623715][T16093] Unable to find swap-space signature [ 820.631137][T16093] Unable to find swap-space signature [ 820.636948][T16093] Unable to find swap-space signature [ 820.644679][T16093] Unable to find swap-space signature [ 820.651873][T16093] Unable to find swap-space signature [ 820.679394][T16093] Unable to find swap-space signature [ 820.685552][T16093] Unable to find swap-space signature [ 820.691712][T16093] Unable to find swap-space signature [ 820.697846][T16093] Unable to find swap-space signature [ 820.703997][T16093] Unable to find swap-space signature [ 820.710195][T16093] Unable to find swap-space signature [ 820.716226][T16093] Unable to find swap-space signature [ 820.722471][T16093] Unable to find swap-space signature [ 820.784910][T16097] cougar: G6 mapped to space [ 821.455850][T16080] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2166'. [ 822.033548][T16124] FAULT_INJECTION: forcing a failure. [ 822.033548][T16124] name fail_futex, interval 1, probability 0, space 0, times 0 [ 822.046536][T16124] CPU: 0 UID: 0 PID: 16124 Comm: syz.4.2175 Tainted: G U syzkaller #0 PREEMPT(full) [ 822.046573][T16124] Tainted: [U]=USER [ 822.046580][T16124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 822.046594][T16124] Call Trace: [ 822.046602][T16124] [ 822.046614][T16124] dump_stack_lvl+0x16c/0x1f0 [ 822.046645][T16124] should_fail_ex+0x512/0x640 [ 822.046678][T16124] get_futex_key+0x1d0/0x1560 [ 822.046711][T16124] ? up_write+0x1b2/0x520 [ 822.046746][T16124] ? __pfx_get_futex_key+0x10/0x10 [ 822.046776][T16124] ? do_mremap+0xa8f/0x2020 [ 822.046806][T16124] futex_wake+0xea/0x530 [ 822.046846][T16124] ? __pfx_futex_wake+0x10/0x10 [ 822.046896][T16124] ? ksys_write+0x190/0x250 [ 822.046927][T16124] do_futex+0x1e3/0x350 [ 822.046959][T16124] ? __pfx_do_futex+0x10/0x10 [ 822.046988][T16124] ? __pfx___do_sys_mremap+0x10/0x10 [ 822.047013][T16124] ? cap_task_prctl+0x2af/0xa80 [ 822.047049][T16124] __x64_sys_futex+0x1e0/0x4c0 [ 822.047086][T16124] ? __pfx___x64_sys_futex+0x10/0x10 [ 822.047131][T16124] do_syscall_64+0xcd/0xfa0 [ 822.047161][T16124] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 822.047184][T16124] RIP: 0033:0x7f0bf1d8eec9 [ 822.047201][T16124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 822.047230][T16124] RSP: 002b:00007f0bf2cf90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 822.047260][T16124] RAX: ffffffffffffffda RBX: 00007f0bf1fe5fa8 RCX: 00007f0bf1d8eec9 [ 822.047281][T16124] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0bf1fe5fac [ 822.047302][T16124] RBP: 00007f0bf1fe5fa0 R08: 00007f0bf2cfa000 R09: 0000000000000000 [ 822.047321][T16124] R10: 0000200001001000 R11: 0000000000000246 R12: 0000000000000000 [ 822.047335][T16124] R13: 00007f0bf1fe6038 R14: 00007fff712b6da0 R15: 00007fff712b6e88 [ 822.047367][T16124] [ 822.282574][T16122] netlink: 'syz.1.2174': attribute type 11 has an invalid length. [ 822.290717][T16122] netlink: 'syz.1.2174': attribute type 11 has an invalid length. [ 822.298805][T16122] netlink: 'syz.1.2174': attribute type 11 has an invalid length. [ 822.306829][T16122] netlink: 'syz.1.2174': attribute type 11 has an invalid length. [ 822.499689][T16145] FAULT_INJECTION: forcing a failure. [ 822.499689][T16145] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 822.513344][T16145] CPU: 1 UID: 0 PID: 16145 Comm: syz.3.2176 Tainted: G U syzkaller #0 PREEMPT(full) [ 822.513386][T16145] Tainted: [U]=USER [ 822.513393][T16145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 822.513406][T16145] Call Trace: [ 822.513413][T16145] [ 822.513422][T16145] dump_stack_lvl+0x16c/0x1f0 [ 822.513453][T16145] should_fail_ex+0x512/0x640 [ 822.513486][T16145] _copy_from_user+0x2e/0xd0 [ 822.513519][T16145] copy_msghdr_from_user+0x98/0x160 [ 822.513547][T16145] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 822.513580][T16145] ? kfree+0x252/0x6d0 [ 822.513614][T16145] ? __pfx__kstrtoull+0x10/0x10 [ 822.513658][T16145] ___sys_sendmsg+0xfe/0x1d0 [ 822.513687][T16145] ? __pfx____sys_sendmsg+0x10/0x10 [ 822.513742][T16145] ? __pfx___might_resched+0x10/0x10 [ 822.513781][T16145] __sys_sendmmsg+0x200/0x420 [ 822.513812][T16145] ? __pfx___sys_sendmmsg+0x10/0x10 [ 822.513850][T16145] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 822.513892][T16145] ? fput+0x9b/0xd0 [ 822.513923][T16145] ? ksys_write+0x1ac/0x250 [ 822.513947][T16145] ? __pfx_ksys_write+0x10/0x10 [ 822.513977][T16145] __x64_sys_sendmmsg+0x9c/0x100 [ 822.514017][T16145] ? lockdep_hardirqs_on+0x7c/0x110 [ 822.514055][T16145] do_syscall_64+0xcd/0xfa0 [ 822.514096][T16145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 822.514119][T16145] RIP: 0033:0x7fee12f8eec9 [ 822.514138][T16145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 822.514160][T16145] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 822.514182][T16145] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 822.514197][T16145] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 822.514211][T16145] RBP: 00007fee13e7f090 R08: 0000000000000000 R09: 0000000000000000 [ 822.514225][T16145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 822.514238][T16145] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 822.514269][T16145] [ 824.182880][T16163] Process accounting resumed [ 824.191056][T16176] cougar: G6 mapped to space [ 824.341948][T16180] random: crng reseeded on system resumption [ 824.400834][T16180] FAULT_INJECTION: forcing a failure. [ 824.400834][T16180] name fail_futex, interval 1, probability 0, space 0, times 0 [ 824.419077][T16180] CPU: 0 UID: 8 PID: 16180 Comm: syz.3.2186 Tainted: G U syzkaller #0 PREEMPT(full) [ 824.419126][T16180] Tainted: [U]=USER [ 824.419138][T16180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 824.419157][T16180] Call Trace: [ 824.419167][T16180] [ 824.419179][T16180] dump_stack_lvl+0x16c/0x1f0 [ 824.419221][T16180] should_fail_ex+0x512/0x640 [ 824.419269][T16180] get_futex_key+0xff0/0x1560 [ 824.419316][T16180] ? __pfx_get_futex_key+0x10/0x10 [ 824.419359][T16180] ? __mutex_trylock_common+0xe9/0x250 [ 824.419418][T16180] futex_wake+0xea/0x530 [ 824.419475][T16180] ? __pfx_futex_wake+0x10/0x10 [ 824.419545][T16180] do_futex+0x1e3/0x350 [ 824.419600][T16180] ? __pfx_do_futex+0x10/0x10 [ 824.419642][T16180] ? __might_fault+0xe3/0x190 [ 824.419687][T16180] mm_release+0x24e/0x300 [ 824.419724][T16180] do_exit+0x68e/0x2bf0 [ 824.419778][T16180] ? __pfx_do_exit+0x10/0x10 [ 824.419823][T16180] ? do_raw_spin_lock+0x12c/0x2b0 [ 824.419874][T16180] ? find_held_lock+0x2b/0x80 [ 824.419915][T16180] do_group_exit+0xd3/0x2a0 [ 824.419965][T16180] get_signal+0x2671/0x26d0 [ 824.420018][T16180] ? __pfx_get_signal+0x10/0x10 [ 824.420056][T16180] ? do_futex+0x122/0x350 [ 824.420101][T16180] ? __pfx_do_futex+0x10/0x10 [ 824.420150][T16180] arch_do_signal_or_restart+0x8f/0x790 [ 824.420194][T16180] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 824.420261][T16180] exit_to_user_mode_loop+0x85/0x130 [ 824.420314][T16180] do_syscall_64+0x426/0xfa0 [ 824.420355][T16180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 824.420388][T16180] RIP: 0033:0x7fee12f8eec9 [ 824.420414][T16180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 824.420445][T16180] RSP: 002b:00007fee13e5e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 824.420476][T16180] RAX: fffffffffffffe00 RBX: 00007fee131e6098 RCX: 00007fee12f8eec9 [ 824.420497][T16180] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fee131e6098 [ 824.420518][T16180] RBP: 00007fee131e6090 R08: 0000000000000000 R09: 0000000000000000 [ 824.420537][T16180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 824.420556][T16180] R13: 00007fee131e6128 R14: 00007ffd6e3bbaf0 R15: 00007ffd6e3bbbd8 [ 824.420607][T16180] [ 824.900498][T16184] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2184'. [ 825.938805][T16204] binder: BINDER_SET_CONTEXT_MGR already set [ 825.944881][T16204] binder: 16198:16204 ioctl 4018620d 9 returned -16 [ 826.179419][T16208] FAULT_INJECTION: forcing a failure. [ 826.179419][T16208] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 826.229151][T16208] CPU: 0 UID: 0 PID: 16208 Comm: syz.4.2190 Tainted: G U syzkaller #0 PREEMPT(full) [ 826.229199][T16208] Tainted: [U]=USER [ 826.229211][T16208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 826.229229][T16208] Call Trace: [ 826.229240][T16208] [ 826.229252][T16208] dump_stack_lvl+0x16c/0x1f0 [ 826.229295][T16208] should_fail_ex+0x512/0x640 [ 826.229343][T16208] _copy_from_user+0x2e/0xd0 [ 826.229411][T16208] copy_msghdr_from_user+0x98/0x160 [ 826.229453][T16208] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 826.229500][T16208] ? kfree+0x252/0x6d0 [ 826.229547][T16208] ? __pfx__kstrtoull+0x10/0x10 [ 826.229607][T16208] ___sys_sendmsg+0xfe/0x1d0 [ 826.229649][T16208] ? __pfx____sys_sendmsg+0x10/0x10 [ 826.229728][T16208] ? __pfx___might_resched+0x10/0x10 [ 826.229773][T16208] __sys_sendmmsg+0x200/0x420 [ 826.229818][T16208] ? __pfx___sys_sendmmsg+0x10/0x10 [ 826.229873][T16208] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 826.229931][T16208] ? fput+0x9b/0xd0 [ 826.229974][T16208] ? ksys_write+0x1ac/0x250 [ 826.230009][T16208] ? __pfx_ksys_write+0x10/0x10 [ 826.230052][T16208] __x64_sys_sendmmsg+0x9c/0x100 [ 826.230090][T16208] ? lockdep_hardirqs_on+0x7c/0x110 [ 826.230127][T16208] do_syscall_64+0xcd/0xfa0 [ 826.230169][T16208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.230203][T16208] RIP: 0033:0x7f0bf1d8eec9 [ 826.230230][T16208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 826.230261][T16208] RSP: 002b:00007f0bf2cd8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 826.230292][T16208] RAX: ffffffffffffffda RBX: 00007f0bf1fe6090 RCX: 00007f0bf1d8eec9 [ 826.230313][T16208] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 826.230333][T16208] RBP: 00007f0bf2cd8090 R08: 0000000000000000 R09: 0000000000000000 [ 826.230353][T16208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 826.230373][T16208] R13: 00007f0bf1fe6128 R14: 00007f0bf1fe6090 R15: 00007fff712b6e88 [ 826.230426][T16208] [ 827.318528][T16217] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2191'. [ 828.249017][T16239] FAULT_INJECTION: forcing a failure. [ 828.249017][T16239] name failslab, interval 1, probability 0, space 0, times 0 [ 828.263241][T16239] CPU: 0 UID: 0 PID: 16239 Comm: syz.3.2192 Tainted: G U syzkaller #0 PREEMPT(full) [ 828.263289][T16239] Tainted: [U]=USER [ 828.263300][T16239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 828.263318][T16239] Call Trace: [ 828.263329][T16239] [ 828.263340][T16239] dump_stack_lvl+0x16c/0x1f0 [ 828.263382][T16239] should_fail_ex+0x512/0x640 [ 828.263421][T16239] ? __kmalloc_cache_noprof+0x5f/0x780 [ 828.263480][T16239] should_failslab+0xc2/0x120 [ 828.263525][T16239] __kmalloc_cache_noprof+0x72/0x780 [ 828.263579][T16239] ? resv_map_alloc+0x46/0x400 [ 828.263632][T16239] ? resv_map_alloc+0x46/0x400 [ 828.263675][T16239] resv_map_alloc+0x46/0x400 [ 828.263723][T16239] hugetlbfs_get_inode+0x33f/0x730 [ 828.263757][T16239] ? security_capable+0x7e/0x260 [ 828.263806][T16239] hugetlb_file_setup+0x38d/0x620 [ 828.263848][T16239] newseg+0xa74/0xe60 [ 828.263887][T16239] ? __pfx_newseg+0x10/0x10 [ 828.263916][T16239] ? find_held_lock+0x2b/0x80 [ 828.263952][T16239] ? ipcget+0xa98/0xfa0 [ 828.264003][T16239] ipcget+0xaf0/0xfa0 [ 828.264049][T16239] ? __pfx___might_resched+0x10/0x10 [ 828.264085][T16239] ? __pfx_ipcget+0x10/0x10 [ 828.264120][T16239] ? __x64_sys_futex+0x1e0/0x4c0 [ 828.264163][T16239] ? __x64_sys_futex+0x1e9/0x4c0 [ 828.264216][T16239] __x64_sys_shmget+0x13b/0x1b0 [ 828.264252][T16239] ? __pfx___x64_sys_shmget+0x10/0x10 [ 828.264294][T16239] ? rcu_is_watching+0x12/0xc0 [ 828.264334][T16239] do_syscall_64+0xcd/0xfa0 [ 828.264375][T16239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.264409][T16239] RIP: 0033:0x7fee12f8eec9 [ 828.264435][T16239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 828.264467][T16239] RSP: 002b:00007fee13e3d038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 828.264498][T16239] RAX: ffffffffffffffda RBX: 00007fee131e6180 RCX: 00007fee12f8eec9 [ 828.264520][T16239] RDX: 000000000000ffff RSI: 0000000000000006 RDI: 0000000000000004 [ 828.264540][T16239] RBP: 00007fee13011f91 R08: 0000000000000000 R09: 0000000000000000 [ 