last executing test programs: 7m28.724085611s ago: executing program 1 (id=1375): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x3) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10700}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) 7m28.244837314s ago: executing program 1 (id=1377): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd7000f9dbdf250100000006000200000000000500070010000000080009000101000008000a000200000014001f0000000000000000000000160000000001140020"], 0x5c}, 0x1, 0x0, 0xff9e, 0x40000}, 0xfdf31875370e1716) 7m27.038883726s ago: executing program 1 (id=1379): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) bind$auto(0xffffffffffffffff, 0x0, 0x6e) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/properties\x00', 0x100, 0x0) read$auto(r0, 0x0, 0x20) r1 = setfsgid$auto(0xee01) r2 = socket(0x10, 0x2, 0x4) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) fsconfig$auto(r0, 0x9, &(0x7f0000000000)='&\x00', &(0x7f0000000040)="f8a6548eb6b8e490cf0c529cace3e4bc166bdceb37790284e19c73368a8e815361f02d97d642c5c0c6c2e254e765d7ea53f393ed6274dcf76b504be3dd7c9cb14896a5cd2796a93630de33ba1e19ad5bdc2ab6ee41e1", r1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_clone3(&(0x7f0000000300)={0x28020000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) mincore$auto(0x1000, 0x8001, 0x0) 7m24.889281195s ago: executing program 1 (id=1386): r0 = socket(0x2, 0x3, 0x1) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/zram0/mem_used_max\x00', 0xa081, 0x0) (async) prctl$auto(0x23, 0xd, 0x8, 0x0, 0x0) (async) socket(0x2, 0x2, 0x0) (async) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/binder/parameters/stop_on_user_error\x00', 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) lsm_list_modules$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffffff, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x5400, 0x0) (async) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) (async) ioctl$auto_TIOCSTI2(r2, 0x5412, &(0x7f0000000840)) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/usb/drivers/usbtouchscreen/new_id\x00', 0xbce02, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) write$auto(r1, &(0x7f0000000000)='$+!&\x00', 0xb74) mmap$auto(0x0, 0x2020009, 0x40000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) sendto$auto(r0, 0x0, 0x1, 0xe, &(0x7f0000000000)=@in={0x2, 0xffff, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1c) 7m23.668983836s ago: executing program 1 (id=1389): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.max.descendants\x00', 0x22062, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x80}, 0x800009}, 0x9, 0x20000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) getsid$auto(0x0) io_uring_setup$auto(0xacc, 0x0) socket(0x1f, 0x2, 0x7ff) sendmsg$auto_NL80211_CMD_PEER_MEASUREMENT_START(r0, 0x0, 0x200400c0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x0, 0xfffffffc, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty13\x00', 0xc7f16bff2a10ba01, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) socketpair$auto(0x4, 0x3, 0x281fffe, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x155640, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) socketpair$auto(0x7, 0x2060, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3b87, 0xa) mmap$auto(0x400000, 0x400008, 0xe0, 0x9b72, r0, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) openat$dir(0xffffffffffffff9c, 0x0, 0x381000, 0x100) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r3, &(0x7f0000000080)={&(0x7f00000000c0)="4e2b06000000a52569494a323cb632", 0x1000}, 0x5a) 7m19.211794582s ago: executing program 1 (id=1400): socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) fsopen$auto(0x0, 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket(0xa, 0x5, 0x94) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) unshare$auto(0x40000080) mmap$auto(0x0, 0x20000000000, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x1, 0x100) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0) sendfile$auto(r2, r2, 0x0, 0x7fff) unshare$auto(0xa4) 7m3.295145377s ago: executing program 32 (id=1400): socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) fsopen$auto(0x0, 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket(0xa, 0x5, 0x94) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) unshare$auto(0x40000080) mmap$auto(0x0, 0x20000000000, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x1, 0x100) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0) sendfile$auto(r2, r2, 0x0, 0x7fff) unshare$auto(0xa4) 5m33.732994869s ago: executing program 3 (id=1665): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/def_reserved_size\x00', 0x402, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0) fstat$auto(0x2, 0x0) ioctl$auto(0xc8, 0x401054d5, 0x0) socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000003fc0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETFAMILY2(r1, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000004080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB="01002cbd7045ab3c6925030000000f00020076657468305f766c616e000099171ebfb25b41a0a1d6cfee4d91b0aabdfa957495596088c15de19be2148449ea7402d61ba152055dab8abefcc9edb1ec4ef0368ebb3c76d88a79a6c052cfef221d6678572db68186bdc9764f4a8fa1169221222e7e046872bd6691bacffbeb548aabf586f0f864921c271152bd3925b9c4193f0aca1ef3e4"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x4000050) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) preadv$auto(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xb}, 0x10000, 0x6, 0x9f4b) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x14, r3, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) sendmsg$auto_NL80211_CMD_VENDOR(r1, 0x0, 0x80) mlock$auto(0x7, 0x8) read$auto(r2, &(0x7f0000000140)='$.)*\x00', 0x7fffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000b80)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x2, 0x0) r4 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x40, 0x83) clone$auto(0x2a, 0x2, &(0x7f0000000040)=0x3224, &(0x7f0000000080)=0xffff9753, 0x4) read$auto(r4, 0x0, 0xf6c1) r5 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/ns/cgroup\x00', 0x80, 0x0) r6 = ioctl$auto_NS_GET_USERNS(r5, 0xb701, 0x0) ioctl$auto_NS_GET_OWNER_UID(r6, 0xb704, 0x0) write$auto_event_trigger_fops_trace(r6, &(0x7f0000000080)="720d40318b77db9f9ba9140f30a5192b9c0314f12fd32cdb328239df38575a3e526accc23bbd5a7d51f72bfdc1bd63c64af64dc29a20a6bead9fe79efa159e8ac2633c679a1bdf6e80f89b774475f2e70f7df818d2076de24b9d7a4f11695a88159878c7ccce5e804b4f216486b6970ad64060abcfb091158b53ded918297aad92a0959428e268ebebf682788b5905845367adae476ad8c329e717ee56cf92d861128295c07334a216b6db27e1da0ed7de94f4653bb050ddeb2f48eb1a00d90a4229e85913ae0a4aef2e958577e4ebd5237dc0cf937b04573135c9cbe3b88f6a4df4f9544bf67b10d730c933ae670d0308d1ee94979783f74f2b497c5d790d2767729b4d1481590305965e571c9dc79af02eac1d73d4f01a5c13e09707442bad0d9f6fd080b160142b950fa36b9c61b04927a3ed695c1706a1802bf80d4845f5b3987cfeb7959e1c01e50541fd95f867f3adbed42c2ff7409403bae6588ff222889d5641c0679c809c1a8f052fc4937cb68ca195ee2c17e719b6e9cc59f13fddc5fffccbe80d1f0f072f8dc766fa9e9a2678c8f4bf97f0f19b4fd8ca1a72f5aaa43a2830a6cdac4af41407bbf0afd9eb53966e694605f5164d58987a7fd67390b7790181eb9a5b3b75ed7fa76ca5725999671793350c0d76e6c9be866d0701ae3813109aa05d30d27d868657b6fe6d6a8a95cd6f282b9434da5fb5cf3f32b40e721cbf69accbbcec2c64d44d61f486d014e19b4e7f12141f60d2d680367c05c7f62b2fa4df06e3ec50147362542dac2b4b53431c49854e42c9fdd33b4aca86d76d100c493dbacebaa4097b095707ad875c18858aa2c34badd166b3b6b918846b7534df494b07cf93e9a913eb8b72bb8f259d8f8514ec42cf03d5f9c85d8902e5e7824fdc5249aa68df45b4aa8abcb789d413c297ec8fcbccaeefce87dc048560fd63df63109e0570e936c71d3f0d5a05279c53fb3714b0f8e86e6318254b38ee83cb5e3b38a48640656ebc1f3117e049d11824d0317cb0e78e53c798d0e65204fa2efb40759df7f86d69424adf738b5515e6c25705792159b99574dc2749d6ce7d0c2a8ee35dceabebb58796a94d0992a36681fa19fda9a81c7550ee4d3afec9f9fd3baffd895c034df6574d6421522845b6fac220e45e15211ae0561be498fa1f44a78f12c4952572923181a257cd8fa85ca4a3e1c1b11de5ee86d982642f14f9f7669a0cfbc650432fbed05480b274992252531e3c212ca7c9401a2fb720c82e946d103774016d6412796464be3a4b0d8b70b8396a504be80a3dc1f3cfb26b225012792c8aaccdb2b430cb1dd46c790ebb370b9307de9a73a41d20ad312fe2a37edd1362d4954c13787493dcb8c8ee7b24614c674f8ca0f74e3b161070f4a649cde40dde518bb7161c1b2d926f81797cc322bad7658f934746335dbdd41d308f3e176825b2c4156ec050658c00342965ec767094d8741b038330076c1cddc10ba4e86c9475391e959b1cbc94bf949730119070bb0aff43cd0c7cc55565cf8b3c55519a2051b6db9ba8719754884f228fedb4d0bba7f86f85286270b3566640ab67c5516f9eaede82b93be7cd093543f69446e5ac201a262219aff44d5947a89fc9c6325a022872411a2c9548dce36b1b72b1b69586b7ca6b374ec32eea95a85c19d4ad720724f455641495c8a1560e83a8dbb43c77377e33656be9e3a140e2aeee058313639bc843868fa89268c1557f3204f100a5a398220c40d11ddf9daf71ca01b39612b86be5abf9c5d2c8f9c8b90b64d09caa1d3aa7e5a3f73218d07edd5c263359ddd579ca0e63726a17d945cce3394e7dd5abad83d1d975b1c4efb8f5c327ae151a19da8ac0a3611e4d65afd930751ae8445cc8725d33eda3e6c48fc52b51060eb3026dac10575b38e0bbe571fead571441aa6f70108599e02b57cc2eba7c982e8952e3250cbe0bbebce90aa72c62df4f1946ca53d3a88822ccd22f403144436e0924681d7a6713169f828d5f9a8ce716b8174a8c21714779e0d602b0c301c47b2bab295d9cb8f01bfc7a3e0401bdb66e23250ae3dc3e97f9f8b54f06ea42e7b003c87badf136bf6a9616da04004223bf358f429184a1bf5fb330efeaed433b66021208ab9b71a490572baa3ae1823a1de65da176226ced9585341c19cc84905a4977cfeed7b0c1cc9e91df3a1568ba3b3877491de72f10a49af97cc3a9f69b231222be25f864b62e79b36add56108ffea1ba1029c5d6b4d113f4af7cbd3e536b74fc73e48d8bc65d24604152e8e6286b9d464ab3e06d142f56104b248867d309d8571930c17611991555bdb8a42b1071a2a4566755132b289c7df5ae8f98f6548938dc656f8f3c48b7630240d1a2ff4d6e4cf275993fbc79e62abfe2b135ad38cd94b3f2feb8c6d0c80266f06593bc6b749a3151c00d6c47823c26a6c9522d541c02a8c31ec40ca02f3bace44dcfef08ca2aea955de58319b13fb6a3cb329d25e8a7d05cbd19e99b421e4c629ba3d9c11dcd7e3ffa5f9f8f26ff87c40f8ff44242dbb2068bb7358eeb94b8c4f480c10892c7aa3559c194620c803fce3f997c1dd600bad0ad8fc17966ef79afc89bf741c7ab44cb65c98195cb282434de0aa6a2b70d9fbc238ba97dcbdcaebae08ddafd89aea3588885bddf2da33d9e791b3f05411710591753d72b099bdd2e5dd7e4a9b585dbea093727d689cd4a81e053402a8a7c2f160bb732798e4b572523aa813bb051aa39995c33230c46292e91d7b1b250dbf902ccf4779d35cc9cbe900949efe33d05c3789799f1289531216cfdc145be57c03e10cbcc29308ce35208a8a2469ae7557b6ca6e6d8725e7cde28903df82c334764fd71fb229c3e9f5030b249563d3233f1cd0593ca7245cf0f64601f046d472b1af8ea7b9c0964038882c5fe18684cbe8e4422b12d443b9ba206dc30c4d00e759b6b192b2a79e68440106358b1ac18913e726cef74a956d966f20302fa53cf57e03c0a5ad9c1766306b719278dff5884c22910202eb1e7f57a3f71e82474589d7b0849515b710ddd53063356777c8b34f78827f87125865f8725f9fbf7cb73aad34fbf65a08af3aba1917052e2e49ba6f5edbf88456d3dc814637615f538233638c460b958834e991114b9434ef99a8fd96fe124cdae80f0252664132146fc6dc73a8a31ae46e54dd64c7c6e64ea15bf16523bf368a7263a73ebfffc2b7f764dc50ba8ee9e3c759e4e8028deac441ea8e0a4baebe24d5b215085ddeb16eaf02531aa94d55cccd83634a221cc939f9e99eb276432fdd82f0acddbaf191a1b1010dc5251c2e169f020e871f5e4fbeebba3d281ee32dd6a2f8a5073ad8941587d744f585c083293f5b8750accc51fc8d20e513fdb9980d9483b7295ac5c6a68b25e0f7a5e9f0cc36aabeafb01797aeb1f8df73d9cac5ddcb0db1dec82512d77375ce18749a15e619e3527221d3ac2a2103e109dd15530c9af288aab381209f08457c980963c53211bf7a8a23e749fa4dc7bbfbd813fe7fbc1ec122d53bf846509f3a62d470d2e698bae4dfd0a0dc8a721e777fe6161ba7c91662d298da7f9e1192ccacd84b482b4fe4b5e1d6d3bad7d2aafe6223fccfbe565a32f2531db2e883e2175d51c5820aeea1ab25acecdcf54f0b49ec94385fef1fef9a33264668beb5fdda9b7f38d6389bc8213757ef6b302708c7c83392a353fe6cf4978afee112e3620a1447d11ce1c0980ba02bc04c6748c6f4255ec267a7863051cd629d03267f4ec073cba77a3e5dcd1bd3793c5c4b62641a3312c8ce4485e0db2c72bc5498860baf91069c7254461f1ec814534fd450976ce4e77be4ab43b04282b25178e92f9f07a1bf7ab16a72cb5e0a3d3c51261744680daa1c5ee3a1796371a8b62e9f7415884090fddb0f5d914f34684cb3b109a017bce25b932b4c813d447f802d93b51f437376302ebae2733f89e7c708c95870e198a55ca22bf7c13afd5336274d0b4627447dc97504a7e77b7e96880d4c817179056f9e906a19e0f40166df013cbc2b7ee28faf1cce33fd4461fa1c851a0ab752fe5ab5c3489c42f6e1272a9752a4f36982571d866aadd344f71575c3230d716c45c2f5f5f2a3e5a0598eed3eeb79abe19d62b48f253af97a83da2bc6fd100e0146c6eb850d3f0a9ad6d51aee0d5c70394f5f30df6d568467fa8ac27b4042c333ce742473155ceb1649a0a868d7aba59ce2a57aa52406db10ef4f044e060a04b3056b478845fe29f4b8c003d2ec4c083c1df7aad8859e602913893054e0885389521b66db961d0f7017697b143736c7c89c56f841ad1e9f036f181bba4ea796291098c94cb9bd6b1de31b0856010ec508fb0c7a9ec3eb725b6ee49d206504c7320f587c393113690a40ba8ede6debbbd45d86327539250ec0d4b24359735b33ab55089b46e5d4a6dfed4c79aaa6bcc7542b49a2d1033d5224ddb4e1f269fd93658d7f16dbdcb4d0d5a814c85e470514debe0b4500e4945f0b4d465bd27df6c38875c5c293af04d52ca0ca42da8cfaeaa9708fad1410c55031f2b6405b050624386ce1f294cdca4b1bf2e96bd55ea24ce77b9f911633bd589b4219ed1fb19eafdafba51d122b5458a8738c522acd44da887eace585d6031a0d6df51c4f4550564b4ed6c5ef5e76698c9bdfedd8eaec27e48ffe8dbb11b53bd7846aa95f64de93bcb0084b93856d5121b5b09104d9edaf47d89b4a33cf751b655b2f6c2e7d4576d2b3076b6e303d4ee3f415032ca48a8d07c2fd337b86c262ad728d6e4fd81df378b6a9196dc1ca62433054dfe71e929ea71195275639690430b7a44532f317ae600987ebced8d4684f8803ec2f0db024e7d346e41b73b4304f6c302214efb88e2a4e5cabbf2ac59850721c57889ea965b61824e280c79c593726bd5f6ce5344de8f43652f5b053cc41692d4da2f0086fa69f8a685d32a11f423168bc9ee2d01e92aa719583ca195db21a2f58d8995d803d4da034325d24deec829f535f4acb46114f5a31e2b4d0ade0e288d319abc589a59a8fa62345e2de54076e4b3e2bbe1ff668b461a3180ccb85783cd3710b1a7b86622aad6faa607e4060b9fe970eeea0a4a320138031f969c4355f02487a857184da5defe0fca066627d3469f3a4f803ef1329c8d99896428a06eda1a576afd69fcfaeeac67c50cdc16b5c1f2e8ea4bbbf3feae1d1039476f74bbffa4641c820996c7416afaa4b2fc73415344123c4e224405f80153eecce7109eb1e8000ab9cdba080c1d4e429966d12c575cae3c244cabea37bd8557e6c36739057f629bc98792297075623028899f64b2fb790936dfd15a65635120386c766f9c6f393f7becc9def727a1819249b086601d6cf5cd5f6030033d34722417fa6d579d04a3564c6a0ec7e42b81512a09732d3e82fcffdf6879d1473fd90fec14d7333a9d078958b95f9caa55060981d9f654c851faae5673b7f4cd8c40308e1dcc2e4cbebd9671f5198a5f9934bf6d7b941ae4798d0d0c06b904d3e67562d02325b0d54dfdcec93ed90e4ea8ec47dc6e4b03d06741a5c86980b427023dd828371fc50e91c3dfc945a8a1ea1561f09d216a7ee679bb8aad3a0d7d256ecf93f13ec4741d8dbb0ccb52173cb16e7a18a310e783af69e04144384c9ee83af467cc6c1f2ac846d8279565fd609a53169af13dac8c35b1dc81c91f10e65e03a9b5200add26a3d67c57b413409c1d9f94252e307891ea6bc2221fd1949aead4fb079a6b75ffe90703502fe2af5810b7fa059682d06325f14981e68fcf3d23ea674567", 0x1000) 5m31.863606968s ago: executing program 3 (id=1670): syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) socket$nl_generic(0x11, 0x3, 0x10) mmap$auto(0x4, 0x9, 0xa, 0x180011, 0x1000000002, 0xafd) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/net/ip_vs_conn\x00', 0xf00, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dri/card1\x00', 0x6082, 0x0) r1 = socket(0xa, 0x2, 0x0) r2 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000180), 0x80080, 0x0) ioctl$auto_LOOP_CTL_ADD(r2, 0x4c80, 0x0) setsockopt$auto(r1, 0x2c, 0xb, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r3, &(0x7f0000000440)='Y\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x8000000000000003, 0x20009, 0x4000000000de, 0x10, r4, 0x8000) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="01002bbd7000"], 0x1c}}, 0x4044820) readv$auto(0x3, 0x0, 0x23a8c70effffffe) openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x2282, 0x0) pread64$auto(r0, 0x0, 0x42, 0x4) syz_clone3(0x0, 0x0) 5m28.997167615s ago: executing program 3 (id=1674): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) ioctl$auto_USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000240)={0x88, 0x9, 0x0}) unshare$auto(0x9) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) prctl$auto(0xa, 0x614, 0xffffffffffffffff, 0xffffffff, 0x1) ioctl$auto_XFS_IOC_ERROR_INJECTION(0xffffffffffffffff, 0x40085874, &(0x7f0000000280)={r1, 0x7fffffff}) r3 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000300), r1) sendmsg$auto_IPVS_CMD_SET_SERVICE(r2, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x88, r3, 0x4, 