last executing test programs: 2m57.393499217s ago: executing program 3 (id=422): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video33\x00', 0x0, 0x0) ioctl$auto(r0, 0xc0445624, r0) 2m57.228719996s ago: executing program 3 (id=423): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = getsockopt$auto(0xffffffffffffffff, 0x0, 0x1, 0xfffffffffffffffc, 0x0) mmap$auto(0x7, 0x580f, 0x6, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x1, 0x400008, 0xdf, 0x200000000009b72, 0x2, 0x6ed7d94a) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r1, 0x0, 0x39b8) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) write$auto(0x1, 0x0, 0x80000000) write$auto(r0, 0x0, 0x100000abd9) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x800, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT64(r2, 0xc0984124, 0x0) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec27\x00', 0x80200, 0x0) openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x8400, 0x0) ioctl$auto_CEC_S_MODE(r3, 0x40046109, &(0x7f0000000040)=0x31) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r3, 0xc05c6104, 0x0) 2m55.974948603s ago: executing program 3 (id=424): sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/trace/enable\x00', 0xe3102, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) r1 = socket(0x29, 0x2, 0x0) fsconfig$auto_SHMEM_HUGE_FORCE(0xffffffffffffffff, 0x8, &(0x7f0000000100)='@+\\!\x00', &(0x7f0000000300)="5b0fdf8e7220ade733b697e361a312e8797cf9bc410c090dd180de688ae19ee0f7d3ce7f185fa1b9c9867d234fdb5c62c6e305f1df4ca134c6413371cb668566fc407fc2b99e953d74e9fe557dc0d6dd24b7fd497737dfcd44938915c5131197660e57624aba5b26b726415e50ca4639", 0xfffffffffffffffe) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0) sendmsg$auto_SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, 0x0, 0x4000840) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x2, 0x0, 0x2da5, 0x0, 0x8, 0x696b}, 0xed7138c}, 0x2, 0x9) r2 = socket(0x2, 0xa, 0xcf6) sendto$auto(r2, 0x0, 0x1000000400, 0x7f, &(0x7f0000000000)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x1000000}, 0x1c) symlink$auto(&(0x7f0000001500)='./file0/file0\x00', 0x0) close_range$auto(0x2, 0x8, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) read$auto(0x3, 0x0, 0x80) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0xac, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0xfeffffffffffffff, 0x6, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) setsockopt$auto_SO_KEEPALIVE(r1, 0x0, 0x9, &(0x7f0000000040)='\x00', 0x0) socket(0x10, 0x2, 0x6) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x6) socket(0x23, 0x80805, 0x0) fanotify_init$auto(0x5, 0x2000000000002) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 2m55.405612034s ago: executing program 3 (id=427): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card2\x00', 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd3/queue/iosched/write_expire\x00', 0x20681, 0x0) r1 = socket(0x2, 0x801, 0x6) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) setsockopt$auto(r1, 0x1, 0x12, 0x0, 0xa4) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)='-7', 0x2) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x20080, 0x0) close_range$auto(0x2, 0x8, 0x0) 2m54.978985446s ago: executing program 3 (id=429): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x4, 0x200004, 0x8) (async) madvise$auto(0x4, 0x200004, 0x8) pipe$auto(0x0) (async) r0 = pipe$auto(0x0) r1 = set_tid_address$auto(0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, r1) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x900400a3d7) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC2\x00', 0x280, 0x0) (async) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC2\x00', 0x280, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_WRITE(r3, 0xc008551b, &(0x7f0000000080)={0x7, 0x81a6}) ioctl$auto_FICLONE(r0, 0x40049409, r0) socket(0x2, 0x1, 0x0) r4 = getsockopt$auto(r2, 0x100005, 0x23, 0x0, &(0x7f0000000040)=0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xe, 0x3ff, 0x19, r4, 0xb) (async) mmap$auto(0x0, 0xe, 0x3ff, 0x19, r4, 0xb) madvise$auto(0xffffffffffff7ffe, 0x2000040080000044, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) io_uring_setup$auto(0x8, 0x0) (async) io_uring_setup$auto(0x8, 0x0) madvise$auto(0x4000, 0xffffffffffff0001, 0x1) ioctl$auto_VHOST_SET_VRING_CALL(r4, 0x4008af21, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv6/conf/veth1_to_batadv/keep_addr_on_down\x00', 0x20a441, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv6/conf/veth1_to_batadv/keep_addr_on_down\x00', 0x20a441, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0xc03, 0x4, 0x8) (async) madvise$auto(0xc03, 0x4, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) 2m51.727343016s ago: executing program 3 (id=432): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/blkio.reset_stats\x00', 0xa801, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x401, 0x8000) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd6/hctx0/tags_bitmap\x00', 0x60000, 0x0) read$auto(r1, 0x0, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x2d, 0x2, 0x8000000000000000, 0x0) r2 = fcntl$auto(0x8000000000000001, 0x26, 0x8) mmap$auto(0x0, 0x2020009, 0x10000000000000a, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r3 = set_tid_address$auto(&(0x7f0000000000)) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) write$auto(r4, 0x0, 0x400000000005) prctl$auto(0x5, 0x5, r3, 0x9ec, 0x7fff) fcntl$auto(r2, 0x27, r3) prctl$auto(0x1000000003b, 0xffffffffffffffff, 0x4, 0x3, 0x7) fcntl$auto(0x8000000000000001, 0x25, 0x8) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/uprobe/perf_event_mux_interval_ms\x00', 0x121102, 0x0) write$auto(r5, 0x0, 0x800000) write$auto(r0, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) 2m36.111630015s ago: executing program 32 (id=432): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/blkio.reset_stats\x00', 0xa801, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x401, 0x8000) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd6/hctx0/tags_bitmap\x00', 0x60000, 0x0) read$auto(r1, 0x0, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x2d, 0x2, 0x8000000000000000, 0x0) r2 = fcntl$auto(0x8000000000000001, 0x26, 0x8) mmap$auto(0x0, 0x2020009, 0x10000000000000a, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r3 = set_tid_address$auto(&(0x7f0000000000)) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) write$auto(r4, 0x0, 0x400000000005) prctl$auto(0x5, 0x5, r3, 0x9ec, 0x7fff) fcntl$auto(r2, 0x27, r3) prctl$auto(0x1000000003b, 0xffffffffffffffff, 0x4, 0x3, 0x7) fcntl$auto(0x8000000000000001, 0x25, 0x8) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/uprobe/perf_event_mux_interval_ms\x00', 0x121102, 0x0) write$auto(r5, 0x0, 0x800000) write$auto(r0, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) 29.915913317s ago: executing program 2 (id=811): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xe8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) ioctl$auto_SG_SET_RESERVED_SIZE2(r3, 0x2275, &(0x7f0000000040)="d93ca7") write$auto(r3, 0x0, 0x1ffd8) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioperm$auto(0x7, 0x6, 0x2) getcpu$auto(0x0, 0x0, 0x0) ioctl$auto_BLKTRACESTART2(r4, 0x1274, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) mprotect$auto(0x110c238000, 0x1, 0x3) madvise$auto(0x110c230000, 0x8031ca, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x2, 0x0) openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/o2hb/live_regions\x00', 0x60000, 0x0) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0001, 0x0) ioctl$auto(0x3, 0xc0104d03, r5) 23.777811513s ago: executing program 2 (id=822): openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, 0x0) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, 0x0, 0x0, 0x33}) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x8000000000040}, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x109401, 0x0) ioctl$auto(r2, 0x540a, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) read$auto_tracing_saved_tgids_fops_trace(r1, &(0x7f00000001c0)=""/96, 0x60) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) madvise$auto(0x2, 0x5c61fa2c, 0xf) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) socket(0xa, 0x801, 0x84) setsockopt$auto(0x400000000000003, 0x29, 0x24, 0x0, 0x40020000) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) mmap$auto(0x0, 0x20004, 0x1ff, 0x800000000eb1, 0x8000000000000024, 0x8000) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x40001, 0x0) 19.551664976s ago: executing program 2 (id=832): unshare$auto(0x40000082) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) preadv$auto(0x40000000000003, 0x0, 0x6, 0x5ff4, 0x1) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty36\x00', 0x400201, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, 0x0, 0x4000040) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) syslog$auto(0x4, 0x0, 0x0) write$auto(0x3, 0x0, 0xfffffdef) rt_sigqueueinfo$auto(0x0, 0x0, &(0x7f00000002c0)={@_si_pad}) shmctl$auto_IPC_INFO(0x7fff, 0x3, &(0x7f0000000380)={{0x8, 0xee01, 0xee01, 0x2, 0x8, 0x9, 0x7}, 0x2, 0x2, 0x5, 0x6, @raw=0x9, @raw=0x3, 0x5, 0x0, &(0x7f00000000c0)="48ea479716865058c97ff975d542877885e94c4ab9d33a2cdfaadaa6d2021dcb2410f9c0a67615a74daee5ba", &(0x7f0000000340)="238a10ef74433616b99a00377b6368d64cdf9d72ab3cbdb56fee44eca564631a7c67c5cd2c5c78ee4e62df957b9de3c27d67c1d1c8a37efd59ca93722dde6602"}) lstat$auto(0x0, &(0x7f0000000180)={0x20000004, 0x10000, 0x280000000000, 0x66, 0x0, r3, 0x0, 0x1002, 0x4, 0x80000008040000a, 0x40000405, 0x7, 0x8, 0xffffffff80000004, 0x800000000000b, 0x6, 0x240000100105}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r4 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) io_setup$auto(0x401, 0x0) 13.324176667s ago: executing program 2 (id=856): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008aeba, 0x0) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80480, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x220000, 0x0) 7.887963808s ago: executing program 2 (id=869): socket(0xa, 0x3, 0x3b) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, 0x0, 0x8a141, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x7d4, 0x1, 0x401bf, 0x7352, 0x3f, 0x1ff, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x5, 0x3000, 0x0, 0x6, 0x10002, 0x80, 0x400, 0x0, 0x7, 0x1ffc, 0x8203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x5, 0x0, [0xffffffffffffffff, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x5, 0x0, 0x4]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20048810}, 0x40000) mmap$auto(0x0, 0x2000b, 0xe2, 0xeb1, 0x405, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xfe, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xebd, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0xfffffffffffffffe, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) gettid() close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(0xffffffffffffffff, 0x805c6103, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) 7.180220229s ago: executing program 4 (id=872): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r2 = ioctl$auto_TUNGETVNETLE2(0xffffffffffffffff, 0x800454dd, &(0x7f0000000040)=0x8) process_madvise$auto_MADV_COLD(r2, &(0x7f0000000180)={&(0x7f0000000080)="6fd4f5fc4a62c2196ec2142f6dece8c4da60da55988fcf413a3221f2931b76d0c01222a11064de187a0f0748c50a892ee8a507ca1a529fb01df36c70042faa767b04198d509a75dd745ef1216a4b6283a4c87621082544079fb9d6556b2c701bc7f00a903a3c0a6e6bb8e7f80faec029cbe705cf19ee38f1d68d7c4848de34a6e86c1720767161e3ae66c01f448ab673d6c8f11c89c8956cb02fef2d05b69f62491736086785a09e88dd883fa5cfb55d18", 0x2}, 0x3, 0x14, 0x2) (async) ioctl$auto(r1, 0x40045431, 0xffffffffffffffff) (async) ioctl$auto_KVM_GET_MSR_FEATURE_INDEX_LIST(r0, 0xc004ae0a, &(0x7f0000000140)={0x3}) 6.625405336s ago: executing program 4 (id=876): setresuid$auto(0x0, 0x7, 0x8080) openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) setfsuid$auto(0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/tty/ttyvd/power/runtime_status\x00', 0x88401, 0x0) sendfile$auto(r0, r0, 0x0, 0x1) 6.236431158s ago: executing program 4 (id=877): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr5/queues/rx-0/rps_cpus\x00', 0x42401, 