828.264561][T16239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 828.264580][T16239] R13: 00007fee131e6218 R14: 00007fee131e6180 R15: 00007ffd6e3bbbd8 [ 828.264626][T16239] [ 828.547088][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.555187][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.563713][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.571626][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.579792][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.587661][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.596142][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.605802][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.614268][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.622201][T16249] netlink: 'syz.4.2196': attribute type 11 has an invalid length. [ 828.849270][T16260] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2198'. [ 828.906504][T16262] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 829.007799][T16266] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2199'. [ 829.269940][T16268] FAULT_INJECTION: forcing a failure. [ 829.269940][T16268] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 829.293643][T16268] CPU: 1 UID: 0 PID: 16268 Comm: syz.3.2200 Tainted: G U syzkaller #0 PREEMPT(full) [ 829.293688][T16268] Tainted: [U]=USER [ 829.293696][T16268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 829.293710][T16268] Call Trace: [ 829.293718][T16268] [ 829.293727][T16268] dump_stack_lvl+0x16c/0x1f0 [ 829.293759][T16268] should_fail_ex+0x512/0x640 [ 829.293793][T16268] _copy_from_user+0x2e/0xd0 [ 829.293825][T16268] copy_msghdr_from_user+0x98/0x160 [ 829.293854][T16268] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 829.293887][T16268] ? kfree+0x252/0x6d0 [ 829.293929][T16268] ? __pfx__kstrtoull+0x10/0x10 [ 829.293973][T16268] ___sys_sendmsg+0xfe/0x1d0 [ 829.294002][T16268] ? __pfx____sys_sendmsg+0x10/0x10 [ 829.294059][T16268] ? __pfx___might_resched+0x10/0x10 [ 829.294091][T16268] __sys_sendmmsg+0x200/0x420 [ 829.294122][T16268] ? __pfx___sys_sendmmsg+0x10/0x10 [ 829.294161][T16268] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 829.294205][T16268] ? fput+0x9b/0xd0 [ 829.294237][T16268] ? ksys_write+0x1ac/0x250 [ 829.294262][T16268] ? __pfx_ksys_write+0x10/0x10 [ 829.294293][T16268] __x64_sys_sendmmsg+0x9c/0x100 [ 829.294320][T16268] ? lockdep_hardirqs_on+0x7c/0x110 [ 829.294347][T16268] do_syscall_64+0xcd/0xfa0 [ 829.294378][T16268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 829.294411][T16268] RIP: 0033:0x7fee12f8eec9 [ 829.294437][T16268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 829.294467][T16268] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 829.294490][T16268] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 829.294505][T16268] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 829.294519][T16268] RBP: 00007fee13e7f090 R08: 0000000000000000 R09: 0000000000000000 [ 829.294533][T16268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 829.294548][T16268] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 829.294579][T16268] [ 829.925548][T16280] FAULT_INJECTION: forcing a failure. [ 829.925548][T16280] name failslab, interval 1, probability 0, space 0, times 0 [ 829.940094][T16280] CPU: 1 UID: 0 PID: 16280 Comm: syz.3.2202 Tainted: G U syzkaller #0 PREEMPT(full) [ 829.940143][T16280] Tainted: [U]=USER [ 829.940153][T16280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 829.940172][T16280] Call Trace: [ 829.940182][T16280] [ 829.940194][T16280] dump_stack_lvl+0x16c/0x1f0 [ 829.940236][T16280] should_fail_ex+0x512/0x640 [ 829.940274][T16280] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 829.940313][T16280] should_failslab+0xc2/0x120 [ 829.940359][T16280] kmem_cache_alloc_noprof+0x75/0x6e0 [ 829.940393][T16280] ? vm_area_alloc+0x1f/0x160 [ 829.940452][T16280] ? vm_area_alloc+0x1f/0x160 [ 829.940499][T16280] vm_area_alloc+0x1f/0x160 [ 829.940550][T16280] __mmap_region+0xf85/0x27a0 [ 829.940590][T16280] ? __pfx___mmap_region+0x10/0x10 [ 829.940653][T16280] ? mark_held_locks+0x49/0x80 [ 829.940716][T16280] ? __schedule+0x11a3/0x5de0 [ 829.940805][T16280] ? irqentry_exit+0x3b/0x90 [ 829.940842][T16280] ? lockdep_hardirqs_on+0x7c/0x110 [ 829.940894][T16280] mmap_region+0x32b/0x3f0 [ 829.940937][T16280] do_mmap+0xa3e/0x1210 [ 829.940986][T16280] ? __pfx_do_mmap+0x10/0x10 [ 829.941030][T16280] ? __pfx_down_write_killable+0x10/0x10 [ 829.941096][T16280] vm_mmap_pgoff+0x29e/0x470 [ 829.941147][T16280] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 829.941199][T16280] ? __fget_files+0x20e/0x3c0 [ 829.941243][T16280] ksys_mmap_pgoff+0x32c/0x5c0 [ 829.941284][T16280] ? __pfx_ksys_write+0x10/0x10 [ 829.941325][T16280] __x64_sys_mmap+0x125/0x190 [ 829.941380][T16280] do_syscall_64+0xcd/0xfa0 [ 829.941422][T16280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 829.941455][T16280] RIP: 0033:0x7fee12f8eec9 [ 829.941481][T16280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 829.941514][T16280] RSP: 002b:00007fee13e3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 829.941546][T16280] RAX: ffffffffffffffda RBX: 00007fee131e6180 RCX: 00007fee12f8eec9 [ 829.941567][T16280] RDX: 000000000000000b RSI: 0000000000080009 RDI: 00000000ffff8000 [ 829.941588][T16280] RBP: 00007fee13e3d090 R08: 0000000000000003 R09: 0000000000000000 [ 829.941609][T16280] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 829.941630][T16280] R13: 00007fee131e6218 R14: 00007fee131e6180 R15: 00007ffd6e3bbbd8 [ 829.941677][T16280] [ 831.553634][T16288] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 831.574253][T16288] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2204'. [ 832.300025][T16301] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 832.761299][T16302] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 832.913236][T16302] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2205'. [ 833.562178][T16299] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2206'. [ 833.600452][T16332] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 834.290453][T16344] cougar: G6 mapped to space [ 835.161520][T16346] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 835.976034][T16371] FAULT_INJECTION: forcing a failure. [ 835.976034][T16371] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 835.996636][T16371] CPU: 1 UID: 0 PID: 16371 Comm: syz.3.2222 Tainted: G U syzkaller #0 PREEMPT(full) [ 835.996682][T16371] Tainted: [U]=USER [ 835.996691][T16371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 835.996705][T16371] Call Trace: [ 835.996713][T16371] [ 835.996722][T16371] dump_stack_lvl+0x16c/0x1f0 [ 835.996754][T16371] should_fail_ex+0x512/0x640 [ 835.996787][T16371] _copy_from_user+0x2e/0xd0 [ 835.996819][T16371] copy_msghdr_from_user+0x98/0x160 [ 835.996848][T16371] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 835.996880][T16371] ? kfree+0x252/0x6d0 [ 835.996915][T16371] ? __pfx__kstrtoull+0x10/0x10 [ 835.996959][T16371] ___sys_sendmsg+0xfe/0x1d0 [ 835.996989][T16371] ? __pfx____sys_sendmsg+0x10/0x10 [ 835.997044][T16371] ? __pfx___might_resched+0x10/0x10 [ 835.997076][T16371] __sys_sendmmsg+0x200/0x420 [ 835.997108][T16371] ? __pfx___sys_sendmmsg+0x10/0x10 [ 835.997152][T16371] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 835.997208][T16371] ? fput+0x9b/0xd0 [ 835.997252][T16371] ? ksys_write+0x1ac/0x250 [ 835.997286][T16371] ? __pfx_ksys_write+0x10/0x10 [ 835.997321][T16371] __x64_sys_sendmmsg+0x9c/0x100 [ 835.997349][T16371] ? lockdep_hardirqs_on+0x7c/0x110 [ 835.997383][T16371] do_syscall_64+0xcd/0xfa0 [ 835.997426][T16371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 835.997454][T16371] RIP: 0033:0x7fee12f8eec9 [ 835.997473][T16371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 835.997503][T16371] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 835.997526][T16371] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 835.997542][T16371] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 835.997556][T16371] RBP: 00007fee13e7f090 R08: 0000000000000000 R09: 0000000000000000 [ 835.997571][T16371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 835.997585][T16371] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 835.997617][T16371] [ 837.847669][T16418] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 838.467059][T16417] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2229'. [ 839.659781][T16424] netlink: 25 bytes leftover after parsing attributes in process `syz.4.2230'. [ 839.703416][T16422] ima: policy update failed [ 839.738665][ T30] audit: type=1802 audit(4294967302.490:40): pid=16422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2230" res=0 errno=0 [ 840.436744][T16442] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 840.449784][T16442] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2235'. [ 840.679332][T16451] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2237'. [ 841.009759][T16462] sctp: [Deprecated]: syz.3.2240 (pid 16462) Use of int in max_burst socket option deprecated. [ 841.009759][T16462] Use struct sctp_assoc_value instead [ 841.031892][T16463] random: crng reseeded on system resumption [ 841.649192][T16468] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2241'. [ 842.060631][T16481] cougar: G6 mapped to space [ 842.791656][T16493] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 843.138905][T16495] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 843.161730][T16495] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2247'. [ 843.879032][T16490] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2246'. [ 844.464087][T16511] ptrace attach of "./syz-executor exec"[5832] was attempted by "./syz-executor exec"[16511] [ 845.204386][T16524] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2255'. [ 845.219845][T16524] veth0_macvtap: left promiscuous mode [ 845.503805][T16532] random: crng reseeded on system resumption [ 845.681439][T16532] Unrecognized hibernate image header format! [ 845.692661][T16532] PM: hibernation: Image mismatch: architecture specific data [ 845.993882][T16544] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2261'. [ 846.218150][T16548] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 846.556806][T16547] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2262'. [ 847.203932][T16560] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2265'. [ 847.403208][T16564] Debayer A: ================= START STATUS ================= [ 847.411244][T16564] Debayer A: Debayer Mean Window Size: 3 [ 847.417270][T16564] Debayer A: ================== END STATUS ================== [ 848.021642][T16576] __vm_enough_memory: pid: 16576, comm: syz.0.2269, bytes: 4398046511104 not enough memory for the allocation [ 848.533099][T16597] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 848.783278][T16593] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2275'. [ 849.610852][T14873] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 849.619524][T14873] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0' [ 849.635007][T14873] CPU: 0 UID: 0 PID: 14873 Comm: kworker/u9:0 Tainted: G U syzkaller #0 PREEMPT(full) [ 849.635058][T14873] Tainted: [U]=USER [ 849.635069][T14873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 849.635093][T14873] Workqueue: hci2 hci_rx_work [ 849.635135][T14873] Call Trace: [ 849.635146][T14873] [ 849.635160][T14873] dump_stack_lvl+0x16c/0x1f0 [ 849.635202][T14873] sysfs_warn_dup+0x7f/0xa0 [ 849.635244][T14873] sysfs_create_dir_ns+0x24b/0x2b0 [ 849.635286][T14873] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 849.635327][T14873] ? find_held_lock+0x2b/0x80 [ 849.635371][T14873] ? do_raw_spin_unlock+0x172/0x230 [ 849.635428][T14873] kobject_add_internal+0x2c4/0x9b0 [ 849.635479][T14873] kobject_add+0x16e/0x240 [ 849.635524][T14873] ? __pfx_kobject_add+0x10/0x10 [ 849.635572][T14873] ? do_raw_spin_unlock+0x172/0x230 [ 849.635627][T14873] ? kobject_put+0xab/0x5a0 [ 849.635682][T14873] device_add+0x288/0x1aa0 [ 849.635727][T14873] ? __pfx_dev_set_name+0x10/0x10 [ 849.635781][T14873] ? __pfx_device_add+0x10/0x10 [ 849.635824][T14873] ? mgmt_send_event_skb+0x2fb/0x460 [ 849.635871][T14873] hci_conn_add_sysfs+0x17e/0x230 [ 849.635912][T14873] le_conn_complete_evt+0x1260/0x2150 [ 849.635958][T14873] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 849.636002][T14873] ? bt_warn+0xe4/0x120 [ 849.636032][T14873] ? __pfx_bt_warn+0x10/0x10 [ 849.636075][T14873] hci_le_conn_complete_evt+0x23c/0x370 [ 849.636123][T14873] hci_le_meta_evt+0x354/0x5e0 [ 849.636159][T14873] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 849.636203][T14873] hci_event_packet+0x685/0x11c0 [ 849.636239][T14873] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 849.636279][T14873] ? __pfx_hci_event_packet+0x10/0x10 [ 849.636319][T14873] ? kcov_remote_start+0x3c9/0x6d0 [ 849.636349][T14873] ? lockdep_hardirqs_on+0x7c/0x110 [ 849.636397][T14873] hci_rx_work+0x2c5/0x16b0 [ 849.636448][T14873] process_one_work+0x9cf/0x1b70 [ 849.636529][T14873] ? __pfx_process_one_work+0x10/0x10 [ 849.636596][T14873] ? assign_work+0x1a0/0x250 [ 849.636646][T14873] worker_thread+0x6c8/0xf10 [ 849.636711][T14873] ? __kthread_parkme+0x19e/0x250 [ 849.636773][T14873] ? __pfx_worker_thread+0x10/0x10 [ 849.636825][T14873] kthread+0x3c2/0x780 [ 849.636875][T14873] ? __pfx_kthread+0x10/0x10 [ 849.636928][T14873] ? rcu_is_watching+0x12/0xc0 [ 849.636964][T14873] ? __pfx_kthread+0x10/0x10 [ 849.637030][T14873] ret_from_fork+0x675/0x7d0 [ 849.637082][T14873] ? __pfx_kthread+0x10/0x10 [ 849.637133][T14873] ret_from_fork_asm+0x1a/0x30 [ 849.637193][T14873] [ 849.637276][T14873] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 849.902871][T14873] Bluetooth: hci2: failed to register connection device [ 850.011559][T16627] netlink: 'syz.3.2283': attribute type 1 has an invalid length. [ 850.019786][T16627] netlink: 322 bytes leftover after parsing attributes in process `syz.3.2283'. [ 850.031013][T16627] netlink: 'syz.3.2283': attribute type 1 has an invalid length. [ 850.038913][T16627] netlink: 322 bytes leftover after parsing attributes in process `syz.3.2283'. [ 850.508318][T16635] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 850.519568][T16635] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2286'. [ 851.009560][T16636] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 851.023941][T16636] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 851.119694][T16642] netlink: 186 bytes leftover after parsing attributes in process `syz.1.2288'. [ 851.584514][T16652] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 851.918945][T14873] Bluetooth: hci2: command 0x0c1a tx timeout [ 852.597128][T16650] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2289'. [ 852.957418][ T30] audit: type=1800 audit(4294967315.720:41): pid=16680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2295" name="dbroot" dev="configfs" ino=54286 res=0 errno=0 [ 852.958415][T16680] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 853.039088][T16680] db_root: cannot open: /dev/audio1 [ 853.441301][T16685] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 853.452169][T16685] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2296'. [ 854.380352][T16711] Process accounting paused [ 854.481900][T16703] binder: BINDER_SET_CONTEXT_MGR already set [ 854.494167][T16703] binder: 16701:16703 ioctl 4018620d 9 returned -16 [ 855.184398][T16716] binder: BINDER_SET_CONTEXT_MGR already set [ 855.190600][T16716] binder: 16705:16716 ioctl 4018620d 9 returned -16 [ 855.276086][T16732] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 855.513691][T16729] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 855.532877][T16729] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2306'. [ 856.579166][T16743] random: crng reseeded on system resumption [ 857.334999][T16754] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 858.515333][T16752] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2312'. [ 858.666671][T16778] binder: BINDER_SET_CONTEXT_MGR already set [ 858.672847][T16778] binder: 16777:16778 ioctl 4018620d 9 returned -16 [ 858.707787][T16778] FAULT_INJECTION: forcing a failure. [ 858.707787][T16778] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 858.721331][T16778] CPU: 1 UID: 0 PID: 16778 Comm: syz.3.2318 Tainted: G U syzkaller #0 PREEMPT(full) [ 858.721367][T16778] Tainted: [U]=USER [ 858.721376][T16778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 858.721390][T16778] Call Trace: [ 858.721397][T16778] [ 858.721407][T16778] dump_stack_lvl+0x16c/0x1f0 [ 858.721449][T16778] should_fail_ex+0x512/0x640 [ 858.721495][T16778] _copy_from_user+0x2e/0xd0 [ 858.721537][T16778] copy_msghdr_from_user+0x98/0x160 [ 858.721576][T16778] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 858.721610][T16778] ? __pfx__kstrtoull+0x10/0x10 [ 858.721655][T16778] ___sys_sendmsg+0xfe/0x1d0 [ 858.721684][T16778] ? __pfx____sys_sendmsg+0x10/0x10 [ 858.721727][T16778] ? find_held_lock+0x2b/0x80 [ 858.721771][T16778] __sys_sendmmsg+0x200/0x420 [ 858.721803][T16778] ? __pfx___sys_sendmmsg+0x10/0x10 [ 858.721842][T16778] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 858.721885][T16778] ? fput+0x9b/0xd0 [ 858.721917][T16778] ? ksys_write+0x1ac/0x250 [ 858.721942][T16778] ? __pfx_ksys_write+0x10/0x10 [ 858.721973][T16778] __x64_sys_sendmmsg+0x9c/0x100 [ 858.722000][T16778] ? lockdep_hardirqs_on+0x7c/0x110 [ 858.722027][T16778] do_syscall_64+0xcd/0xfa0 [ 858.722057][T16778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 858.722081][T16778] RIP: 0033:0x7fee12f8eec9 [ 858.722100][T16778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 858.722124][T16778] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 858.722145][T16778] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 858.722161][T16778] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 858.722182][T16778] RBP: 00007fee13e7f090 R08: 0000000000000000 R09: 0000000000000000 [ 858.722197][T16778] R10: 000000000000e000 R11: 0000000000000246 R12: 0000000000000001 [ 858.722211][T16778] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 858.722243][T16778] [ 859.186686][T16783] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 859.375104][T16790] FAULT_INJECTION: forcing a failure. [ 859.375104][T16790] name fail_futex, interval 1, probability 0, space 0, times 0 [ 859.399116][T16790] CPU: 1 UID: 0 PID: 16790 Comm: syz.3.2319 Tainted: G U syzkaller #0 PREEMPT(full) [ 859.399162][T16790] Tainted: [U]=USER [ 859.399172][T16790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 859.399188][T16790] Call Trace: [ 859.399199][T16790] [ 859.399210][T16790] dump_stack_lvl+0x16c/0x1f0 [ 859.399249][T16790] should_fail_ex+0x512/0x640 [ 859.399289][T16790] get_futex_key+0x1d0/0x1560 [ 859.399371][T16790] ? __pfx_get_futex_key+0x10/0x10 [ 859.399407][T16790] ? find_held_lock+0x2b/0x80 [ 859.399437][T16790] ? __handle_mm_fault+0x1529/0x2aa0 [ 859.399491][T16790] futex_wake+0xea/0x530 [ 859.399539][T16790] ? __pfx_futex_wake+0x10/0x10 [ 859.399591][T16790] ? css_rstat_updated+0x1c2/0x510 [ 859.399628][T16790] do_futex+0x1e3/0x350 [ 859.399668][T16790] ? __pfx_do_futex+0x10/0x10 [ 859.399705][T16790] ? find_held_lock+0x2b/0x80 [ 859.399735][T16790] ? handle_mm_fault+0x2ab/0xd10 [ 859.399781][T16790] __x64_sys_futex+0x1e0/0x4c0 [ 859.399824][T16790] ? __pfx___x64_sys_futex+0x10/0x10 [ 859.399878][T16790] do_syscall_64+0xcd/0xfa0 [ 859.399914][T16790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 859.399943][T16790] RIP: 0033:0x7fee12f8eec9 [ 859.399969][T16790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 859.399996][T16790] RSP: 002b:00007ffd6e3bbd38 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 859.400023][T16790] RAX: ffffffffffffffda RBX: 00007fee131e6098 RCX: 00007fee12f8eec9 [ 859.400042][T16790] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fee131e6098 [ 859.400060][T16790] RBP: 0000000000000001 R08: 0000000000000002 R09: 0000001a6e3bc02f [ 859.400206][T16790] R10: 00007fee131e5fa0 R11: 0000000000000246 R12: 00007fee131e609c [ 859.400225][T16790] R13: 00007fee131e6090 R14: 00000000000013c1 R15: 0000000000000005 [ 859.400265][T16790] [ 859.407087][T16783] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2316'. [ 859.625138][T16784] binder: BINDER_SET_CONTEXT_MGR already set [ 859.631715][T16784] binder: 16782:16784 ioctl 4018620d 9 returned -16 [ 860.089152][T16803] netlink: 'syz.0.2321': attribute type 4 has an invalid length. [ 860.094560][T16797] binder: 16796:16797 ioctl 8 9 returned -22 [ 860.109010][T16803] netlink: 314 bytes leftover after parsing attributes in process `syz.0.2321'. [ 860.335523][T16812] ovs_ÿþ: entered promiscuous mode [ 860.637597][T16797] FAULT_INJECTION: forcing a failure. [ 860.637597][T16797] name fail_futex, interval 1, probability 0, space 0, times 0 [ 860.657130][T16797] CPU: 0 UID: 0 PID: 16797 Comm: syz.1.2320 Tainted: G U syzkaller #0 PREEMPT(full) [ 860.657182][T16797] Tainted: [U]=USER [ 860.657194][T16797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 860.657215][T16797] Call Trace: [ 860.657237][T16797] [ 860.657248][T16797] dump_stack_lvl+0x16c/0x1f0 [ 860.657293][T16797] should_fail_ex+0x512/0x640 [ 860.657340][T16797] get_futex_key+0x1d0/0x1560 [ 860.657390][T16797] ? __pfx_get_futex_key+0x10/0x10 [ 860.657438][T16797] ? __pick_eevdf+0x30a/0x670 [ 860.657485][T16797] futex_wait_setup+0x9d/0x550 [ 860.657553][T16797] __futex_wait+0x193/0x2f0 [ 860.657607][T16797] ? __pfx___futex_wait+0x10/0x10 [ 860.657657][T16797] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 860.657693][T16797] ? lockdep_hardirqs_on+0x7c/0x110 [ 860.657737][T16797] ? __pfx_futex_wake_mark+0x10/0x10 [ 860.657795][T16797] ? futex_private_hash_put+0x176/0x300 [ 860.657843][T16797] ? futex_private_hash_put+0x18a/0x300 [ 860.657887][T16797] futex_wait+0xe8/0x380 [ 860.657934][T16797] ? __pfx_futex_wait+0x10/0x10 [ 860.657996][T16797] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 860.658047][T16797] ? lockdep_hardirqs_on+0x7c/0x110 [ 860.658094][T16797] do_futex+0x229/0x350 [ 860.658140][T16797] ? __pfx_do_futex+0x10/0x10 [ 860.658189][T16797] ? __fput+0x68d/0xb70 [ 860.658248][T16797] __x64_sys_futex+0x1e0/0x4c0 [ 860.658302][T16797] ? __pfx___x64_sys_futex+0x10/0x10 [ 860.658351][T16797] ? xfd_validate_state+0x61/0x180 [ 860.658414][T16797] do_syscall_64+0xcd/0xfa0 [ 860.658457][T16797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 860.658489][T16797] RIP: 0033:0x7f4f5f98eec9 [ 860.658515][T16797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 860.658548][T16797] RSP: 002b:00007f4f6076a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 860.658579][T16797] RAX: ffffffffffffffda RBX: 00007f4f5fbe5fa8 RCX: 00007f4f5f98eec9 [ 860.658602][T16797] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f4f5fbe5fa8 [ 860.658622][T16797] RBP: 00007f4f5fbe5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 860.658643][T16797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 860.658663][T16797] R13: 00007f4f5fbe6038 R14: 00007fff9eeca240 R15: 00007fff9eeca328 [ 860.658709][T16797] [ 861.328255][T16825] binder: BINDER_SET_CONTEXT_MGR already set [ 861.334624][T16825] binder: 16823:16825 ioctl 4018620d 9 returned -16 [ 862.556324][T16836] binder: BINDER_SET_CONTEXT_MGR already set [ 862.565546][T16836] binder: 16835:16836 ioctl 4018620d 9 returned -16 [ 864.087656][T16858] hub 1-0:1.0: USB hub found [ 864.094164][T16858] hub 1-0:1.0: 1 port detected [ 864.483660][T16866] binder: BINDER_SET_CONTEXT_MGR already set [ 864.498704][T16866] binder: 16865:16866 ioctl 4018620d 9 returned -16 [ 865.591997][T16878] binder: BINDER_SET_CONTEXT_MGR already set [ 865.608696][T16878] binder: 16877:16878 ioctl 4018620d 9 returned -16 [ 866.667755][T16904] netlink: 276 bytes leftover after parsing attributes in process `syz.3.2348'. [ 866.753667][ T30] audit: type=1800 audit(4294967329.520:42): pid=16909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2349" name="members" dev="configfs" ino=53802 res=0 errno=0 [ 869.017188][T16942] binder: BINDER_SET_CONTEXT_MGR already set [ 869.032162][T16942] binder: 16940:16942 ioctl 4018620d 9 returned -16 [ 870.878499][T16983] cougar: G6 mapped to space [ 871.242629][T16989] cougar: G6 mapped to space [ 871.495599][T16993] FAULT_INJECTION: forcing a failure. [ 871.495599][T16993] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 871.511748][T16993] CPU: 0 UID: 0 PID: 16993 Comm: syz.0.2363 Tainted: G U syzkaller #0 PREEMPT(full) [ 871.511796][T16993] Tainted: [U]=USER [ 871.511808][T16993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 871.511828][T16993] Call Trace: [ 871.511839][T16993] [ 