0x70bd28, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x5b, 0x3, 0x0, 0x1, [@generic="b92d688cb62a5c37c228df0e39172b4e7c4b74f719e6c21fac6d67e5910186c8f9acbcca0546af419661569fff9b006bb32cb3ef9c034303e58646a055a8b9db367f604235cecf3d71001c", @typed={0xc, 0x128, 0x0, 0x0, @u64=0x7}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xb5}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8000}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x100}]}, 0x88}, 0x1, 0x0, 0x0, 0x40080}, 0x0) socket(0x29, 0x1, 0x2) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x11, 0x3, 0x9) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0xfb, 0x2000c, 0x4000000000df, 0xeb1, r5, 0x8000) r6 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r6, 0x0, 0xfff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x18380, 0x0) unshare$auto(0x40000080) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video17\x00', 0x80800, 0x0) select$auto(0x5, &(0x7f0000000080)={[0x1, 0x7, 0xc, 0x7, 0x6c0, 0x3, 0x3, 0x1ffe000, 0x5, 0x2, 0x9, 0x4, 0xa657, 0x204, 0xd6, 0x5]}, 0x0, 0x0, 0x0) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, &(0x7f0000000140)="181ecff6d65ff321d095a776216661fdba3cee5a776c2dfc4a45e730a9df0a45e9f3eae21340ffbd639751250ebb9c6b6c1ec022596c8542ba41316d9b143dea2cf13c3b3fcd2e2c947ad5394f56c581488fd092a87664f7842bcc00c51950b69ca2d9ead673cd822bc905e80ee4a85182ed8bc817a674bc4e44e9321c924b7a") close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 5m22.113557568s ago: executing program 3 (id=1682): syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) socket$nl_generic(0x11, 0x3, 0x10) mmap$auto(0x4, 0x9, 0xa, 0x180011, 0x1000000002, 0xafd) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/net/ip_vs_conn\x00', 0xf00, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dri/card1\x00', 0x6082, 0x0) r1 = socket(0xa, 0x2, 0x0) r2 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000180), 0x80080, 0x0) ioctl$auto_LOOP_CTL_ADD(r2, 0x4c80, 0x0) setsockopt$auto(r1, 0x2c, 0xb, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r3, &(0x7f0000000440)='Y\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x8000000000000003, 0x20009, 0x4000000000de, 0x10, r4, 0x8000) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="01002bbd7000"], 0x1c}}, 0x4044820) readv$auto(0x3, 0x0, 0x23a8c70effffffe) openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x2282, 0x0) pread64$auto(r0, 0x0, 0x42, 0x4) syz_clone3(0x0, 0x0) 5m20.609413821s ago: executing program 3 (id=1684): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) futex_wake$auto(&(0x7f0000000300)="194777f28f0f52354e", 0x1, 0x1, 0x200) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x11e0}, 0x1, 0x0, 0x0, 0x90}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x10a, 0x8, 0x0) 5m18.754179752s ago: executing program 3 (id=1687): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) fsopen$auto(0x0, 0x1) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) mmap$auto(0x2, 0x7, 0xdf, 0x9b72, r0, 0xd91) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x103, 0x0) ioperm$auto(0x7, 0x6, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20081, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) socket(0x18, 0x3, 0x40006) migrate_pages$auto(0x0, 0x3, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setgroups$auto(0xe32, 0x0) open(0x0, 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000240)={0x0, 0x7}, 0x3) shmctl$auto_SHM_UNLOCK(0x2, 0xc, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x3) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf82030000000800030001000100"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40090) socket(0x11, 0xa, 0xfffffffc) socket(0xa, 0x801, 0x84) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) 5m3.258964685s ago: executing program 33 (id=1687): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) fsopen$auto(0x0, 0x1) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) mmap$auto(0x2, 0x7, 0xdf, 0x9b72, r0, 0xd91) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x103, 0x0) ioperm$auto(0x7, 0x6, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20081, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) socket(0x18, 0x3, 0x40006) migrate_pages$auto(0x0, 0x3, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setgroups$auto(0xe32, 0x0) open(0x0, 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000240)={0x0, 0x7}, 0x3) shmctl$auto_SHM_UNLOCK(0x2, 0xc, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x3) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf82030000000800030001000100"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40090) socket(0x11, 0xa, 0xfffffffc) socket(0xa, 0x801, 0x84) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) 19.26479403s ago: executing program 0 (id=2191): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000700), r0) r2 = openat$auto_generic(0xffffffffffffff9c, &(0x7f00000032c0)='/proc/kmsg\x00', 0x80002, 0x0) poll$auto(&(0x7f0000000040)={r2, 0x1000, 0x1c9}, 0x2, 0x7) read$auto_nsim_dev_trap_fa_cookie_fops_dev(r2, &(0x7f00000008c0)=""/4096, 0x1000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000780)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010800000000000000254500000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4000895}, 0x24000004) syncfs$auto(r0) 18.157348986s ago: executing program 0 (id=2195): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x1, 0x4, 0x7) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x100000000, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0x7, 0xc, 0x8, 0x7, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r0 = socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0xfffffffffffffffc, 0x100000001, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x200007, 0x19) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r0) 16.789906597s ago: executing program 0 (id=2196): unshare$auto(0x40000080) (async, rerun: 32) semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff) (rerun: 32) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x2, 0x2) (async) ioperm$auto(0x3, 0x8, 0x8) close_range$auto(0x6, 0xeffff000, 0x6) (async) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) (async) r0 = socket(0x2, 0x2, 0x0) syz_clone(0x80000000, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) socket(0x18, 0x2, 0xa) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) mprotect$auto(0xa1f, 0x5, 0x3) (async, rerun: 32) r1 = socket(0x10, 0x2, 0x0) socket(0x1a, 0x80000, 0x84) unshare$auto(0x40000080) (async) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) (async) openat$auto_proc_sessionid_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/sessionid\x00', 0x4000, 0x0) (async) openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x68082, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x80802, 0x0) (async, rerun: 64) setsockopt$auto(r1, 0x1, 0x45, 0x0, 0x4009) (rerun: 64) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r2, 0x545c, 0x0) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async) ioperm$auto(0x2, 0x8000, 0x2b325536) (async) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x36ec}, 0x1, 0x0) (async) setsockopt$auto(r0, 0x7, 0x7, &(0x7f0000000000)='\xba\xba\xd3\xc8[&P\x9c\xe7AJz\'\x91\xce=B}\x95+%\x00I\xf5\xf8+\xd4\xa9\v\xe1\xcc\x18', 0x80000e) 14.156960488s ago: executing program 4 (id=2200): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) socket(0xa, 0x1, 0x100) (async) ioperm$auto(0x7, 0x5ad2, 0x8) modify_ldt$auto(0x3, 0x0, 0x0) (async, rerun: 64) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async, rerun: 64) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) socket(0x1e, 0x1, 0x0) (async) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) (async) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) (async, rerun: 32) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) (rerun: 32) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) (async) process_mrelease$auto(0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) sendmmsg$auto(r2, &(0x7f0000000280)={{&(0x7f0000000180)="16816a01315200fbcf3731d4d32e2aafff9416b6b32d5e96a196224c52a7cf4a235d3960449ba172c1a465db13e5b0e1dbfa3e6c78846ea0fbc4a0e543d0b0e06511a46070923ca7fe70a7f700a99008405eb9684151b589bb988d76decef2b603b0013d8f572e198bff46bb73", 0x2, &(0x7f0000000240)={&(0x7f0000000340)="70811e423fc0f319e24cec70134452a8dbf5881b67c4da0d6e0bace5f1c3a016bf545c4742f61e13e369d0792313e6a9d8dd469532181862dda1b413ced6f84d3b02212252437ca525031d70dac56387c5bed0623b98b13a5dc37d0d6eabede9f7d1478bf92dffa88ad566dea5e320297b97f950f6c4495b21861dfeb0e9f05e9921435b9b6f62063dc8c1402dc32a915df2687548b0017c87821bbccc76c0617e508f4dba44c7f907be09c841f2485f4f1af4e90b03d1a5e32dbf88", 0x8}, 0x2, &(0x7f0000000400)="c1412a1248e47d67d56ee1b0213fdfa0aa227e67d1966ce2f233f7653c5fb21e0bef849a9fd7ffb438aa4983273d177bb0d6bce24becced8957067ba27b5bb7c0775534d3a27d32d2c0119cfb33883f84b079b0458baa7ec4424c0cbf5353b31bf8777b112a2ef423717cae72d18e4ce2710eec98ebfd87cb37a06faacf7196b57744dc463308aa0595aaa742176497c85307d99326e5d0d9b8b65b95b5ea8112096571f74e4ad1e59f8173a59dd626e40e62fba74880daf18503d02b501fd3a", 0xb, 0x3ff}, 0x9ca}, 0xc86, 0x1) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) (async) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) (async) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mincore$auto(0x1000, 0x8001, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) 14.086470891s ago: executing program 0 (id=2201): mmap$auto(0x0, 0x6020005, 0xb530, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) syz_open_procfs$namespace(0x0, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0) socket(0xa, 0x2, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x400002, 0x0) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r1, @ANYRES8=r2], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r4, 0x80104592, &(0x7f00000000c0)={0x3, 0x20006, 0x200000000000105}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x40000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe2$auto(0x0, 0xe017) ioctl$auto_PPPIOCSMRRU(r0, 0x4004743b, 0x0) 13.465683691s ago: executing program 0 (id=2203): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$auto(r1, 0x400454ca, 0x38) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/loop0\x00', 0x600000, 0x0) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20a01, 0x0) (async) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20a01, 0x0) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) (async) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) mmap$auto(0xb2, 0x14, 0xffb, 0x8000000008015, r0, 0x8000) write$auto(r2, 0x0, 0x10000000800) (async) write$auto(r2, 0x0, 0x10000000800) io_uring_setup$auto(0x3501, &(0x7f0000000080)={0x7c, 0x1000, 0x8, 0x5, 0x3, 0xfffffff3, r0, [0xbc, 0xffff, 0x3f], {0x81, 0x9, 0x800, 0x80000000, 0x3, 0x26, 0xffff, 0x0, 0x6}, {0x7, 0xa, 0xf, 0x7fff, 0x200003, 0x0, 0x0, 0x0, 0xc}}) (async) io_uring_setup$auto(0x3501, &(0x7f0000000080)={0x7c, 0x1000, 0x8, 0x5, 0x3, 0xfffffff3, r0, [0xbc, 0xffff, 0x3f], {0x81, 0x9, 0x800, 0x80000000, 0x3, 0x26, 0xffff, 0x0, 0x6}, {0x7, 0xa, 0xf, 0x7fff, 0x200003, 0x0, 0x0, 0x0, 0xc}}) ioctl$auto_BLKTRACETEARDOWN(r2, 0x1276, 0x0) (async) ioctl$auto_BLKTRACETEARDOWN(r2, 0x1276, 0x0) mmap$auto(0x8000000000002001, 0x20009, 0x100000000df, 0x15, r3, 0x8000) (async) mmap$auto(0x8000000000002001, 0x20009, 0x100000000df, 0x15, r3, 0x8000) r4 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x11, 0x0, 0x0) setsockopt$auto_SO_MAX_PACING_RATE(0xffffffffffffffff, 0x3, 0x2f, &(0x7f0000000300)='\xba\xf13\xa4o\xd3\xd2\xe0v\x95\xe6mAk\x90\xa1\xfd\xb0\xe1\xa6W\x85py\x91Q\xe7\xc9\x05\xce\x17\xe6<0e\x12\xe8/\x16\xf0\xd2\xe5\x06[\vFb\xd6\xc0sTv*\xa6\x97\xb4\xcf\xc8d^\xb1\x7f\xeeH\xd2\xa8\xeb\xad\xdfw\xad\x1e\xcf\x13\xd2\xbbh\xb7\xb1\xa2\x14\xbe=Q\xf3\xd6\x85\x8as\x04\x93\x8c3\n\x9e\xcc\xbdP\x89\xee\xa8\x82\x03\x97\xe6^\x85#\x11T\x8dE\xba\nF\xc2\xe2\x06k\xf0~\xa3\x86h\xc2\xb8\xcfk\x1f', 0x5) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x9a}, 0x9) (async) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x9a}, 0x9) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) (async) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = socket(0xa, 0x3, 0x3c) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty48\x00', 0x880, 0x0) ioctl$auto(r7, 0x5609, r6) (async) ioctl$auto(r7, 0x5609, r6) ioctl$auto_FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000200)="c205486114e58bc349e6cdb4c66060cfb8fea1e7fd8ef10171bae6b112778029d78fc49e5019fccc2d5d681627d3103786eccd4129f322387f62a068199f96c796bb440bb131fb0c1978584496b9ded7a402e9663f978ceedd372d6f890b30d80548880d6431ca38f3e2ea43d52477b36a6ccd0c5636bfdafd3659b2136bc4beb3a5b795ce8834f395c54ddc0cd6fcbcb558fa4a3b50220996639f7e0b5906f84d3e66f6f9f240f060bd92265cd65f3fb81a37511af038d95947f63843205287b31a6568864980b5c756652d901e2ddcc211963b5a14a328350ecce7e6b9f0fab231d7137fa375b8faa695fa8255b4088703adf614") madvise$auto(0x0, 0x20499d, 0x9) (async) madvise$auto(0x0, 0x20499d, 0x9) open_tree$auto(0xffffffffffffffff, 0x0, 0x74ee) ioctl$auto_NS_GET_PID_FROM_PIDNS(r3, 0x8004b706, &(0x7f0000000180)=0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYRESHEX=r5, @ANYBLOB="000229bd0080fbdbdf350a0000000800fbffffffff"], 0x24}, 0x1, 0x0, 0x0, 0x20000050}, 0x809d) 12.341003095s ago: executing program 4 (id=2205): syz_clone(0x80800000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x141241, 0x0) sched_getattr$auto(0x0, 0x0, 0x8198, 0xa286) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/stat\x00', 0x301800, 0x0) r0 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x82000, 0x0) pread64$auto(r0, 0x0, 0x14f7ebd9, 0x4) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu0/cache/index2/level\x00', 0x101600, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)=""/197, 0xc5) madvise$auto(0x0, 0x20499d, 0x9) 12.023113575s ago: executing program 5 (id=2206): openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x18080, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) socket(0x2, 0x1, 0x106) ioctl$auto(0x3, 0x8901, 0x38) getpid() r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0xad00, 0x0) symlink$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00') readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) ppoll$auto(0x0, 0x2, 0x0, 0x0, 0x8) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) 11.638192184s ago: executing program 0 (id=2207): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0x3, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1000, 0x400005, 0x4, 0x9b72, r0, 0x8000) madvise$auto(0x80000000000, 0xfffffffffffd0005, 0x19) mremap$auto(0x10001, 0x4, 0x4, 0x7, 0xfffffffc) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x6, 0x48}) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x18, 0x6, 0x1) io_uring_setup$auto(0x6, 0x0) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) madvise$auto(0x0, 0x3, 0x14) ioctl$auto_KVM_X86_GET_MCE_CAP_SUPPORTED(0xffffffffffffffff, 0x8008ae9d, &(0x7f00000000c0)=0xe957) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000080)={0x809, &(0x7f0000000000)={0xc, 0xf1, 0xb0, @inferred=r2}}) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) readv$auto(r2, &(0x7f0000000100)={&(0x7f0000000440)="d1bd2c981a8808b20720aae315ae0507d34c675773bf77e26d9445db5e813e434e32cadb3bdc8ec51d0ca75fe340c1daa51f4beeedbcaa24e87dbb41eca7a6c8d1ab48c493c9bdad184063d54076508afa8bae60761b4c6197adf427748ac9d68f972d17022f292ad355f077a3fc05d54a9ec0efe7b5e5e29645b95e3bb45730f8bc625716ab28f856501018cbc5a22ed6714d036708aa356280", 0x7fffffff}, 0x393) setreuid$auto(0x4, 0x8) tkill$auto(0x80000000000001, 0x7) read$auto(r3, 0x0, 0x7) statmount$auto(0x0, &(0x7f0000000180)={0xfffffffb, 0xd, 0x9, 0x4408, 0x400026, 0x401, 0x1ffdb, 0x5, 0x6, 0x7ff, 0xfffffffa, 0x9, 0xfff, 0xfffffffffffffffc, 0xb0, 0x5, 0xb, 0x3, 0x1, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x8000, 0x20000100002, 0x8001, 0x1, 0x0, 0xc, [0x0, 0x2000000000000, 0xf73, 0x0, 0x0, 0x2000003, 0x1, 0x2000000000000000, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x10, 0x10, 0x4c5, 0x3, 0x0, 