0x0) write$auto(r0, &(0x7f0000000140)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0xd4d0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) sendto$auto(0x3, 0x0, 0xffeb, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e22, @multicast2}, 0x19) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x11, r1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr5/queues/rx-0/rps_cpus\x00', 0x42401, 0x0) (async) write$auto(r0, &(0x7f0000000140)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0xd4d0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22240, 0x55) (async) socket(0x2, 0x3, 0xa) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) (async) sendto$auto(0x3, 0x0, 0xffeb, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e22, @multicast2}, 0x19) (async) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) (async) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x11, r1, 0x0) (async) 5.772489959s ago: executing program 4 (id=879): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) close_range$auto(r0, r0, 0xaa) socket(0x23, 0x3, 0xff) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000014c0), 0x0, 0x3f) madvise$auto(0x0, 0x2000040080000003, 0xe) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/admmidi2\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x6, 0x10001, 0xe2, 0x16, r0, 0x10000) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) ioctl$auto_XFS_IOC_ATTRMULTI_BY_HANDLE(0xffffffffffffffff, 0x4048587b, &(0x7f00000016c0)={{0xffffffffffffffff, &(0x7f0000000100)="f76a1b2ed706bf0d", 0x940b, &(0x7f00000004c0)="d5f1da6fef3068f0aca6fc981c30c331d22be02beccec46dec9d5e9cb4dbbca06a1e9cced5cd4a66131829a46a9a3a9cfa17f4416ea98e4f5e152d6b65b621738942e1d8e1124d68835665ca3d1a3506dbcfe251692cb0bc5f82377e0d9b733586bf1c90d50d73fd6def148dff7e7d1ab685d76d7bd4380cad43d98fce01ca2511476a521f2df5da45ff0279098f9342f32346c371e10ddbf1045e13a750ce563e9e694c3ea253712c38738a89095fed05d8a21e544d371fdd76cb9c2fb3cc469672370b9b21dd3287a0a5661128b886dad11dcac4ef2bcf6f3bc11eb9d91fd08ec227db8f72ddecc925a31b03ecf228fe2cca14f4d1b89d88a19520b44e044b045361d0efe29c4103ade714fa5f29f6cf7982475d7be9d08e5e752f518f8facdf59aa735a98bba7fccceb1e414c5618a762d5a2b3163b5935e516fdbc0d3ce3350719bec45aa3d3fecca67afa9f795c14b66e8cbeb09606193af903ee44a1a10699a61f1cae0de30c354a4bb5b3a4e31760ccf55eb55465dc5f0912d3057a2090cfb87bb3ce47dcefde32d1799bc56f6ed0213b54ab1a127d6086396313c7ed8937286b9a6d4af9499a704193c9fe59ec7ed67e121154cf47492c368bdc207194ef01782fac9b8a7da00014f0cf7896c799b8b3fc69b6edc0f6a01a285227ef8fd6360764edb96ca6e96b37f82678d428d8975157d04273616351780bdc2245383360e49b2744171e8e6c49c995c57d8c630c141b4727771cc0e942f08060c28fd78dac0e3d936418d892433865ebaec21202562bec9102f5f8eda25e74ca3479cd5e43dc52add3ae5dd01ef527286aba3cc727bb61db6a9121ce567827144f4dee265ebd27a142ad15d31534b27674cde6c593ede11cfa806bd2fe2672540e01b42ea1c2a91c677e060474ad0da2743885102724411da5f21c4998889b0e4eb14fa8024ea1139d69e32ac354991aa3bd6c8991974a29aa7c81197edd06fe8418080fab8c860fc1bf5cd62cb508f6d7f66b5d7c4d67b849ce5730cf15bbf489dd31ebd7e1f144fbecc26fa9aabc951b13d599a8e872c9aa7105fc1287c77db6739224d6f3ab416eacd4eedb826bca281dda51b532d347218ee92b9bfd95db5cefc46ea735f97aaf17c227fb6aa9073a93ada1529c390c03a0daf74b1c58357971eaee92c909d85b289813f18f519dc96143e1521494ef3674437d846cf9722dbd1c0cb60a57a2de177935c9b6a11ee3c8d03683daa6f72fa1224525a4c35e55cd785a202ca98818c66c89144b7d8afb71d656e2b8fe03524d9403c081e9f1d87c5243d582c8141b729997443702f7230420db67b3e4a72cd862e61908f53b203d648ca640a52e36e0c6cccf3182ea16e4e4fd6d61e0ecec21c86faa32302987a6afe6104a9443a7280129aa6ada2b635aff6d3f82fb04c25b72fcd3bd71a91f533b413315336b1245e24690db86206934491037e7477b89b8d90b79b7a2dc5e171e538061ce5ec4c28ffe1c6a752ca2f5a8776a11ece63aa5b8dc504d91989610cab4064055a6b2ec0c11ef72952d5d52083b46620b7d3abf7a111fceb296d5fcc2287d7a58ac0dc5e08d47193276ff90ca3028fe31cebf9f01bb26491664adbb567d44c06d0b100833667e8a90722168d0ce850cbeac7e10b40fe88816b203c9cf1a333465d1b1af1db3f8e7aa53ac144479fe375d32a63c40ef106c4b5145122b7f988e54275542ac771acb7e6a080702f779875c9fafa1b3c5f3418591ecca1386c0177e486af2253c1cb8d4a4610cb7d60b51673a36c47299b1457929ddb20301bbe096996da58636516dd715678cdccdd97e3fdee8945e602496da0a397243f59cbdf7093ae68f05c182ae79d3ca749ba0e81a172c1cf35e13d75ffe0ad4e07f585b55e8d2fd1562860ce3adab6ca9729d78090018b8e91e99b7ef4ba1f077de2ff2a47a290ead55938a98dab3b04e775a51c17a3af7f07c8adcf58e66c3ff72662178e0e681c7fc26cf5050f85b5da8197ecd70aceaff7f83d6c009e30c5662978fe419d41723a69e3925df1347aa212ec7239c45f52da21ff25ad711c821fa8356d93c4a20720aa5b18a2f1a1548af593f8684c87787d11bde2ad43780612223231074661b2bc71070cc8002c321f53ebe1bd096fff5e6be06a9ac21b3508c58d36683accf5cb6d0b33d9c2efd8e6ab4a088c271cf8b9f3f47a8f852cb18820d7eac76beaf602e91a680f0ef1d70b1577da9e42b03563938f1ab361f82b185e5352cc2402d459dc9ee02c25809411f025460174445fae81ff8b60200e7addc88d0e41c45fbff79fa1fd8597feb00aec6776d2e33031a270c3567f7f2d203cfd828af863dc9f50de7ff0997840e3b69835307b2859f5e174ab868e761c20f63e86e257f5db8fceff118041e5beb489cc4a30c1ed84f28427451cffbdcd56f289b87743162268274bb52685968dcf949f9b52599dc4cdc9854bb1638ea70928d70c64b968cfcde055cab504c3c074ee72ee1cf8e841a2a13502622d04ad1dd542aa48fcc80b3b3eecd685a56c0652d4ec3b6060dc0edbf6c231c0482ae597d27f809c8dd041d47a56bbeb1b0ff55c2910a6a1e5b187274536f17386cbb03a430c9d5c614d6504073f20c960d42d759bcd74d706286b2c6f6e34218df755b0bfd0098edcdbcca7c4b56f60d1d8edcb4865bc8afccb0a45b230fd42a11cbc3e19d6cbe80a814c208dba9bbaf3ac1676da4b7f240dca2302709e447fd136c648e94c5d83bdab09b01e5232d6513530a35acdbf26e3e3846d696a6e163a60ed3ca778f691d362d85a4bbcd0c2b83ab2a4dc9795d02ae2853a20d51b0e0cf1d674e606a71950b1ba3490268a50c0e934719ab0b3d37f7818b7b61dc1cb53358936ae67613faa4a5a8c0c94d76063517f4f30b1c4e41d5c2ad56d2e0283f6c1ee260b1a59df3502d32f8641ead4b1e98f609d6677e8d91558bef63849592e8306077e5b51ade8576433a84c33b973a30dcf9e2efe4a55d14cc36fe799cb8b7c19263b2903dd01c31e26997a920de46dd04c5c09d895b5e9d486abb92feee60e8a65fc205073f6e7b10d2edca90c41a2f3b74381b15a2acac6bfc41cd55f1cfbc72ec53dae4b58009e8cef1f8e70a561dad8490e825f07f20aa8420ddd93065fb00e7be7dbf0eb43937c0d1b67f3ae3910f8191eefd97513948adb1f134031e56affa25f128e43f771e608a0c5a4864de58d0d1b372241baa79ba93bad08c6dd1a3aa021a31bd95af7d7a6d79e03a111fa02f2f898332d3f3ceeb351a1c71e20b861c8e93907fa3fb442111254982a848182b5966ca37cf9d09cb4c2034e5358f2b83799db215198d33914b0fd4e1cff07f47a6c784a963a0a1578aabe50be20c0d3123867fb12610c7ba0466d4f2791defe12768964b900af14f8cb4aea38ca05b2cbec965675f7ce4edd57943aeeeb6aa38692c236358e0f063420402fd7f1ed36c3d0de22a79fcecdeef4d636334a6162fc3a14a463b32d0deb13310c780b129ab8528d5f3ad4a9cf5da17ebf6be42af8642872d8cbe59945acfa5e19006a672aced506fa5ac144224576ca06fc485c453b2183204876f9f2744d10a6eb4c96cec96aaee4cd4b6ab5edec120e4df78074f85f48970f5db8614214edd8649e4ea17bf98a7b95f58978ab84145a01c0d595096ec953fa8f69e5173c206199f0f967896cafcd55272e60c33f12d42797da8d78fb6d4a996a509956d67c4083a625b65beb9c2294f0c606aa400b11b23d6ff184d71c75473d3679a9b2ca640105b7da086c55be779c302556d3a00cd3b83a931943d57f6bceb6b47716a0c2cdf4e2d90ed840ba9d99c1a74277d9c3d2d5c17b55b22b33f3f4533ea588b051b25c70ac8bf017167781e9c6888d11157a58577ea480e843491f5b45787d8054cde65a1728c4ac79b07cf2b8125606afbbf421babc803f21b51171083f1ac5e6f2c3771182e96cdb20e6f3d90202cdb608c624dfcd5bc9a6e6c7e3acc3cb8f185dfe060c5cd45023da92c9b57caa088c11858667c06bc30f9f2a806497bed4563f7cb087f42bed1d4b6c656295ecd0b6bf7f8e0682b08ee1780cc2c79c7037e9b141c27abf1c1736959141f760f4ea2d628da928aef41eb951c1ef79584c1719327a9f38eacdef16a50b8f579bfe4ae4f892987d60650fc2a84828e4f76a120365d660723ce46527084f07db757464cdc1d5e96d357722e6e497bf3a51f0d897e4a3b8d3b3cdbd3d950060037512c7d7f3814a93130564c0271696e291d37759ef700b135b4ae75e4b176e38ad1cb87f302899e0b9fb0ad1f7bf7336e85275ee91993ae59b8aa2e6b183ef500d055109316426635b978dd09e5df4defc431f35c12b50dd225aaaf47b9087415e327aeb0c78e67a24dfad1c1963e876bfdab318e678b0554cc7661dc0d35cc5db61c5d0ae9bb1fba9774c3584456ee9bfb683cc03463e576121954c3ce2c2a0b3be7e85e131b6cad9f7b316945e02841c4ecd5ebbb12f2512397fa4bedb4a8b0d7ca628ea180fa897a411d9961ef0a683bc5fd4e5e20a11da003264f9d6a8fc241a4e499b3063e97d9a3f0e9168d85ea1f1b4f863f78c4548d199b7e7aaae598a5d129ac554953dbac032f47adb7a19c63f86d8edab5b430f78c3dc6c574bfdb641d04b122a13146730ba532cf1dbe55f4def766422f198c90aa5987bb966c5aec21658c4631480a7b6bea6db14b284d8bd670355b200a26362adf55288248d6c1d58898e18a9f56e1aadf413c6d60fbede9738d166901f3ed1496d990c2c0accc67a7f0d08236cd57be92b3f41eb8be09148b89415ad44e516527d2c782e70ec7d6c9c8228260ba32ad88c14109f866c32d6cc73e73e13af3a2b8da95e137f3e14daded44218ff90d5390edf3f4fd239e1c2e595aa9ff3c484b16d45fb71868364731f5463e88cc258f1aa71bcae456c6bf3ff8b6dbb12f584d0d4afd35049538c1f27761d102b49579aeb89c72406a5a1765505649d7ffb99e6e80ffa23061801247f6b7618bbb80f4b7c24954c4367d8454611829c4008cc57c2a224dd4159b41bb14c5d80371febe19a202af3b8c68759fafc7d36c84e54f443a74b2837a790855a84904523b7c832d51bf96ab650d3674809893c05405568e90b71ff732c675dd7517b474a0a39a3312d1c33045d42b51c0847fdbef78852aaaf1e91e89131aa8a1cba78f8dc62e6f0cb21571ab3fba33dc7e30558664e2f541cab61edb8e72dd3456a5162e34c4634f191c4d349e13db157949755b6f6f309e22c051b33ffb261715796497b10ca45a2a4e5313d1720765592bb59be67a53e9d346d51f3dae1d5314228950aa89b6532a2677c8820dadad8a5423264c8fc49c6c44221734bca606d150d35241d737cf6f090b6c277e60a616587e2cbea743542dd81705da621e076756c09ea37dae92b7a837f330eac8fa8c8a2c918a9a3c944ce848e15d9122f5f91baf19881596f1f2154ee773e796305dfe3449c7ba49f3c67e720f8311e79721cad9335fab895ead7574ec11bedb1fa53040044afc21efa83d1e1d6739b897f2cc8a575a62f3dcf61a37a960834f03c2d6cec6b8a683988efaeb3281c85314661e873630432431af2ab10cc401fff49e57980343cb9ef412d9c81a9c4604ac98b017cd1a012224bcdb7e5bc8cb846872e9c8b5fdd8de6bdc125d1aea9b3a2ae8b9e5e8486f3b95f3ccad984caa755bc6f55c7cf263644c34621959152ffbf2cf194d307adc7db8906a68c134631600b0d1", 0x57, &(0x7f0000000200), &(0x7f0000000140)}, 0x4, &(0x7f0000000180)={0x6, 0x6, 0x0, &(0x7f00000015c0)="c75f2c253a2cd900f8ec0ce7c52718b5fce29b1a77da853c918f7ddc60089848e689963c5dd80593d8bfc1a149e30a518d6ab58059d137161c8150c6946e375dc11c47e9174239c06685acd76086d6fd84f855b6cbfaf34621a22f4584c516c4742f26dec82f356705748b6b803f652831ddd6e174718eef6f6030fc1e6c3d0a1e7d2399e1675cdf4ac656319b33fe709edd2553128ebfc2cf377cf73ee67341c3ed1642ca661706ae8ee843f585dfeee5a686b883827a5aa4b6ee528d7e17013d346554e95c9407ee3953ec989af07a55a005cc1f3067cf87672885ead9ea769f7a84572cc2b4eb864e8c12e142f6c2014792cbb5d1", 0x3, 0x4}}) write$auto(r1, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92\x90|l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00'/507, 0x1098c7) r2 = getsockopt$auto(0xffffffffffffffff, 0x0, 0x1, 0xfffffffffffffffc, 0x0) mmap$auto(0x7, 0x580f, 0x6, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x4) mmap$auto(0x1, 0x400008, 0xdf, 0x200000000009b72, 0x2, 0x6ed7d94a) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r3, 0x0, 0x39b8) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) write$auto(0x1, 0x0, 0x80000000) write$auto(r2, 0x0, 0x100000abd9) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) 5.056899249s ago: executing program 0 (id=880): r0 = openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) read$auto_gpiolib_fops_(r0, &(0x7f0000000100)=""/44, 0x2c) 4.861032868s ago: executing program 0 (id=881): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket(0x10, 0x6, 0x1) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@isdn={0x22, 0x20, 0x6d, 0x40, 0x5}, 0x58) mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x144000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x48a22, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0xa, 0x2, 0x73) sendto$auto(r1, 0x0, 0x4, 0xfffffffe, &(0x7f0000000000)=@generic={0xa, "e208004002de00"}, 0x1c) socketpair$auto(0x7, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon5\x00', 0x101040, 0x0) ioctl$auto_MON_IOCH_MFLUSH(r2, 0x9208, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000100), 0x6af82, 0x0) mmap$auto(0xffffffffffffffff, 0x4, 0x4000000000df, 0x40eb1, r0, 0x300000000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) ioperm$auto(0x7, 0x5ad2, 0x8) r3 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) ioctl$auto_LOOP_CTL_REMOVE(r3, 0x4c81, 0x0) select$auto(0x100000e, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x20000003, 0x3, 0x62, 0x7ff, 0x3, 0x6d41, 0x9, 0x25, 0x4]}, 0x0) 3.744504553s ago: executing program 1 (id=883): prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) r0 