871.511852][T16993] dump_stack_lvl+0x16c/0x1f0 [ 871.511896][T16993] should_fail_ex+0x512/0x640 [ 871.511945][T16993] should_fail_alloc_page+0xe7/0x130 [ 871.512000][T16993] prepare_alloc_pages+0x3c2/0x610 [ 871.512043][T16993] ? rcu_is_watching+0x12/0xc0 [ 871.512083][T16993] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 871.512125][T16993] ? stack_trace_save+0x8e/0xc0 [ 871.512165][T16993] ? __pfx_stack_trace_save+0x10/0x10 [ 871.512202][T16993] ? __pfx_stack_trace_save+0x10/0x10 [ 871.512242][T16993] ? stack_depot_save_flags+0x29/0x9c0 [ 871.512291][T16993] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 871.512341][T16993] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.512387][T16993] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 871.512443][T16993] ? policy_nodemask+0xea/0x4e0 [ 871.512491][T16993] alloc_pages_mpol+0x1fb/0x550 [ 871.512537][T16993] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 871.512595][T16993] alloc_pages_noprof+0x131/0x390 [ 871.512640][T16993] alloc_pages_exact_noprof+0x37/0xe0 [ 871.512685][T16993] ? __asan_memset+0x23/0x50 [ 871.512717][T16993] snd_pcm_attach_substream+0x4bb/0xd60 [ 871.512769][T16993] snd_pcm_open_substream+0x8d/0x17f0 [ 871.512810][T16993] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 871.512845][T16993] ? lockdep_init_map_type+0x5c/0x280 [ 871.512896][T16993] ? lockdep_init_map_type+0x5c/0x280 [ 871.512947][T16993] snd_pcm_oss_open+0x735/0x1400 [ 871.513023][T16993] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 871.513075][T16993] ? __lock_acquire+0xb97/0x1ce0 [ 871.513120][T16993] ? __pfx_default_wake_function+0x10/0x10 [ 871.513157][T16993] ? __lock_acquire+0xb97/0x1ce0 [ 871.513211][T16993] ? do_raw_spin_lock+0x12c/0x2b0 [ 871.513265][T16993] ? soundcore_open+0x35a/0x580 [ 871.513313][T16993] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 871.513366][T16993] soundcore_open+0x409/0x580 [ 871.513415][T16993] ? __pfx_soundcore_open+0x10/0x10 [ 871.513461][T16993] chrdev_open+0x234/0x6a0 [ 871.513500][T16993] ? __pfx_apparmor_file_open+0x10/0x10 [ 871.513548][T16993] ? __pfx_chrdev_open+0x10/0x10 [ 871.513590][T16993] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 871.513635][T16993] do_dentry_open+0x982/0x1530 [ 871.513676][T16993] ? __pfx_chrdev_open+0x10/0x10 [ 871.513725][T16993] vfs_open+0x82/0x3f0 [ 871.513776][T16993] path_openat+0x1de4/0x2cb0 [ 871.513827][T16993] ? __pfx_path_openat+0x10/0x10 [ 871.513876][T16993] do_filp_open+0x20b/0x470 [ 871.513914][T16993] ? __pfx_do_filp_open+0x10/0x10 [ 871.513990][T16993] ? alloc_fd+0x471/0x7d0 [ 871.514036][T16993] do_sys_openat2+0x11b/0x1d0 [ 871.514085][T16993] ? __pfx_do_sys_openat2+0x10/0x10 [ 871.514137][T16993] ? __pfx___might_resched+0x10/0x10 [ 871.514184][T16993] __x64_sys_openat+0x174/0x210 [ 871.514234][T16993] ? __pfx___x64_sys_openat+0x10/0x10 [ 871.514302][T16993] do_syscall_64+0xcd/0xfa0 [ 871.514345][T16993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.514380][T16993] RIP: 0033:0x7f6b2e58eec9 [ 871.514407][T16993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 871.514439][T16993] RSP: 002b:00007f6b2f37c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 871.514470][T16993] RAX: ffffffffffffffda RBX: 00007f6b2e7e5fa0 RCX: 00007f6b2e58eec9 [ 871.514492][T16993] RDX: 0000000000000102 RSI: 0000200000004000 RDI: ffffffffffffff9c [ 871.514513][T16993] RBP: 00007f6b2e611f91 R08: 0000000000000000 R09: 0000000000000000 [ 871.514534][T16993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 871.514554][T16993] R13: 00007f6b2e7e6038 R14: 00007f6b2e7e5fa0 R15: 00007ffc1a644c68 [ 871.514601][T16993] [ 872.030078][T16999] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2365'. [ 872.471903][T16980] __kmem_cache_create_args(mon_text_ffff888059ecdc00) failed with error -22 [ 872.572526][T16980] CPU: 1 UID: 0 PID: 16980 Comm: syz.1.2360 Tainted: G U syzkaller #0 PREEMPT(full) [ 872.572579][T16980] Tainted: [U]=USER [ 872.572592][T16980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 872.572613][T16980] Call Trace: [ 872.572625][T16980] [ 872.572640][T16980] dump_stack_lvl+0x16c/0x1f0 [ 872.572687][T16980] __kmem_cache_create_args+0x128/0x3c0 [ 872.572751][T16980] mon_text_open+0x333/0x510 [ 872.572804][T16980] ? __pfx_mon_text_open+0x10/0x10 [ 872.572858][T16980] ? __pfx_mon_text_ctor+0x10/0x10 [ 872.572929][T16980] ? __pfx_apparmor_file_open+0x10/0x10 [ 872.572980][T16980] ? lockdown_is_locked_down+0x3f/0x130 [ 872.573029][T16980] ? bpf_lsm_locked_down+0x9/0x10 [ 872.573092][T16980] ? __pfx_mon_text_open+0x10/0x10 [ 872.573143][T16980] full_proxy_open_regular+0x1b9/0x360 [ 872.573200][T16980] do_dentry_open+0x982/0x1530 [ 872.573245][T16980] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 872.573309][T16980] vfs_open+0x82/0x3f0 [ 872.573368][T16980] path_openat+0x1de4/0x2cb0 [ 872.573425][T16980] ? __pfx_path_openat+0x10/0x10 [ 872.573481][T16980] do_filp_open+0x20b/0x470 [ 872.573524][T16980] ? __pfx_do_filp_open+0x10/0x10 [ 872.573601][T16980] ? alloc_fd+0x471/0x7d0 [ 872.573651][T16980] do_sys_openat2+0x11b/0x1d0 [ 872.573706][T16980] ? __pfx_do_sys_openat2+0x10/0x10 [ 872.573763][T16980] ? __pfx___might_resched+0x10/0x10 [ 872.573805][T16980] ? rcu_is_watching+0x12/0xc0 [ 872.573842][T16980] ? blkcg_maybe_throttle_current+0x650/0xf30 [ 872.573890][T16980] __x64_sys_openat+0x174/0x210 [ 872.573946][T16980] ? __pfx___x64_sys_openat+0x10/0x10 [ 872.574021][T16980] do_syscall_64+0xcd/0xfa0 [ 872.574069][T16980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 872.574114][T16980] RIP: 0033:0x7f4f5f98eec9 [ 872.574144][T16980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 872.574182][T16980] RSP: 002b:00007f4f6076a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 872.574216][T16980] RAX: ffffffffffffffda RBX: 00007f4f5fbe5fa0 RCX: 00007f4f5f98eec9 [ 872.574242][T16980] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 872.574267][T16980] RBP: 00007f4f5fa11f91 R08: 0000000000000000 R09: 0000000000000000 [ 872.574289][T16980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 872.574311][T16980] R13: 00007f4f5fbe6038 R14: 00007f4f5fbe5fa0 R15: 00007fff9eeca328 [ 872.574363][T16980] [ 873.093170][T17005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2367'. [ 873.110767][T17005] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2367'. [ 874.427984][T17020] cougar: G6 mapped to space [ 874.595457][T17017] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 874.613215][T17017] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2368'. [ 875.165207][T17044] binder: BINDER_SET_CONTEXT_MGR already set [ 875.195222][T17044] binder: 17036:17044 ioctl 4018620d 9 returned -16 [ 876.138008][T17062] cougar: G6 mapped to space [ 876.792109][T17077] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 876.804084][T17077] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2385'. [ 877.408964][ T30] audit: type=1804 audit(4294967304.240:43): pid=17080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2384" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 877.818348][T17102] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 878.091428][T17104] binder: BINDER_SET_CONTEXT_MGR already set [ 878.097500][T17104] binder: 17094:17104 ioctl 4018620d 9 returned -16 [ 878.142866][T17102] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2388'. [ 878.415829][T17108] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 879.557235][T17122] cougar: G6 mapped to space [ 879.852161][T17129] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 880.820858][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 880.827217][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 880.848837][T17107] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2390'. [ 882.969201][T17169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2402'. [ 884.931816][T17179] binder: BINDER_SET_CONTEXT_MGR already set [ 884.937872][T17179] binder: 17173:17179 ioctl 4018620d 9 returned -16 [ 886.325712][T17169] Process accounting resumed [ 886.405045][T17184] cougar: G6 mapped to space [ 888.383996][T17186] binder: BINDER_SET_CONTEXT_MGR already set [ 888.409792][T17186] binder: 17185:17186 ioctl 4018620d 9 returned -16 [ 889.428780][T17208] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2408'. [ 892.081457][T17224] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 893.165541][T17224] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2413'. [ 894.252430][T17223] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 894.352043][T17223] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2410'. [ 894.392449][T17226] random: crng reseeded on system resumption [ 894.811870][T17242] FAULT_INJECTION: forcing a failure. [ 894.811870][T17242] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 894.861819][T17242] CPU: 0 UID: 0 PID: 17242 Comm: syz.4.2416 Tainted: G U syzkaller #0 PREEMPT(full) [ 894.861870][T17242] Tainted: [U]=USER [ 894.861881][T17242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 894.861901][T17242] Call Trace: [ 894.861913][T17242] [ 894.861926][T17242] dump_stack_lvl+0x16c/0x1f0 [ 894.861970][T17242] should_fail_ex+0x512/0x640 [ 894.862023][T17242] _copy_to_user+0x32/0xd0 [ 894.862078][T17242] simple_read_from_buffer+0xcb/0x170 [ 894.862134][T17242] proc_fail_nth_read+0x197/0x240 [ 894.862169][T17242] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 894.862208][T17242] ? rw_verify_area+0xcf/0x6c0 [ 894.862238][T17242] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 894.862273][T17242] vfs_read+0x1e1/0xcf0 [ 894.862314][T17242] ? __pfx___mutex_lock+0x10/0x10 [ 894.862354][T17242] ? __pfx_vfs_read+0x10/0x10 [ 894.862402][T17242] ? __fget_files+0x20e/0x3c0 [ 894.862448][T17242] ksys_read+0x12a/0x250 [ 894.862482][T17242] ? __pfx_ksys_read+0x10/0x10 [ 894.862531][T17242] do_syscall_64+0xcd/0xfa0 [ 894.862572][T17242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 894.862606][T17242] RIP: 0033:0x7f0bf1d8d8dc [ 894.862633][T17242] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 894.862665][T17242] RSP: 002b:00007f0bf2cf9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 894.862696][T17242] RAX: ffffffffffffffda RBX: 00007f0bf1fe5fa0 RCX: 00007f0bf1d8d8dc [ 894.862718][T17242] RDX: 000000000000000f RSI: 00007f0bf2cf90a0 RDI: 0000000000000002 [ 894.862739][T17242] RBP: 00007f0bf2cf9090 R08: 0000000000000000 R09: 0000000000000000 [ 894.862760][T17242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 894.862779][T17242] R13: 00007f0bf1fe6038 R14: 00007f0bf1fe5fa0 R15: 00007fff712b6e88 [ 894.862827][T17242] [ 896.006296][T17258] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 896.565319][T17273] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 896.711788][T17272] cougar: G6 mapped to space [ 896.907148][T17277] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 896.965344][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 896.973675][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 896.982071][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 896.990960][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 896.999327][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.012279][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.040175][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.099027][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.107307][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.208740][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.262472][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.270949][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.280526][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.289532][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.298080][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.315280][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.325070][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.333871][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.342285][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.350791][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.360975][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.369959][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.399993][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.408959][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.417344][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.459243][T17273] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2423'. [ 