0x0, 0x9, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x113c, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x3, 0x0, 0xb114, 0x0, 0x1ff, 0x51, 0x4, 0xffffffffffffffff, 0x1, 0x4, 0x6, 0x0, 0x4]}, 0x80000000000, 0x8000081) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x9}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) 10.916485536s ago: executing program 5 (id=2209): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0xfffffffc, 0x0) socket(0xa, 0x1, 0x84) bind$auto(r0, &(0x7f0000000100)=@in={0x2, 0x1, @private=0xa010101}, 0x6a) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioperm$auto(0x7, 0x6, 0x2) timer_create$auto(0x8, 0x0, &(0x7f0000000040)=0x200) timer_settime$auto(0x0, 0x8, &(0x7f0000000040)={{0x0, 0xd3}, {0x1002}}, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r4 = socket(0x15, 0x5, 0x0) ustat$auto(0x801, 0x0) sendmsg$auto(r4, &(0x7f0000000180)={0x0, 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r3, 0x8000) sysfs$auto(0x2, 0x23, 0x0) r5 = socket(0x11, 0xa, 0x300) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'vxcan1\x00'}) listmount$auto(&(0x7f0000000040)={0x200, @inferred=r1, 0x7f, 0x81, 0x400}, &(0x7f0000000140)=0x10000, 0xf, 0x5) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f00000000c0)) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r6, &(0x7f0000000300)='*o\xd3\xa49\xaf\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\x84\v\xafz\xfd\x81\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x6) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_CTRL_CMD_GETPOLICY(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x1c, 0x0, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}]}, 0x1c}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r7) 10.455270685s ago: executing program 4 (id=2211): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event1\x00', 0x22040, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x1fe, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r0, 0x4008ae90, 0x0) setns(r2, 0x8000000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x8, 0x3, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x20005, 0xdf, 0xeb1, r0, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x1000000003b, 0xb9f, 0x4, 0x5, 0x7) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x22242, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) mmap$auto(0x0, 0xffff, 0x3, 0xeb1, r2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/mtd/mtd0/mtd0/nvmem\x00', 0x1000, 0x0) sysfs$auto(0x2, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) 10.036954576s ago: executing program 2 (id=2212): mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000400) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r0 = socketpair$auto(0x1, 0x1, 0x3, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/time_for_children\x00') openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000240)={{&(0x7f00000000c0)="7d13c0f116f414b519275ab3ebec622b4af4294e802636055a86416dc1e0c8eba080a8d2a09bc22af10785ff68e80102a113b6c181b212a9eeeaa8f470c2bb0ed054cd98136da5ca60594cd217366d0649c0f4ac9a159bdb69dcca416b3c", 0x5, &(0x7f00000001c0)={&(0x7f0000000340)="6cb633deb639fabc531eab31edd573dacbd40ab9f0f49863cf46afdf0d56f35dc7cde4fdf221f82529d9727243e138ba002212d1605ad8f8f02986e57673aa383721d36ea69e0f38c439bc7204663f58b66a07bf315d0628fbb751a0fa89daca05c5ec980f5b1a3c4a1345ef93286b4a70cb816edfb38c767ff55d95f40b2455a2", 0xfd}, 0x5, &(0x7f0000000400)="70db2ad876b5272c63df484af2549da219f647fa933ebe9db7a31b8bd5563eb151564dbc8d7adad74a8c58f8cdf8329ebb20107253f72d7b4f2ccb367ccc32bc2f45d50b2880e7e0d83bad4f902cd7e6f0721982f1812ccca6469e7e745152879e307cc7afc3f8afc8b459f3bd735d69cd58f9eba05197561babccfcf2b199636e1d67d021242a8a4bedaa4ae49131b405ee7092ed9d09278d35ce32c3c0875160aafa7fdad76a44530a955f6a0da1519f1dcb270426ab6410ba0d3f23e3097c50f8cf8631c95a3fc3749987e4004a1bd647f86cdb16e043f179445389b82cc3a7f406472c19961a741e209380a152e56ec7363442031f3a8ed8f0db4da8a5d3a095b5162604782b693f10c188e2fb1754c8065774c02940b128aec45c6f75f4e6501d42dd7e11678c3e85dad12c129c669913f699ca7fa44a65bf4c9513a8c693525598a88ea6e8be7f773345b2b100a03cad3f05806ed6117561485999fc74c1a505d030638097ca5ba41b923543697cb2e696ef0a77e39c2be0a4e7e7c1de8f045d5471e1bf5937e4976c7d9b843aff314859d8a62393724cef4c5e9b53b26718985f7c959279ea48449f8690589abe06755bd827aa827ac011de1f5eba3c673bf93403ce6817a13004995fd61038fdbdaf0265e70354fb169245b9d1d6bef6a21b0326cc0a78a6c1bff432970f20206fc2ea451e3a8f3f9df79205c4838b9f6ee94905a35df8327f0276c0c41c4f0cd8b68885cca288632d78cd338d483b700b320e17a61e2f69ade0006457f950beeb150adaedd92ba3d652caca65547ee7d7649465797d0b1ac95b1ce18a1fcd1b35c1c839e670d2750c5163263ab421dbca1523f42cacd2b55ac0549df73c166a08a0990fef00383ae5e67a72d0e794bfc96e7311c9e1c26ff423ad9d1a867dfea076b14b9e5c0f86031b1338af57b37fd43d70dac087fccf209c7f7835824425819a8ae0a96238c088c7b9f1d818f6ca3bcd241fd0d77236d3b3cf527dc88895602699869b2484c26e2cf74af8397f56658dd02790714e42a56177d7ea86dbac663409a02ff398ad74f383b4bae96fca1bee9cc1af638e9ad4fd62a0a71522a96b96ed70b1086db340be255aca406d47dc5fe852e00c66fcfdb45cce7da91e8269770e24f7e90fa8ae016ab9911ba044c433412371074d49c369d36b1c4bc2451e0ba79884b30ce40ba5a9c5865ebf63d14ce7ccb111d91185cdd945225209eae2228ae41d6d5efa641e1dc413ec2266884b7d1720578d77bfc0b7a6846c4e2dd3bf083e916d2c272f41b9c045e019cf53391f3ff2871b8efd3761c5eaaff8f02d1442f0499699713169f61974a944e92a51cbed61402d9365a359ee344294a9b0d1bc2f96b3739d16789bb6145b578cf2b5977b45f45c6959daa992ce3339b19ebf66774b23e49b31f2bf122a9dedf445c5b09f33a9dde1f21479140d54a8763f76c7c46c31de4eabb31dc05be47c5da39f9abcd8c8aa9eb8d91dfb6b023e2af7dfc4cf5534077d8f436d2ea43b9fc19e6c9eda2e708fd068a23402c8b23b1006ae78605e0146eb41566f97eea8eb312f67114bf57ce58be681666de2d56a971a59d1b46f3a75068a5200678e5ec3151cf03a30034cd60cdb648375bd63aa0e7b92266bf14bfa63ca8a8a1cfb02542692682481bb9d88f6834c2343df12fc4f901b7205afc4fc27e0615e9c7a0b8bc30550086f9d1b4bf3328606ee558a144c89c361bbee9a7b137adf1529d6c8025e1824e38510592368c0c415b53c915af803a40036d8547b5f846c1358ea82b20eee0f9926ff47f30438b16af5946ec26e8ecfa65a016c6965a8ab05522d041fe3446495989cde67b2027a059a89e379dd843c2635e15c8a18caaf231634ea58a3b8c7065441a476adde061a58b480e805f5a80dcecdc71e04c4eb57eeeb387c56ffa37027c4ed9b1be8a3f716ac115156c71dd7c253632f26490bdb30ae501d46f702acb1c0d53673bae6207e10ade12d8d2a14321a12f5850d461d15905ea76f42bdb698723e95becd9df6a768be4872323900a934c781939b2c12aaa19f76cd9b78e8241689d682f5baa680ee84f56de58f3526dcfc16af114f4a19da77f19c9806db81127b113ad431869a9624f6d51e206274f33d8053aa79845a965661ae3122e4f2bdf3e37897e632fd08e272df2231ffe2bd98b9256e2ecadf9fd858ecc05abd089a2f00ce09019a3a95c2add0b500932c4b0f7b7e2a9d311af6e16f6c921bb86b2a3dc5e4f27341f2496e9bf7621f3f5178253fa89f9e1945f5a1742ecba6474177aba810193e00644393aebbccc667dc59a23b46ce056452fa296ff4f662d9af8afe01e7ff67064633ed7b1425bbd201e6c852c6b62815c5b9af6e7f9a2b0543a3aae35e284248e5c7cb6ead1eba1e1599b92ad6153c35e45053f077d94384f6261a526714019af47f0b3790276c2c575e8b8f60d5f52134deb299125e20bf3873b308f21395c4087d84866d2fbe72cccd0ddfdbc55f4e829dea4a883d43a21e117b3303a0cdbd646d92a5f2caa42794b7ba1ac3daf582ad0994a578302ba09dfe088bebab741c1f69b425e1b02215aca216427aae1e2b70029720c5f59886a4856f783c423f536dac50d97210935290c0a59d4a5106cc2c75fc7c8a06fc463e986b2a77590a93aeb3b81003fd720048ade01050bc1e902d686276f220625e03bbc1543ec1d4a0ed357406f3311c97ba0c1516cc97237e3b318c9133dc2b0f13a55d7630cdd081c946a1b56328a7f9d20ac1aea74a7f30331e43226d508fe2e20234d4137a0c53e2f6a1a9b895b105d85955409c72f03249449d522e92d31eed2c95ff4a47f67331e1c0df263c7353da4b6839163831aa546724f4c82ae656e40b63ccad79bb07b641e55c7cc23eecd7e5920ece30b2775f03e360406ab2c83e1d8d3c0f7d80767132fe028b0766517d9914b79d3bf58ef7975b51bee88ca32828b35116ab34b9c294f96c3fe6570d7ae105c322b5c79ae9c30dfe0b95f5861083a31e34318304d50ee8dc9fbb06df03d7529098a624e933860ca5d15ebb7a9b77adaf1952565826ef16332cf3b38eaa13363f7edcf2ee97cea4e0980ee988c2f8d2f90940d915c8a9cd83f4531c7c8739e50516cfe615766bbbcf81096fe9707eb3d2c7e54ae373c7ccffef34b86c3b843e7ba319de5e4e0b65969f1a6e6090d65b3d400478376536c0b277e965d404b67e5bb5725cbc2de14f40795242b6f6842ec7615980177120d5d1128349fbf09e363ae1eaaea0570a315d36c0473412f238fa23d0caa7f76b3a7487ac970927caacee11059eb55523cb1060acc79ec431a206cb3300fe0c7b1ec8807c5a587135088f1676fab656acdf82aa8289761ff5140963f0732c087b6800c8afbd893dca9e67f829b3310d6ab4600dca5ca4dd0b633e3b0dc34353e7aced55f373671cb1ba275d387ec65bbd10db28c57a5713198c7282be2f609be7a817f12c617a4868951d4b0f0c058bc426578af0995b15f3645c5f206294c92f7cbfcdf30ab896518e048ee676774cd63ebf1f5193bb27fdd87c3c77bacb93c21258c8bcb2296da5ec27d46382b469f1c7f48fa2f9787a622caf2886f42602cf96b368214b14c1b832d511e089b435b5434322a1652bfe247349b4ed3d9196f9b3eaf2e7c5208e6833d56c130213ec95bd68075aca8536bcc9f6360879d0971502f24dd4ffa1e92c6ab93ffddd5565306fe6f267d33f64d401b509d17db1f73c095c44e96f605cb104e3391568d22fecdba96b7a78fba6cb06aee4799f25630c6c3f67731bd93df2c30079319cbadbae386ad5e2979c90d002d1d392f2405b552a4fc27fd2f43919ddae284a581824a9e6b3ace6b271fdec87ca4ece13e21473a1c51390d09d326783fc02830a951bd5d44d1d896da5304401a856e53e9c6762096ab2d3e03dcf5e3c57592e66519a38a2ab67b2447421409ff567ad784a5d3675bb47ab1f80b25f67427e0f9b6a91be9e18bcd70abc93758afaba5bc4fd7b02b53278da0da1af3d9f1662924b8c9cfb905304614856f7e9a673d9e54b6749ac4734526c2fcf3bb4187f6992c4a6b1e6557b448f8bf52518f4cb12c0144f763b0282693b63c4de9a0fe2a0b871d4bb299a3f1c8c1d825394ab27b304bc5f3d6a60635502849fc653b918b3832ef4482e1dcdeb2f12df0ae0f98f337a30a835f976b9e7303a09d198601847ce4848ed3bd7d4d24bf5f1e94d23409f9c7661948da9af626970ef3b9b5380f40200214cc8d3ae906f35aea995a5bf0ac5c75d7dc7c32a4191f18a56ea6c5fe1d5ac9a59783e312f2c2bf4575bd1bf15888e0139424f94d7c82c8ddcb75dea0574b3040f848efface106357316bcc762e1a3659a0e7e6c0bc790a10d217919e131d310d4b9c1d5840b96359e88badb8e1c5edf4eaf545810b68bb5fbe4107bd65c99b45911a0d6d74be4a931676441055db8c775489abd9d8fa44cad58ed05ab9c744a04b97f2523cf6761e851e4c3d0de4908cd6f138d26e2acabeb866a183bb617a8f4fad267bd2088ba5c8f4af0202d54c5094b216aa1ebd0fc0c749a398d11d095d9a5e06920bb6f9fded34d69eac4804084f6971cbd42ac52a3ed315d55076ea64d7036142ada6517bb424a38f99427632db9073b22ac4873a06c961ff1a77fa30cb532980cd92d815a59bb40f1d31607ef83c700b10120640d340afa0a6ea1b2aa1ff6fc7a893929796382abb91957c777b04aa1907c7e389cf713bf4a6c77be3b6e5c9bf6796cc0e50fcacffe1fcd3b73de2473a865486593dbe0130af46ef918f15abb0b542badf59bda78294fa7f7ebcecce781f7cb960999aae350a1c84a8514605795a74b37c13852a8616f9af04cbaecf7ff3171179f886847561c6ae6035dc317ee6e38a39491fa44fd861e61553c2f24d3edf0c36f740eb482e4d306ac5ec765fa2ce1f5140040acf9a26046d0dc274aa5837f4d3aedb6ed225c983b691f36b4a8dbc400e64f14e5611267ab10aed38b17ae7a2b6a755bfdbc28896f924a86f36a348c53539afcca9a2150b59d826e1ac947e2ff19bb72020e391c0343c6589a4ca7f30ab23174a99680cf353f54cf5865ea7975c5cde376adb93aa38f4a5fda10c52a27ce42b71d8512caf486fe989d2ce703c3ab526eaca5aaba27b3b10f539fd359a0c1649bf59b99f5a73c6885318437e207655285dfeddc53b77b79ce78c9882c3facc5600cc4f306625803816c1e254859593a5134d934806eaa0d8f700296660f9f5964f664b5fcb89557b6d3ce79243487a50cd1a0973b7772f512066fb896212bd4b614123bac494f461c64f59f798f4e0206eb496dec65004f014b190ce5689f1eb186cc6b6466ab7cac5d975586b0875168509b78bb5ca6e31590aca069d6bbb5657b2b10ed93bbb3b528de3a3198c7eed389db6ab6295b7dec8ed639e6c0d267255cc78e79a1fadae316dcf9f996f7e38ecab104261da57668f933cb0234b70f05dd0bd41d685d978681865938cb946461a8c504b5d6a9b997a5765a695e1c66925f80bbb2a9ab7bb2c155c03867d4cb5ea5633c4ca0c7326400bbbe615b6be7fe3ff944a4cb68c51b5ef447c0c837c084ab793bb242d1b59f77e58ae52e68240a5053a76ff34cce8037d64bfbf9eb806c6eead2af14aaef13c128f9271acf611e3620488e26463edc94fe3b4f9fbbd5b706b5db86315eaf9db10b41d73bc7a1aa675be35e381fec47007c8a2484f0076507a3365168c46e949a", 0x1, 0x8}, 0x2}, 0x4a179509, 0x82) read$auto(r4, 0x0, 0x20) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000140)={0x18, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) r5 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r5, 0x402, 0x8000007fffffdf) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) userfaultfd$auto(0x816) mlockall$auto(0x7) mprotect$auto(0x0, 0x8000000000000001, 0x6) clone3$auto(0x0, 0x40) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0xffc, 0x100000004, 0x100000002, 0x0, 0x7ff, 0x5) setuid$auto(0xe) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r6, @new_prog_fd=0x4, 0x4, @old_map_fd=r7}, 0xa3) 8.773924461s ago: executing program 2 (id=2213): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/hugepages/hugepages-1048576kB/free_hugepages\x00', 0x88000, 0x0) read$auto(r0, 0x0, 0x20) sendmsg$auto_NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, 0x0, 0x24008804) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x734f, 0x36, 0x67f, 0x1ffde, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x6, 0x40080, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x7}, 0x1fe, 0xd) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000380)='ns/user\x00') sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) (async) sysfs$auto(0xfffffffe, 0x60000, 0x0) (async) execveat$auto(r1, &(0x7f0000000780)='./file0\x00', &(0x7f0000000800)=&(0x7f00000007c0)='\x00', &(0x7f0000000880)=&(0x7f0000000840)='^\x00', 0x39) (async) keyctl$auto(0x1d, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) (async) r2 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r2) (async) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async) r3 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x0) (async) chmod$auto(&(0x7f00000000c0)='./file0\x00', 0xf4ba) (async) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r4 = socket(0x24, 0x5, 0x8) (async) socket(0x2, 0x1, 0x84) r5 = semctl$auto_GETPID(0xfffffffe, 0xb50, 0xb, 0x1) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000640)={{@inferred=r5, 0xff, 0x8001, 0x0, "3310baf79c920572436ca10fbb5c0d48b69160c4b68864272beb15530b1a2ee63629f1fa4901741863b6b7b5", @raw=0x3}, 0x0, 0x2, 0x10001, @inferred=r5, @integer64={0x2, 0x101, 0x7}, "49960e978e5361f1a4e40824cb0bc81ef78e78060487e147a662029651106c797a4fdd8a9e98bb80ca78d60b252c33e967f32c284d53f496b329606d0b0f36c4"}) (async) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/queues/rx-8/rps_flow_cnt\x00', 0xa001, 0x0) write$auto(r6, &(0x7f0000000040)='\xff\x9b\xc6\xae\x00\x00\x00\x00\x00\x00\x00\x00\xc7k', 0x4081) r7 = socket$nl_generic(0x10, 0x3, 0x10) (async) r8 = getpgid(0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r7, &(0x7f0000000600)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000005c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="8c01000010179dc4558e2a953d14187857da73c00b2b376090e5082166f8b8fa02c1a3696fd7eb638faf521aec90da4509f2", @ANYRES16=0x0, @ANYBLOB="10002bbd7000ffdbdf2502000000c1000180b95b27ab0e1a92fa240ca7330fdc4dbda84a0e975b7ac380580ac904de4d1a506b35b59190f0da2280616f223fec02c08a4145bb8d9583758a352d827a6dbd3604abdf4b467069c39c01d8e2ae6b0b29b5e01c63ecea4172763899f346cac15caf5ae5842df27de83ae50d2da951c7afd322637b65c90232b53cc492951bf0649e5346cf437dcbc9da2d787faaf8f72a618f34e99d0c2d42fd994c59faf267f26415b456264c839d50eb43c3472862e0d2b2a346b10800cc00", @ANYRES32=r1, @ANYBLOB="000000a500018014001e00fc00000000000000000000000000000007004700245b000005e6a4f9ff71a91c6ed983dd13496622c2b482cb6858bfe05b100269bba8416c732d2e7d55e4869d59e07de23db426d6ac59195723e2b7f30505c02929228bb7d53affe2324e9a612819d2422e8444de646980dd332bb5e289510dffbf64940e1b41bb5eba7849eb2c9e813d4647679b2d348c1f69e22af0da9db48bc30800bc000a0101020000000c00018008009200", @ANYRES32=r8, @ANYBLOB], 0x18c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) bind$auto(r4, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x6a) 7.375376096s ago: executing program 5 (id=2215): mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'veth1_to_hsr\x00', 0x0}) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r0, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)={0x24, r1, 0x23, 0x70bd27, 0x25dfdbfc, {}, [@MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x88000}, 0x48804) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/nfs/net/nfs_client/identifier\x00', 0x400, 0x0) open(0x0, 0x22240, 0x154) close_range$auto(0x2, 0x8, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/set_event\x00', 