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/trace\x00', 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x3) r1 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000900)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x1, 0x0) writev$auto(r1, &(0x7f0000000bc0)={0x0, 0x81}, 0x3) madvise$auto(0x0, 0x2000040080000004, 0xe) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/controlC0\x00', 0x8600, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x9, 0xffffffffffffffff, 0x0, 0x14, r0, 0x2) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty39\x00', 0x802, 0x0) r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) readv$auto(r2, &(0x7f0000000040)={&(0x7f0000000240)="65fc35c50cc62fd574bd01e61e7effe315c4d2baf7434b7e910384a4aefce149f88d9f0f10fe542288393837dcea70e2c7daa9ea46518ff82426d18b93701e58df3a3358ed1f9d8a9046946cd71a1822ae531d6472439b1729b7bdd93d76aa7a106c1e9531b50883d08182f32b7c685816e1825aeb380c70e8f7368381b8d760b9feba8888a20d3a4116097a9e16334d17b02dd10b81e5a005cbc87b4b40d0", 0x81}, 0x101) ioctl$auto(r4, 0x80085610, r5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) pread64$auto(r6, 0x0, 0x40000000f42c, 0x80002) madvise$auto(0x7, 0xfffff7ffffff0003, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40007, 0x1000000005, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) madvise$auto(0x110c234000, 0x1, 0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x23, 0xa, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) 3.715201954s ago: executing program 4 (id=884): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000300)="6cc0dbd6c89e0d7e1493aa7e8ad8d43e095a24b914e02c22324a7f7d0940aace23781e3e8402360ea51aa06db919e834fb596fd8f99377ef375c7ac7e6f7b5cf099fb23d22e8652abd97d733303e76bacb7e020f944d98d0449454b28fe94def43f7d8399a6acffa7b8ca59dc10e6072780964e1b148f9c089d20b140071dfa429b10f65debd9e7f693b86640e75364a") move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = getpgid(0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0x7, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) write$auto(r1, 0x0, 0x300001000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty60\x00', 0x42880, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000280)={0x0, 0x1270}, 0x1, 0x0, 0x0, 0x40800}, 0x400d4) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_tw_reuse\x00', 0x80400, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfsd.export/channel\x00', 0x8f3b7a51b8162d21, 0x0) read$auto(r2, 0x0, 0x1ff) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x2) write$auto(0x3, 0x0, 0x7) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r0, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={r0, 0x0, 0x401, 0x5, 0x3}}}) socket(0x25, 0x5, 0x0) write$auto(0x3, 0x0, 0xfdef) r3 = socket(0x11, 0x3, 0x2) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x8, 0x1, 0x13, 0x3, 0x120000000) getsockopt$auto(r3, 0x107, 0xc, 0x0, 0x0) syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff) open(&(0x7f0000000040)='./file0\x00', 0x2000, 0x40) 3.592170932s ago: executing program 0 (id=885): socket(0xa, 0x3, 0x3b) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, 0x0, 0x8a141, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x7d4, 0x1, 0x401bf, 0x7352, 0x3f, 0x1ff, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x5, 0x3000, 0x0, 0x6, 0x10002, 0x80, 0x400, 0x0, 0x7, 0x1ffc, 0x8203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x5, 0x0, [0xffffffffffffffff, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x5, 0x0, 0x4]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20048810}, 0x40000) mmap$auto(0x0, 0x2000b, 0xe2, 0xeb1, 0x405, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xebd, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0xfffffffffffffffe, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) gettid() close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(0xffffffffffffffff, 0x805c6103, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) 2.731231192s ago: executing program 1 (id=886): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22240, 0x155) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) (async) setregid$auto(0xffffffffffffffff, 0xfffe) (async, rerun: 32) setresgid$auto(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 32) write$auto(0x3, 0x0, 0xfffffdef) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) pipe$auto(0x0) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000000), r0) (async) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyrd\x00', 0x4000, 0x0) read$auto(r3, 0x0, 0x42) (async, rerun: 32) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (rerun: 32) socket(0xa, 0x3, 0x3b) (async) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) fcntl$auto_F_GETOWN(r1, 0x9, 0x8) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) sendfile$auto(0x1, 0x3, 0x0, 0xc01) (rerun: 32) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/018/001\x00', 0x802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000040)={0x23, 0x1, 0x2, 0xc, 0x0, 0x7fb, 0x0}) mmap$auto(0x0, 0x38, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) 2.67155469s ago: executing program 0 (id=887): socket(0xa, 0x3, 0x3b) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/swaps\x00', 0x40000, 0x0) poll$auto(&(0x7f0000000040)={r0, 0x7ff, 0x200}, 0x100, 0x6) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, 0x0, 0x8a141, 0x0) socket(0x2, 0x2, 0x0) r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x7d4, 0x1, 0x401bf, 0x7352, 0x3f, 0x1ff, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x5, 0x3000, 0x0, 0x6, 0x10002, 0x80, 0x400, 0x0, 0x7, 0x1ffc, 0x8203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x5, 0x0, [0xffffffffffffffff, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x5, 0x0, 0x4]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20048810}, 0x40000) mmap$auto(0x0, 0x2000b, 0xe2, 0xeb1, 0x405, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe97f, 0xe1, 0x19, 0x401, 0x8010) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) semget$auto(0x5, 0x400, 0x5) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0xfffffffffffffffe, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_FIOQSIZE(r1, 0x5460, 0x9) gettid() close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(0xffffffffffffffff, 0x805c6103, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xffffffffffffffff, 0x3) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) 1.654597991s ago: executing program 1 (id=888): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, r0, 0x6) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) keyctl$auto_KEYCTL_DH_COMPUTE(0x17, 0x8, 0x1, 0x8000, 0x8) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000) mmap$auto(0x0, 0x20009, 0x4001000000df, 0xeb1, 0x401, 0x8000) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x60800, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, 0x0) openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0) socket(0x8, 0x80000, 0x107) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 1.649473654s ago: executing program 0 (id=896): socket(0xa, 0x3, 0x3b) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, 0x0, 0x8a141, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x7d4, 0x1, 0x401bf, 0x7352, 0x3f, 0x1ff, 0x1ffde, 0x7, 0x2, 0x4, 0x9, 0x3, 0x5, 0x5, 0x3000, 0x0, 0x6, 0x10002, 0x80, 0x400, 0x0, 0x7, 0x1ffc, 0x8203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x5, 0x0, [0xffffffffffffffff, 0x0, 0x0, 0x1000000000000000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x5, 0x0, 0x4]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20048810}, 0x40000) mmap$auto(0x0, 0x2000b, 0xe2, 0xeb1, 0x405, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xebd, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0xfffffffffffffffe, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) gettid() close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(0xffffffffffffffff, 0x805c6103, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) 1.586722446s ago: executing program 2 (id=889): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x93, 0xeb1, r0, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0xdb2, 0x20009, 0xfff, 0xebe, r0, 0x70) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) sendfile$auto(r4, r5, 0x0, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0) sendfile$auto(r6, r6, 0x0, 0x3) mseal$auto(0xb, 0x5, 0x7fffffffffffffff) ioctl$auto(0x3, 0xae41, r3) mmap$auto(0x4, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) prctl$auto(0x49, 0x1, 0x0, 0x1, 0x1) 705.303686ms ago: executing program 0 (id=890): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0xf000, 0x8000000000000001, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x1, 0xffffffffffff0001, 0x16) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = socketpair$auto(0x1e, 0x5, 0x4000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810008, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r3, &(0x7f0000000040)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x4008080) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r2, 0x0, &(0x7f0000000000), 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) 617.385614ms ago: executing program 1 (id=891): r0 = openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) read$auto_gpiolib_fops_(r0, &(0x7f0000000100)=""/44, 0x2c) 370.63863ms ago: executing program 1 (id=892): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x3ff, 0x2, 0x9, 0x10001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x8], {0x9, 0x4, 0x8, 0x0, 0x420, 0x1001, 0x3fdc, 0x3, 0x5}, {0xa, 0x140, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0x100000001}}) close_range$auto(0x2, 0x8, 0x0) ioctl$auto___SNDRV_PCM_IOCTL_SYNC_PTR32(r0, 0xc0844123, &(0x7f0000000300)={0x7ff, @reserved="547d9c008d3eb5354a14dcd71542257712dd0886c6fc1d4dd66215c53cca0ddc27f9f980cd8fe912c66f964b5c7d330d21005f856d242b53d326f648c3239005", @reserved="10caa9e736edc515952b37bbfdc1ba3bfdc3ed6d1cf969cd5f9e748fb5275eccfb288987e6936fd082eb8c2ac340c3b2558c725e2170fb5362ba1477826143fd"}) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 24.798803ms ago: executing program 4 (id=893): r0 = openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0) read$auto_gpiolib_fops_(r0, &(0x7f0000000100)=""/44, 0x2c) (fail_nth: 2) 0s ago: executing program 1 (id=894): mmap$auto(0x4, 0x20009, 0x4000000000df, 0x200000000eb1, 0x401, 0x8000) keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803) mmap$auto(0x0, 0x20009, 0x8, 0x19, 0x401, 0xfffffffffffffffd) socket(0x10, 0x2, 0x4) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x52141, 0x0) socket(0x1b, 0x3, 0x76) madvise$auto(0x0, 0x2000040080000003, 0xe) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) setsockopt$auto(0x3, 0x10000000084, 0x20020, 0x0, 0x4) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x20, r1, 0x9, 0x70bd27, 0x25dfdbfb, {}, [@NET_SHAPER_A_IFINDEX={0x8, 0x8, r3}, @NET_SHAPER_A_HANDLE={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x44000}, 0xc050) r4 = waitid$auto_P_PGID(0x2, 0x0, &(0x7f00000001c0)={@_si_pad}, 0x9, &(0x7f0000000380)={{0x2, 0x5}, {0xfff, 0xd80}, 0x5, 0x18a, 0x0, 0x8, 0x51a9, 0x0, 0x2, 0xed, 0x0, 0x9, 0xe7, 0x80000001, 0x3, 0x27}) prctl$auto(0x3539, 0x1, r4, 0x1, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x801, 0x106) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/reset\x00', 0x82, 0x0) mmap$auto(0x10000, 0xe984, 0x3, 0x1000000eb5, 0xffffffffffffffff, 0x8001) r5 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002240)='/dev/cec8\x00', 0x1a9202, 0x0) ioctl$auto_CEC_DQEVENT(r5, 0xc0506107, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0xffffffff) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev1\x00', 0x20000, 0x0) kernel console output (not intermixed with test programs): pi_ps_alloc_op+0x25f/0x310 [ 107.549342][ T6221] acpi_ps_alloc_op+0x25f/0x310 [ 107.549380][ T6221] acpi_ps_get_next_namepath+0x4b6/0x730 [ 107.549416][ T6221] ? __pfx_acpi_ps_get_next_namepath+0x10/0x10 [ 107.549454][ T6221] ? acpi_ut_push_generic_state+0x13/0x70 [ 107.549493][ T6221] acpi_ps_parse_loop+0x937/0x1d00 [ 107.549538][ T6221] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 107.549569][ T6221] ? trace_kmem_cache_alloc+0x28/0xc0 [ 107.549631][ T6221] acpi_ps_parse_aml+0x3c1/0xcb0 [ 107.549674][ T6221] acpi_ps_execute_method+0x55a/0xb30 [ 107.549715][ T6221] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 107.549746][ T6221] acpi_ns_evaluate+0x76c/0xca0 [ 107.549774][ T6221] ? kasan_save_track+0x14/0x30 [ 107.549807][ T6221] acpi_evaluate_object+0x1fa/0xa90 [ 107.549842][ T6221] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.549872][ T6221] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 107.549906][ T6221] ? __mutex_trylock_common+0xe9/0x250 [ 107.549948][ T6221] acpi_evaluate_integer+0xdd/0x200 [ 107.549979][ T6221] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 107.550024][ T6221] ? __pfx_status_show+0x10/0x10 [ 107.550054][ T6221] status_show+0xa0/0x120 [ 107.550086][ T6221] ? __pfx_status_show+0x10/0x10 [ 107.550128][ T6221] dev_attr_show+0x53/0xe0 [ 107.550155][ T6221] ? __pfx_dev_attr_show+0x10/0x10 [ 107.550179][ T6221] sysfs_kf_seq_show+0x216/0x3e0 [ 107.550216][ T6221] seq_read_iter+0x509/0x12c0 [ 107.550257][ T6221] kernfs_fop_read_iter+0x46c/0x610 [ 107.550282][ T6221] ? rw_verify_area+0xcf/0x6c0 [ 107.550313][ T6221] vfs_read+0x8bc/0xcf0 [ 107.550346][ T6221] ? __pfx___mutex_lock+0x10/0x10 [ 107.550367][ T6221] ? __pfx_vfs_read+0x10/0x10 [ 107.550418][ T6221] ksys_read+0x12a/0x250 [ 107.550446][ T6221] ? __pfx_ksys_read+0x10/0x10 [ 107.550485][ T6221] do_syscall_64+0xcd/0x4c0 [ 107.550512][ T6221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.550538][ T6221] RIP: 0033:0x7efcba38eec9 [ 107.550559][ T6221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.550583][ T6221] RSP: 002b:00007efcbb20d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 107.550616][ T6221] RAX: ffffffffffffffda RBX: 00007efcba5e5fa0 RCX: 00007efcba38eec9 [ 107.550634][ T6221] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004 [ 107.550649][ T6221] RBP: 00007efcba411f91 R08: 0000000000000000 R09: 0000000000000000 [ 107.550665][ T6221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 107.550681][ T6221] R13: 00007efcba5e6038 R14: 00007efcba5e5fa0 R15: 00007ffcb3f84038 [ 107.550718][ T6221] [ 107.550764][ T6221] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250404/psparse-529) [ 112.535503][ T6264] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 112.669754][ T6283] Process accounting resumed [ 113.842482][ T6290] netlink: 4 bytes leftover after parsing attributes in process `syz.3.65'. [ 115.321704][ T6329] capability: warning: `syz.0.77' uses 32-bit capabilities (legacy support in use) [ 115.693992][ T6338] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 117.741756][ T6378] cougar: G6 mapped to space [ 119.419194][ T6408] usb usb37: usbfs: process 6408 (syz.2.94) did not claim interface 0 before use [ 120.151064][ T6426] FAULT_INJECTION: forcing a failure. [ 120.151064][ T6426] name failslab, interval 1, probability 0, space 0, times 0 [ 120.193355][ T6426] CPU: 0 UID: 0 PID: 6426 Comm: syz.2.99 Not tainted syzkaller #0 PREEMPT(full) [ 120.193391][ T6426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 120.193405][ T6426] Call Trace: [ 120.193413][ T6426] [ 120.193423][ T6426] dump_stack_lvl+0x16c/0x1f0 [ 120.193470][ T6426] should_fail_ex+0x512/0x640 [ 120.193508][ T6426] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 120.193543][ T6426] should_failslab+0xc2/0x120 [ 120.193578][ T6426] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 120.193611][ T6426] ? mpol_new+0x11b/0x2d0 [ 120.193646][ T6426] mpol_new+0x11b/0x2d0 [ 120.193679][ T6426] do_set_mempolicy+0x83/0x480 [ 120.193720][ T6426] ? __pfx_do_set_mempolicy+0x10/0x10 [ 120.193757][ T6426] ? __x64_sys_futex+0x1e0/0x4c0 [ 120.193796][ T6426] kernel_set_mempolicy+0x1c4/0x1e0 [ 120.193839][ T6426] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 120.193884][ T6426] do_syscall_64+0xcd/0x4c0 [ 120.193910][ T6426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.193936][ T6426] RIP: 0033:0x7fd88958eec9 [ 120.193957][ T6426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.193982][ T6426] RSP: 002b:00007fd88a449038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ee [ 120.194006][ T6426] RAX: ffffffffffffffda RBX: 00007fd8897e6090 RCX: 00007fd88958eec9 [ 120.194023][ T6426] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000004 [ 120.194039][ T6426] RBP: 00007fd889611f91 R08: 0000000000000000 R09: 0000000000000000 [ 120.194055][ T6426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 120.194070][ T6426] R13: 00007fd8897e6128 R14: 00007fd8897e6090 R15: 00007ffdf95d3e38 [ 120.194106][ T6426] [ 122.245915][ T6437] netlink: 'syz.1.100': attribute type 1 has an invalid length. [ 123.043156][ T6486] netlink: 342 bytes leftover after parsing attributes in process `syz.3.111'. [ 123.125239][ T6486] netlink: 342 bytes leftover after parsing attributes in process `syz.3.111'. [ 123.227341][ T6486] netlink: 342 bytes leftover after parsing attributes in process `syz.3.111'. [ 123.332669][ T6486] netlink: 342 bytes leftover after parsing attributes in process `syz.3.111'. [ 123.393514][ T6486] netlink: 342 bytes leftover after parsing attributes in process `syz.3.111'. [ 123.831910][ T6512] netlink: 28 bytes leftover after parsing attributes in process `syz.1.114'. [ 123.841961][ T6512] ipvlan0: entered promiscuous mode [ 123.847164][ T6512] ipvlan0: entered allmulticast mode [ 123.858602][ T6512] veth0_vlan: entered allmulticast mode [ 124.560950][ T6520] nbd: must specify a size in bytes for the device [ 126.259036][ T30] audit: type=1800 audit(4294967301.700:2): pid=6574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.122" name="features" dev="configfs" ino=10576 res=0 errno=0 [ 127.643011][ T6049] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 129.627480][ T6617] vivid-007: ================= START STATUS ================= [ 129.655398][ T6617] vivid-007: Generate PTS: true [ 129.674695][ T6617] vivid-007: Generate SCR: true [ 129.680562][ T6617] tpg source WxH: 320x240 (Y'CbCr) [ 129.728872][ T6617] tpg field: 1 [ 129.769041][ T6617] tpg crop: (0,0)/320x240 [ 129.773398][ T6617] tpg compose: (0,0)/320x240 [ 129.780794][ T6617] tpg colorspace: 8 [ 129.784647][ T6617] tpg transfer function: 0/0 [ 129.789479][ T6617] tpg Y'CbCr encoding: 0/0 [ 129.793917][ T6617] tpg quantization: 0/0 [ 129.798094][ T6617] tpg RGB range: 0/2 [ 129.802069][ T6617] vivid-007: ================== END STATUS ================== [ 129.929681][ T6617] can: request_module (can-proto-3) failed. [ 132.141919][ T6648] zswap: compressor not available [ 132.935830][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.947483][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.257165][ T6670] netlink: 20 bytes leftover after parsing attributes in process `syz.1.138'. [ 134.969760][ T6689] vivid-007: ================= START STATUS ================= [ 135.020709][ T6689] vivid-007: Generate PTS: true [ 135.072177][ T6689] vivid-007: Generate SCR: true [ 135.123220][ T6689] tpg source WxH: 320x240 (Y'CbCr) [ 135.128692][ T6689] tpg field: 1 [ 135.132201][ T6689] tpg crop: (0,0)/320x240 [ 135.178401][ T6689] tpg compose: (0,0)/320x240 [ 135.185601][ T6689] tpg colorspace: 8 [ 135.236704][ T6689] tpg transfer function: 0/0 [ 135.241429][ T6689] tpg Y'CbCr encoding: 0/0 [ 135.245855][ T6689] tpg quantization: 0/0 [ 135.250598][ T6689] tpg RGB range: 0/2 [ 135.265938][ T6689] vivid-007: ================== END STATUS ================== [ 135.989851][ T6689] can: request_module (can-proto-3) failed. [ 136.576381][ T6032] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 138.001790][ T6739] i2c i2c-0: delete_device: Can't find device in list [ 138.381146][ T6748] ima: policy update failed [ 138.408986][ T30] audit: type=1802 audit(4294967313.870:3): pid=6748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.155" res=0 errno=0 [ 138.857209][ T6753] vivid-007: ================= START STATUS ================= [ 138.884157][ T6753] vivid-007: Generate PTS: true [ 138.917489][ T6753] vivid-007: Generate SCR: true [ 138.925994][ T6753] tpg source WxH: 320x240 (Y'CbCr) [ 139.025947][ T6753] tpg field: 1 [ 139.038299][ T6753] tpg crop: (0,0)/320x240 [ 139.054874][ T6767] kAFS: Invalid Command on /proc/fs/afs/cells file [ 139.072286][ T6753] tpg compose: (0,0)/320x240 [ 139.076896][ T6753] tpg colorspace: 8 [ 139.101814][ T6753] tpg transfer function: 0/0 [ 139.112729][ T6753] tpg Y'CbCr encoding: 0/0 [ 139.120838][ T6753] tpg quantization: 0/0 [ 139.128229][ T6753] tpg RGB range: 0/2 [ 139.132272][ T6753] vivid-007: ================== END STATUS ================== [ 139.375302][ T6753] can: request_module (can-proto-3) failed. [ 141.519341][ T6791] Invalid ELF header magic: != ELF [ 141.552791][ T6782] bond0: option arp_interval: invalid value () [ 141.600317][ T6782] bond0: option arp_interval: allowed values 0 - 2147483647 [ 142.090701][ T6800] netlink: set zone limit has 8 unknown bytes [ 142.453583][ T6801] netlink: set zone limit has 8 unknown bytes [ 144.918378][ T6853] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 145.529733][ T6862] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 149.134817][ T6889] netlink: 268 bytes leftover after parsing attributes in process `syz.0.177'. [ 151.121474][ T6889] syz.0.177 (6889) used greatest stack depth: 19752 bytes left [ 152.406389][ T6927] netlink: 16 bytes leftover after parsing attributes in process `syz.0.181'. [ 152.614558][ T6928] netlink: 93 bytes leftover after parsing attributes in process `syz.0.181'. [ 153.310281][ T6928] kfence: disabled [ 153.959206][ T6940] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 156.780028][ T7021] netlink: 4 bytes leftover after parsing attributes in process `syz.3.195'. [ 156.970191][ T7028] random: crng reseeded on system resumption [ 158.839287][ T7051] netlink: 28 bytes leftover after parsing attributes in process `syz.0.199'. [ 160.301549][ T7079] syz.3.208 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 161.658401][ T7106] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 161.954261][ T7113] snd_virmidi snd_virmidi.0: control 61678:131081:32767:y>o[k<:1 is already present [ 162.316709][ T7109] netlink: 12 bytes leftover after parsing attributes in process `syz.1.213'. [ 163.615757][ T7146] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 164.244752][ T7159] Invalid ELF header magic: != ELF [ 164.416816][ T7164] __vm_enough_memory: pid: 7164, comm: syz.0.223, bytes: 4398046511104 not enough memory for the allocation [ 166.356741][ T6746] syz.0.154 (6746) used greatest stack depth: 17544 bytes left [ 166.656012][ T7193] mmap: syz.0.228 (7193) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 169.859279][ T7227] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 172.654380][ T7274] binder: 7273:7274 ioctl c018620c 0 returned -14 [ 172.922749][ T7276] netlink: 16 bytes leftover after parsing attributes in process `syz.2.245'. [ 172.997181][ T7279] program syz.0.247 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 173.575662][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 173.582000][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 173.593707][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 173.600082][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 173.689435][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 173.695716][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 173.705407][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 173.715757][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 177.934208][ T7339] HfR: entered promiscuous mode [ 184.441951][ T7422] blktrace: Concurrent blktraces are not allowed on ram7 [ 191.149019][ T7495] syz.0.282 uses obsolete (PF_INET,SOCK_PACKET) [ 191.328227][ T7493] process 'syz.2.283' launched ':,' with NULL argv: empty string added [ 191.547052][ T7493] FAULT_INJECTION: forcing a failure. [ 191.547052][ T7493] name failslab, interval 1, probability 0, space 0, times 0 [ 191.606957][ T7493] CPU: 0 UID: 0 PID: 7493 Comm: syz.2.283 Not tainted syzkaller #0 PREEMPT(full) [ 191.606980][ T7493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 191.606993][ T7493] Call Trace: [ 191.606999][ T7493] [ 191.607005][ T7493] dump_stack_lvl+0x16c/0x1f0 [ 191.607046][ T7493] should_fail_ex+0x512/0x640 [ 191.607083][ T7493] ? fs_reclaim_acquire+0xae/0x150 [ 191.607107][ T7493] ? tomoyo_supervisor+0x45b/0x13b0 [ 191.607120][ T7493] should_failslab+0xc2/0x120 [ 191.607140][ T7493] __kmalloc_noprof+0xd2/0x510 [ 191.607156][ T7493] ? tomoyo_profile+0x47/0x60 [ 191.607172][ T7493] tomoyo_supervisor+0x45b/0x13b0 [ 191.607195][ T7493] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 191.607222][ T7493] ? tomoyo_check_path_acl+0xad/0x210 [ 191.607241][ T7493] ? tomoyo_check_acl+0x1f7/0x410 [ 191.607259][ T7493] tomoyo_path_permission+0x270/0x3b0 [ 191.607279][ T7493] tomoyo_check_open_permission+0x37b/0x3c0 [ 191.607297][ T7493] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 191.607334][ T7493] ? do_raw_spin_lock+0x12c/0x2b0 [ 191.607361][ T7493] tomoyo_file_open+0x6b/0x90 [ 191.607376][ T7493] security_file_open+0x84/0x1e0 [ 191.607395][ T7493] do_dentry_open+0x596/0x1530 [ 191.607419][ T7493] vfs_open+0x82/0x3f0 [ 191.607444][ T7493] path_openat+0x1de4/0x2cb0 [ 191.607468][ T7493] ? __pfx_path_openat+0x10/0x10 [ 191.607490][ T7493] do_filp_open+0x20b/0x470 [ 191.607507][ T7493] ? __pfx_do_filp_open+0x10/0x10 [ 191.607537][ T7493] ? alloc_fd+0x471/0x7d0 [ 191.607557][ T7493] do_sys_openat2+0x11b/0x1d0 [ 191.607579][ T7493] ? __pfx_do_sys_openat2+0x10/0x10 [ 191.607607][ T7493] __x64_sys_openat+0x174/0x210 [ 191.607620][ T7493] ? __pfx___x64_sys_openat+0x10/0x10 [ 191.607640][ T7493] do_syscall_64+0xcd/0x4c0 [ 191.607654][ T7493] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.607669][ T7493] RIP: 0033:0x7fd88958eec9 [ 191.607681][ T7493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.607696][ T7493] RSP: 002b:00007fd88a46a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 191.607709][ T7493] RAX: ffffffffffffffda RBX: 00007fd8897e5fa0 RCX: 00007fd88958eec9 [ 191.607718][ T7493] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 191.607727][ T7493] RBP: 00007fd889611f91 R08: 0000000000000000 R09: 0000000000000000 [ 191.607735][ T7493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.607744][ T7493] R13: 00007fd8897e6038 R14: 00007fd8897e5fa0 R15: 00007ffdf95d3e38 [ 191.607762][ T7493] [ 193.192239][ T7511] blktrace: Concurrent blktraces are not allowed on ram7 [ 193.390699][ T30] audit: type=1800 audit(4294967368.860:4): pid=7519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=13976 res=0 errno=0 [ 194.379942][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.386579][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.661167][ T7552] HfR: entered promiscuous mode [ 201.569970][ T7625] ima: policy update failed [ 201.598968][ T30] audit: type=1802 audit(4294967377.040:5): pid=7625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.308" res=0 errno=0 [ 202.781885][ T7630] Invalid ELF header magic: != ELF [ 203.570676][ T7643] netlink: 28 bytes leftover after parsing attributes in process `syz.2.313'. [ 204.730278][ T7654] blktrace: Concurrent blktraces are not allowed on ram7 [ 206.693115][ T7657] Bluetooth: hci3: command 0x0406 tx timeout [ 206.699425][ T7657] Bluetooth: hci0: command 0x0406 tx timeout [ 206.705416][ T7657] Bluetooth: hci1: command 0x0406 tx timeout [ 206.711772][ T7657] Bluetooth: hci2: command 0x0406 tx timeout [ 209.029968][ T7699] netlink: 12 bytes leftover after parsing attributes in process `syz.2.327'. [ 214.783432][ T7753] ptrace attach of "./syz-executor exec"[7754] was attempted by "./syz-executor exec"[7753] [ 216.058467][ T30] audit: type=1800 audit(4294967391.520:6): pid=7780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=15525 res=0 errno=0 [ 224.719419][ T7878] netlink: 8 bytes leftover after parsing attributes in process `syz.2.345'. [ 226.020003][ T7885] FAULT_INJECTION: forcing a failure. [ 226.020003][ T7885] name fail_futex, interval 1, probability 0, space 0, times 0 [ 226.089230][ T7885] CPU: 1 UID: 0 PID: 7885 Comm: syz.0.347 Not tainted syzkaller #0 PREEMPT(full) [ 226.089264][ T7885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 226.089278][ T7885] Call Trace: [ 226.089286][ T7885] [ 226.089295][ T7885] dump_stack_lvl+0x16c/0x1f0 [ 226.089338][ T7885] should_fail_ex+0x512/0x640 [ 226.089382][ T7885] get_futex_key+0x1d0/0x1560 [ 226.089417][ T7885] ? __pfx_get_futex_key+0x10/0x10 [ 226.089446][ T7885] ? futex_private_hash_put+0x176/0x300 [ 226.089485][ T7885] futex_wake+0xea/0x530 [ 226.089516][ T7885] ? futex_wait+0x120/0x380 [ 226.089551][ T7885] ? __pfx_futex_wait+0x10/0x10 [ 226.089586][ T7885] ? __pfx_futex_wake+0x10/0x10 [ 226.089621][ T7885] ? __lock_acquire+0x62e/0x1ce0 [ 226.089659][ T7885] do_futex+0x1e3/0x350 [ 226.089691][ T7885] ? __pfx_do_futex+0x10/0x10 [ 226.089722][ T7885] ? find_held_lock+0x2b/0x80 [ 226.089750][ T7885] __x64_sys_futex+0x1e0/0x4c0 [ 226.089784][ T7885] ? __fget_files+0x20e/0x3c0 [ 226.089811][ T7885] ? __pfx___x64_sys_futex+0x10/0x10 [ 226.089845][ T7885] ? fdget+0x187/0x210 [ 226.089875][ T7885] do_syscall_64+0xcd/0x4c0 [ 226.089899][ T7885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.089925][ T7885] RIP: 0033:0x7fc7d358eec9 [ 226.089946][ T7885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 226.089969][ T7885] RSP: 002b:00007fc7d44e20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 226.089992][ T7885] RAX: ffffffffffffffda RBX: 00007fc7d37e5fa8 RCX: 00007fc7d358eec9 [ 226.090009][ T7885] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc7d37e5fac [ 226.090025][ T7885] RBP: 00007fc7d37e5fa0 R08: 00007fc7d44e3000 R09: 0000000000000000 [ 226.090041][ T7885] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 226.090057][ T7885] R13: 00007fc7d37e6038 R14: 00007ffebaaf6060 R15: 00007ffebaaf6148 [ 226.090091][ T7885] [ 226.530484][ T7885] synth uevent: /module/l2tp_ip6: unknown uevent action string [ 227.002548][ T7898] Console: switching to colour VGA+ 80x25 [ 227.003297][ T7892] FAULT_INJECTION: forcing a failure. [ 227.003297][ T7892] name fail_futex, interval 1, probability 0, space 0, times 0 [ 227.222342][ T7892] CPU: 0 UID: 0 PID: 7892 Comm: syz.0.347 Not tainted syzkaller #0 PREEMPT(full) [ 227.222373][ T7892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 227.222381][ T7892] Call Trace: [ 227.222387][ T7892] [ 227.222392][ T7892] dump_stack_lvl+0x16c/0x1f0 [ 227.222419][ T7892] should_fail_ex+0x512/0x640 [ 227.222444][ T7892] get_futex_key+0x293/0x1560 [ 227.222464][ T7892] ? __pfx_get_futex_key+0x10/0x10 [ 227.222480][ T7892] ? __mutex_trylock_common+0xe9/0x250 [ 227.222504][ T7892] futex_wake+0xea/0x530 [ 227.222526][ T7892] ? __pfx_futex_wake+0x10/0x10 [ 227.222554][ T7892] do_futex+0x1e3/0x350 [ 227.222572][ T7892] ? __pfx_do_futex+0x10/0x10 [ 227.222588][ T7892] ? __might_fault+0xe3/0x190 [ 227.222610][ T7892] mm_release+0x24e/0x300 [ 227.222627][ T7892] do_exit+0x68e/0x2bf0 [ 227.222650][ T7892] ? __pfx_do_exit+0x10/0x10 [ 227.222669][ T7892] ? do_raw_spin_lock+0x12c/0x2b0 [ 227.222690][ T7892] ? find_held_lock+0x2b/0x80 [ 227.222706][ T7892] do_group_exit+0xd3/0x2a0 [ 227.222727][ T7892] get_signal+0x2673/0x26d0 [ 227.222746][ T7892] ? __lock_acquire+0x62e/0x1ce0 [ 227.222766][ T7892] ? __pfx_get_signal+0x10/0x10 [ 227.222782][ T7892] ? do_futex+0x122/0x350 [ 227.222799][ T7892] ? __pfx_do_futex+0x10/0x10 [ 227.222818][ T7892] arch_do_signal_or_restart+0x8f/0x790 [ 227.222838][ T7892] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 227.222861][ T7892] ? noop_fsync+0x9/0x10 [ 227.222879][ T7892] ? vfs_fsync_range+0x140/0x220 [ 227.222899][ T7892] exit_to_user_mode_loop+0x84/0x110 [ 227.222921][ T7892] do_syscall_64+0x41c/0x4c0 [ 227.222935][ T7892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.222950][ T7892] RIP: 0033:0x7fc7d358eec9 [ 227.222961][ T7892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.222974][ T7892] RSP: 002b:00007fc7d44a00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 227.222987][ T7892] RAX: fffffffffffffe00 RBX: 00007fc7d37e6188 RCX: 00007fc7d358eec9 [ 227.222996][ T7892] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc7d37e6188 [ 227.223004][ T7892] RBP: 00007fc7d37e6180 R08: 0000000000000000 R09: 0000000000000000 [ 227.223012][ T7892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.223020][ T7892] R13: 00007fc7d37e6218 R14: 00007ffebaaf6060 R15: 00007ffebaaf6148 [ 227.223037][ T7892] [ 227.229232][ T7898] Console: switching to colour frame buffer device 128x48 [ 230.818868][ T7929] FAULT_INJECTION: forcing a failure. [ 230.818868][ T7929] name failslab, interval 1, probability 0, space 0, times 0 [ 230.875072][ T7929] CPU: 0 UID: 0 PID: 7929 Comm: syz.0.356 Not tainted syzkaller #0 PREEMPT(full) [ 230.875105][ T7929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 230.875121][ T7929] Call Trace: [ 230.875131][ T7929] [ 230.875142][ T7929] dump_stack_lvl+0x16c/0x1f0 [ 230.875186][ T7929] should_fail_ex+0x512/0x640 [ 230.875222][ T7929] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 230.875254][ T7929] should_failslab+0xc2/0x120 [ 230.875288][ T7929] __kmalloc_cache_noprof+0x6a/0x3e0 [ 230.875314][ T7929] ? nl80211_prepare_wdev_dump+0x3a6/0x740 [ 230.875343][ T7929] ? nl80211_dump_station+0x26f/0xa80 [ 230.875383][ T7929] nl80211_dump_station+0x26f/0xa80 [ 230.875432][ T7929] ? __pfx_nl80211_dump_station+0x10/0x10 [ 230.875522][ T7929] ? __alloc_skb+0x200/0x380 [ 230.875571][ T7929] genl_dumpit+0x125/0x230 [ 230.875601][ T7929] netlink_dump+0x536/0xd30 [ 230.875639][ T7929] ? __pfx_netlink_dump+0x10/0x10 [ 230.875685][ T7929] ? __asan_memset+0x23/0x50 [ 230.875709][ T7929] ? genl_start+0x67f/0x980 [ 230.875738][ T7929] __netlink_dump_start+0x6d6/0x990 [ 230.875778][ T7929] genl_family_rcv_msg_dumpit+0x1e2/0x2e0 [ 230.875806][ T7929] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 230.875831][ T7929] ? genl_op_from_small+0x25/0x440 [ 230.875858][ T7929] ? __pfx_genl_get_cmd+0x10/0x10 [ 230.875878][ T7929] ? __pfx_genl_start+0x10/0x10 [ 230.875899][ T7929] ? __pfx_genl_dumpit+0x10/0x10 [ 230.875921][ T7929] ? __pfx_genl_done+0x10/0x10 [ 230.875950][ T7929] ? __radix_tree_lookup+0x21f/0x2c0 [ 230.876003][ T7929] genl_rcv_msg+0x46e/0x800 [ 230.876037][ T7929] ? __pfx_genl_rcv_msg+0x10/0x10 [ 230.876071][ T7929] ? __pfx_nl80211_dump_station+0x10/0x10 [ 230.876123][ T7929] netlink_rcv_skb+0x155/0x420 [ 230.876161][ T7929] ? __pfx_genl_rcv_msg+0x10/0x10 [ 230.876189][ T7929] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 230.876242][ T7929] ? netlink_deliver_tap+0x1ae/0xd30 [ 230.876285][ T7929] genl_rcv+0x28/0x40 [ 230.876309][ T7929] netlink_unicast+0x5aa/0x870 [ 230.876353][ T7929] ? __pfx_netlink_unicast+0x10/0x10 [ 230.876391][ T7929] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 230.876424][ T7929] ? __lock_acquire+0xb97/0x1ce0 [ 230.876466][ T7929] netlink_sendmsg+0x8d1/0xdd0 [ 230.876511][ T7929] ? __pfx_netlink_sendmsg+0x10/0x10 [ 230.876551][ T7929] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 230.876587][ T7929] ____sys_sendmsg+0xa95/0xc70 [ 230.876618][ T7929] ? copy_msghdr_from_user+0x10a/0x160 [ 230.876656][ T7929] ? __pfx_____sys_sendmsg+0x10/0x10 [ 230.876696][ T7929] ? __pfx_futex_wake_mark+0x10/0x10 [ 230.876735][ T7929] ___sys_sendmsg+0x134/0x1d0 [ 230.876772][ T7929] ? __pfx____sys_sendmsg+0x10/0x10 [ 230.876861][ T7929] __sys_sendmsg+0x16d/0x220 [ 230.876901][ T7929] ? __pfx___sys_sendmsg+0x10/0x10 [ 230.876940][ T7929] ? __x64_sys_futex+0x1e0/0x4c0 [ 230.877005][ T7929] do_syscall_64+0xcd/0x4c0 [ 230.877033][ T7929] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.877061][ T7929] RIP: 0033:0x7fc7d358eec9 [ 230.877083][ T7929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.877109][ T7929] RSP: 002b:00007fc7d44e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 230.877134][ T7929] RAX: ffffffffffffffda RBX: 00007fc7d37e5fa0 RCX: 00007fc7d358eec9 [ 230.877152][ T7929] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005 [ 230.877169][ T7929] RBP: 00007fc7d3611f91 R08: 0000000000000000 R09: 0000000000000000 [ 230.877186][ T7929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.877200][ T7929] R13: 00007fc7d37e6038 R14: 00007fc7d37e5fa0 R15: 00007ffebaaf6148 [ 230.877232][ T7929] [ 231.231688][ C0] vkms_vblank_simulate: vblank timer overrun [ 232.423146][ T7941] snd_virmidi snd_virmidi.0: control 61678:131081:32767:y>o[k<:1 is already present [ 233.962871][ T7963] FAULT_INJECTION: forcing a failure. [ 233.962871][ T7963] name