897.481851][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.491315][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.499991][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.508146][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.517181][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.529971][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.538280][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.569025][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.577664][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.638887][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.647288][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.655797][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.664109][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.673460][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.699032][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.707443][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.716043][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.724698][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.740334][T17281] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 897.752827][T17279] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 899.436634][T17314] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 899.447642][T17314] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2435'. [ 900.067303][T17320] cougar: G6 mapped to space [ 900.793237][T17341] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 900.810898][T17338] input: f¬ as /devices/virtual/input/input22 [ 901.133956][T17349] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2441'. [ 901.837965][T17361] FAULT_INJECTION: forcing a failure. [ 901.837965][T17361] name failslab, interval 1, probability 0, space 0, times 0 [ 901.876651][T17361] CPU: 0 UID: 0 PID: 17361 Comm: syz.4.2445 Tainted: G U syzkaller #0 PREEMPT(full) [ 901.876707][T17361] Tainted: [U]=USER [ 901.876721][T17361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 901.876743][T17361] Call Trace: [ 901.876755][T17361] [ 901.876769][T17361] dump_stack_lvl+0x16c/0x1f0 [ 901.876817][T17361] should_fail_ex+0x512/0x640 [ 901.876860][T17361] ? __kmalloc_cache_noprof+0x5f/0x780 [ 901.876923][T17361] should_failslab+0xc2/0x120 [ 901.876968][T17361] __kmalloc_cache_noprof+0x72/0x780 [ 901.877024][T17361] ? remap_pfn_range+0x234/0x500 [ 901.877083][T17361] ? remap_pfn_range+0x234/0x500 [ 901.877132][T17361] remap_pfn_range+0x234/0x500 [ 901.877187][T17361] ? __pfx_remap_pfn_range+0x10/0x10 [ 901.877251][T17361] ? alloc_pages_noprof+0x23c/0x390 [ 901.877301][T17361] ? get_free_pages_noprof+0x10/0xb0 [ 901.877353][T17361] usbdev_mmap+0x74e/0xa70 [ 901.877389][T17361] ? __pfx_usbdev_mmap+0x10/0x10 [ 901.877418][T17361] ? vm_area_alloc+0x1f/0x160 [ 901.877476][T17361] ? lockdep_init_map_type+0x5c/0x280 [ 901.877544][T17361] __mmap_region+0x1309/0x27a0 [ 901.877585][T17361] ? __pfx___mmap_region+0x10/0x10 [ 901.877616][T17361] ? lock_acquire+0x179/0x350 [ 901.877662][T17361] ? find_held_lock+0x2b/0x80 [ 901.877698][T17361] ? finish_task_switch.isra.0+0x21c/0xc10 [ 901.877738][T17361] ? rcu_is_watching+0x12/0xc0 [ 901.877774][T17361] ? finish_task_switch.isra.0+0x221/0xc10 [ 901.877823][T17361] ? trace_sched_exit_tp+0xd1/0x120 [ 901.877876][T17361] ? __schedule+0x11a3/0x5de0 [ 901.877988][T17361] ? __lock_acquire+0xb97/0x1ce0 [ 901.878046][T17361] mmap_region+0x32b/0x3f0 [ 901.878081][T17361] do_mmap+0xa3e/0x1210 [ 901.878123][T17361] ? __pfx_do_mmap+0x10/0x10 [ 901.878159][T17361] ? __pfx_down_write_killable+0x10/0x10 [ 901.878220][T17361] vm_mmap_pgoff+0x29e/0x470 [ 901.878265][T17361] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 901.878307][T17361] ? __fget_files+0x20e/0x3c0 [ 901.878342][T17361] ksys_mmap_pgoff+0x32c/0x5c0 [ 901.878377][T17361] ? __pfx_ksys_write+0x10/0x10 [ 901.878411][T17361] __x64_sys_mmap+0x125/0x190 [ 901.878459][T17361] do_syscall_64+0xcd/0xfa0 [ 901.878495][T17361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.878525][T17361] RIP: 0033:0x7f0bf1d8eec9 [ 901.878555][T17361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 901.878588][T17361] RSP: 002b:00007f0bf2cf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 901.878619][T17361] RAX: ffffffffffffffda RBX: 00007f0bf1fe5fa0 RCX: 00007f0bf1d8eec9 [ 901.878642][T17361] RDX: 000000000000000b RSI: 0000000000080009 RDI: 00000000ffff8000 [ 901.878660][T17361] RBP: 00007f0bf1e11f91 R08: 0000000000000003 R09: 0000000000000000 [ 901.878679][T17361] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000000 [ 901.878698][T17361] R13: 00007f0bf1fe6038 R14: 00007f0bf1fe5fa0 R15: 00007fff712b6e88 [ 901.878746][T17361] [ 902.521982][T17364] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 902.533344][T17364] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2447'. [ 902.717590][T17369] random: crng reseeded on system resumption [ 902.944919][T17371] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 903.511222][T17386] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 903.525646][T17379] zswap: compressor not available [ 904.566960][T17405] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 904.767940][T17403] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2455'. [ 905.736938][T17422] binder: BINDER_SET_CONTEXT_MGR already set [ 905.743190][T17422] binder: 17417:17422 ioctl 4018620d 9 returned -16 [ 906.901986][T17432] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 906.913181][T17432] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2458'. [ 907.393487][T17444] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2462'. [ 907.923739][T17440] binder: BINDER_SET_CONTEXT_MGR already set [ 907.942490][T17440] binder: 17437:17440 ioctl 4018620d 9 returned -16 [ 908.455545][T17459] binder: BINDER_SET_CONTEXT_MGR already set [ 908.474229][T17459] binder: 17458:17459 ioctl 4018620d 9 returned -16 [ 909.197786][T17476] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2466'. [ 909.948478][T17491] tipc: Started in network mode [ 909.956103][T17491] tipc: Node identity fe820562, cluster identity 4711 [ 910.011886][T17491] tipc: Node number set to 4269933922 [ 910.189577][T17466] FAULT_INJECTION: forcing a failure. [ 910.189577][T17466] name fail_futex, interval 1, probability 0, space 0, times 0 [ 910.249674][T17466] CPU: 0 UID: 0 PID: 17466 Comm: syz.0.2464 Tainted: G U syzkaller #0 PREEMPT(full) [ 910.249712][T17466] Tainted: [U]=USER [ 910.249720][T17466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 910.249742][T17466] Call Trace: [ 910.249750][T17466] [ 910.249760][T17466] dump_stack_lvl+0x16c/0x1f0 [ 910.249798][T17466] should_fail_ex+0x512/0x640 [ 910.249841][T17466] get_futex_key+0x1d0/0x1560 [ 910.249874][T17466] ? __lock_acquire+0xb97/0x1ce0 [ 910.249911][T17466] ? __pfx_get_futex_key+0x10/0x10 [ 910.249943][T17466] ? __pfx___schedule+0x10/0x10 [ 910.249966][T17466] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 910.249997][T17466] futex_wait_setup+0x9d/0x550 [ 910.250049][T17466] __futex_wait+0x193/0x2f0 [ 910.250089][T17466] ? __pfx___futex_wait+0x10/0x10 [ 910.250132][T17466] ? __pfx_futex_wake_mark+0x10/0x10 [ 910.250178][T17466] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 910.250213][T17466] ? __hrtimer_setup+0x176/0x280 [ 910.250252][T17466] ? ktime_add_safe+0x60/0x70 [ 910.250292][T17466] futex_wait+0xe8/0x380 [ 910.250330][T17466] ? __pfx_futex_wait+0x10/0x10 [ 910.250376][T17466] ? __lock_acquire+0xb97/0x1ce0 [ 910.250425][T17466] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 910.250497][T17466] do_futex+0x229/0x350 [ 910.250542][T17466] ? __pfx_do_futex+0x10/0x10 [ 910.250583][T17466] ? rcu_is_watching+0x12/0xc0 [ 910.250619][T17466] ? ktime_get+0x200/0x310 [ 910.250659][T17466] ? lockdep_hardirqs_on+0x7c/0x110 [ 910.250698][T17466] ? read_tsc+0x9/0x20 [ 910.250742][T17466] __x64_sys_futex+0x1e0/0x4c0 [ 910.250795][T17466] ? __pfx___x64_sys_futex+0x10/0x10 [ 910.250842][T17466] ? xfd_validate_state+0x61/0x180 [ 910.250906][T17466] do_syscall_64+0xcd/0xfa0 [ 910.250954][T17466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 910.250990][T17466] RIP: 0033:0x7f6b2e58eec9 [ 910.251022][T17466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 910.251061][T17466] RSP: 002b:00007ffc1a644dc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 910.251099][T17466] RAX: ffffffffffffffda RBX: 00000000000de29d RCX: 00007f6b2e58eec9 [ 910.251120][T17466] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6b2e7e5fac [ 910.251142][T17466] RBP: 0000000000000032 R08: 00007f6b2f37d000 R09: 000000131a6450bf [ 910.251163][T17466] R10: 00007ffc1a644ec0 R11: 0000000000000246 R12: 00007f6b2e7e5fac [ 910.251185][T17466] R13: 00007ffc1a644ec0 R14: 00000000000de2cf R15: 00007ffc1a644ee0 [ 910.251237][T17466] [ 910.257110][T17469] sd 0:0:1:0: PR command failed: 1026 [ 910.567153][T17469] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 910.578808][T17469] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 910.731077][T17510] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2473'. [ 911.726783][T17516] FAULT_INJECTION: forcing a failure. [ 911.726783][T17516] name failslab, interval 1, probability 0, space 0, times 0 [ 911.745015][T17516] CPU: 1 UID: 0 PID: 17516 Comm: syz.3.2474 Tainted: G U syzkaller #0 PREEMPT(full) [ 911.745070][T17516] Tainted: [U]=USER [ 911.745087][T17516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 911.745109][T17516] Call Trace: [ 911.745122][T17516] [ 911.745136][T17516] dump_stack_lvl+0x16c/0x1f0 [ 911.745182][T17516] should_fail_ex+0x512/0x640 [ 911.745223][T17516] ? fs_reclaim_acquire+0xae/0x150 [ 911.745281][T17516] should_failslab+0xc2/0x120 [ 911.745324][T17516] kmem_cache_alloc_noprof+0x75/0x6e0 [ 911.745348][T17516] ? __pfx_map_id_range_down+0x10/0x10 [ 911.745387][T17516] ? security_inode_alloc+0x3b/0x2b0 [ 911.745429][T17516] ? security_inode_alloc+0x3b/0x2b0 [ 911.745463][T17516] security_inode_alloc+0x3b/0x2b0 [ 911.745500][T17516] inode_init_always_gfp+0xce4/0x1030 [ 911.745533][T17516] alloc_inode+0x86/0x240 [ 911.745566][T17516] new_inode+0x22/0x1c0 [ 911.745601][T17516] debugfs_create_dir+0xdd/0x5f0 [ 911.745644][T17516] drm_debugfs_clients_add+0x6f/0x200 [ 911.745672][T17516] drm_file_alloc+0x5c6/0xb40 [ 911.745702][T17516] drm_open_helper+0x204/0x550 [ 911.745734][T17516] drm_open+0x1a0/0x3e0 [ 911.745761][T17516] ? __pfx_drm_open+0x10/0x10 [ 911.745787][T17516] drm_stub_open+0x20c/0x380 [ 911.745815][T17516] ? __pfx_drm_stub_open+0x10/0x10 [ 911.745842][T17516] chrdev_open+0x234/0x6a0 [ 911.745870][T17516] ? __pfx_apparmor_file_open+0x10/0x10 [ 911.745905][T17516] ? __pfx_chrdev_open+0x10/0x10 [ 911.745946][T17516] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 911.745992][T17516] do_dentry_open+0x982/0x1530 [ 911.746032][T17516] ? __pfx_chrdev_open+0x10/0x10 [ 911.746080][T17516] vfs_open+0x82/0x3f0 [ 911.746130][T17516] path_openat+0x1de4/0x2cb0 [ 911.746181][T17516] ? __pfx_path_openat+0x10/0x10 [ 911.746231][T17516] do_filp_open+0x20b/0x470 [ 911.746281][T17516] ? __pfx_do_filp_open+0x10/0x10 [ 911.746352][T17516] ? alloc_fd+0x471/0x7d0 [ 911.746398][T17516] do_sys_openat2+0x11b/0x1d0 [ 911.746447][T17516] ? __pfx_do_sys_openat2+0x10/0x10 [ 911.746511][T17516] __x64_sys_openat+0x174/0x210 [ 911.746559][T17516] ? __pfx___x64_sys_openat+0x10/0x10 [ 911.746627][T17516] do_syscall_64+0xcd/0xfa0 [ 911.746668][T17516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 911.746702][T17516] RIP: 0033:0x7fee12f8eec9 [ 911.746730][T17516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 911.746762][T17516] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 911.746793][T17516] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 911.746815][T17516] RDX: 0000000000129843 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 911.746836][T17516] RBP: 00007fee13011f91 R08: 0000000000000000 R09: 0000000000000000 [ 911.746856][T17516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 911.746875][T17516] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 911.746909][T17516] [ 912.105875][T17516] debugfs: out of free dentries, can not create directory 'client-97' [ 