0x30000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd39, 0xfff, 0x948b, 0x8, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x1, 0x7fffffff, 0x4, 0x6d3f, 0x9, 0x2, 0xffffffffffffffff]}, 0x0) ioctl$auto_EXT4_IOC_SETVERSION_OLD(r4, 0x40087602, &(0x7f0000000180)="7450e3148697718f4bd07b96f5f659d4e1bf2575999aadc85d7de3c8135a3160c3c1de0fbeffc65dfcfa4755d59cec2960e80c9a372cdc5227739322dd4140cb47aa116db689584f136b083bdbc1027eb42de44f4d57b1c546ac37bf665f7447c2c07b034676745d30a71ad617c02851d15e62b9a088b53603a041d076fb3ad5d4a23a800a5e6908534d99e1eb83d83fcaaa8e5ffc14bd9ef56e3699ce04fd5a179fbf7b4d757460f72aa9b4f4d0b85bd28815e3b5e313f1a40c45283c47af6825d33306900f3fbd25d259715e3c4a18efe1fa7efd05bbd636da397debdea51c36ea8f3c9c041ceee2a29921f4a5dd0e0784dffe") write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da07, 0x80000003, 0x3, 0x62, 0x8000001f, 0x2007, 0x6d3e, 0x9, 0x10000000002, 0x6]}, 0x0) 6.42504276s ago: executing program 2 (id=2216): mmap$auto(0xfffffffffffffffd, 0xc37, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TIOCGWINSZ2(r0, 0x5413, &(0x7f0000000000)) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x21, 0x1, 0x5d0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) userfaultfd$auto(0x3) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socketpair$auto(0x1, 0x1, 0x1, 0x0) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) r2 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=r1, 0x4, @old_prog_fd=r2}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000140)) r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) r5 = socket(0x10, 0x2, 0xf) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="feff2dbd7000ffdbdfc40674a9dc1d7fcfc3ada5ff66a1ba14063244f52502000000"], 0x14}, 0x1, 0x0, 0x0, 0x40000021}, 0x8004) acct$auto(&(0x7f0000000040)='/dev/mtd0\x00') 6.196243603s ago: executing program 2 (id=2217): syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) socket$nl_generic(0x11, 0x3, 0x10) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dri/card1\x00', 0x6082, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7) prctl$auto(0x3e, 0xfffffffffffffff8, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) mq_open$auto(0x0, 0x5, 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0) sched_get_priority_min$auto(0x40) socket(0x2, 0xa, 0x0) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) ppoll$auto(&(0x7f0000000200)={r0, 0x6, 0x6}, 0x8, 0x0, 0x0, 0x8) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.958995154s ago: executing program 5 (id=2218): openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x18080, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) socket(0x2, 0x1, 0x106) ioctl$auto(0x3, 0x8901, 0x38) getpid() r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0xad00, 0x0) symlink$auto(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0\x00') readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) ppoll$auto(0x0, 0x2, 0x0, 0x0, 0x8) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) 3.951396393s ago: executing program 5 (id=2219): r0 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r0, 0x0, 0x8fb5) dup2$auto(0x0, 0x3) ioctl$auto(0x3, 0x5760, 0xfffffffffffff4e0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000240)={0x0, 0x7}, 0x3) sendfile$auto(r1, r1, &(0x7f0000000080)=0x400, 0x3ff) write$auto(0xffffffffffffffff, 0x0, 0x3) r4 = mq_open$auto(&(0x7f00000000c0)='\x12\xe6D\b\x9e\x00\x80\x8d\f\xb9w-\xbd!\x9eb\xed\xfb\x0f\xe5\x9dZ\xc2\xd1\x01wBV\x91\x8f_\xc0.\x84\xfe\x84\xd1se\x01\x06\x00\xb3\x13_Y&\xa9\x88\xe4\xa2\xb0V\x85\x92<\xb6\xdcT \\\xf2\v\xb1\xe2\xd8\xfa\xd8V\xe5\x00\xfa\xe9!\xc5<\xce\x18=\x06\xdagq\xb5\r\t\xb2\xde\x99\xd50\xbb\x192\x1c4\x86\xc0\xc1-\xd5\x10\xc3\xfc*[8\x89h\xc5\xba\xff\xc8u5 [ 966.857998][T15334] dump_stack_lvl+0x16c/0x1f0 [ 966.858079][T15334] should_fail_ex+0x512/0x640 [ 966.858129][T15334] ? __kvmalloc_node_noprof+0x122/0x600 [ 966.858169][T15334] should_failslab+0xc2/0x120 [ 966.858210][T15334] __kvmalloc_node_noprof+0x135/0x600 [ 966.858245][T15334] ? apparmor_file_open+0x1a1/0x9c0 [ 966.858289][T15334] ? single_open_size+0x4e/0x160 [ 966.858341][T15334] ? __pfx_show_stat+0x10/0x10 [ 966.858391][T15334] ? single_open_size+0x4e/0x160 [ 966.858436][T15334] single_open_size+0x4e/0x160 [ 966.858481][T15334] ? __pfx_stat_open+0x10/0x10 [ 966.858532][T15334] proc_reg_open+0x119/0x610 [ 966.858568][T15334] do_dentry_open+0x741/0x1c10 [ 966.858603][T15334] ? __pfx_proc_reg_open+0x10/0x10 [ 966.858644][T15334] vfs_open+0x82/0x3f0 [ 966.858692][T15334] path_openat+0x1e5e/0x2d40 [ 966.858740][T15334] ? __pfx_path_openat+0x10/0x10 [ 966.858781][T15334] do_filp_open+0x20b/0x470 [ 966.858814][T15334] ? __pfx_do_filp_open+0x10/0x10 [ 966.858877][T15334] ? alloc_fd+0x471/0x7d0 [ 966.858918][T15334] do_sys_openat2+0x11b/0x1d0 [ 966.858963][T15334] ? __pfx_do_sys_openat2+0x10/0x10 [ 966.859013][T15334] ? __fget_files+0x20e/0x3c0 [ 966.859050][T15334] __x64_sys_openat+0x174/0x210 [ 966.859104][T15334] ? __pfx___x64_sys_openat+0x10/0x10 [ 966.859148][T15334] ? ksys_write+0x1b9/0x240 [ 966.859180][T15334] ? rcu_is_watching+0x12/0xc0 [ 966.859223][T15334] do_syscall_64+0xcd/0x230 [ 966.859278][T15334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 966.859310][T15334] RIP: 0033:0x7fe3ff58e969 [ 966.859337][T15334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 966.859368][T15334] RSP: 002b:00007fe400383038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 966.859400][T15334] RAX: ffffffffffffffda RBX: 00007fe3ff7b6160 RCX: 00007fe3ff58e969 [ 966.859420][T15334] RDX: 0000000000000040 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 966.859440][T15334] RBP: 00007fe400383090 R08: 0000000000000000 R09: 0000000000000000 [ 966.859459][T15334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 966.859479][T15334] R13: 0000000000000000 R14: 00007fe3ff7b6160 R15: 00007fff14e3df58 [ 966.859520][T15334] syzkaller syzkaller login: [ 968.998032][T15355] FAULT_INJECTION: forcing a failure. [ 968.998032][T15355] name failslab, interval 1, probability 0, space 0, times 0 [ 968.998137][T15355] CPU: 1 UID: 0 PID: 15355 Comm: syz.5.2054 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 968.998183][T15355] Tainted: [U]=USER [ 968.998194][T15355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 968.998213][T15355] Call Trace: [ 968.998224][T15355] [ 968.998236][T15355] dump_stack_lvl+0x16c/0x1f0 [ 968.998288][T15355] should_fail_ex+0x512/0x640 [ 968.998336][T15355] should_failslab+0xc2/0x120 [ 968.998369][T15355] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 968.998399][T15355] ? skb_clone+0x190/0x3f0 [ 968.998435][T15355] skb_clone+0x190/0x3f0 [ 968.998468][T15355] netlink_deliver_tap+0xabd/0xd30 [ 968.998501][T15355] ? __pfx_rtnl_dump_ifinfo+0x10/0x10 [ 968.998541][T15355] netlink_dump+0x638/0xd00 [ 968.998577][T15355] ? __pfx_netlink_dump+0x10/0x10 [ 968.998620][T15355] ? kfree_skbmem+0x1a4/0x1f0 [ 968.998649][T15355] ? kfree_skbmem+0x1a4/0x1f0 [ 968.998674][T15355] netlink_recvmsg+0xa15/0xf20 [ 968.998708][T15355] ? __pfx_netlink_recvmsg+0x10/0x10 [ 968.998738][T15355] ? aa_sk_perm+0x2f4/0xb10 [ 968.998770][T15355] ? __lock_acquire+0xaa4/0x1ba0 [ 968.998804][T15355] ? __pfx_aa_sk_perm+0x10/0x10 [ 968.998831][T15355] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 968.998936][T15355] sock_recvmsg+0x1f6/0x250 [ 968.998988][T15355] ____sys_recvmsg+0x218/0x6b0 [ 968.999034][T15355] ? __pfx_____sys_recvmsg+0x10/0x10 [ 968.999087][T15355] ? __lock_acquire+0x5ca/0x1ba0 [ 968.999127][T15355] ___sys_recvmsg+0x114/0x1a0 [ 968.999167][T15355] ? __pfx____sys_recvmsg+0x10/0x10 [ 968.999204][T15355] ? find_held_lock+0x2b/0x80 [ 968.999249][T15355] do_recvmmsg+0x2fe/0x740 [ 968.999288][T15355] ? __pfx_do_recvmmsg+0x10/0x10 [ 968.999326][T15355] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 968.999379][T15355] ? __fget_files+0x20e/0x3c0 [ 968.999411][T15355] __x64_sys_recvmmsg+0x22a/0x280 [ 968.999448][T15355] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 968.999492][T15355] do_syscall_64+0xcd/0x230 [ 968.999534][T15355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 968.999563][T15355] RIP: 0033:0x7fe3ff58e969 [ 968.999587][T15355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 968.999611][T15355] RSP: 002b:00007fe4003a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 968.999636][T15355] RAX: ffffffffffffffda RBX: 00007fe3ff7b6080 RCX: 00007fe3ff58e969 [ 968.999652][T15355] RDX: 000000000000010a RSI: 0000200000000140 RDI: 0000000000000004 [ 968.999669][T15355] RBP: 00007fe4003a4090 R08: 0000000000000000 R09: 0000000000000000 [ 968.999685][T15355] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 968.999700][T15355] R13: 0000000000000001 R14: 00007fe3ff7b6080 R15: 00007fff14e3df58 [ 968.999735][T15355] [ 969.298477][T15357] FAULT_INJECTION: forcing a failure. [ 969.298477][T15357] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 969.298532][T15357] CPU: 0 UID: 0 PID: 15357 Comm: syz.5.2055 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 969.298582][T15357] Tainted: [U]=USER [ 969.298594][T15357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 969.298613][T15357] Call Trace: [ 969.298623][T15357] [ 969.298634][T15357] dump_stack_lvl+0x16c/0x1f0 [ 969.298687][T15357] should_fail_ex+0x512/0x640 [ 969.298736][T15357] should_fail_alloc_page+0xe7/0x130 [ 969.298777][T15357] prepare_alloc_pages+0x3c2/0x610 [ 969.298825][T15357] ? rcu_is_watching+0x12/0xc0 [ 969.298863][T15357] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 969.298912][T15357] ? kasan_save_stack+0x42/0x60 [ 969.298950][T15357] ? kasan_save_stack+0x33/0x60 [ 969.298994][T15357] ? cgroup_rstat_updated+0x2a/0xb20 [ 969.299059][T15357] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 969.299208][T15357] ? __lock_acquire+0x5ca/0x1ba0 [ 969.299261][T15357] ? __lock_acquire+0x5ca/0x1ba0 [ 969.299380][T15357] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 969.299439][T15357] ? policy_nodemask+0xea/0x4e0 [ 969.299490][T15357] alloc_pages_mpol+0x1fb/0x550 [ 969.299540][T15357] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 969.299588][T15357] ? __lock_acquire+0x5ca/0x1ba0 [ 969.299655][T15357] folio_alloc_mpol_noprof+0x36/0x2f0 [ 969.299724][T15357] vma_alloc_folio_noprof+0xed/0x1e0 [ 969.299773][T15357] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 969.299837][T15357] do_pte_missing+0x223d/0x3fb0 [ 969.299950][T15357] __handle_mm_fault+0x103d/0x2a40 [ 969.299996][T15357] ? __pfx___handle_mm_fault+0x10/0x10 [ 969.300029][T15357] ? __pte_offset_map_lock+0x155/0x2f0 [ 969.300076][T15357] ? find_held_lock+0x2b/0x80 [ 969.300104][T15357] ? find_held_lock+0x2b/0x80 [ 969.300217][T15357] handle_mm_fault+0x3fe/0xad0 [ 969.300274][T15357] __get_user_pages+0x771/0x36f0 [ 969.300345][T15357] ? __pfx_mt_find+0x10/0x10 [ 969.300378][T15357] ? __pfx___get_user_pages+0x10/0x10 [ 969.300448][T15357] populate_vma_page_range+0x278/0x3a0 [ 969.300487][T15357] ? __pfx_populate_vma_page_range+0x10/0x10 [ 969.300518][T15357] ? __pfx_find_vma_intersection+0x10/0x10 [ 969.300568][T15357] ? do_mmap+0x69c/0x11b0 [ 969.300633][T15357] __mm_populate+0x1d8/0x380 [ 969.300667][T15357] ? __pfx___mm_populate+0x10/0x10 [ 969.300703][T15357] ? up_write+0x1b2/0x520 [ 969.300755][T15357] vm_mmap_pgoff+0x362/0x450 [ 969.300806][T15357] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 969.300872][T15357] ? native_tss_update_io_bitmap+0x3ca/0x720 [ 969.300908][T15357] ? __x64_sys_futex+0x1e9/0x4c0 [ 969.300951][T15357] ksys_mmap_pgoff+0x7d/0x5c0 [ 969.300998][T15357] ? rcu_is_watching+0x12/0xc0 [ 969.301031][T15357] __x64_sys_mmap+0x125/0x190 [ 969.301064][T15357] do_syscall_64+0xcd/0x230 [ 969.301113][T15357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 969.301155][T15357] RIP: 0033:0x7fe3ff58e969 [ 969.301186][T15357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 969.301221][T15357] RSP: 002b:00007fe4003c5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 969.301251][T15357] RAX: ffffffffffffffda RBX: 00007fe3ff7b5fa0 RCX: 00007fe3ff58e969 [ 969.301272][T15357] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 969.301291][T15357] RBP: 00007fe3ff610ab1 R08: ffffffffffffffff R09: 0000000000000000 [ 969.301310][T15357] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 969.301328][T15357] R13: 0000000000000000 R14: 00007fe3ff7b5fa0 R15: 00007fff14e3df58 [ 969.301367][T15357] [ 969.692951][T15360] netlink: 'syz.5.2055': attribute type 11 has an invalid length. [ 969.693019][T15360] netlink: 'syz.5.2055': attribute type 11 has an invalid length. [ 969.693043][T15360] netlink: 'syz.5.2055': attribute type 11 has an invalid length. [ 969.693122][T15360] netlink: 'syz.5.2055': attribute type 11 has an invalid length. [ 969.693150][T15360] netlink: 'syz.5.2055': attribute type 11 has an invalid length. [ 971.833183][T15367] FAULT_INJECTION: forcing a failure. [ 971.833183][T15367] name failslab, interval 1, probability 0, space 0, times 0 [ 971.833240][T15367] CPU: 0 UID: 0 PID: 15367 Comm: syz.2.2057 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 971.833286][T15367] Tainted: [U]=USER [ 971.833297][T15367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 971.833316][T15367] Call Trace: [ 971.833327][T15367] [ 971.833340][T15367] dump_stack_lvl+0x16c/0x1f0 [ 971.833390][T15367] should_fail_ex+0x512/0x640 [ 971.833435][T15367] ? fs_reclaim_acquire+0xae/0x150 [ 971.833487][T15367] ? tomoyo_encode2+0x100/0x3e0 [ 971.833537][T15367] should_failslab+0xc2/0x120 [ 971.833578][T15367] __kmalloc_noprof+0xd2/0x510 [ 971.833626][T15367] tomoyo_encode2+0x100/0x3e0 [ 971.833677][T15367] tomoyo_encode+0x29/0x50 [ 971.833723][T15367] tomoyo_realpath_from_path+0x18f/0x6e0 [ 971.833775][T15367] ? tomoyo_profile+0x47/0x60 [ 971.833811][T15367] tomoyo_path_number_perm+0x245/0x580 [ 971.833852][T15367] ? tomoyo_path_number_perm+0x237/0x580 [ 971.833905][T15367] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 971.833950][T15367] ? find_held_lock+0x2b/0x80 [ 971.834021][T15367] ? find_held_lock+0x2b/0x80 [ 971.834052][T15367] ? hook_file_ioctl_common+0x145/0x410 [ 971.834101][T15367] ? __fget_files+0x20e/0x3c0 [ 971.834139][T15367] security_file_ioctl+0x9b/0x240 [ 971.834184][T15367] __x64_sys_ioctl+0xb7/0x200 [ 971.834231][T15367] do_syscall_64+0xcd/0x230 [ 971.834283][T15367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.834314][T15367] RIP: 0033:0x7fe04518e969 [ 971.834341][T15367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 971.834373][T15367] RSP: 002b:00007fe046055038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 971.834404][T15367] RAX: ffffffffffffffda RBX: 00007fe0453b6080 RCX: 00007fe04518e969 [ 971.834426][T15367] RDX: 0000000000000000 RSI: 000000004008ae90 RDI: 0000000000000004 [ 971.834445][T15367] RBP: 00007fe046055090 R08: 0000000000000000 R09: 0000000000000000 [ 971.834464][T15367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 971.834484][T15367] R13: 0000000000000000 R14: 00007fe0453b6080 R15: 00007ffe0ca32a68 [ 971.834526][T15367] [ 971.846449][T15367] ERROR: Out of memory at tomoyo_realpath_from_path. [ 974.343029][T15386] [U]  [ 974.346263][T15386] [U] [ 974.348985][T15386] [U] [ 974.351791][T15386] [U] [ 974.363502][T15386] [U] [ 974.366318][T15386] [U] [ 974.369094][T15386] [U] [ 974.371864][T15386] [U] [ 974.376032][T15386] [U] [ 974.377701][T15389] program syz.4.2061 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 974.378799][T15386] [U] [ 974.391014][T15386] [U] [ 974.393798][T15386] [U] [ 974.405251][T15386] [U] [ 974.408065][T15386] [U] [ 974.410836][T15386] [U] [ 974.413604][T15386] [U] [ 974.417421][T15386] [U] [ 974.420183][T15386] [U] [ 974.422923][T15386] [U] [ 974.425701][T15386] [U] [ 974.445134][T15386] [U] [ 974.447942][T15386] [U] [ 974.450688][T15386] [U] [ 974.453540][T15386] [U] [ 974.486905][T15387] [U] [ 975.308003][T15398] FAULT_INJECTION: forcing a failure. [ 975.308003][T15398] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 975.356192][T15398] CPU: 1 UID: 0 PID: 15398 Comm: syz.5.2064 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 