failslab, interval 1, probability 0, space 0, times 0 [ 233.982132][ T7963] CPU: 1 UID: 0 PID: 7963 Comm: syz.3.363 Not tainted syzkaller #0 PREEMPT(full) [ 233.982167][ T7963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 233.982181][ T7963] Call Trace: [ 233.982190][ T7963] [ 233.982201][ T7963] dump_stack_lvl+0x16c/0x1f0 [ 233.982246][ T7963] should_fail_ex+0x512/0x640 [ 233.982284][ T7963] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 233.982324][ T7963] should_failslab+0xc2/0x120 [ 233.982358][ T7963] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 233.982394][ T7963] ? __kthread_create_on_node+0x186/0x3f0 [ 233.982435][ T7963] kvasprintf+0xbc/0x160 [ 233.982465][ T7963] ? __pfx_kvasprintf+0x10/0x10 [ 233.982509][ T7963] ? __pfx_rescuer_thread+0x10/0x10 [ 233.982533][ T7963] __kthread_create_on_node+0x186/0x3f0 [ 233.982571][ T7963] ? __pfx___kthread_create_on_node+0x10/0x10 [ 233.982614][ T7963] ? __pfx_vsnprintf+0x10/0x10 [ 233.982662][ T7963] ? __pfx_rescuer_thread+0x10/0x10 [ 233.982688][ T7963] kthread_create_on_node+0xc7/0x100 [ 233.982723][ T7963] ? __pfx_kthread_create_on_node+0x10/0x10 [ 233.982756][ T7963] ? __pfx_scnprintf+0x10/0x10 [ 233.982813][ T7963] init_rescuer+0x320/0x640 [ 233.982851][ T7963] ? __pfx_init_rescuer+0x10/0x10 [ 233.982898][ T7963] ? wq_adjust_max_active+0x39d/0x4a0 [ 233.982941][ T7963] __alloc_workqueue+0xc37/0x1810 [ 233.982981][ T7963] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 233.983021][ T7963] alloc_workqueue_noprof+0xd2/0x200 [ 233.983054][ T7963] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 233.983098][ T7963] ? __pfx___debug_object_init+0x10/0x10 [ 233.983140][ T7963] nci_register_device+0x21e/0xb80 [ 233.983181][ T7963] ? __pfx_nci_register_device+0x10/0x10 [ 233.983220][ T7963] ? lockdep_init_map_type+0x5c/0x280 [ 233.983262][ T7963] virtual_ncidev_open+0x141/0x220 [ 233.983296][ T7963] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 233.983327][ T7963] misc_open+0x35d/0x420 [ 233.983359][ T7963] ? __pfx_misc_open+0x10/0x10 [ 233.983388][ T7963] chrdev_open+0x234/0x6a0 [ 233.983420][ T7963] ? __pfx_apparmor_file_open+0x10/0x10 [ 233.983449][ T7963] ? __pfx_chrdev_open+0x10/0x10 [ 233.983484][ T7963] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 233.983521][ T7963] do_dentry_open+0x982/0x1530 [ 233.983553][ T7963] ? __pfx_chrdev_open+0x10/0x10 [ 233.983594][ T7963] vfs_open+0x82/0x3f0 [ 233.983635][ T7963] path_openat+0x1de4/0x2cb0 [ 233.983683][ T7963] ? __pfx_path_openat+0x10/0x10 [ 233.983725][ T7963] do_filp_open+0x20b/0x470 [ 233.983758][ T7963] ? __pfx_do_filp_open+0x10/0x10 [ 233.983818][ T7963] ? alloc_fd+0x471/0x7d0 [ 233.983858][ T7963] do_sys_openat2+0x11b/0x1d0 [ 233.983896][ T7963] ? __pfx_do_sys_openat2+0x10/0x10 [ 233.983950][ T7963] __x64_sys_openat+0x174/0x210 [ 233.983974][ T7963] ? __pfx___x64_sys_openat+0x10/0x10 [ 233.984014][ T7963] do_syscall_64+0xcd/0x4c0 [ 233.984041][ T7963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.984068][ T7963] RIP: 0033:0x7efcba38eec9 [ 233.984088][ T7963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 233.984113][ T7963] RSP: 002b:00007efcbb20d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 233.984138][ T7963] RAX: ffffffffffffffda RBX: 00007efcba5e5fa0 RCX: 00007efcba38eec9 [ 233.984155][ T7963] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 233.984172][ T7963] RBP: 00007efcba411f91 R08: 0000000000000000 R09: 0000000000000000 [ 233.984187][ T7963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.984203][ T7963] R13: 00007efcba5e6038 R14: 00007efcba5e5fa0 R15: 00007ffcb3f84038 [ 233.984240][ T7963] [ 233.984272][ T7963] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -ENOMEM [ 234.392395][ T7955] netlink: 4 bytes leftover after parsing attributes in process `syz.1.361'. [ 234.748757][ T7963] synth uevent: /module/l2tp_ip6: unknown uevent action string [ 234.951217][ T7963] FAULT_INJECTION: forcing a failure. [ 234.951217][ T7963] name fail_futex, interval 1, probability 0, space 0, times 0 [ 235.021070][ T7963] CPU: 0 UID: 0 PID: 7963 Comm: syz.3.363 Not tainted syzkaller #0 PREEMPT(full) [ 235.021103][ T7963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 235.021117][ T7963] Call Trace: [ 235.021124][ T7963] [ 235.021133][ T7963] dump_stack_lvl+0x16c/0x1f0 [ 235.021173][ T7963] should_fail_ex+0x512/0x640 [ 235.021213][ T7963] get_futex_key+0x293/0x1560 [ 235.021247][ T7963] ? __pfx_get_futex_key+0x10/0x10 [ 235.021276][ T7963] ? __mutex_trylock_common+0xe9/0x250 [ 235.021321][ T7963] futex_wake+0xea/0x530 [ 235.021358][ T7963] ? __pfx_futex_wake+0x10/0x10 [ 235.021408][ T7963] do_futex+0x1e3/0x350 [ 235.021438][ T7963] ? __pfx_do_futex+0x10/0x10 [ 235.021465][ T7963] ? __might_fault+0xe3/0x190 [ 235.021503][ T7963] mm_release+0x24e/0x300 [ 235.021532][ T7963] do_exit+0x68e/0x2bf0 [ 235.021578][ T7963] ? __pfx_do_exit+0x10/0x10 [ 235.021608][ T7963] ? do_raw_spin_lock+0x12c/0x2b0 [ 235.021639][ T7963] ? find_held_lock+0x2b/0x80 [ 235.021666][ T7963] do_group_exit+0xd3/0x2a0 [ 235.021701][ T7963] get_signal+0x2673/0x26d0 [ 235.021731][ T7963] ? __lock_acquire+0x62e/0x1ce0 [ 235.021766][ T7963] ? __pfx_get_signal+0x10/0x10 [ 235.021791][ T7963] ? do_futex+0x122/0x350 [ 235.021819][ T7963] ? __pfx_do_futex+0x10/0x10 [ 235.021852][ T7963] arch_do_signal_or_restart+0x8f/0x790 [ 235.021884][ T7963] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 235.021924][ T7963] ? noop_fsync+0x9/0x10 [ 235.021953][ T7963] ? vfs_fsync_range+0x140/0x220 [ 235.021986][ T7963] exit_to_user_mode_loop+0x84/0x110 [ 235.022021][ T7963] do_syscall_64+0x41c/0x4c0 [ 235.022046][ T7963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.022070][ T7963] RIP: 0033:0x7efcba38eec9 [ 235.022090][ T7963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.022111][ T7963] RSP: 002b:00007efcbb20d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 235.022133][ T7963] RAX: fffffffffffffe00 RBX: 00007efcba5e5fa8 RCX: 00007efcba38eec9 [ 235.022149][ T7963] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efcba5e5fa8 [ 235.022164][ T7963] RBP: 00007efcba5e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 235.022177][ T7963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.022190][ T7963] R13: 00007efcba5e6038 R14: 00007ffcb3f83f50 R15: 00007ffcb3f84038 [ 235.022221][ T7963] [ 235.328780][ T7972] netlink: 342 bytes leftover after parsing attributes in process `syz.2.364'. [ 235.676576][ T7976] netlink: 342 bytes leftover after parsing attributes in process `syz.2.364'. [ 236.252387][ T7984] snd_aloop snd_aloop.0: control 16781581:65539:5:'x?F/zF˷fC:7 is already present [ 237.744009][ T7996] netlink: 268 bytes leftover after parsing attributes in process `syz.2.367'. [ 239.581450][ T8017] snd_virmidi snd_virmidi.0: control 61678:131081:32767:y>o[k<:1 is already present [ 240.859282][ T8035] netlink: 8 bytes leftover after parsing attributes in process `syz.0.386'. [ 241.919903][ T8032] netlink: 4 bytes leftover after parsing attributes in process `syz.2.376'. [ 246.170257][ T8079] netlink: 268 bytes leftover after parsing attributes in process `syz.3.384'. [ 248.365020][ T8107] zero sized request [ 248.501569][ T8118] FAULT_INJECTION: forcing a failure. [ 248.501569][ T8118] name fail_futex, interval 1, probability 0, space 0, times 0 [ 248.609031][ T8118] CPU: 0 UID: 0 PID: 8118 Comm: syz.2.391 Not tainted syzkaller #0 PREEMPT(full) [ 248.609062][ T8118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 248.609075][ T8118] Call Trace: [ 248.609082][ T8118] [ 248.609091][ T8118] dump_stack_lvl+0x16c/0x1f0 [ 248.609130][ T8118] should_fail_ex+0x512/0x640 [ 248.609177][ T8118] get_futex_key+0xff0/0x1560 [ 248.609211][ T8118] ? __pfx_get_futex_key+0x10/0x10 [ 248.609240][ T8118] ? __mutex_trylock_common+0xe9/0x250 [ 248.609281][ T8118] futex_wake+0xea/0x530 [ 248.609318][ T8118] ? __pfx_futex_wake+0x10/0x10 [ 248.609368][ T8118] do_futex+0x1e3/0x350 [ 248.609398][ T8118] ? __pfx_do_futex+0x10/0x10 [ 248.609425][ T8118] ? __might_fault+0xe3/0x190 [ 248.609463][ T8118] mm_release+0x24e/0x300 [ 248.609492][ T8118] do_exit+0x68e/0x2bf0 [ 248.609531][ T8118] ? __pfx_do_exit+0x10/0x10 [ 248.609561][ T8118] ? do_raw_spin_lock+0x12c/0x2b0 [ 248.609595][ T8118] ? find_held_lock+0x2b/0x80 [ 248.609624][ T8118] do_group_exit+0xd3/0x2a0 [ 248.609659][ T8118] get_signal+0x2673/0x26d0 [ 248.609701][ T8118] ? __pfx_get_signal+0x10/0x10 [ 248.609727][ T8118] ? do_futex+0x122/0x350 [ 248.609757][ T8118] ? __pfx_do_futex+0x10/0x10 [ 248.609789][ T8118] arch_do_signal_or_restart+0x8f/0x790 [ 248.609823][ T8118] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 248.609861][ T8118] ? ksys_mmap_pgoff+0x85/0x5c0 [ 248.609892][ T8118] ? xfd_validate_state+0x61/0x180 [ 248.609924][ T8118] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 248.609965][ T8118] exit_to_user_mode_loop+0x84/0x110 [ 248.610001][ T8118] do_syscall_64+0x41c/0x4c0 [ 248.610026][ T8118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.610050][ T8118] RIP: 0033:0x7fd88958eec9 [ 248.610070][ T8118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.610092][ T8118] RSP: 002b:00007fd88a4070e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 248.610115][ T8118] RAX: fffffffffffffe00 RBX: 00007fd8897e6278 RCX: 00007fd88958eec9 [ 248.610131][ T8118] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd8897e6278 [ 248.610146][ T8118] RBP: 00007fd8897e6270 R08: 0000000000000000 R09: 0000000000000000 [ 248.610165][ T8118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.610179][ T8118] R13: 00007fd8897e6308 R14: 00007ffdf95d3d50 R15: 00007ffdf95d3e38 [ 248.610213][ T8118] [ 251.349027][ T8154] zram: Removed device: zram0 [ 253.072776][ T8177] netlink: 28 bytes leftover after parsing attributes in process `syz.3.403'. [ 254.378601][ T8182] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 255.829904][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.837582][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.501485][ T8248] netlink: 28 bytes leftover after parsing attributes in process `syz.3.416'. [ 258.804024][ T8248] hsr_slave_0: left promiscuous mode [ 259.037398][ T8248] hsr_slave_1: left promiscuous mode [ 262.063033][ T6992] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 267.089073][ T6032] Bluetooth: hci0: command 0x0406 tx timeout [ 267.119065][ T8296] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 267.464770][ T8334] blkio.reset_stats is deprecated [ 267.881088][ T8296] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 268.336410][ T8296] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 268.449568][ T8296] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 268.498060][ T8344] .