912.171728][T17513] binder: BINDER_SET_CONTEXT_MGR already set [ 912.177926][T17513] binder: 17505:17513 ioctl 4018620d 9 returned -16 [ 912.476249][T17526] input: f¬ as /devices/virtual/input/input23 [ 913.853124][T17543] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 913.909211][T17543] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2482'. [ 916.083476][T17578] random: crng reseeded on system resumption [ 916.233301][T17585] netlink: 'syz.3.2490': attribute type 2 has an invalid length. [ 916.402510][T17584] binder: BINDER_SET_CONTEXT_MGR already set [ 916.410352][T17584] binder: 17576:17584 ioctl 4018620d 9 returned -16 [ 916.951468][T17585] Process accounting paused [ 918.343500][T17605] binder: BINDER_SET_CONTEXT_MGR already set [ 918.350080][T17605] binder: 17602:17605 ioctl 4018620d 9 returned -16 [ 919.638086][T14873] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 919.646058][T14873] Bluetooth: Frame is too long (len 38, expected len 4) [ 920.036309][T17630] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 920.223155][T17618] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 920.352434][T17618] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2492'. [ 920.766850][T17641] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 920.950400][T17639] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2502'. [ 921.721312][T17629] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2500'. [ 921.756571][T17652] binder: BINDER_SET_CONTEXT_MGR already set [ 921.779691][T17652] binder: 17647:17652 ioctl 4018620d 9 returned -16 [ 922.922967][T17664] cougar: G6 mapped to space [ 923.585591][T17659] binder: BINDER_SET_CONTEXT_MGR already set [ 923.621240][T17659] binder: 17653:17659 ioctl 4018620d 9 returned -16 [ 923.968299][T17671] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 924.562449][T17668] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 925.006576][T17668] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2509'. [ 925.789741][T17684] binder: BINDER_SET_CONTEXT_MGR already set [ 925.798744][T17684] binder: 17683:17684 ioctl 4018620d 9 returned -16 [ 925.826946][T17688] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 925.868871][T14873] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 925.881451][T14873] Bluetooth: hci0: ACL packet for unknown connection handle 0 [ 926.839627][T17707] cougar: G6 mapped to space [ 926.927284][T17703] binder: BINDER_SET_CONTEXT_MGR already set [ 927.039919][T17703] binder: 17702:17703 ioctl 4018620d 9 returned -16 [ 927.389490][T17701] cougar: G6 mapped to space [ 927.990660][T17712] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 928.103419][T17712] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2520'. [ 928.786444][T17726] vhci_hcd: invalid port number 16 [ 928.812293][T17726] vhci_hcd: invalid port number 16 [ 929.101549][T17741] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2526'. [ 929.194954][T17742] netlink: 'syz.4.2526': attribute type 1 has an invalid length. [ 929.282592][T17735] binder: BINDER_SET_CONTEXT_MGR already set [ 929.299928][T17735] binder: 17734:17735 ioctl 4018620d 9 returned -16 [ 929.910805][T17755] cougar: G6 mapped to space [ 930.755546][T17761] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 930.890100][T17761] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2532'. [ 931.355743][T17777] binder: BINDER_SET_CONTEXT_MGR already set [ 931.362227][T17777] binder: 17768:17777 ioctl 4018620d 9 returned -16 [ 932.141612][T17790] FAULT_INJECTION: forcing a failure. [ 932.141612][T17790] name failslab, interval 1, probability 0, space 0, times 0 [ 932.198972][T17790] CPU: 1 UID: 0 PID: 17790 Comm: syz.1.2536 Tainted: G U syzkaller #0 PREEMPT(full) [ 932.199011][T17790] Tainted: [U]=USER [ 932.199020][T17790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 932.199035][T17790] Call Trace: [ 932.199044][T17790] [ 932.199054][T17790] dump_stack_lvl+0x16c/0x1f0 [ 932.199089][T17790] should_fail_ex+0x512/0x640 [ 932.199120][T17790] ? __kmalloc_cache_noprof+0x5f/0x780 [ 932.199168][T17790] should_failslab+0xc2/0x120 [ 932.199202][T17790] __kmalloc_cache_noprof+0x72/0x780 [ 932.199242][T17790] ? usbdev_mmap+0x1ee/0xa70 [ 932.199271][T17790] ? usbdev_mmap+0x1ee/0xa70 [ 932.199293][T17790] usbdev_mmap+0x1ee/0xa70 [ 932.199318][T17790] ? __pfx_usbdev_mmap+0x10/0x10 [ 932.199339][T17790] ? vm_area_alloc+0x1f/0x160 [ 932.199430][T17790] ? lockdep_init_map_type+0x5c/0x280 [ 932.199593][T17790] __mmap_region+0x1309/0x27a0 [ 932.199624][T17790] ? __pfx___mmap_region+0x10/0x10 [ 932.199647][T17790] ? finish_task_switch.isra.0+0x21c/0xc10 [ 932.199676][T17790] ? rcu_is_watching+0x12/0xc0 [ 932.199702][T17790] ? finish_task_switch.isra.0+0x221/0xc10 [ 932.199727][T17790] ? lockdep_hardirqs_on+0x7c/0x110 [ 932.199756][T17790] ? finish_task_switch.isra.0+0x221/0xc10 [ 932.199850][T17790] ? __lock_acquire+0xb97/0x1ce0 [ 932.199893][T17790] mmap_region+0x32b/0x3f0 [ 932.199923][T17790] do_mmap+0xa3e/0x1210 [ 932.199962][T17790] ? __pfx_do_mmap+0x10/0x10 [ 932.199994][T17790] ? __pfx_down_write_killable+0x10/0x10 [ 932.200035][T17790] vm_mmap_pgoff+0x29e/0x470 [ 932.200072][T17790] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 932.200115][T17790] ? __fget_files+0x20e/0x3c0 [ 932.200146][T17790] ksys_mmap_pgoff+0x32c/0x5c0 [ 932.200177][T17790] ? __pfx_ksys_write+0x10/0x10 [ 932.200209][T17790] __x64_sys_mmap+0x125/0x190 [ 932.200251][T17790] do_syscall_64+0xcd/0xfa0 [ 932.200283][T17790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 932.200309][T17790] RIP: 0033:0x7f4f5f98eec9 [ 932.200331][T17790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 932.200355][T17790] RSP: 002b:00007f4f6076a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 932.200379][T17790] RAX: ffffffffffffffda RBX: 00007f4f5fbe5fa0 RCX: 00007f4f5f98eec9 [ 932.200395][T17790] RDX: 000000000000000b RSI: 0000000000080009 RDI: 00000000ffff8000 [ 932.200410][T17790] RBP: 00007f4f5fa11f91 R08: 0000000000000003 R09: 0000000000000000 [ 932.200433][T17790] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000000 [ 932.200448][T17790] R13: 00007f4f5fbe6038 R14: 00007f4f5fbe5fa0 R15: 00007fff9eeca328 [ 932.200481][T17790] [ 932.569579][T17781] zswap: compressor not available [ 933.241685][T17807] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2538'. [ 933.274474][T17807] geneve1: entered promiscuous mode [ 933.286785][T17807] geneve1: entered allmulticast mode [ 933.580407][T17814] cougar: G6 mapped to space [ 934.310413][T17824] input: f¬ as /devices/virtual/input/input24 [ 935.057851][T17839] FAULT_INJECTION: forcing a failure. [ 935.057851][T17839] name failslab, interval 1, probability 0, space 0, times 0 [ 935.080752][T17839] CPU: 0 UID: 0 PID: 17839 Comm: syz.3.2549 Tainted: G U syzkaller #0 PREEMPT(full) [ 935.080806][T17839] Tainted: [U]=USER [ 935.080819][T17839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 935.080840][T17839] Call Trace: [ 935.080852][T17839] [ 935.080867][T17839] dump_stack_lvl+0x16c/0x1f0 [ 935.080914][T17839] should_fail_ex+0x512/0x640 [ 935.080957][T17839] ? __kmalloc_cache_noprof+0x5f/0x780 [ 935.081021][T17839] should_failslab+0xc2/0x120 [ 935.081069][T17839] __kmalloc_cache_noprof+0x72/0x780 [ 935.081411][T17839] ? usbdev_mmap+0x1ee/0xa70 [ 935.081462][T17839] ? usbdev_mmap+0x1ee/0xa70 [ 935.081497][T17839] usbdev_mmap+0x1ee/0xa70 [ 935.081533][T17839] ? __pfx_usbdev_mmap+0x10/0x10 [ 935.081562][T17839] ? vm_area_alloc+0x1f/0x160 [ 935.081614][T17839] ? lockdep_init_map_type+0x5c/0x280 [ 935.081662][T17839] __mmap_region+0x1309/0x27a0 [ 935.081697][T17839] ? __pfx___mmap_region+0x10/0x10 [ 935.081724][T17839] ? finish_task_switch.isra.0+0x21c/0xc10 [ 935.081759][T17839] ? rcu_is_watching+0x12/0xc0 [ 935.081789][T17839] ? finish_task_switch.isra.0+0x221/0xc10 [ 935.081819][T17839] ? lockdep_hardirqs_on+0x7c/0x110 [ 935.081852][T17839] ? finish_task_switch.isra.0+0x221/0xc10 [ 935.081964][T17839] ? __lock_acquire+0xb97/0x1ce0 [ 935.082014][T17839] mmap_region+0x32b/0x3f0 [ 935.082050][T17839] do_mmap+0xa3e/0x1210 [ 935.082095][T17839] ? __pfx_do_mmap+0x10/0x10 [ 935.082139][T17839] ? __pfx_down_write_killable+0x10/0x10 [ 935.082366][T17839] vm_mmap_pgoff+0x29e/0x470 [ 935.082481][T17839] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 935.082527][T17839] ? __fget_files+0x20e/0x3c0 [ 935.082563][T17839] ksys_mmap_pgoff+0x32c/0x5c0 [ 935.082601][T17839] ? __pfx_ksys_write+0x10/0x10 [ 935.082637][T17839] __x64_sys_mmap+0x125/0x190 [ 935.082688][T17839] do_syscall_64+0xcd/0xfa0 [ 935.082724][T17839] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.082753][T17839] RIP: 0033:0x7fee12f8eec9 [ 935.082777][T17839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 935.082805][T17839] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 935.082833][T17839] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 935.082852][T17839] RDX: 000000000000000b RSI: 0000000000080009 RDI: 00000000ffff8000 [ 935.082870][T17839] RBP: 00007fee13011f91 R08: 0000000000000003 R09: 0000000000000000 [ 935.082889][T17839] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000000 [ 935.082907][T17839] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 935.082946][T17839] [ 936.242077][T17841] zswap: compressor not available [ 936.687567][T17866] cougar: G6 mapped to space [ 937.960252][T17875] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 938.035990][T17876] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2556'. [ 938.073606][T17861] binder: BINDER_SET_CONTEXT_MGR already set [ 938.228649][T17861] binder: 17860:17861 ioctl 4018620d 9 returned -16 [ 938.854274][T17884] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 938.868475][T17884] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2565'. [ 939.405811][T17890] binder: BINDER_SET_CONTEXT_MGR already set [ 939.423533][T17890] binder: 17886:17890 ioctl 4018620d 9 returned -16 [ 939.459495][T17870] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 939.590235][T17870] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2555'. [ 940.281577][T17902] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 940.549337][T17904] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 940.597623][T17903] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2560'. [ 942.062610][T17920] binder: BINDER_SET_CONTEXT_MGR already set [ 942.079045][T17920] binder: 17912:17920 ioctl 4018620d 9 returned -16 [ 942.243654][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 942.252564][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 943.132116][T17921] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 943.207598][T17921] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 943.242162][T17921] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 943.278498][T17921] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 943.361229][T17929] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2566'. [ 943.692685][T17921] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 943.843807][T17921] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 943.894279][T17921] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 943.944891][T17921] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 943.972031][T17921] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 944.281495][T17937] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 944.718681][T14873] Bluetooth: hci0: command 0x0c1a tx timeout [ 944.917391][T17944] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 944.935708][T17944] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2568'. [ 945.281122][T14873] Bluetooth: hci2: command 0x0c1a tx timeout [ 945.489114][T17948] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2573'. [ 945.690207][T17956] binder: BINDER_SET_CONTEXT_MGR already set [ 945.701483][T17956] binder: 17951:17956 ioctl 4018620d 9 returned -16 [ 945.809602][T14873] Bluetooth: hci4: command 0x0c1a tx timeout [ 945.949536][T14873] Bluetooth: hci3: command 0x0406 tx timeout [ 947.359240][T14873] Bluetooth: hci2: command 0x0c1a tx timeout [ 947.383049][T17971] binder: 17964:17971 ioctl 4018620d 9 returned -22 [ 947.414385][T17971] binder: 17964:17971 ioctl 4018620d 9 returned -22 [ 947.500992][T17961] Process accounting resumed [ 947.838641][T14873] Bluetooth: hci4: command 0x0c1a tx timeout [ 948.009086][T14873] Bluetooth: hci3: command 0x0406 tx timeout [ 948.037789][ T30] audit: type=1800 audit(4294967374.870:44): pid=17981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2576" name="members" dev="configfs" ino=57924 res=0 errno=0 [ 948.545183][T17989] cougar: G6 mapped to space [ 949.218851][T17990] cougar: G6 mapped to space [ 949.438929][T14873] Bluetooth: hci2: command 0x0c1a tx timeout [ 949.554331][T17979] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 949.627345][T17998] binder: BINDER_SET_CONTEXT_MGR already set [ 949.636325][T17998] binder: 17997:17998 ioctl 4018620d 9 returned -16 [ 950.088857][T14873] Bluetooth: hci3: command 0x0406 tx timeout [ 950.130520][T17979] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2575'. [ 950.307026][T18007] hub 1-0:1.0: USB hub found [ 950.314808][T18007] hub 1-0:1.0: 1 port detected [ 950.665777][T18001] binder: BINDER_SET_CONTEXT_MGR already set [ 950.672399][T18001] binder: 17993:18001 ioctl 4018620d 9 returned -16 [ 952.512692][T18034] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 952.833395][T18030] binder: BINDER_SET_CONTEXT_MGR already set [ 952.878801][T18030] binder: 18023:18030 ioctl 4018620d 9 returned -16 [ 953.011680][T18034] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2586'. [ 953.822591][T18047] random: crng reseeded on system resumption [ 955.817431][T18068] cougar: G6 mapped to space [ 956.923661][T14873] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 957.266457][T18071] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 957.915585][T18069] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2591'. [ 958.205991][T18079] binder: BINDER_SET_CONTEXT_MGR already set [ 958.261001][T18079] binder: 18078:18079 ioctl 4018620d 9 returned -16 [ 958.958813][T14873] Bluetooth: hci3: command 0x0406 tx timeout [ 959.411167][T18097] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 959.532630][T18097] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2599'. [ 960.015591][T18103] cougar: G6 mapped to space [ 961.372122][T18115] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 961.403287][T18115] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2604'. [ 962.275253][T18125] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 962.585234][T18124] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2607'. [ 962.629273][T18126] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 963.010187][T18099] hub 1-0:1.0: USB hub found [ 963.031885][T18099] hub 1-0:1.0: 1 port detected [ 963.475836][T18131] cougar: G6 mapped to space [ 964.298328][T18142] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 964.440540][T18126] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2606'. [ 964.530728][T18142] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2611'. [ 964.964659][T18141] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 965.131168][T18141] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2609'. [ 965.927562][ T30] audit: type=1800 audit(4294967392.700:45): pid=18157 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2613" name="members" dev="configfs" ino=59189 res=0 errno=0 [ 966.021850][T18153] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 966.037775][T18153] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2614'. [ 966.885723][T18144] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 967.731843][T18168] binder: BINDER_SET_CONTEXT_MGR already set [ 967.743477][T18168] binder: 18167:18168 ioctl 4018620d 9 returned -16 [ 968.107425][T18177] binder: BINDER_SET_CONTEXT_MGR already set [ 968.117412][T18177] binder: 18170:18177 ioctl 4018620d 9 returned -16 [ 968.906224][T14873] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 969.196894][ T30] audit: type=1326 audit(4294967396.030:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18190 comm="syz.3.2621" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fee12f8eec9 code=0x0 [ 969.853750][T18199] cougar: G6 mapped to space [ 970.078189][T18193] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 970.958721][T14873] Bluetooth: hci4: command 0x0c1a tx timeout [ 970.996542][T18181] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 971.271237][T18181] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2617'. [ 971.656593][T18205] binder: BINDER_SET_CONTEXT_MGR already set [ 971.688687][T18205] binder: 18204:18205 ioctl 4018620d 9 returned -16 [ 972.107186][T18219] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 973.079659][T18213] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2622'. [ 973.750020][T18237] binder: 18229:18237 ioctl 4018620d 9 returned -22 [ 974.017747][T18230] binder: 18229:18230 ioctl 4018620d 9 returned -22 [ 974.267943][T18239] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 974.526133][T18232] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2629'. [ 975.299054][ T30] audit: type=1326 audit(4294967402.140:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18253 comm="syz.4.2631" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0bf1d8eec9 code=0x0 [ 976.346487][T18258] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 976.565821][T18272] cougar: G6 mapped to space [ 976.937002][T18275] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 978.309901][T18289] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 978.363659][T18279] Process accounting paused [ 978.598249][T18294] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 978.835583][T18293] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2637'. [ 979.945200][T18288] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2635'. [ 980.229743][T18304] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 980.430834][T18303] netlink: 268 bytes leftover after parsing attributes in process `syz.3.2642'. [ 981.524639][T18314] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 981.544001][T18314] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2644'. [ 982.272511][T18322] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 982.285501][T18322] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2647'. [ 983.148882][T18328] binder: BINDER_SET_CONTEXT_MGR already set [ 983.157306][T18328] binder: 18327:18328 ioctl 4018620d 9 returned -16 [ 984.814820][T18359] binder: BINDER_SET_CONTEXT_MGR already set [ 984.824085][T18359] binder: 18354:18359 ioctl 4018620d 9 returned -16 [ 985.380336][T18365] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 985.830770][T18365] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2657'. [ 985.956396][T18372] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 985.972863][T18372] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2659'. [ 986.114470][T18378] FAULT_INJECTION: forcing a failure. [ 986.114470][T18378] name failslab, interval 1, probability 0, space 0, times 0 [ 986.141118][T18378] CPU: 0 UID: 0 PID: 18378 Comm: syz.0.2660 Tainted: G U syzkaller #0 PREEMPT(full) [ 986.141168][T18378] Tainted: [U]=USER [ 986.141178][T18378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 986.141196][T18378] Call Trace: [ 986.141207][T18378] [ 986.141217][T18378] dump_stack_lvl+0x16c/0x1f0 [ 986.141257][T18378] should_fail_ex+0x512/0x640 [ 986.141292][T18378] ? fs_reclaim_acquire+0xae/0x150 [ 986.141334][T18378] should_failslab+0xc2/0x120 [ 986.141374][T18378] __kmalloc_noprof+0xdd/0x880 [ 986.141422][T18378] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 986.141460][T18378] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 986.141493][T18378] tomoyo_realpath_from_path+0xc2/0x6e0 [ 986.141534][T18378] ? tomoyo_profile+0x47/0x60 [ 986.141580][T18378] tomoyo_path_number_perm+0x245/0x580 [ 986.141627][T18378] ? tomoyo_path_number_perm+0x237/0x580 [ 986.141692][T18378] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 986.141746][T18378] ? find_held_lock+0x2b/0x80 [ 986.141815][T18378] ? find_held_lock+0x2b/0x80 [ 986.141847][T18378] ? hook_file_ioctl_common+0x145/0x410 [ 986.141908][T18378] ? __fget_files+0x20e/0x3c0 [ 986.141947][T18378] security_file_ioctl+0x9b/0x240 [ 986.142001][T18378] __x64_sys_ioctl+0xb7/0x210 [ 986.142053][T18378] do_syscall_64+0xcd/0xfa0 [ 986.142093][T18378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.142125][T18378] RIP: 0033:0x7f6b2e58eec9 [ 986.142151][T18378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 986.142181][T18378] RSP: 002b:00007f6b2f37c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 986.142210][T18378] RAX: ffffffffffffffda RBX: 00007f6b2e7e5fa0 RCX: 00007f6b2e58eec9 [ 986.142231][T18378] RDX: ffffffffffffffff RSI: 0000000000005606 RDI: 0000000000000003 [ 986.142251][T18378] RBP: 00007f6b2f37c090 R08: 0000000000000000 R09: 0000000000000000 [ 986.142270][T18378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 986.142289][T18378] R13: 00007f6b2e7e6038 R14: 00007f6b2e7e5fa0 R15: 00007ffc1a644c68 [ 986.142335][T18378] [ 986.142349][T18378] ERROR: Out of memory at tomoyo_realpath_from_path. [ 987.004318][T18387] FAULT_INJECTION: forcing a failure. [ 987.004318][T18387] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 987.034060][T18387] CPU: 1 UID: 0 PID: 18387 Comm: syz.0.2663 Tainted: G U syzkaller #0 PREEMPT(full) [ 987.034113][T18387] Tainted: [U]=USER [ 987.034125][T18387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 987.034145][T18387] Call Trace: [ 987.034156][T18387] [ 987.034170][T18387] dump_stack_lvl+0x16c/0x1f0 [ 987.034215][T18387] should_fail_ex+0x512/0x640 [ 987.034261][T18387] should_fail_alloc_page+0xe7/0x130 [ 987.034378][T18387] prepare_alloc_pages+0x3c2/0x610 [ 987.034434][T18387] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 987.034481][T18387] ? find_held_lock+0x2b/0x80 [ 987.034520][T18387] ? is_bpf_text_address+0x8a/0x1a0 [ 987.034569][T18387] ? bpf_ksym_find+0x124/0x1c0 [ 987.034610][T18387] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 987.034654][T18387] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 987.034691][T18387] ? kernel_text_address+0x8d/0x100 [ 987.034746][T18387] ? __kernel_text_address+0xd/0x40 [ 987.034778][T18387] ? unwind_get_return_address+0x59/0xa0 [ 987.034817][T18387] ? arch_stack_walk+0xa6/0x100 [ 987.034871][T18387] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 987.034933][T18387] ? policy_nodemask+0xea/0x4e0 [ 987.034984][T18387] alloc_pages_mpol+0x1fb/0x550 [ 987.035034][T18387] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 987.035080][T18387] ? remap_pfn_range+0x234/0x500 [ 987.035139][T18387] ? __mmap_region+0x1309/0x27a0 [ 987.035170][T18387] ? mmap_region+0x32b/0x3f0 [ 987.035212][T18387] alloc_pages_noprof+0x131/0x390 [ 987.035262][T18387] __pmd_alloc+0x3b/0x8b0 [ 987.035324][T18387] remap_pfn_range_internal+0xd49/0x1050 [ 987.035403][T18387] ? __pfx_remap_pfn_range_internal+0x10/0x10 [ 987.035478][T18387] remap_pfn_range+0x30a/0x500 [ 987.035616][T18387] ? __pfx_remap_pfn_range+0x10/0x10 [ 987.035670][T18387] ? alloc_pages_noprof+0x23c/0x390 [ 987.035719][T18387] ? get_free_pages_noprof+0x10/0xb0 [ 987.035765][T18387] usbdev_mmap+0x74e/0xa70 [ 987.035803][T18387] ? __pfx_usbdev_mmap+0x10/0x10 [ 987.035834][T18387] ? vm_area_alloc+0x1f/0x160 [ 987.035892][T18387] ? lockdep_init_map_type+0x5c/0x280 [ 987.035948][T18387] __mmap_region+0x1309/0x27a0 [ 987.035990][T18387] ? __pfx___mmap_region+0x10/0x10 [ 987.036021][T18387] ? lock_acquire+0x179/0x350 [ 987.036066][T18387] ? find_held_lock+0x2b/0x80 [ 987.036104][T18387] ? finish_task_switch.isra.0+0x21c/0xc10 [ 987.036144][T18387] ? rcu_is_watching+0x12/0xc0 [ 987.036180][T18387] ? finish_task_switch.isra.0+0x221/0xc10 [ 987.036231][T18387] ? trace_sched_exit_tp+0xd1/0x120 [ 987.036288][T18387] ? __schedule+0x11a3/0x5de0 [ 987.036571][T18387] ? __lock_acquire+0xb97/0x1ce0 [ 987.036650][T18387] mmap_region+0x32b/0x3f0 [ 987.036695][T18387] do_mmap+0xa3e/0x1210 [ 987.036748][T18387] ? __pfx_do_mmap+0x10/0x10 [ 987.036796][T18387] ? __pfx_down_write_killable+0x10/0x10 [ 987.036854][T18387] vm_mmap_pgoff+0x29e/0x470 [ 987.036904][T18387] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 987.036954][T18387] ? __fget_files+0x20e/0x3c0 [ 987.037011][T18387] ksys_mmap_pgoff+0x32c/0x5c0 [ 987.037060][T18387] ? __pfx_ksys_write+0x10/0x10 [ 987.037120][T18387] __x64_sys_mmap+0x125/0x190 [ 987.037178][T18387] do_syscall_64+0xcd/0xfa0 [ 987.037221][T18387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 