975.356247][T15398] Tainted: [U]=USER [ 975.356258][T15398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 975.356278][T15398] Call Trace: [ 975.356288][T15398] [ 975.356301][T15398] dump_stack_lvl+0x16c/0x1f0 [ 975.356353][T15398] should_fail_ex+0x512/0x640 [ 975.356417][T15398] _copy_from_user+0x2e/0xd0 [ 975.356450][T15398] copy_msghdr_from_user+0x98/0x160 [ 975.356491][T15398] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 975.356539][T15398] ? kfree+0x252/0x4d0 [ 975.356566][T15398] ? __lock_acquire+0x5ca/0x1ba0 [ 975.356618][T15398] ___sys_recvmsg+0xdb/0x1a0 [ 975.356658][T15398] ? __pfx____sys_recvmsg+0x10/0x10 [ 975.356722][T15398] ? __pfx___might_resched+0x10/0x10 [ 975.356769][T15398] do_recvmmsg+0x2fe/0x740 [ 975.356816][T15398] ? __pfx_do_recvmmsg+0x10/0x10 [ 975.356866][T15398] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 975.356928][T15398] ? __fget_files+0x20e/0x3c0 [ 975.356969][T15398] __x64_sys_recvmmsg+0x22a/0x280 [ 975.357015][T15398] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 975.357057][T15398] ? rcu_is_watching+0x12/0xc0 [ 975.357101][T15398] do_syscall_64+0xcd/0x230 [ 975.357152][T15398] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 975.357185][T15398] RIP: 0033:0x7fe3ff58e969 [ 975.357211][T15398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 975.357244][T15398] RSP: 002b:00007fe4003c5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 975.357275][T15398] RAX: ffffffffffffffda RBX: 00007fe3ff7b5fa0 RCX: 00007fe3ff58e969 [ 975.357298][T15398] RDX: 000000000000010a RSI: 0000200000000140 RDI: 0000000000000004 [ 975.357337][T15398] RBP: 00007fe4003c5090 R08: 0000000000000000 R09: 0000000000000000 [ 975.357356][T15398] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 975.357376][T15398] R13: 0000000000000000 R14: 00007fe3ff7b5fa0 R15: 00007fff14e3df58 [ 975.357430][T15398] [ 976.955449][T15418] FAULT_INJECTION: forcing a failure. [ 976.955449][T15418] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 977.004918][T15418] CPU: 1 UID: 0 PID: 15418 Comm: syz.0.2068 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 977.004960][T15418] Tainted: [U]=USER [ 977.004969][T15418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 977.004984][T15418] Call Trace: [ 977.004992][T15418] [ 977.005002][T15418] dump_stack_lvl+0x16c/0x1f0 [ 977.005043][T15418] should_fail_ex+0x512/0x640 [ 977.005085][T15418] _copy_from_user+0x2e/0xd0 [ 977.005109][T15418] load_msg+0x19e/0x4a0 [ 977.005153][T15418] do_mq_timedsend+0x3d7/0xc40 [ 977.005183][T15418] ? __pfx_do_mq_timedsend+0x10/0x10 [ 977.005209][T15418] ? do_futex+0x122/0x350 [ 977.005258][T15418] ? __x64_sys_futex+0x1e0/0x4c0 [ 977.005290][T15418] __x64_sys_mq_timedsend+0x1cd/0x260 [ 977.005321][T15418] ? __pfx___x64_sys_mq_timedsend+0x10/0x10 [ 977.005349][T15418] ? rcu_is_watching+0x12/0xc0 [ 977.005382][T15418] do_syscall_64+0xcd/0x230 [ 977.005423][T15418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.005449][T15418] RIP: 0033:0x7f09a418e969 [ 977.005469][T15418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 977.005494][T15418] RSP: 002b:00007f09a506a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2 [ 977.005517][T15418] RAX: ffffffffffffffda RBX: 00007f09a43b6160 RCX: 00007f09a418e969 [ 977.005534][T15418] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000006 [ 977.005550][T15418] RBP: 00007f09a4210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 977.005565][T15418] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 977.005580][T15418] R13: 0000000000000000 R14: 00007f09a43b6160 R15: 00007ffd8473f498 [ 977.005611][T15418] [ 977.188075][ C1] vkms_vblank_simulate: vblank timer overrun [ 978.351844][T15421] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2070'. [ 979.224959][T15438] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2074'. [ 980.210228][T15448] FAULT_INJECTION: forcing a failure. [ 980.210228][T15448] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 980.455854][T15448] CPU: 0 UID: 0 PID: 15448 Comm: syz.2.2076 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 980.455906][T15448] Tainted: [U]=USER [ 980.455917][T15448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 980.455936][T15448] Call Trace: [ 980.455948][T15448] [ 980.455960][T15448] dump_stack_lvl+0x16c/0x1f0 [ 980.456015][T15448] should_fail_ex+0x512/0x640 [ 980.456070][T15448] _copy_from_user+0x2e/0xd0 [ 980.456103][T15448] kvm_arch_vcpu_ioctl+0x270d/0x4f00 [ 980.456152][T15448] ? stack_trace_save+0x8e/0xc0 [ 980.456199][T15448] ? stack_depot_save_flags+0x28/0xa50 [ 980.456248][T15448] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 980.456288][T15448] ? __lock_acquire+0xaa4/0x1ba0 [ 980.456336][T15448] ? kasan_save_stack+0x42/0x60 [ 980.456369][T15448] ? kasan_save_stack+0x33/0x60 [ 980.456402][T15448] ? kasan_save_track+0x14/0x30 [ 980.456435][T15448] ? kasan_save_free_info+0x3b/0x60 [ 980.456481][T15448] ? __kasan_slab_free+0x51/0x70 [ 980.456515][T15448] ? kfree+0x2b6/0x4d0 [ 980.456540][T15448] ? tomoyo_path_number_perm+0x470/0x580 [ 980.456580][T15448] ? security_file_ioctl+0x9b/0x240 [ 980.456620][T15448] ? __x64_sys_ioctl+0xb7/0x200 [ 980.456668][T15448] ? __lock_acquire+0xaa4/0x1ba0 [ 980.456727][T15448] ? __mutex_trylock_common+0xe9/0x250 [ 980.456774][T15448] ? __pfx___mutex_trylock_common+0x10/0x10 [ 980.456823][T15448] ? __pfx___might_resched+0x10/0x10 [ 980.456862][T15448] ? rcu_is_watching+0x12/0xc0 [ 980.456914][T15448] ? trace_contention_end+0xdd/0x130 [ 980.456960][T15448] ? __mutex_lock+0x1ca/0xb90 [ 980.457013][T15448] ? kvm_vcpu_ioctl+0x27e/0x1680 [ 980.457063][T15448] ? __pfx___mutex_lock+0x10/0x10 [ 980.457130][T15448] ? tomoyo_path_number_perm+0x18d/0x580 [ 980.457185][T15448] ? kvm_vcpu_ioctl+0x1232/0x1680 [ 980.457230][T15448] kvm_vcpu_ioctl+0x1232/0x1680 [ 980.457283][T15448] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 980.457377][T15448] ? find_held_lock+0x2b/0x80 [ 980.457407][T15448] ? hook_file_ioctl_common+0x145/0x410 [ 980.457457][T15448] ? __fget_files+0x20e/0x3c0 [ 980.457494][T15448] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 980.457545][T15448] __x64_sys_ioctl+0x193/0x200 [ 980.457594][T15448] do_syscall_64+0xcd/0x230 [ 980.457649][T15448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 980.457682][T15448] RIP: 0033:0x7fe04518e969 [ 980.457708][T15448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 980.457741][T15448] RSP: 002b:00007fe046055038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 980.457772][T15448] RAX: ffffffffffffffda RBX: 00007fe0453b6080 RCX: 00007fe04518e969 [ 980.457794][T15448] RDX: 0000000000000000 RSI: 000000004008ae90 RDI: 0000000000000004 [ 980.457812][T15448] RBP: 00007fe046055090 R08: 0000000000000000 R09: 0000000000000000 [ 980.457832][T15448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 980.457851][T15448] R13: 0000000000000000 R14: 00007fe0453b6080 R15: 00007ffe0ca32a68 [ 980.457894][T15448] [ 981.205664][T15460] FAULT_INJECTION: forcing a failure. [ 981.205664][T15460] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 981.238284][T15460] CPU: 0 UID: 0 PID: 15460 Comm: syz.4.2078 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 981.238327][T15460] Tainted: [U]=USER [ 981.238336][T15460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 981.238352][T15460] Call Trace: [ 981.238360][T15460] [ 981.238370][T15460] dump_stack_lvl+0x16c/0x1f0 [ 981.238413][T15460] should_fail_ex+0x512/0x640 [ 981.238456][T15460] _copy_from_user+0x2e/0xd0 [ 981.238481][T15460] load_msg+0x19e/0x4a0 [ 981.238525][T15460] do_mq_timedsend+0x3d7/0xc40 [ 981.238555][T15460] ? __pfx_do_mq_timedsend+0x10/0x10 [ 981.238582][T15460] ? do_futex+0x122/0x350 [ 981.238621][T15460] ? __x64_sys_futex+0x1e0/0x4c0 [ 981.238652][T15460] __x64_sys_mq_timedsend+0x1cd/0x260 [ 981.238683][T15460] ? __pfx___x64_sys_mq_timedsend+0x10/0x10 [ 981.238711][T15460] ? rcu_is_watching+0x12/0xc0 [ 981.238743][T15460] do_syscall_64+0xcd/0x230 [ 981.238784][T15460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 981.238810][T15460] RIP: 0033:0x7f1eb358e969 [ 981.238830][T15460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 981.238855][T15460] RSP: 002b:00007f1eb4360038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2 [ 981.238879][T15460] RAX: ffffffffffffffda RBX: 00007f1eb37b6080 RCX: 00007f1eb358e969 [ 981.238904][T15460] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000006 [ 981.238920][T15460] RBP: 00007f1eb3610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 981.238935][T15460] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 981.238951][T15460] R13: 0000000000000000 R14: 00007f1eb37b6080 R15: 00007fff3f305538 [ 981.238982][T15460] [ 981.937089][T15468] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input31 [ 982.946524][T15486] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 983.367550][T15494] FAULT_INJECTION: forcing a failure. [ 983.367550][T15494] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 983.420498][T15497] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2086'. [ 983.466251][T15494] CPU: 0 UID: 0 PID: 15494 Comm: syz.0.2086 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 983.466302][T15494] Tainted: [U]=USER [ 983.466313][T15494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 983.466331][T15494] Call Trace: [ 983.466342][T15494] [ 983.466354][T15494] dump_stack_lvl+0x16c/0x1f0 [ 983.466408][T15494] should_fail_ex+0x512/0x640 [ 983.466462][T15494] _copy_from_iter+0x2a4/0x15b0 [ 983.466525][T15494] ? __pfx__copy_from_iter+0x10/0x10 [ 983.466579][T15494] ? rcu_is_watching+0x12/0xc0 [ 983.466610][T15494] ? trace_kmalloc+0x2b/0xd0 [ 983.466649][T15494] ? __kmalloc_noprof+0x242/0x510 [ 983.466705][T15494] kernfs_fop_write_iter+0x19a/0x510 [ 983.466751][T15494] vfs_write+0x5bd/0x1180 [ 983.466783][T15494] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 983.466829][T15494] ? __pfx___mutex_lock+0x10/0x10 [ 983.466880][T15494] ? __pfx_vfs_write+0x10/0x10 [ 983.466942][T15494] ksys_write+0x12a/0x240 [ 983.466973][T15494] ? __pfx_ksys_write+0x10/0x10 [ 983.467004][T15494] ? rcu_is_watching+0x12/0xc0 [ 983.467047][T15494] do_syscall_64+0xcd/0x230 [ 983.467097][T15494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 983.467130][T15494] RIP: 0033:0x7f09a418e969 [ 983.467158][T15494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 983.467190][T15494] RSP: 002b:00007f09a50ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 983.467221][T15494] RAX: ffffffffffffffda RBX: 00007f09a43b5fa0 RCX: 00007f09a418e969 [ 983.467242][T15494] RDX: 00000000000098c7 RSI: 0000200000000440 RDI: 0000000000000007 [ 983.467261][T15494] RBP: 00007f09a50ac090 R08: 0000000000000000 R09: 0000000000000000 [ 983.467281][T15494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 983.467299][T15494] R13: 0000000000000000 R14: 00007f09a43b5fa0 R15: 00007ffd8473f498 [ 983.467341][T15494] [ 985.046565][T15518] FAULT_INJECTION: forcing a failure. [ 985.046565][T15518] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 985.065192][T15518] CPU: 0 UID: 0 PID: 15518 Comm: syz.0.2090 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 985.065249][T15518] Tainted: [U]=USER [ 985.065261][T15518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 985.065279][T15518] Call Trace: [ 985.065290][T15518] [ 985.065303][T15518] dump_stack_lvl+0x16c/0x1f0 [ 985.065358][T15518] should_fail_ex+0x512/0x640 [ 985.065412][T15518] should_fail_alloc_page+0xe7/0x130 [ 985.065456][T15518] prepare_alloc_pages+0x3c2/0x610 [ 985.065512][T15518] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 985.065562][T15518] ? kvm_arch_vcpu_load+0x4bf/0xaa0 [ 985.065599][T15518] ? lock_acquire+0x179/0x350 [ 985.065640][T15518] ? find_held_lock+0x2b/0x80 [ 985.065676][T15518] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 985.065719][T15518] ? kvm_sched_in+0x9a/0xf0 [ 985.065765][T15518] ? finish_task_switch.isra.0+0x2fa/0xc10 [ 985.065810][T15518] ? __schedule+0x1186/0x5de0 [ 985.065851][T15518] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 985.065892][T15518] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 985.065937][T15518] ? policy_nodemask+0xea/0x4e0 [ 985.065981][T15518] alloc_pages_mpol+0x1fb/0x550 [ 985.066023][T15518] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 985.066074][T15518] alloc_pages_noprof+0x131/0x390 [ 985.066114][T15518] __pmd_alloc+0x3f/0x870 [ 985.066158][T15518] ? find_held_lock+0x2b/0x80 [ 985.066191][T15518] __handle_mm_fault+0x948/0x2a40 [ 985.066235][T15518] ? __pfx___handle_mm_fault+0x10/0x10 [ 985.066290][T15518] ? find_vma+0xbf/0x140 [ 985.066333][T15518] ? __pfx_find_vma+0x10/0x10 [ 985.066374][T15518] ? rep_movs_alternative+0x30/0x90 [ 985.066415][T15518] handle_mm_fault+0x3fe/0xad0 [ 985.066456][T15518] do_user_addr_fault+0x7a6/0x1370 [ 985.066493][T15518] ? rcu_is_watching+0x12/0xc0 [ 985.066524][T15518] exc_page_fault+0x5c/0xc0 [ 985.066568][T15518] asm_exc_page_fault+0x26/0x30 [ 985.066598][T15518] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 985.066636][T15518] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 985.066666][T15518] RSP: 0018:ffffc9000b7f7890 EFLAGS: 00050246 [ 985.066692][T15518] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000008 [ 985.066711][T15518] RDX: fffff520016fef3b RSI: 0000000000000000 RDI: ffffc9000b7f79d0 [ 985.066732][T15518] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff520016fef3a [ 985.066749][T15518] R10: ffffc9000b7f79d7 R11: 0000000000000000 R12: 0000000000000000 [ 985.066775][T15518] R13: ffffc9000b7f79d0 R14: 000000004008ae90 R15: 0000000000000000 [ 985.066816][T15518] _copy_from_user+0x98/0xd0 [ 985.066848][T15518] kvm_arch_vcpu_ioctl+0x270d/0x4f00 [ 985.066893][T15518] ? stack_trace_save+0x8e/0xc0 [ 985.066928][T15518] ? stack_depot_save_flags+0x28/0xa50 [ 985.066974][T15518] ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10 [ 985.067011][T15518] ? __lock_acquire+0xaa4/0x1ba0 [ 985.067055][T15518] ? kasan_save_stack+0x42/0x60 [ 985.067087][T15518] ? kasan_save_stack+0x33/0x60 [ 985.067119][T15518] ? kasan_save_track+0x14/0x30 [ 985.067153][T15518] ? kasan_save_free_info+0x3b/0x60 [ 985.067196][T15518] ? __kasan_slab_free+0x51/0x70 [ 985.067230][T15518] ? kfree+0x2b6/0x4d0 [ 985.067255][T15518] ? tomoyo_path_number_perm+0x470/0x580 [ 985.067295][T15518] ? security_file_ioctl+0x9b/0x240 [ 985.067334][T15518] ? __x64_sys_ioctl+0xb7/0x200 [ 985.067383][T15518] ? __lock_acquire+0xaa4/0x1ba0 [ 985.067441][T15518] ? __mutex_trylock_common+0xe9/0x250 [ 985.067488][T15518] ? __pfx___mutex_trylock_common+0x10/0x10 [ 985.067534][T15518] ? __pfx___might_resched+0x10/0x10 [ 985.067573][T15518] ? rcu_is_watching+0x12/0xc0 [ 985.067605][T15518] ? trace_contention_end+0xdd/0x130 [ 985.067651][T15518] ? __mutex_lock+0x1ca/0xb90 [ 985.067704][T15518] ? kvm_vcpu_ioctl+0x27e/0x1680 [ 985.067762][T15518] ? __pfx___mutex_lock+0x10/0x10 [ 985.067825][T15518] ? tomoyo_path_number_perm+0x18d/0x580 [ 985.067872][T15518] ? kvm_vcpu_ioctl+0x1232/0x1680 [ 985.067912][T15518] kvm_vcpu_ioctl+0x1232/0x1680 [ 985.067964][T15518] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 985.068043][T15518] ? find_held_lock+0x2b/0x80 [ 985.068076][T15518] ? hook_file_ioctl_common+0x145/0x410 [ 985.068126][T15518] ? __fget_files+0x20e/0x3c0 [ 985.068165][T15518] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 985.068215][T15518] __x64_sys_ioctl+0x193/0x200 [ 985.068266][T15518] do_syscall_64+0xcd/0x230 [ 985.068320][T15518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 985.068353][T15518] RIP: 0033:0x7f09a418e969 [ 985.068381][T15518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 985.068412][T15518] RSP: 002b:00007f09a508b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 985.068443][T15518] RAX: ffffffffffffffda RBX: 00007f09a43b6080 RCX: 00007f09a418e969 [ 985.068466][T15518] RDX: 0000000000000000 RSI: 000000004008ae90 RDI: 0000000000000004 [ 985.068487][T15518] RBP: 00007f09a508b090 R08: 0000000000000000 R09: 0000000000000000 [ 985.068507][T15518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 985.068527][T15518] R13: 0000000000000000 R14: 00007f09a43b6080 R15: 00007ffd8473f498 [ 985.068573][T15518] [ 990.066998][T15564] FAULT_INJECTION: forcing a failure. [ 990.066998][T15564] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 990.126991][T15564] CPU: 1 UID: 0 PID: 15564 Comm: syz.0.2102 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 990.127044][T15564] Tainted: [U]=USER [ 990.127066][T15564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 990.127084][T15564] Call Trace: [ 990.127096][T15564] [ 990.127108][T15564] dump_stack_lvl+0x16c/0x1f0 [ 990.127163][T15564] should_fail_ex+0x512/0x640 [ 990.127220][T15564] _copy_from_user+0x2e/0xd0 [ 990.127252][T15564] copy_msghdr_from_user+0x98/0x160 [ 990.127296][T15564] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 990.127344][T15564] ? kfree+0x252/0x4d0 [ 990.127373][T15564] ? __lock_acquire+0x5ca/0x1ba0 [ 990.127426][T15564] ___sys_recvmsg+0xdb/0x1a0 [ 990.127467][T15564] ? __pfx____sys_recvmsg+0x10/0x10 [ 990.127532][T15564] ? __pfx___might_resched+0x10/0x10 [ 990.127576][T15564] do_recvmmsg+0x2fe/0x740 [ 990.127624][T15564] ? __pfx_do_recvmmsg+0x10/0x10 [ 990.127674][T15564] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 990.127738][T15564] ? __fget_files+0x20e/0x3c0 [ 990.127779][T15564] __x64_sys_recvmmsg+0x22a/0x280 [ 990.127825][T15564] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 990.127865][T15564] ? rcu_is_watching+0x12/0xc0 [ 990.127908][T15564] do_syscall_64+0xcd/0x230 [ 990.127963][T15564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 990.127997][T15564] RIP: 0033:0x7f09a418e969 [ 990.128022][T15564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 990.128062][T15564] RSP: 002b:00007f09a50ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 990.128094][T15564] RAX: ffffffffffffffda RBX: 00007f09a43b5fa0 RCX: 00007f09a418e969 [ 990.128116][T15564] RDX: 000000000000010a RSI: 0000200000000140 RDI: 0000000000000004 [ 990.128136][T15564] RBP: 00007f09a50ac090 R08: 0000000000000000 R09: 0000000000000000 [ 990.128158][T15564] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002 [ 990.128178][T15564] R13: 0000000000000000 R14: 00007f09a43b5fa0 R15: 00007ffd8473f498 [ 990.128222][T15564] [ 990.817004][T15570] FAULT_INJECTION: forcing a failure. [ 990.817004][T15570] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 990.844844][T15570] CPU: 1 UID: 0 PID: 15570 Comm: syz.0.2104 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 990.844895][T15570] Tainted: [U]=USER [ 990.844906][T15570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 990.844924][T15570] Call Trace: [ 990.844934][T15570] [ 990.844946][T15570] dump_stack_lvl+0x16c/0x1f0 [ 990.844997][T15570] should_fail_ex+0x512/0x640 [ 990.845050][T15570] _copy_from_user+0x2e/0xd0 [ 990.845082][T15570] kstrtouint_from_user+0xd6/0x1d0 [ 990.845124][T15570] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 990.845163][T15570] ? __lock_acquire+0xaa4/0x1ba0 [ 990.845244][T15570] proc_fail_nth_write+0x83/0x250 [ 990.845293][T15570] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 990.845368][T15570] vfs_write+0x25c/0x1180 [ 990.845398][T15570] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 990.845454][T15570] ? __pfx___mutex_lock+0x10/0x10 [ 990.845503][T15570] ? __pfx_vfs_write+0x10/0x10 [ 990.845548][T15570] ? __fget_files+0x20e/0x3c0 [ 990.845591][T15570] ksys_write+0x12a/0x240 [ 990.845623][T15570] ? __pfx_ksys_write+0x10/0x10 [ 990.845652][T15570] ? rcu_is_watching+0x12/0xc0 [ 990.845695][T15570] do_syscall_64+0xcd/0x230 [ 990.845749][T15570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 990.845780][T15570] RIP: 0033:0x7f09a418d41f [ 990.845807][T15570] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 990.845839][T15570] RSP: 002b:00007f09a50ac030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 990.845868][T15570] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f09a418d41f [ 990.845889][T15570] RDX: 0000000000000001 RSI: 00007f09a50ac0a0 RDI: 0000000000000008 [ 990.845908][T15570] RBP: 00007f09a50ac090 R08: 0000000000000000 R09: 0000000000000000 [ 990.845927][T15570] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 990.845946][T15570] R13: 0000000000000000 R14: 00007f09a43b5fa0 R15: 00007ffd8473f498 [ 990.845989][T15570] [ 992.186305][T15579] FAULT_INJECTION: forcing a failure. [ 992.186305][T15579] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 992.243187][T15579] CPU: 0 UID: 0 PID: 15579 Comm: syz.0.2106 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 992.243242][T15579] Tainted: [U]=USER [ 992.243253][T15579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 992.243272][T15579] Call Trace: [ 992.243283][T15579] [ 992.243297][T15579] dump_stack_lvl+0x16c/0x1f0 [ 992.243352][T15579] should_fail_ex+0x512/0x640 [ 992.243409][T15579] _copy_from_user+0x2e/0xd0 [ 992.243442][T15579] kstrtouint_from_user+0xd6/0x1d0 [ 992.243483][T15579] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 992.243521][T15579] ? __lock_acquire+0xaa4/0x1ba0 [ 992.243585][T15579] proc_fail_nth_write+0x83/0x250 [ 992.243635][T15579] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 992.243697][T15579] vfs_write+0x25c/0x1180 [ 992.243727][T15579] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 992.243782][T15579] ? __pfx___mutex_lock+0x10/0x10 [ 992.243833][T15579] ? __pfx_vfs_write+0x10/0x10 [ 992.243889][T15579] ? __fget_files+0x20e/0x3c0 [ 992.243933][T15579] ksys_write+0x12a/0x240 [ 992.243966][T15579] ? __pfx_ksys_write+0x10/0x10 [ 992.244012][T15579] do_syscall_64+0xcd/0x230 [ 992.244067][T15579] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 992.244100][T15579] RIP: 0033:0x7f09a418d41f [ 992.244127][T15579] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 992.244159][T15579] RSP: 002b:00007f09a506a030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 992.244189][T15579] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f09a418d41f [ 992.244210][T15579] RDX: 0000000000000001 RSI: 00007f09a506a0a0 RDI: 0000000000000005 [ 992.244230][T15579] RBP: 00007f09a506a090 R08: 0000000000000000 R09: 0000000000000000 [ 992.244251][T15579] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 992.244271][T15579] R13: 0000000000000001 R14: 00007f09a43b6160 R15: 00007ffd8473f498 [ 992.244315][T15579] [ 992.471674][T15574] netlink: 330 bytes leftover after parsing attributes in process `syz.5.2105'. [ 996.803385][T15630] FAULT_INJECTION: forcing a failure. [ 996.803385][T15630] name fail_futex, interval 1, probability 0, space 0, times 0 [ 996.889088][T15630] CPU: 0 UID: 0 PID: 15630 Comm: syz.2.2117 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 996.889151][T15630] Tainted: [U]=USER [ 996.889163][T15630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 996.889185][T15630] Call Trace: [ 996.889198][T15630] [ 996.889212][T15630] dump_stack_lvl+0x16c/0x1f0 [ 996.889275][T15630] should_fail_ex+0x512/0x640 [ 996.889335][T15630] get_futex_key+0x49e/0x1000 [ 996.889377][T15630] ? __pfx_get_futex_key+0x10/0x10 [ 996.889416][T15630] ? rcu_is_watching+0x12/0xc0 [ 996.889447][T15630] ? kasan_quarantine_put+0x10a/0x240 [ 996.889482][T15630] ? lockdep_hardirqs_on+0x7c/0x110 [ 996.889535][T15630] futex_wake+0xe7/0x4e0 [ 996.889572][T15630] ? kfree+0x2b6/0x4d0 [ 996.889608][T15630] ? __pfx_futex_wake+0x10/0x10 [ 996.889658][T15630] ? do_mq_timedreceive+0x4ba/0xca0 [ 996.889706][T15630] do_futex+0x1e3/0x350 [ 996.889743][T15630] ? __pfx_do_futex+0x10/0x10 [ 996.889825][T15630] __x64_sys_futex+0x1e0/0x4c0 [ 996.889871][T15630] ? __pfx___x64_sys_futex+0x10/0x10 [ 996.889912][T15630] ? __pfx___x64_sys_mq_timedreceive+0x10/0x10 [ 996.889951][T15630] ? rcu_is_watching+0x12/0xc0 [ 996.889996][T15630] do_syscall_64+0xcd/0x230 [ 996.890053][T15630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 996.890089][T15630] RIP: 0033:0x7fe04518e969 [ 996.890118][T15630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 996.890150][T15630] RSP: 002b:00007fe0460550e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 996.890183][T15630] RAX: ffffffffffffffda RBX: 00007fe0453b6088 RCX: 00007fe04518e969 [ 996.890205][T15630] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe0453b608c [ 996.890227][T15630] RBP: 00007fe0453b6080 R08: 00007fe046077000 R09: 0000000000000000 [ 996.890248][T15630] R10: 0000000000000080 R11: 0000000000000246 R12: 00007fe0453b608c [ 996.890269][T15630] R13: 0000000000000000 R14: 00007ffe0ca32980 R15: 00007ffe0ca32a68 [ 996.890311][T15630] [ 997.739830][T15626] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 998.245458][T15636] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2120'. [ 1000.739416][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1000.745877][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1000.780578][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1000.787489][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1000.812012][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1000.830185][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1000.870493][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1000.879972][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1001.511141][T15679] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1001.924023][T15684] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2132'. [ 1003.420188][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.436902][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1004.257104][T15714] busy [ 1005.338986][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1005.355909][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1005.386840][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1005.395137][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1005.437121][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1005.443531][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1005.458573][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1005.475857][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1007.021649][T15754] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2147'. [ 1007.625936][T15765] can: request_module (can-proto-3) failed. [ 1009.081578][T15785] FAULT_INJECTION: forcing a failure. [ 1009.081578][T15785] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1009.184812][T15785] CPU: 1 UID: 0 PID: 15785 Comm: syz.4.2152 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1009.184867][T15785] Tainted: [U]=USER [ 1009.184878][T15785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1009.184897][T15785] Call Trace: [ 1009.184907][T15785] [ 1009.184919][T15785] dump_stack_lvl+0x16c/0x1f0 [ 1009.184969][T15785] should_fail_ex+0x512/0x640 [ 1009.185021][T15785] _copy_from_user+0x2e/0xd0 [ 1009.185052][T15785] copy_msghdr_from_user+0x98/0x160 [ 1009.185090][T15785] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1009.185134][T15785] ? kfree+0x252/0x4d0 [ 1009.185163][T15785] ? __lock_acquire+0x5ca/0x1ba0 [ 1009.185212][T15785] ___sys_recvmsg+0xdb/0x1a0 [ 1009.185250][T15785] ? __pfx____sys_recvmsg+0x10/0x10 [ 1009.185311][T15785] ? __pfx___might_resched+0x10/0x10 [ 1009.185356][T15785] do_recvmmsg+0x2fe/0x740 [ 1009.185400][T15785] ? __pfx_do_recvmmsg+0x10/0x10 [ 1009.185449][T15785] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 1009.185509][T15785] ? __fget_files+0x20e/0x3c0 [ 1009.185549][T15785] __x64_sys_recvmmsg+0x22a/0x280 [ 1009.185594][T15785] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1009.185648][T15785] do_syscall_64+0xcd/0x230 [ 1009.185700][T15785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1009.185733][T15785] RIP: 0033:0x7f1eb358e969 [ 1009.185771][T15785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1009.185803][T15785] RSP: 002b:00007f1eb4360038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1009.185836][T15785] RAX: ffffffffffffffda RBX: 00007f1eb37b6080 RCX: 00007f1eb358e969 [ 1009.185857][T15785] RDX: 000000000000010a RSI: 0000200000000140 RDI: 0000000000000004 [ 1009.185876][T15785] RBP: 00007f1eb4360090 R08: 0000000000000000 R09: 0000000000000000 [ 1009.185894][T15785] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002 [ 1009.185913][T15785] R13: 0000000000000001 R14: 00007f1eb37b6080 R15: 00007fff3f305538 [ 1009.185952][T15785] [ 1012.090127][T15821] FAULT_INJECTION: forcing a failure. [ 1012.090127][T15821] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1012.205015][T15821] CPU: 1 UID: 0 PID: 15821 Comm: syz.0.2160 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1012.205072][T15821] Tainted: [U]=USER [ 1012.205085][T15821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1012.205104][T15821] Call Trace: [ 1012.205116][T15821] [ 1012.205129][T15821] dump_stack_lvl+0x16c/0x1f0 [ 1012.205177][T15821] should_fail_ex+0x512/0x640 [ 1012.205228][T15821] get_futex_key+0x49e/0x1000 [ 1012.205258][T15821] ? __pfx_get_futex_key+0x10/0x10 [ 1012.205294][T15821] futex_wake+0xe7/0x4e0 [ 1012.205328][T15821] ? __pfx_futex_wake+0x10/0x10 [ 1012.205362][T15821] ? kmem_cache_free+0x2d4/0x4d0 [ 1012.205388][T15821] ? find_held_lock+0x2b/0x80 [ 1012.205410][T15821] ? putname+0x154/0x1a0 [ 1012.205439][T15821] ? do_sys_openat2+0x1b0/0x1d0 [ 1012.205476][T15821] do_futex+0x1e3/0x350 [ 1012.205503][T15821] ? __pfx_do_futex+0x10/0x10 [ 1012.205538][T15821] __x64_sys_futex+0x1e0/0x4c0 [ 1012.205568][T15821] ? __x64_sys_openat+0x174/0x210 [ 1012.205603][T15821] ? __pfx___x64_sys_futex+0x10/0x10 [ 1012.205632][T15821] ? rcu_is_watching+0x12/0xc0 [ 1012.205663][T15821] do_syscall_64+0xcd/0x230 [ 1012.205703][T15821] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1012.205728][T15821] RIP: 0033:0x7f09a418e969 [ 1012.205748][T15821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1012.205774][T15821] RSP: 002b:00007f09a506a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1012.205797][T15821] RAX: ffffffffffffffda RBX: 00007f09a43b6168 RCX: 00007f09a418e969 [ 1012.205815][T15821] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f09a43b616c [ 1012.205832][T15821] RBP: 00007f09a43b6160 R08: 00007f09a50ad000 R09: 0000000000000000 [ 1012.205849][T15821] R10: ffffffffffffffff R11: 0000000000000246 R12: 00007f09a43b616c [ 1012.205865][T15821] R13: 0000000000000000 R14: 00007ffd8473f3b0 R15: 00007ffd8473f498 [ 1012.205898][T15821] [ 1012.412259][ C1] vkms_vblank_simulate: vblank timer overrun [ 1016.481904][T15864] Console: switching to colour frame buffer device 128x48 [ 1016.821698][T15853] Invalid ELF header magic: != ELF [ 1017.241418][T15882] syz.4.2173(15882): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 1017.919650][T15888] FAULT_INJECTION: forcing a failure. [ 1017.919650][T15888] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1017.965028][T15888] CPU: 1 UID: 0 PID: 15888 Comm: syz.2.2176 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1017.965071][T15888] Tainted: [U]=USER [ 1017.965079][T15888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1017.965095][T15888] Call Trace: [ 1017.965104][T15888] [ 1017.965113][T15888] dump_stack_lvl+0x16c/0x1f0 [ 1017.965156][T15888] should_fail_ex+0x512/0x640 [ 1017.965200][T15888] _copy_from_user+0x2e/0xd0 [ 1017.965224][T15888] load_msg+0x19e/0x4a0 [ 1017.965269][T15888] do_mq_timedsend+0x3d7/0xc40 [ 1017.965308][T15888] ? __pfx_do_mq_timedsend+0x10/0x10 [ 1017.965343][T15888] ? do_futex+0x122/0x350 [ 1017.965396][T15888] ? __x64_sys_futex+0x1e0/0x4c0 [ 1017.965441][T15888] __x64_sys_mq_timedsend+0x1cd/0x260 [ 1017.965483][T15888] ? __pfx___x64_sys_mq_timedsend+0x10/0x10 [ 1017.965521][T15888] ? rcu_is_watching+0x12/0xc0 [ 1017.965566][T15888] do_syscall_64+0xcd/0x230 [ 1017.965621][T15888] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.965656][T15888] RIP: 0033:0x7fe04518e969 [ 1017.965684][T15888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1017.965718][T15888] RSP: 002b:00007fe046076038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2 [ 1017.965751][T15888] RAX: ffffffffffffffda RBX: 00007fe0453b5fa0 RCX: 00007fe04518e969 [ 1017.965784][T15888] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000006 [ 1017.965805][T15888] RBP: 00007fe045210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1017.965825][T15888] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 1017.965845][T15888] R13: 0000000000000000 R14: 00007fe0453b5fa0 R15: 00007ffe0ca32a68 [ 1017.965888][T15888] [ 1018.148861][ C1] vkms_vblank_simulate: vblank timer overrun [ 1018.269623][T15892] FAULT_INJECTION: forcing a failure. [ 1018.269623][T15892] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.282683][T15892] CPU: 1 UID: 0 PID: 15892 Comm: syz.0.2177 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1018.282725][T15892] Tainted: [U]=USER [ 1018.282734][T15892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1018.282749][T15892] Call Trace: [ 1018.282760][T15892] [ 1018.282770][T15892] dump_stack_lvl+0x16c/0x1f0 [ 1018.282813][T15892] should_fail_ex+0x512/0x640 [ 1018.282851][T15892] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1018.282884][T15892] should_failslab+0xc2/0x120 [ 1018.282918][T15892] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1018.282947][T15892] ? d_instantiate+0x77/0x90 [ 1018.282974][T15892] ? alloc_empty_file+0x55/0x1e0 [ 1018.283011][T15892] alloc_empty_file+0x55/0x1e0 [ 1018.283045][T15892] alloc_file_pseudo+0x13a/0x230 [ 1018.283081][T15892] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1018.283116][T15892] ? alloc_fd+0x471/0x7d0 [ 1018.283143][T15892] sock_alloc_file+0x50/0x210 [ 1018.283180][T15892] __sys_socket+0x1c0/0x260 [ 1018.283202][T15892] ? __pfx___sys_socket+0x10/0x10 [ 1018.283227][T15892] ? rcu_is_watching+0x12/0xc0 [ 1018.283257][T15892] __x64_sys_socket+0x72/0xb0 [ 1018.283278][T15892] ? lockdep_hardirqs_on+0x7c/0x110 [ 1018.283315][T15892] do_syscall_64+0xcd/0x230 [ 1018.283356][T15892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.283382][T15892] RIP: 0033:0x7f09a418e969 [ 1018.283402][T15892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1018.283426][T15892] RSP: 002b:00007f09a50ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1018.283450][T15892] RAX: ffffffffffffffda RBX: 00007f09a43b5fa0 RCX: 00007f09a418e969 [ 1018.283467][T15892] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1018.283483][T15892] RBP: 00007f09a4210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1018.283498][T15892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1018.283514][T15892] R13: 0000000000000000 R14: 00007f09a43b5fa0 R15: 00007ffd8473f498 [ 1018.283544][T15892] [ 1018.492089][ C1] vkms_vblank_simulate: vblank timer overrun [ 1019.417764][T15910] FAULT_INJECTION: forcing a failure. [ 1019.417764][T15910] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1019.569109][T15910] CPU: 1 UID: 0 PID: 15910 Comm: syz.5.2181 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1019.569167][T15910] Tainted: [U]=USER [ 1019.569180][T15910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1019.569206][T15910] Call Trace: [ 1019.569219][T15910] [ 1019.569232][T15910] dump_stack_lvl+0x16c/0x1f0 [ 1019.569288][T15910] should_fail_ex+0x512/0x640 [ 1019.569345][T15910] get_futex_key+0x49e/0x1000 [ 1019.569385][T15910] ? __pfx_get_futex_key+0x10/0x10 [ 1019.569436][T15910] futex_wake+0xe7/0x4e0 [ 1019.569483][T15910] ? __pfx_futex_wake+0x10/0x10 [ 1019.569534][T15910] ? kmem_cache_free+0x2d4/0x4d0 [ 1019.569571][T15910] ? fd_install+0x225/0x750 [ 1019.569598][T15910] ? putname+0x154/0x1a0 [ 1019.569654][T15910] do_futex+0x1e3/0x350 [ 1019.569693][T15910] ? __pfx_do_futex+0x10/0x10 [ 1019.569741][T15910] __x64_sys_futex+0x1e0/0x4c0 [ 1019.569784][T15910] ? __x64_sys_openat+0x174/0x210 [ 1019.569832][T15910] ? __pfx___x64_sys_futex+0x10/0x10 [ 1019.569872][T15910] ? rcu_is_watching+0x12/0xc0 [ 1019.569918][T15910] do_syscall_64+0xcd/0x230 [ 1019.569973][T15910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1019.570006][T15910] RIP: 0033:0x7fe3ff58e969 [ 1019.570033][T15910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1019.570067][T15910] RSP: 002b:00007fe4003830e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1019.570100][T15910] RAX: ffffffffffffffda RBX: 00007fe3ff7b6168 RCX: 00007fe3ff58e969 [ 1019.570122][T15910] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe3ff7b616c [ 1019.570143][T15910] RBP: 00007fe3ff7b6160 R08: 00007fe4003c6000 R09: 0000000000000000 [ 1019.570163][T15910] R10: 000000000000000a R11: 0000000000000246 R12: 00007fe3ff7b616c [ 1019.570184][T15910] R13: 0000000000000000 R14: 00007fff14e3de70 R15: 00007fff14e3df58 [ 1019.570227][T15910] [ 1019.774335][ C1] vkms_vblank_simulate: vblank timer overrun [ 1019.908072][ T30] audit: type=1800 audit(4294976011.400:9): pid=15900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2180" name="dbroot" dev="configfs" ino=62159 res=0 errno=0 [ 1020.469590][T15916] FAULT_INJECTION: forcing a failure. [ 1020.469590][T15916] name failslab, interval 1, probability 0, space 0, times 0 [ 1020.626307][T15916] CPU: 0 UID: 0 PID: 15916 Comm: syz.4.2182 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1020.626363][T15916] Tainted: [U]=USER [ 1020.626374][T15916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1020.626394][T15916] Call Trace: [ 1020.626405][T15916] [ 1020.626419][T15916] dump_stack_lvl+0x16c/0x1f0 [ 1020.626474][T15916] should_fail_ex+0x512/0x640 [ 1020.626536][T15916] should_failslab+0xc2/0x120 [ 1020.626579][T15916] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1020.626620][T15916] ? skb_clone+0x190/0x3f0 [ 1020.626668][T15916] skb_clone+0x190/0x3f0 [ 1020.626711][T15916] netlink_deliver_tap+0xabd/0xd30 [ 1020.626757][T15916] ? __pfx_rtnl_dump_ifinfo+0x10/0x10 [ 1020.626811][T15916] netlink_dump+0x638/0xd00 [ 1020.626859][T15916] ? __pfx_netlink_dump+0x10/0x10 [ 1020.626917][T15916] ? kfree_skbmem+0x1a4/0x1f0 [ 1020.626957][T15916] ? kfree_skbmem+0x1a4/0x1f0 [ 1020.626993][T15916] netlink_recvmsg+0xa15/0xf20 [ 1020.627040][T15916] ? __pfx_netlink_recvmsg+0x10/0x10 [ 1020.627087][T15916] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1020.627135][T15916] ? iovec_from_user+0xbb/0x140 [ 1020.627180][T15916] ____sys_recvmsg+0x5f9/0x6b0 [ 1020.627241][T15916] ? __pfx_____sys_recvmsg+0x10/0x10 [ 1020.627306][T15916] ? kfree+0x252/0x4d0 [ 1020.627334][T15916] ? __lock_acquire+0x5ca/0x1ba0 [ 1020.627385][T15916] ___sys_recvmsg+0x114/0x1a0 [ 1020.627429][T15916] ? __pfx____sys_recvmsg+0x10/0x10 [ 1020.627497][T15916] ? __pfx___might_resched+0x10/0x10 [ 1020.627553][T15916] do_recvmmsg+0x2fe/0x740 [ 1020.627603][T15916] ? __pfx_do_recvmmsg+0x10/0x10 [ 1020.627657][T15916] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 1020.627724][T15916] ? __fget_files+0x20e/0x3c0 [ 1020.627767][T15916] __x64_sys_recvmmsg+0x22a/0x280 [ 1020.627817][T15916] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1020.627858][T15916] ? rcu_is_watching+0x12/0xc0 [ 1020.627904][T15916] do_syscall_64+0xcd/0x230 [ 1020.627961][T15916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.627996][T15916] RIP: 0033:0x7f1eb358e969 [ 1020.628023][T15916] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1020.628058][T15916] RSP: 002b:00007f1eb4381038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1020.628091][T15916] RAX: ffffffffffffffda RBX: 00007f1eb37b5fa0 RCX: 00007f1eb358e969 [ 1020.628112][T15916] RDX: 000000000000010a RSI: 0000200000000140 RDI: 0000000000000004 [ 1020.628132][T15916] RBP: 00007f1eb4381090 R08: 0000000000000000 R09: 0000000000000000 [ 1020.628153][T15916] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000002 [ 1020.628173][T15916] R13: 0000000000000000 R14: 00007f1eb37b5fa0 R15: 00007fff3f305538 [ 1020.628217][T15916] [ 1022.513033][T15935] FAULT_INJECTION: forcing a failure. [ 1022.513033][T15935] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1022.559626][ T5879] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:7: bg 2: bad block bitmap checksum [ 1022.630566][ T5879] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 1351 with max blocks 8 with error 74 [ 1022.664954][T15935] CPU: 0 UID: 0 PID: 15935 Comm: syz.2.2187 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1022.665011][T15935] Tainted: [U]=USER [ 1022.665024][T15935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1022.665045][T15935] Call Trace: [ 1022.665056][T15935] [ 1022.665070][T15935] dump_stack_lvl+0x16c/0x1f0 [ 1022.665125][T15935] should_fail_ex+0x512/0x640 [ 1022.665182][T15935] get_futex_key+0x49e/0x1000 [ 1022.665222][T15935] ? __pfx_get_futex_key+0x10/0x10 [ 1022.665272][T15935] ? rcu_is_watching+0x12/0xc0 [ 1022.665305][T15935] ? kasan_quarantine_put+0x10a/0x240 [ 1022.665343][T15935] ? lockdep_hardirqs_on+0x7c/0x110 [ 1022.665397][T15935] futex_wake+0xe7/0x4e0 [ 1022.665437][T15935] ? kfree+0x2b6/0x4d0 [ 1022.665472][T15935] ? __pfx_futex_wake+0x10/0x10 [ 1022.665523][T15935] ? do_mq_timedreceive+0x4ba/0xca0 [ 1022.665572][T15935] do_futex+0x1e3/0x350 [ 1022.665611][T15935] ? __pfx_do_futex+0x10/0x10 [ 1022.665661][T15935] __x64_sys_futex+0x1e0/0x4c0 [ 1022.665707][T15935] ? __pfx___x64_sys_futex+0x10/0x10 [ 1022.665747][T15935] ? __pfx___x64_sys_mq_timedreceive+0x10/0x10 [ 1022.665787][T15935] ? rcu_is_watching+0x12/0xc0 [ 1022.665831][T15935] do_syscall_64+0xcd/0x230 [ 1022.665885][T15935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1022.665920][T15935] RIP: 0033:0x7fe04518e969 [ 1022.665946][T15935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1022.665982][T15935] RSP: 002b:00007fe0460760e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1022.666014][T15935] RAX: ffffffffffffffda RBX: 00007fe0453b5fa8 RCX: 00007fe04518e969 [ 1022.666037][T15935] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe0453b5fac [ 1022.666058][T15935] RBP: 00007fe0453b5fa0 R08: 00007fe046077000 R09: 0000000000000000 [ 1022.666080][T15935] R10: 0000000000000080 R11: 0000000000000246 R12: 00007fe0453b5fac [ 1022.666102][T15935] R13: 0000000000000000 R14: 00007ffe0ca32980 R15: 00007ffe0ca32a68 [ 1022.666145][T15935] [ 1022.897097][ T5879] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1022.897097][ T5879] [ 1027.151541][T15989] FAULT_INJECTION: forcing a failure. [ 1027.151541][T15989] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1027.342114][T15989] CPU: 0 UID: 0 PID: 15989 Comm: syz.5.2198 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1027.342173][T15989] Tainted: [U]=USER [ 1027.342184][T15989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1027.342206][T15989] Call Trace: [ 1027.342219][T15989] [ 1027.342232][T15989] dump_stack_lvl+0x16c/0x1f0 [ 1027.342287][T15989] should_fail_ex+0x512/0x640 [ 1027.342344][T15989] _copy_from_user+0x2e/0xd0 [ 1027.342380][T15989] load_msg+0x19e/0x4a0 [ 1027.342439][T15989] do_mq_timedsend+0x3d7/0xc40 [ 1027.342481][T15989] ? __pfx_do_mq_timedsend+0x10/0x10 [ 1027.342519][T15989] ? do_futex+0x122/0x350 [ 1027.342574][T15989] ? __x64_sys_futex+0x1e0/0x4c0 [ 1027.342618][T15989] __x64_sys_mq_timedsend+0x1cd/0x260 [ 1027.342659][T15989] ? __pfx___x64_sys_mq_timedsend+0x10/0x10 [ 1027.342695][T15989] ? rcu_is_watching+0x12/0xc0 [ 1027.342740][T15989] do_syscall_64+0xcd/0x230 [ 1027.342792][T15989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1027.342826][T15989] RIP: 0033:0x7fe3ff58e969 [ 1027.342869][T15989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1027.342906][T15989] RSP: 002b:00007fe4003c5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2 [ 1027.342941][T15989] RAX: ffffffffffffffda RBX: 00007fe3ff7b5fa0 RCX: 00007fe3ff58e969 [ 1027.342965][T15989] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000006 [ 1027.342988][T15989] RBP: 00007fe3ff610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1027.343009][T15989] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 1027.343032][T15989] R13: 0000000000000000 R14: 00007fe3ff7b5fa0 R15: 00007fff14e3df58 [ 1027.343077][T15989] [ 1032.041855][T16035] FAULT_INJECTION: forcing a failure. [ 1032.041855][T16035] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1032.107617][T16035] CPU: 0 UID: 0 PID: 16035 Comm: syz.2.2208 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1032.107678][T16035] Tainted: [U]=USER [ 1032.107691][T16035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1032.107712][T16035] Call Trace: [ 1032.107724][T16035] [ 1032.107738][T16035] dump_stack_lvl+0x16c/0x1f0 [ 1032.107806][T16035] should_fail_ex+0x512/0x640 [ 1032.107864][T16035] get_futex_key+0x49e/0x1000 [ 1032.107906][T16035] ? __pfx_get_futex_key+0x10/0x10 [ 1032.107945][T16035] ? rcu_is_watching+0x12/0xc0 [ 1032.107977][T16035] ? kasan_quarantine_put+0x10a/0x240 [ 1032.108014][T16035] ? lockdep_hardirqs_on+0x7c/0x110 [ 1032.108069][T16035] futex_wake+0xe7/0x4e0 [ 1032.108116][T16035] ? kfree+0x2b6/0x4d0 [ 1032.108152][T16035] ? __pfx_futex_wake+0x10/0x10 [ 1032.108203][T16035] ? do_mq_timedreceive+0x4ba/0xca0 [ 1032.108251][T16035] do_futex+0x1e3/0x350 [ 1032.108289][T16035] ? __pfx_do_futex+0x10/0x10 [ 1032.108340][T16035] __x64_sys_futex+0x1e0/0x4c0 [ 1032.108386][T16035] ? __pfx___x64_sys_futex+0x10/0x10 [ 1032.108426][T16035] ? __pfx___x64_sys_mq_timedreceive+0x10/0x10 [ 1032.108464][T16035] ? rcu_is_watching+0x12/0xc0 [ 1032.108508][T16035] do_syscall_64+0xcd/0x230 [ 1032.108565][T16035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1032.108599][T16035] RIP: 0033:0x7fe04518e969 [ 1032.108629][T16035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1032.108663][T16035] RSP: 002b:00007fe0460760e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1032.108696][T16035] RAX: ffffffffffffffda RBX: 00007fe0453b5fa8 RCX: 00007fe04518e969 [ 1032.108719][T16035] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fe0453b5fac [ 1032.108740][T16035] RBP: 00007fe0453b5fa0 R08: 00007fe046077000 R09: 0000000000000000 [ 1032.108773][T16035] R10: 0000000000000080 R11: 0000000000000246 R12: 00007fe0453b5fac [ 1032.108795][T16035] R13: 0000000000000000 R14: 00007ffe0ca32980 R15: 00007ffe0ca32a68 [ 1032.108840][T16035] [ 1033.230909][T16048] FAULT_INJECTION: forcing a failure. [ 1033.230909][T16048] name failslab, interval 1, probability 0, space 0, times 0 [ 1033.295882][T16048] CPU: 1 UID: 0 PID: 16048 Comm: syz.2.2212 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1033.295941][T16048] Tainted: [U]=USER [ 1033.295953][T16048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1033.295975][T16048] Call Trace: [ 1033.295987][T16048] [ 1033.296001][T16048] dump_stack_lvl+0x16c/0x1f0 [ 1033.296056][T16048] should_fail_ex+0x512/0x640 [ 1033.296105][T16048] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 1033.296149][T16048] should_failslab+0xc2/0x120 [ 1033.296190][T16048] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1033.296230][T16048] ? __alloc_skb+0x2b2/0x380 [ 1033.296269][T16048] ? bpf_lsm_capable+0x9/0x10 [ 1033.296310][T16048] __alloc_skb+0x2b2/0x380 [ 1033.296351][T16048] ? __pfx___alloc_skb+0x10/0x10 [ 1033.296392][T16048] ? genl_rcv_msg+0x4bb/0x800 [ 1033.296471][T16048] netlink_ack+0x15d/0xb80 [ 1033.296519][T16048] ? __lock_acquire+0xaa4/0x1ba0 [ 1033.296570][T16048] netlink_rcv_skb+0x347/0x440 [ 1033.296611][T16048] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1033.296663][T16048] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1033.296726][T16048] ? __pfx_down_read+0x10/0x10 [ 1033.296761][T16048] ? netlink_deliver_tap+0x1ae/0xd30 [ 1033.296809][T16048] genl_rcv+0x28/0x40 [ 1033.296853][T16048] netlink_unicast+0x53d/0x7f0 [ 1033.296905][T16048] ? __pfx_netlink_unicast+0x10/0x10 [ 1033.296948][T16048] ? __lock_acquire+0xaa4/0x1ba0 [ 1033.297001][T16048] netlink_sendmsg+0x8d1/0xdd0 [ 1033.297053][T16048] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1033.297115][T16048] ____sys_sendmsg+0xa95/0xc70 [ 1033.297166][T16048] ? copy_msghdr_from_user+0x10a/0x160 [ 1033.297203][T16048] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1033.297254][T16048] ? try_to_wake_up+0xa2f/0x1680 [ 1033.297287][T16048] ___sys_sendmsg+0x134/0x1d0 [ 1033.297324][T16048] ? __pfx____sys_sendmsg+0x10/0x10 [ 1033.297359][T16048] ? wake_up_q+0xb0/0x160 [ 1033.297397][T16048] ? __pfx_vfs_writev+0x10/0x10 [ 