987.037256][T18387] RIP: 0033:0x7f6b2e58eec9 [ 987.037285][T18387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 987.037319][T18387] RSP: 002b:00007f6b2f37c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 987.037351][T18387] RAX: ffffffffffffffda RBX: 00007f6b2e7e5fa0 RCX: 00007f6b2e58eec9 [ 987.037374][T18387] RDX: 000000000000000b RSI: 0000000000080009 RDI: 00000000ffff8000 [ 987.037395][T18387] RBP: 00007f6b2e611f91 R08: 0000000000000003 R09: 0000000000000000 [ 987.037415][T18387] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000000 [ 987.037437][T18387] R13: 00007f6b2e7e6038 R14: 00007f6b2e7e5fa0 R15: 00007ffc1a644c68 [ 987.037502][T18387] [ 987.918864][T18396] cougar: G6 mapped to space [ 989.136302][T18408] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 989.207904][T18402] binder: BINDER_SET_CONTEXT_MGR already set [ 989.227394][T18402] binder: 18401:18402 ioctl 4018620d 9 returned -16 [ 989.404683][T18409] nla_validate_range_unsigned: 251 callbacks suppressed [ 989.404713][T18409] netlink: 'syz.4.2667': attribute type 11 has an invalid length. [ 990.344926][T18421] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 990.411499][T18421] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2671'. [ 990.536060][T18403] netlink: 268 bytes leftover after parsing attributes in process `syz.0.2666'. [ 992.022345][T18435] cougar: G6 mapped to space [ 992.821606][T18439] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2676'. [ 992.837072][T18439] netlink: 302 bytes leftover after parsing attributes in process `syz.1.2676'. [ 993.250673][T18449] FAULT_INJECTION: forcing a failure. [ 993.250673][T18449] name failslab, interval 1, probability 0, space 0, times 0 [ 993.280020][T18449] CPU: 0 UID: 0 PID: 18449 Comm: syz.3.2680 Tainted: G U syzkaller #0 PREEMPT(full) [ 993.280071][T18449] Tainted: [U]=USER [ 993.280082][T18449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 993.280101][T18449] Call Trace: [ 993.280112][T18449] [ 993.280126][T18449] dump_stack_lvl+0x16c/0x1f0 [ 993.280167][T18449] should_fail_ex+0x512/0x640 [ 993.280206][T18449] ? fs_reclaim_acquire+0xae/0x150 [ 993.280252][T18449] should_failslab+0xc2/0x120 [ 993.280293][T18449] __kmalloc_noprof+0xdd/0x880 [ 993.280347][T18449] ? tomoyo_encode2+0x100/0x3e0 [ 993.280388][T18449] ? tomoyo_encode2+0x100/0x3e0 [ 993.280438][T18449] tomoyo_encode2+0x100/0x3e0 [ 993.280478][T18449] tomoyo_encode+0x29/0x50 [ 993.280510][T18449] tomoyo_realpath_from_path+0x18f/0x6e0 [ 993.280559][T18449] tomoyo_path_number_perm+0x245/0x580 [ 993.280609][T18449] ? tomoyo_path_number_perm+0x237/0x580 [ 993.280663][T18449] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 993.280716][T18449] ? find_held_lock+0x2b/0x80 [ 993.280789][T18449] ? find_held_lock+0x2b/0x80 [ 993.280822][T18449] ? hook_file_ioctl_common+0x145/0x410 [ 993.280885][T18449] ? __fget_files+0x20e/0x3c0 [ 993.280924][T18449] security_file_ioctl+0x9b/0x240 [ 993.280977][T18449] __x64_sys_ioctl+0xb7/0x210 [ 993.281042][T18449] do_syscall_64+0xcd/0xfa0 [ 993.281081][T18449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 993.281113][T18449] RIP: 0033:0x7fee12f8eec9 [ 993.281138][T18449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 993.281164][T18447] program syz.0.2678 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 993.281169][T18449] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 993.281200][T18449] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 993.281219][T18449] RDX: ffffffffffffffff RSI: 0000000000005606 RDI: 0000000000000003 [ 993.281236][T18449] RBP: 00007fee13e7f090 R08: 0000000000000000 R09: 0000000000000000 [ 993.281258][T18449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 993.281280][T18449] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 993.281331][T18449] [ 993.282599][T18449] ERROR: Out of memory at tomoyo_realpath_from_path. [ 993.931482][T18465] binder: BINDER_SET_CONTEXT_MGR already set [ 993.939869][T18465] binder: 18460:18465 ioctl 4018620d 9 returned -16 [ 994.054149][T18456] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 994.253424][T18456] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2682'. [ 995.250126][T18492] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 995.774309][T18507] binder: BINDER_SET_CONTEXT_MGR already set [ 995.782228][T18507] binder: 18501:18507 ioctl 4018620d 9 returned -16 [ 995.925401][T18507] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 997.272437][T18490] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2688'. [ 997.331648][T18524] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 997.349823][T18522] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2698'. [ 997.755467][T18490] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12 [ 997.767772][T18490] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12 [ 997.788081][T18490] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1000.401141][ C0] vcan0: j1939_xtp_rx_dat: no tx connection found [ 1000.636679][T18564] can: request_module (can-proto-0) failed. [ 1001.160424][ C0] vcan0: j1939_tp_rxtimer: 0xffff888053571c00: rx timeout, send abort [ 1001.437722][T18574] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1001.488797][T18575] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1001.519891][T18574] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2712'. [ 1001.675467][ C0] vcan0: j1939_tp_rxtimer: 0xffff888053571c00: abort rx timeout. Force session deactivation [ 1001.877035][T18575] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2710'. [ 1002.970925][T18598] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1003.688069][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.697103][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 1004.902990][T18595] netlink: 268 bytes leftover after parsing attributes in process `syz.4.2717'. [ 1005.179169][T18636] ------------[ cut here ]------------ [ 1005.188575][T18636] memcpy: detected field-spanning write (size 6) of single field "&entry->id" at kernel/trace/trace.c:7458 (size 4) [ 1005.205620][T18636] WARNING: CPU: 1 PID: 18636 at kernel/trace/trace.c:7458 write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1005.225398][T18636] Modules linked in: [ 1005.231200][T18636] CPU: 1 UID: 0 PID: 18636 Comm: syz.3.2726 Tainted: G U syzkaller #0 PREEMPT(full) [ 1005.249221][T18636] Tainted: [U]=USER [ 1005.254225][T18636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1005.267235][T18636] RIP: 0010:write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1005.278150][T18636] Code: ff e8 30 74 fa ff c6 05 b4 7e aa 0e 01 90 b9 04 00 00 00 48 c7 c2 e0 1e 93 8b 4c 89 e6 48 c7 c7 40 1f 93 8b e8 6d fc b8 ff 90 <0f> 0b 90 90 e9 d7 fe ff ff e8 6e 04 62 00 e9 da fd ff ff e8 64 04 [ 1005.304319][T18636] RSP: 0018:ffffc9000f38fb98 EFLAGS: 00010286 [ 1005.312373][T18636] RAX: 0000000000000000 RBX: ffff888054ca1014 RCX: ffffc9000e311000 [ 1005.322496][T18636] RDX: 0000000000080000 RSI: ffffffff817a5e65 RDI: 0000000000000001 [ 1005.335751][T18636] RBP: ffff888054ca1010 R08: 0000000000000001 R09: 0000000000000000 [ 1005.346078][T18636] R10: 0000000000000000 R11: fffffffffffd5e60 R12: 0000000000000006 [ 1005.355786][T18636] R13: ffff88813ff18c00 R14: 0000000000000000 R15: 0000000000000000 [ 1005.370133][T18636] FS: 00007fee13e7f6c0(0000) GS:ffff888124ae6000(0000) knlGS:0000000000000000 [ 1005.383494][T18636] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1005.392541][T18636] CR2: 0000001b2d7f3ff8 CR3: 000000005b9b8000 CR4: 00000000003526f0 [ 1005.403089][T18636] Call Trace: [ 1005.407037][T18636] [ 1005.410840][T18636] tracing_mark_raw_write+0x2da/0x4a0 [ 1005.418697][T18636] ? __pfx_tracing_mark_raw_write+0x10/0x10 [ 1005.427290][T18636] ? __pfx_tracing_mark_raw_write+0x10/0x10 [ 1005.435301][T18636] vfs_writev+0x5dc/0xde0 [ 1005.442510][T18636] ? __pfx_vfs_writev+0x10/0x10 [ 1005.447846][T18636] ? kmem_cache_free+0x2d4/0x6c0 [ 1005.453539][T18636] ? putname+0x154/0x1a0 [ 1005.459132][T18636] ? __fget_files+0x20e/0x3c0 [ 1005.465649][T18636] ? do_writev+0x28c/0x340 [ 1005.470983][T18636] do_writev+0x28c/0x340 [ 1005.475992][T18636] ? __pfx_do_writev+0x10/0x10 [ 1005.482877][T18636] do_syscall_64+0xcd/0xfa0 [ 1005.488143][T18636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.500796][T18636] RIP: 0033:0x7fee12f8eec9 [ 1005.508875][T18636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1005.536601][T18636] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1005.548836][T18636] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 1005.559874][T18636] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000007 [ 1005.569798][T18636] RBP: 00007fee13011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1005.579951][T18636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1005.591010][T18636] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 1005.601911][T18636] [ 1005.606457][T18636] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1005.614725][T18636] CPU: 1 UID: 0 PID: 18636 Comm: syz.3.2726 Tainted: G U syzkaller #0 PREEMPT(full) [ 1005.629001][T18636] Tainted: [U]=USER [ 1005.634077][T18636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1005.650879][T18636] Call Trace: [ 1005.655268][T18636] [ 1005.658731][T18636] dump_stack_lvl+0x3d/0x1f0 [ 1005.665557][T18636] vpanic+0x640/0x6f0 [ 1005.671342][T18636] ? write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1005.681123][T18636] panic+0xca/0xd0 [ 1005.685536][T18636] ? __pfx_panic+0x10/0x10 [ 1005.692049][T18636] check_panic_on_warn+0xab/0xb0 [ 1005.698362][T18636] __warn+0xf6/0x3c0 [ 1005.702785][T18636] ? write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1005.711181][T18636] report_bug+0x3c3/0x580 [ 1005.717061][T18636] ? write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1005.725588][T18636] handle_bug+0x184/0x210 [ 1005.731283][T18636] exc_invalid_op+0x17/0x50 [ 1005.738357][T18636] asm_exc_invalid_op+0x1a/0x20 [ 1005.744141][T18636] RIP: 0010:write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1005.752932][T18636] Code: ff e8 30 74 fa ff c6 05 b4 7e aa 0e 01 90 b9 04 00 00 00 48 c7 c2 e0 1e 93 8b 4c 89 e6 48 c7 c7 40 1f 93 8b e8 6d fc b8 ff 90 <0f> 0b 90 90 e9 d7 fe ff ff e8 6e 04 62 00 e9 da fd ff ff e8 64 04 [ 1005.778934][T18636] RSP: 0018:ffffc9000f38fb98 EFLAGS: 00010286 [ 1005.786967][T18636] RAX: 0000000000000000 RBX: ffff888054ca1014 RCX: ffffc9000e311000 [ 1005.795603][T18636] RDX: 0000000000080000 RSI: ffffffff817a5e65 RDI: 0000000000000001 [ 1005.804827][T18636] RBP: ffff888054ca1010 R08: 0000000000000001 R09: 0000000000000000 [ 1005.816312][T18636] R10: 0000000000000000 R11: fffffffffffd5e60 R12: 0000000000000006 [ 1005.827051][T18636] R13: ffff88813ff18c00 R14: 0000000000000000 R15: 0000000000000000 [ 1005.842163][T18636] ? __warn_printk+0x1a5/0x350 [ 1005.848689][T18636] ? write_raw_marker_to_buffer.isra.0+0x2d3/0x330 [ 1005.857967][T18636] tracing_mark_raw_write+0x2da/0x4a0 [ 1005.866429][T18636] ? __pfx_tracing_mark_raw_write+0x10/0x10 [ 1005.873894][T18636] ? __pfx_tracing_mark_raw_write+0x10/0x10 [ 1005.881819][T18636] vfs_writev+0x5dc/0xde0 [ 1005.888266][T18636] ? __pfx_vfs_writev+0x10/0x10 [ 1005.894351][T18636] ? kmem_cache_free+0x2d4/0x6c0 [ 1005.900408][T18636] ? putname+0x154/0x1a0 [ 1005.905436][T18636] ? __fget_files+0x20e/0x3c0 [ 1005.912716][T18636] ? do_writev+0x28c/0x340 [ 1005.919845][T18636] do_writev+0x28c/0x340 [ 1005.927219][T18636] ? __pfx_do_writev+0x10/0x10 [ 1005.933429][T18636] do_syscall_64+0xcd/0xfa0 [ 1005.939051][T18636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.946079][T18636] RIP: 0033:0x7fee12f8eec9 [ 1005.950793][T18636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1005.978119][T18636] RSP: 002b:00007fee13e7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1005.990226][T18636] RAX: ffffffffffffffda RBX: 00007fee131e5fa0 RCX: 00007fee12f8eec9 [ 1006.000148][T18636] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000007 [ 1006.011279][T18636] RBP: 00007fee13011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1006.022549][T18636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1006.036143][T18636] R13: 00007fee131e6038 R14: 00007fee131e5fa0 R15: 00007ffd6e3bbbd8 [ 1006.046790][T18636] [ 1006.052627][T18636] Kernel Offset: disabled [ 1006.059558][T18636] Rebooting in 86400 seconds..