1033.297436][T16048] ? do_futex+0x122/0x350 [ 1033.297504][T16048] __sys_sendmsg+0x16d/0x220 [ 1033.297541][T16048] ? __pfx___sys_sendmsg+0x10/0x10 [ 1033.297577][T16048] ? __x64_sys_futex+0x1e0/0x4c0 [ 1033.297619][T16048] ? rcu_is_watching+0x12/0xc0 [ 1033.297656][T16048] do_syscall_64+0xcd/0x230 [ 1033.297702][T16048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1033.297731][T16048] RIP: 0033:0x7fe04518e969 [ 1033.297753][T16048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1033.297781][T16048] RSP: 002b:00007fe046076038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1033.297808][T16048] RAX: ffffffffffffffda RBX: 00007fe0453b5fa0 RCX: 00007fe04518e969 [ 1033.297826][T16048] RDX: 0000000004048000 RSI: 0000200000004240 RDI: 0000000000000003 [ 1033.297844][T16048] RBP: 00007fe045210ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1033.297861][T16048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1033.297879][T16048] R13: 0000000000000000 R14: 00007fe0453b5fa0 R15: 00007ffe0ca32a68 [ 1033.297916][T16048] [ 1034.426378][T16056] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2213'. [ 1036.000286][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1036.009749][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1036.018317][ T5828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1036.026994][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1036.062317][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1036.849103][T13651] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1037.327231][T13651] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1037.661037][T13651] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1038.102087][T13651] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1038.136517][T13217] Bluetooth: hci1: command tx timeout [ 1039.230322][T16064] chnl_net:caif_netlink_parms(): no params data found [ 1039.651873][T16096] FAULT_INJECTION: forcing a failure. [ 1039.651873][T16096] name failslab, interval 1, probability 0, space 0, times 0 [ 1039.706798][T16097] FAULT_INJECTION: forcing a failure. [ 1039.706798][T16097] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1039.725034][T16096] CPU: 1 UID: 0 PID: 16096 Comm: syz.4.2220 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1039.725099][T16096] Tainted: [U]=USER [ 1039.725112][T16096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1039.725130][T16096] Call Trace: [ 1039.725141][T16096] [ 1039.725153][T16096] dump_stack_lvl+0x16c/0x1f0 [ 1039.725368][T16096] should_fail_ex+0x512/0x640 [ 1039.725478][T16096] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1039.725526][T16096] should_failslab+0xc2/0x120 [ 1039.725568][T16096] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1039.725600][T16096] ? kernfs_fop_open+0xa3a/0xda0 [ 1039.725647][T16096] kernfs_fop_open+0xa3a/0xda0 [ 1039.725686][T16096] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1039.725739][T16096] do_dentry_open+0x741/0x1c10 [ 1039.725771][T16096] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1039.725816][T16096] vfs_open+0x82/0x3f0 [ 1039.725859][T16096] path_openat+0x1e5e/0x2d40 [ 1039.725902][T16096] ? __pfx_path_openat+0x10/0x10 [ 1039.726032][T16096] do_filp_open+0x20b/0x470 [ 1039.726070][T16096] ? __pfx_do_filp_open+0x10/0x10 [ 1039.726129][T16096] ? alloc_fd+0x471/0x7d0 [ 1039.726168][T16096] do_sys_openat2+0x11b/0x1d0 [ 1039.726210][T16096] ? __pfx_do_sys_openat2+0x10/0x10 [ 1039.726332][T16096] __x64_sys_openat+0x174/0x210 [ 1039.726380][T16096] ? __pfx___x64_sys_openat+0x10/0x10 [ 1039.726425][T16096] ? rcu_is_watching+0x12/0xc0 [ 1039.726464][T16096] do_syscall_64+0xcd/0x230 [ 1039.726512][T16096] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1039.726543][T16096] RIP: 0033:0x7f1eb358e969 [ 1039.726569][T16096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1039.726620][T16096] RSP: 002b:00007f1eb433f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1039.726649][T16096] RAX: ffffffffffffffda RBX: 00007f1eb37b6160 RCX: 00007f1eb358e969 [ 1039.726669][T16096] RDX: 0000000000183841 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1039.726689][T16096] RBP: 00007f1eb3610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1039.726707][T16096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1039.726726][T16096] R13: 0000000000000000 R14: 00007f1eb37b6160 R15: 00007fff3f305538 [ 1039.726763][T16096] [ 1040.082763][T16097] CPU: 0 UID: 0 PID: 16097 Comm: syz.5.2219 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1040.082847][T16097] Tainted: [U]=USER [ 1040.082860][T16097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1040.082881][T16097] Call Trace: [ 1040.082892][T16097] [ 1040.082905][T16097] dump_stack_lvl+0x16c/0x1f0 [ 1040.082963][T16097] should_fail_ex+0x512/0x640 [ 1040.083023][T16097] _copy_from_user+0x2e/0xd0 [ 1040.083057][T16097] load_msg+0x19e/0x4a0 [ 1040.083117][T16097] do_mq_timedsend+0x3d7/0xc40 [ 1040.083158][T16097] ? __pfx_do_mq_timedsend+0x10/0x10 [ 1040.083193][T16097] ? do_futex+0x122/0x350 [ 1040.083247][T16097] ? __x64_sys_futex+0x1e0/0x4c0 [ 1040.083289][T16097] __x64_sys_mq_timedsend+0x1cd/0x260 [ 1040.083331][T16097] ? __pfx___x64_sys_mq_timedsend+0x10/0x10 [ 1040.083368][T16097] ? rcu_is_watching+0x12/0xc0 [ 1040.083413][T16097] do_syscall_64+0xcd/0x230 [ 1040.083468][T16097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.083500][T16097] RIP: 0033:0x7fe3ff58e969 [ 1040.083526][T16097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1040.083558][T16097] RSP: 002b:00007fe400383038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f2 [ 1040.083590][T16097] RAX: ffffffffffffffda RBX: 00007fe3ff7b6160 RCX: 00007fe3ff58e969 [ 1040.083612][T16097] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000006 [ 1040.083631][T16097] RBP: 00007fe3ff610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1040.083649][T16097] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 1040.083667][T16097] R13: 0000000000000000 R14: 00007fe3ff7b6160 R15: 00007fff14e3df58 [ 1040.083706][T16097] [ 1040.245051][T13217] Bluetooth: hci1: command tx timeout [ 1040.531403][T13651] netdevsim netdevsim15 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1041.010209][T16064] bridge0: port 1(bridge_slave_0) entered blocking state [ 1041.072038][T16064] bridge0: port 1(bridge_slave_0) entered disabled state [ 1041.144545][T16064] bridge_slave_0: entered allmulticast mode [ 1041.195004][T16064] bridge_slave_0: entered promiscuous mode [ 1041.240703][T16064] bridge0: port 2(bridge_slave_1) entered blocking state [ 1041.254883][T16064] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.262253][T16064] bridge_slave_1: entered allmulticast mode [ 1041.298060][T16064] bridge_slave_1: entered promiscuous mode [ 1042.232872][T16064] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1042.241353][T16128] Console: switching to colour VGA+ 32x100 [ 1042.299545][T13217] Bluetooth: hci1: command tx timeout [ 1042.307294][T16064] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1043.053531][T16132] ================================================================== [ 1043.053556][T16132] BUG: KASAN: use-after-free in fbcon_prepare_logo+0xa03/0xc70 [ 1043.053614][T16132] Read of size 256 at addr ffff8880921823c0 by task syz.5.2222/16132 [ 1043.053644][T16132] [ 1043.053666][T16132] CPU: 1 UID: 0 PID: 16132 Comm: syz.5.2222 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1043.053717][T16132] Tainted: [U]=USER [ 1043.053730][T16132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1043.053749][T16132] Call Trace: [ 1043.053761][T16132] [ 1043.053775][T16132] dump_stack_lvl+0x116/0x1f0 [ 1043.053827][T16132] print_report+0xc3/0x670 [ 1043.053877][T16132] ? __virt_addr_valid+0x5e/0x590 [ 1043.053938][T16132] ? __phys_addr+0xc6/0x150 [ 1043.053983][T16132] ? fbcon_prepare_logo+0xa03/0xc70 [ 1043.054026][T16132] kasan_report+0xe0/0x110 [ 1043.054068][T16132] ? fbcon_prepare_logo+0xa03/0xc70 [ 1043.054118][T16132] kasan_check_range+0xef/0x1a0 [ 1043.054168][T16132] __asan_memcpy+0x23/0x60 [ 1043.054200][T16132] fbcon_prepare_logo+0xa03/0xc70 [ 1043.054251][T16132] fbcon_init+0xd77/0x1900 [ 1043.054295][T16132] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 1043.054338][T16132] visual_init+0x31d/0x620 [ 1043.054370][T16132] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1043.054417][T16132] store_bind+0x61d/0x760 [ 1043.054457][T16132] ? sysfs_file_kobj+0xe4/0x290 [ 1043.054504][T16132] ? __pfx_store_bind+0x10/0x10 [ 1043.054539][T16132] dev_attr_store+0x55/0x80 [ 1043.054580][T16132] ? __pfx_dev_attr_store+0x10/0x10 [ 1043.054620][T16132] sysfs_kf_write+0xef/0x150 [ 1043.054670][T16132] kernfs_fop_write_iter+0x354/0x510 [ 1043.054715][T16132] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1043.054765][T16132] vfs_write+0x5bd/0x1180 [ 1043.054797][T16132] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1043.054843][T16132] ? __pfx___mutex_lock+0x10/0x10 [ 1043.054906][T16132] ? __pfx_vfs_write+0x10/0x10 [ 1043.054953][T16132] ksys_write+0x12a/0x240 [ 1043.054987][T16132] ? __pfx_ksys_write+0x10/0x10 [ 1043.055020][T16132] ? rcu_is_watching+0x12/0xc0 [ 1043.055060][T16132] do_syscall_64+0xcd/0x230 [ 1043.055112][T16132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1043.055147][T16132] RIP: 0033:0x7fe3ff58e969 [ 1043.055174][T16132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1043.055208][T16132] RSP: 002b:00007fe400341038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1043.055241][T16132] RAX: ffffffffffffffda RBX: 00007fe3ff7b6320 RCX: 00007fe3ff58e969 [ 1043.055263][T16132] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1043.055284][T16132] RBP: 00007fe3ff610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1043.055304][T16132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1043.055325][T16132] R13: 0000000000000000 R14: 00007fe3ff7b6320 R15: 00007fff14e3df58 [ 1043.055358][T16132] [ 1043.055370][T16132] [ 1043.055379][T16132] The buggy address belongs to the physical page: [ 1043.055393][T16132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x92182 [ 1043.055423][T16132] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1043.055461][T16132] raw: 00fff00000000000 0000000000000000 ffffea0002486090 0000000000000000 [ 1043.055489][T16132] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 1043.055508][T16132] page dumped because: kasan: bad access detected [ 1043.055523][T16132] page_owner tracks the page as freed [ 1043.055535][T16132] page last allocated via order 7, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_ZERO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 11397, tgid 11396 (syz.3.1223), ts 538691136469, free_ts 761226279449 [ 1043.055607][T16132] post_alloc_hook+0x181/0x1b0 [ 1043.055641][T16132] get_page_from_freelist+0x135c/0x3920 [ 1043.055678][T16132] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1043.055716][T16132] __alloc_pages_noprof+0xb/0x1b0 [ 1043.055751][T16132] ___kmalloc_large_node+0x82/0x1e0 [ 1043.055798][T16132] __kmalloc_large_node_noprof+0x1c/0x70 [ 1043.055848][T16132] __kvmalloc_node_noprof.cold+0xb/0x65 [ 1043.055906][T16132] ieee80211_txq_setup_flows+0x19c/0xaf0 [ 1043.055943][T16132] ieee80211_register_hw+0x20dc/0x4140 [ 1043.055979][T16132] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 1043.056034][T16132] hwsim_new_radio_nl+0xb51/0x12c0 [ 1043.056083][T16132] genl_family_rcv_msg_doit+0x206/0x2f0 [ 1043.056135][T16132] genl_rcv_msg+0x55c/0x800 [ 1043.056182][T16132] netlink_rcv_skb+0x16a/0x440 [ 1043.056223][T16132] genl_rcv+0x28/0x40 [ 1043.056264][T16132] netlink_unicast+0x53d/0x7f0 [ 1043.056306][T16132] page last free pid 53 tgid 53 stack trace: [ 1043.056325][T16132] __free_pages_ok+0x647/0xe70 [ 1043.056376][T16132] __folio_put+0x329/0x450 [ 1043.056418][T16132] ieee80211_txq_teardown_flows+0x16f/0x280 [ 1043.056456][T16132] ieee80211_unregister_hw+0x5d/0x3a0 [ 1043.056488][T16132] hwsim_exit_net+0x3ac/0x7d0 [ 1043.056549][T16132] ops_exit_list+0xb3/0x180 [ 1043.056590][T16132] cleanup_net+0x5c1/0xb30 [ 1043.056635][T16132] process_one_work+0x9cf/0x1b70 [ 1043.056687][T16132] worker_thread+0x6c8/0xf10 [ 1043.056737][T16132] kthread+0x3c2/0x780 [ 1043.056783][T16132] ret_from_fork+0x48/0x80 [ 1043.056811][T16132] ret_from_fork_asm+0x1a/0x30 [ 1043.056864][T16132] [ 1043.056873][T16132] Memory state around the buggy address: [ 1043.056891][T16132] ffff888092182280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 1043.056918][T16132] ffff888092182300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 1043.056944][T16132] >ffff888092182380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 1043.056962][T16132] ^ [ 1043.056981][T16132] ffff888092182400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 1043.057006][T16132] ffff888092182480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 1043.057026][T16132] ================================================================== [ 1043.219388][T16064] team0: Port device team_slave_0 added [ 1043.262786][T16132] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1043.262819][T16132] CPU: 0 UID: 0 PID: 16132 Comm: syz.5.2222 Tainted: G U 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(full) [ 1043.262873][T16132] Tainted: [U]=USER [ 1043.262886][T16132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1043.262905][T16132] Call Trace: [ 1043.262916][T16132] [ 1043.262928][T16132] dump_stack_lvl+0x3d/0x1f0 [ 1043.262984][T16132] panic+0x71c/0x800 [ 1043.263031][T16132] ? __pfx_panic+0x10/0x10 [ 1043.263079][T16132] ? irqentry_exit+0x3b/0x90 [ 1043.263124][T16132] ? lockdep_hardirqs_on+0x7c/0x110 [ 1043.263169][T16132] ? preempt_schedule_thunk+0x16/0x30 [ 1043.263224][T16132] ? fbcon_prepare_logo+0xa03/0xc70 [ 1043.263270][T16132] ? preempt_schedule_common+0x44/0xc0 [ 1043.263322][T16132] ? fbcon_prepare_logo+0xa03/0xc70 [ 1043.263365][T16132] check_panic_on_warn+0xab/0xb0 [ 1043.263418][T16132] end_report+0x107/0x170 [ 1043.263459][T16132] kasan_report+0xee/0x110 [ 1043.263501][T16132] ? fbcon_prepare_logo+0xa03/0xc70 [ 1043.263552][T16132] kasan_check_range+0xef/0x1a0 [ 1043.263604][T16132] __asan_memcpy+0x23/0x60 [ 1043.263637][T16132] fbcon_prepare_logo+0xa03/0xc70 [ 1043.263691][T16132] fbcon_init+0xd77/0x1900 [ 1043.263737][T16132] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 1043.263793][T16132] visual_init+0x31d/0x620 [ 1043.263828][T16132] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1043.263878][T16132] store_bind+0x61d/0x760 [ 1043.263920][T16132] ? sysfs_file_kobj+0xe4/0x290 [ 1043.263972][T16132] ? __pfx_store_bind+0x10/0x10 [ 1043.264010][T16132] dev_attr_store+0x55/0x80 [ 1043.264056][T16132] ? __pfx_dev_attr_store+0x10/0x10 [ 1043.264101][T16132] sysfs_kf_write+0xef/0x150 [ 1043.264152][T16132] kernfs_fop_write_iter+0x354/0x510 [ 1043.264198][T16132] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1043.264249][T16132] vfs_write+0x5bd/0x1180 [ 1043.264284][T16132] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1043.264329][T16132] ? __pfx___mutex_lock+0x10/0x10 [ 1043.264382][T16132] ? __pfx_vfs_write+0x10/0x10 [ 1043.264430][T16132] ksys_write+0x12a/0x240 [ 1043.264464][T16132] ? __pfx_ksys_write+0x10/0x10 [ 1043.264497][T16132] ? rcu_is_watching+0x12/0xc0 [ 1043.264537][T16132] do_syscall_64+0xcd/0x230 [ 1043.264593][T16132] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1043.264629][T16132] RIP: 0033:0x7fe3ff58e969 [ 1043.264657][T16132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1043.264693][T16132] RSP: 002b:00007fe400341038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1043.264724][T16132] RAX: ffffffffffffffda RBX: 00007fe3ff7b6320 RCX: 00007fe3ff58e969 [ 1043.264746][T16132] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1043.264774][T16132] RBP: 00007fe3ff610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 1043.264794][T16132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1043.264814][T16132] R13: 0000000000000000 R14: 00007fe3ff7b6320 R15: 00007fff14e3df58 [ 1043.264848][T16132] [ 1043.265203][T16132] Kernel Offset: disabled