^: entered promiscuous mode [ 268.789236][ T8296] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 268.896840][ T8296] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 269.295438][ T8296] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 269.329035][ T6032] Bluetooth: hci0: command 0x0406 tx timeout [ 269.731696][ T8296] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 269.859202][ T8296] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 270.089702][ T8296] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 270.369191][ T6032] Bluetooth: hci1: command 0x0406 tx timeout [ 270.851254][ T6032] Bluetooth: hci2: command 0x0406 tx timeout [ 271.083608][ T8361] misc userio: No port type given on /dev/userio [ 271.394584][ T8364] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 271.811208][ T6032] Bluetooth: hci3: command 0x0406 tx timeout [ 272.449024][ T6032] Bluetooth: hci1: command 0x0406 tx timeout [ 272.956424][ T6032] Bluetooth: hci2: command 0x0406 tx timeout [ 273.891949][ T6032] Bluetooth: hci3: command 0x0406 tx timeout [ 275.012569][ T6032] Bluetooth: hci2: command 0x0406 tx timeout [ 275.447788][ T8409] nvme_fabrics: missing parameter 'transport=%s' [ 275.572258][ T8409] nvme_fabrics: missing parameter 'nqn=%s' [ 275.590679][ T8412] nvme_fabrics: unknown parameter or missing value '}&:' in ctrl creation request [ 275.851311][ T8409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.449'. [ 275.970152][ T6032] Bluetooth: hci3: command 0x0406 tx timeout [ 276.261520][ T8409] FAULT_INJECTION: forcing a failure. [ 276.261520][ T8409] name failslab, interval 1, probability 0, space 0, times 0 [ 276.449938][ T8409] CPU: 0 UID: 0 PID: 8409 Comm: syz.1.449 Not tainted syzkaller #0 PREEMPT(full) [ 276.449976][ T8409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 276.449997][ T8409] Call Trace: [ 276.450007][ T8409] [ 276.450018][ T8409] dump_stack_lvl+0x16c/0x1f0 [ 276.450065][ T8409] should_fail_ex+0x512/0x640 [ 276.450104][ T8409] ? __kmalloc_noprof+0xbf/0x510 [ 276.450137][ T8409] ? kobject_get_path+0xd2/0x2a0 [ 276.450159][ T8409] should_failslab+0xc2/0x120 [ 276.450193][ T8409] __kmalloc_noprof+0xd2/0x510 [ 276.450233][ T8409] kobject_get_path+0xd2/0x2a0 [ 276.450265][ T8409] kobject_uevent_env+0x289/0x1870 [ 276.450309][ T8409] nfs_netns_sysfs_setup+0x16f/0x1f0 [ 276.450341][ T8409] nfs_net_init+0x10a/0x340 [ 276.450373][ T8409] ? __pfx_nfs_net_init+0x10/0x10 [ 276.450401][ T8409] ops_init+0x1e2/0x5f0 [ 276.450430][ T8409] setup_net+0x10f/0x380 [ 276.450451][ T8409] ? lockdep_init_map_type+0x5c/0x280 [ 276.450488][ T8409] ? __pfx_setup_net+0x10/0x10 [ 276.450513][ T8409] ? debug_mutex_init+0x37/0x70 [ 276.450544][ T8409] copy_net_ns+0x2a6/0x5f0 [ 276.450575][ T8409] create_new_namespaces+0x3ea/0xa90 [ 276.450613][ T8409] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 276.450647][ T8409] ksys_unshare+0x45b/0xa40 [ 276.450681][ T8409] ? __pfx_ksys_unshare+0x10/0x10 [ 276.450716][ T8409] ? xfd_validate_state+0x61/0x180 [ 276.450762][ T8409] __x64_sys_unshare+0x31/0x40 [ 276.450796][ T8409] do_syscall_64+0xcd/0x4c0 [ 276.450823][ T8409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.450849][ T8409] RIP: 0033:0x7fd4b438eec9 [ 276.450871][ T8409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.450897][ T8409] RSP: 002b:00007fd4b5262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 276.450921][ T8409] RAX: ffffffffffffffda RBX: 00007fd4b45e5fa0 RCX: 00007fd4b438eec9 [ 276.450938][ T8409] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 276.450952][ T8409] RBP: 00007fd4b4411f91 R08: 0000000000000000 R09: 0000000000000000 [ 276.450966][ T8409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 276.450980][ T8409] R13: 00007fd4b45e6038 R14: 00007fd4b45e5fa0 R15: 00007ffcceff26f8 [ 276.451020][ T8409] [ 276.734201][ T8417] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 276.740294][ T8417] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 276.746350][ T8417] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 276.752441][ T8417] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 277.287898][ T8426] netlink: 16 bytes leftover after parsing attributes in process `syz.0.450'. [ 278.142435][ T7655] Bluetooth: hci0: command 0x0406 tx timeout [ 279.009374][ T6032] Bluetooth: hci2: command 0x0406 tx timeout [ 279.015417][ T6032] Bluetooth: hci1: command 0x0406 tx timeout [ 279.023249][ T7655] Bluetooth: hci3: command 0x0406 tx timeout [ 281.286710][ T8480] netlink: 342 bytes leftover after parsing attributes in process `syz.0.460'. [ 282.263042][ T8471] kAFS: Invalid Command on /proc/fs/afs/cells file [ 282.868061][ T8507] netlink: 4 bytes leftover after parsing attributes in process `syz.0.462'. [ 282.935476][ T8497] nvme_fabrics: missing parameter 'transport=%s' [ 282.994291][ T8497] nvme_fabrics: missing parameter 'nqn=%s' [ 283.029236][ T8502] nvme_fabrics: unknown parameter or missing value '}&:' in ctrl creation request [ 283.931509][ T6032] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 283.944083][ T6032] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 283.959870][ T6032] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 283.970420][ T6032] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 283.979637][ T6032] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 285.776177][ T8511] chnl_net:caif_netlink_parms(): no params data found [ 286.049289][ T6032] Bluetooth: hci4: command tx timeout [ 286.273010][ T8511] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.302625][ T8511] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.333054][ T8511] bridge_slave_0: entered allmulticast mode [ 286.362104][ T8511] bridge_slave_0: entered promiscuous mode [ 286.408269][ T8511] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.494224][ T8511] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.559287][ T8511] bridge_slave_1: entered allmulticast mode [ 286.593572][ T8511] bridge_slave_1: entered promiscuous mode [ 286.956357][ T8511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 286.985210][ T8511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 287.109400][ T8511] team0: Port device team_slave_0 added [ 287.124920][ T8511] team0: Port device team_slave_1 added [ 287.311255][ T8511] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 287.318219][ T8511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.552445][ T8549] nbd: must specify a device to reconfigure [ 287.578004][ T8511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 287.611268][ T8511] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 287.618233][ T8511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.749086][ T8511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.129709][ T6032] Bluetooth: hci4: command tx timeout [ 288.853989][ T8511] hsr_slave_0: entered promiscuous mode [ 288.918144][ T8511] hsr_slave_1: entered promiscuous mode [ 288.941205][ T8511] debugfs: 'hsr0' already exists in 'hsr' [ 288.958977][ T8511] Cannot create hsr debugfs directory [ 289.968308][ T8511] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 290.043230][ T8511] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 290.209396][ T6032] Bluetooth: hci4: command tx timeout [ 290.415894][ T8511] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 290.537845][ T8511] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 291.555175][ T8511] 8021q: adding VLAN 0 to HW filter on device bond0 [ 291.576982][ T8511] 8021q: adding VLAN 0 to HW filter on device team0 [ 291.612373][ T8511] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 291.623029][ T8511] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 291.664788][ T8575] kAFS: Invalid Command on /proc/fs/afs/cells file [ 291.893402][ T6999] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.900612][ T6999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 292.011123][ T6999] bridge0: port 2(bridge_slave_1) entered blocking state [ 292.018295][ T6999] bridge0: port 2(bridge_slave_1) entered forwarding state [ 292.289569][ T6032] Bluetooth: hci4: command tx timeout [ 293.242479][ T8511] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 294.312719][ T8511] veth0_vlan: entered promiscuous mode [ 294.351618][ T8511] veth1_vlan: entered promiscuous mode [ 294.421075][ T8511] veth0_macvtap: entered promiscuous mode [ 294.441847][ T8511] veth1_macvtap: entered promiscuous mode [ 294.486896][ T8511] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 294.523458][ T8511] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 294.564109][ T6995] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.591302][ T6995] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.620510][ T6995] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.645136][ T6995] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.789483][ T6992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 294.797327][ T6992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 294.908207][ T6992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 294.930335][ T6992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.491471][ T6985] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.706288][ T6985] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.103474][ T6985] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.308726][ T6985] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.396228][ T8712] netlink: 342 bytes leftover after parsing attributes in process `syz.2.483'. [ 296.412646][ T8712] netlink: 334 bytes leftover after parsing attributes in process `syz.2.483'. [ 296.835142][ T6985] bridge_slave_1: left allmulticast mode [ 296.845039][ T6985] bridge_slave_1: left promiscuous mode [ 296.854072][ T6985] bridge0: port 2(bridge_slave_1) entered disabled state [ 296.881333][ T6985] bridge_slave_0: left allmulticast mode [ 296.891758][ T6985] bridge_slave_0: left promiscuous mode [ 296.939556][ T6985] bridge0: port 1(bridge_slave_0) entered disabled state [ 298.094985][ T6985] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 298.120496][ T6985] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 298.138015][ T6985] bond0 (unregistering): Released all slaves [ 299.370476][ T6985] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 299.392806][ T6985] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 299.426752][ T6985] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 299.465046][ T6985] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 299.610775][ T6985] veth1_macvtap: left promiscuous mode [ 299.625771][ T6985] veth0_macvtap: left promiscuous mode [ 299.640570][ T6985] veth1_vlan: left promiscuous mode [ 299.646497][ T6985] veth0_vlan: left promiscuous mode [ 300.207436][ T6985] team0 (unregistering): Port device team_slave_1 removed [ 300.247113][ T6985] team0 (unregistering): Port device team_slave_0 removed [ 301.405996][ T8835] __vm_enough_memory: pid: 8835, comm: syz.4.509, bytes: 4398046511104 not enough memory for the allocation [ 305.789274][ T8935] netlink: 62 bytes leftover after parsing attributes in process `syz.1.520'. [ 307.095825][ T30] audit: type=1804 audit(4294967482.550:7): pid=8968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.526" name="/newroot/sys/kernel/debug/tracing/buffer_total_size_kb" dev="tracefs" ino=157 res=1 errno=0 [ 309.016505][ T9024] ptrace attach of "./syz-executor exec"[8511] was attempted by ""[9024] [ 309.219124][ T9024] netlink: 'syz.4.534': attribute type 7 has an invalid length. [ 309.226827][ T9024] netlink: 5 bytes leftover after parsing attributes in process `syz.4.534'. [ 309.860814][ T9038] ima: policy update failed [ 309.924531][ T30] audit: type=1802 audit(4294967485.330:8): pid=9038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.536" res=0 errno=0 [ 312.965250][ T9100] netlink: 62 bytes leftover after parsing attributes in process `syz.2.548'. [ 314.353334][ T9128] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 316.293342][ T9150] zswap: compressor not available [ 316.353106][ T9162] netlink: 62 bytes leftover after parsing attributes in process `syz.0.562'. [ 317.271867][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.278789][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.164809][ T9230] netlink: 342 bytes leftover after parsing attributes in process `syz.2.570'. [ 319.474917][ T9240] openvswitch: netlink: ct_state flags aa1414ac unsupported [ 320.109989][ T9249] FAULT_INJECTION: forcing a failure. [ 320.109989][ T9249] name failslab, interval 1, probability 0, space 0, times 0 [ 320.136264][ T9249] CPU: 0 UID: 0 PID: 9249 Comm: syz.4.575 Not tainted syzkaller #0 PREEMPT(full) [ 320.136294][ T9249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 320.136307][ T9249] Call Trace: [ 320.136314][ T9249] [ 320.136323][ T9249] dump_stack_lvl+0x16c/0x1f0 [ 320.136366][ T9249] should_fail_ex+0x512/0x640 [ 320.136401][ T9249] ? fs_reclaim_acquire+0xae/0x150 [ 320.136438][ T9249] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 320.136468][ T9249] should_failslab+0xc2/0x120 [ 320.136499][ T9249] __kmalloc_noprof+0xd2/0x510 [ 320.136534][ T9249] tomoyo_realpath_from_path+0xc2/0x6e0 [ 320.136567][ T9249] ? tomoyo_profile+0x47/0x60 [ 320.136592][ T9249] tomoyo_path_number_perm+0x245/0x580 [ 320.136618][ T9249] ? tomoyo_path_number_perm+0x237/0x580 [ 320.136649][ T9249] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 320.136678][ T9249] ? find_held_lock+0x2b/0x80 [ 320.136732][ T9249] ? find_held_lock+0x2b/0x80 [ 320.136755][ T9249] ? hook_file_ioctl_common+0x145/0x410 [ 320.136792][ T9249] ? __fget_files+0x20e/0x3c0 [ 320.136824][ T9249] security_file_ioctl+0x9b/0x240 [ 320.136864][ T9249] __x64_sys_ioctl+0xb7/0x210 [ 320.136903][ T9249] do_syscall_64+0xcd/0x4c0 [ 320.136927][ T9249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.136952][ T9249] RIP: 0033:0x7f89b038eec9 [ 320.136973][ T9249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 320.136994][ T9249] RSP: 002b:00007f89b12f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 320.137016][ T9249] RAX: ffffffffffffffda RBX: 00007f89b05e5fa0 RCX: 00007f89b038eec9 [ 320.137031][ T9249] RDX: 0000000000000004 RSI: 00000000c0445624 RDI: 0000000000000004 [ 320.137045][ T9249] RBP: 00007f89b12f0090 R08: 0000000000000000 R09: 0000000000000000 [ 320.137059][ T9249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 320.137073][ T9249] R13: 00007f89b05e6038 R14: 00007f89b05e5fa0 R15: 00007ffcf4e822f8 [ 320.137106][ T9249] [ 320.137155][ T9249] ERROR: Out of memory at tomoyo_realpath_from_path. [ 323.266833][ T9310] FAULT_INJECTION: forcing a failure. [ 323.266833][ T9310] name failslab, interval 1, probability 0, space 0, times 0 [ 323.383060][ T9310] CPU: 0 UID: 0 PID: 9310 Comm: syz.1.586 Not tainted syzkaller #0 PREEMPT(full) [ 323.383093][ T9310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 323.383105][ T9310] Call Trace: [ 323.383113][ T9310] [ 323.383121][ T9310] dump_stack_lvl+0x16c/0x1f0 [ 323.383162][ T9310] should_fail_ex+0x512/0x640 [ 323.383197][ T9310] ? fs_reclaim_acquire+0xae/0x150 [ 323.383244][ T9310] ? tomoyo_encode2+0x100/0x3e0 [ 323.383275][ T9310] should_failslab+0xc2/0x120 [ 323.383308][ T9310] __kmalloc_noprof+0xd2/0x510 [ 323.383336][ T9310] ? d_absolute_path+0x136/0x1a0 [ 323.383375][ T9310] tomoyo_encode2+0x100/0x3e0 [ 323.383413][ T9310] tomoyo_encode+0x29/0x50 [ 323.383443][ T9310] tomoyo_realpath_from_path+0x18f/0x6e0 [ 323.383488][ T9310] tomoyo_path_number_perm+0x245/0x580 [ 323.383524][ T9310] ? tomoyo_path_number_perm+0x237/0x580 [ 323.383560][ T9310] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 323.383598][ T9310] ? find_held_lock+0x2b/0x80 [ 323.383654][ T9310] ? find_held_lock+0x2b/0x80 [ 323.383678][ T9310] ? hook_file_ioctl_common+0x145/0x410 [ 323.383718][ T9310] ? __fget_files+0x20e/0x3c0 [ 323.383751][ T9310] security_file_ioctl+0x9b/0x240 [ 323.383784][ T9310] __x64_sys_ioctl+0xb7/0x210 [ 323.383823][ T9310] do_syscall_64+0xcd/0x4c0 [ 323.383858][ T9310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.383883][ T9310] RIP: 0033:0x7fd4b438eec9 [ 323.383903][ T9310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.383924][ T9310] RSP: 002b:00007fd4b5262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 323.383947][ T9310] RAX: ffffffffffffffda RBX: 00007fd4b45e5fa0 RCX: 00007fd4b438eec9 [ 323.383963][ T9310] RDX: 0000000000000004 RSI: 00000000c0445624 RDI: 0000000000000004 [ 323.383978][ T9310] RBP: 00007fd4b5262090 R08: 0000000000000000 R09: 0000000000000000 [ 323.383993][ T9310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 323.384007][ T9310] R13: 00007fd4b45e6038 R14: 00007fd4b45e5fa0 R15: 00007ffcceff26f8 [ 323.384042][ T9310] [ 323.385356][ T9310] ERROR: Out of memory at tomoyo_realpath_from_path. [ 325.308576][ T9349] netlink: 342 bytes leftover after parsing attributes in process `syz.4.592'. [ 331.686189][ T9427] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 332.048233][ T9436] netlink: 342 bytes leftover after parsing attributes in process `syz.1.610'. [ 332.085522][ T9441] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 332.107852][ T9441] program syz.2.612 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 332.293060][ T9446] FAULT_INJECTION: forcing a failure. [ 332.293060][ T9446] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 332.316746][ T9446] CPU: 0 UID: 0 PID: 9446 Comm: syz.0.613 Not tainted syzkaller #0 PREEMPT(full) [ 332.316784][ T9446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 332.316799][ T9446] Call Trace: [ 332.316808][ T9446] [ 332.316818][ T9446] dump_stack_lvl+0x16c/0x1f0 [ 332.316864][ T9446] should_fail_ex+0x512/0x640 [ 332.316910][ T9446] should_fail_alloc_page+0xe7/0x130 [ 332.316947][ T9446] prepare_alloc_pages+0x3c2/0x610 [ 332.317000][ T9446] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 332.317033][ T9446] ? arch_stack_walk+0xa6/0x100 [ 332.317075][ T9446] ? stack_trace_save+0x8e/0xc0 [ 332.317108][ T9446] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 332.317134][ T9446] ? rcu_is_watching+0x12/0xc0 [ 332.317169][ T9446] ? kasan_save_track+0x14/0x30 [ 332.317196][ T9446] ? __kasan_slab_alloc+0x89/0x90 [ 332.317224][ T9446] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 332.317253][ T9446] ? __pmd_alloc+0xbf/0x930 [ 332.317286][ T9446] ? __handle_mm_fault+0xa06/0x2a50 [ 332.317310][ T9446] ? handle_mm_fault+0x589/0xd10 [ 332.317333][ T9446] ? __get_user_pages+0x551/0x34a0 [ 332.317366][ T9446] ? populate_vma_page_range+0x267/0x3f0 [ 332.317402][ T9446] ? __mm_populate+0x1d8/0x380 [ 332.317422][ T9446] ? vm_mmap_pgoff+0x37f/0x470 [ 332.317454][ T9446] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 332.317484][ T9446] ? __x64_sys_mmap+0x125/0x190 [ 332.317518][ T9446] ? do_syscall_64+0xcd/0x4c0 [ 332.317540][ T9446] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 332.317577][ T9446] ? policy_nodemask+0xea/0x4e0 [ 332.317609][ T9446] alloc_pages_mpol+0x1fb/0x550 [ 332.317642][ T9446] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 332.317687][ T9446] alloc_pages_noprof+0x131/0x390 [ 332.317721][ T9446] pte_alloc_one+0x1c/0x3a0 [ 332.317750][ T9446] __pte_alloc+0x6d/0x3c0 [ 332.317783][ T9446] ? __pfx___pte_alloc+0x10/0x10 [ 332.317820][ T9446] ? do_raw_spin_lock+0x12c/0x2b0 [ 332.317858][ T9446] do_pte_missing+0x285a/0x3ba0 [ 332.317887][ T9446] ? do_raw_spin_unlock+0x172/0x230 [ 332.317925][ T9446] ? _raw_spin_unlock+0x28/0x50 [ 332.317958][ T9446] ? __pmd_alloc+0x3fb/0x930 [ 332.318130][ T9446] __handle_mm_fault+0x152a/0x2a50 [ 332.318172][ T9446] ? __pfx___handle_mm_fault+0x10/0x10 [ 332.318239][ T9446] handle_mm_fault+0x589/0xd10 [ 332.318276][ T9446] __get_user_pages+0x551/0x34a0 [ 332.318330][ T9446] ? __pfx___get_user_pages+0x10/0x10 [ 332.318377][ T9446] populate_vma_page_range+0x267/0x3f0 [ 332.318418][ T9446] ? __pfx_populate_vma_page_range+0x10/0x10 [ 332.318457][ T9446] ? __pfx_find_vma_intersection+0x10/0x10 [ 332.318496][ T9446] ? do_mmap+0x69c/0x1210 [ 332.318536][ T9446] __mm_populate+0x1d8/0x380 [ 332.318561][ T9446] ? __pfx___mm_populate+0x10/0x10 [ 332.318589][ T9446] ? up_write+0x1b2/0x520 [ 332.318629][ T9446] vm_mmap_pgoff+0x37f/0x470 [ 332.318670][ T9446] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 332.318705][ T9446] ? find_held_lock+0x2b/0x80 [ 332.318733][ T9446] ? __x64_sys_futex+0x1e0/0x4c0 [ 332.318767][ T9446] ? __x64_sys_futex+0x1e9/0x4c0 [ 332.318802][ T9446] ksys_mmap_pgoff+0x7d/0x5c0 [ 332.318832][ T9446] ? xfd_validate_state+0x61/0x180 [ 332.318870][ T9446] __x64_sys_mmap+0x125/0x190 [ 332.318909][ T9446] do_syscall_64+0xcd/0x4c0 [ 332.318936][ T9446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.318992][ T9446] RIP: 0033:0x7fc7d358eec9 [ 332.319019][ T9446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.319046][ T9446] RSP: 002b:00007fc7d44e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 332.319071][ T9446] RAX: ffffffffffffffda RBX: 00007fc7d37e5fa0 RCX: 00007fc7d358eec9 [ 332.319089][ T9446] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 332.319106][ T9446] RBP: 00007fc7d3611f91 R08: 0000000000000002 R09: 0000000000008000 [ 332.319122][ T9446] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 332.319138][ T9446] R13: 00007fc7d37e6038 R14: 00007fc7d37e5fa0 R15: 00007ffebaaf6148 [ 332.319175][ T9446] [ 334.020314][ T9451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 334.060107][ T9451] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 334.089098][ T9451] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 334.141941][ T9451] page_type: f5(slab) [ 334.148561][ T9451] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 334.157262][ T9451] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 334.165973][ T9451] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 334.200018][ T9451] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 334.230160][ T9451] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 334.288189][ T9451] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 334.296938][ T9451] page dumped because: unmovable page [ 334.306545][ T9451] page_owner tracks the page as allocated [ 334.315425][ T9451] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6870, tgid 6870 (udevd), ts 323083433927, free_ts 322916122197 [ 334.337932][ T9451] post_alloc_hook+0x1c0/0x230 [ 334.344956][ T9451] get_page_from_freelist+0x132b/0x38e0 [ 334.353216][ T9451] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 334.423193][ T9451] alloc_pages_mpol+0x1fb/0x550 [ 334.428116][ T9451] new_slab+0x247/0x330 [ 334.454668][ T9451] ___slab_alloc+0xcf2/0x1750 [ 334.460145][ T9451] __slab_alloc.constprop.0+0x56/0xb0 [ 334.508361][ T9451] __kmalloc_cache_noprof+0xfb/0x3e0 [ 334.534141][ T9451] uevent_show+0x165/0x3a0 [ 334.550019][ T9451] dev_attr_show+0x53/0xe0 [ 334.562991][ T9451] sysfs_kf_seq_show+0x216/0x3e0 [ 334.605254][ T9451] seq_read_iter+0x509/0x12c0 [ 334.613625][ T9451] kernfs_fop_read_iter+0x46c/0x610 [ 334.712008][ T9451] vfs_read+0x8bc/0xcf0 [ 334.716306][ T9451] ksys_read+0x12a/0x250 [ 334.722886][ T9451] do_syscall_64+0xcd/0x4c0 [ 334.727482][ T9451] page last free pid 5871 tgid 5871 stack trace: [ 334.734618][ T9451] __free_frozen_pages+0x7d5/0x10f0 [ 334.852017][ T9451] __put_partials+0x165/0x1c0 [ 334.856728][ T9451] qlist_free_all+0x4d/0x120 [ 334.864071][ T9451] kasan_quarantine_reduce+0x195/0x1e0 [ 334.880479][ T9451] __kasan_slab_alloc+0x69/0x90 [ 334.999907][ T9451] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 335.008908][ T9451] getname_flags.part.0+0x4c/0x550 [ 335.018888][ T9451] __x64_sys_unlink+0xb0/0x110 [ 335.038618][ T9451] do_syscall_64+0xcd/0x4c0 [ 335.049714][ T9451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.343471][ T9496] ptrace attach of "./syz-executor exec"[8511] was attempted by ""[9496] [ 338.512281][ T9539] ptrace attach of "./syz-executor exec"[8511] was attempted by ""[9539] [ 338.920845][ T9552] binder: 9551:9552 ioctl c0306201 200000001100 returned -14 [ 338.991380][ T9554] tipc: Started in network mode [ 339.007050][ T9554] tipc: Node identity 45e5412, cluster identity 4711 [ 339.038700][ T9554] tipc: Node number set to 73290770 [ 339.058740][ T9554] FAULT_INJECTION: forcing a failure. [ 339.058740][ T9554] name failslab, interval 1, probability 0, space 0, times 0 [ 339.079092][ T9554] CPU: 0 UID: 0 PID: 9554 Comm: syz.0.636 Not tainted syzkaller #0 PREEMPT(full) [ 339.079126][ T9554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 339.079141][ T9554] Call Trace: [ 339.079149][ T9554] [ 339.079159][ T9554] dump_stack_lvl+0x16c/0x1f0 [ 339.079203][ T9554] should_fail_ex+0x512/0x640 [ 339.079238][ T9554] ? fs_reclaim_acquire+0xae/0x150 [ 339.079275][ T9554] should_failslab+0xc2/0x120 [ 339.079306][ T9554] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 339.079336][ T9554] ? security_inode_alloc+0x3b/0x2b0 [ 339.079369][ T9554] security_inode_alloc+0x3b/0x2b0 [ 339.079405][ T9554] inode_init_always_gfp+0xce4/0x1030 [ 339.079441][ T9554] alloc_inode+0x86/0x240 [ 339.079480][ T9554] sock_alloc+0x40/0x280 [ 339.079505][ T9554] __sock_create+0xc1/0x8d0 [ 339.079535][ T9554] __sys_socket+0x14d/0x260 [ 339.079561][ T9554] ? fdget_pos+0x2b8/0x370 [ 339.079588][ T9554] ? __pfx___sys_socket+0x10/0x10 [ 339.079617][ T9554] ? xfd_validate_state+0x61/0x180 [ 339.079649][ T9554] ? __pfx_ksys_write+0x10/0x10 [ 339.079686][ T9554] __x64_sys_socket+0x72/0xb0 [ 339.079716][ T9554] ? lockdep_hardirqs_on+0x7c/0x110 [ 339.079753][ T9554] do_syscall_64+0xcd/0x4c0 [ 339.079779][ T9554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.079804][ T9554] RIP: 0033:0x7fc7d358eec9 [ 339.079827][ T9554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.079856][ T9554] RSP: 002b:00007fc7d44e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 339.079881][ T9554] RAX: ffffffffffffffda RBX: 00007fc7d37e5fa0 RCX: 00007fc7d358eec9 [ 339.079900][ T9554] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 339.079916][ T9554] RBP: 00007fc7d3611f91 R08: 0000000000000000 R09: 0000000000000000 [ 339.079932][ T9554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.079947][ T9554] R13: 00007fc7d37e6038 R14: 00007fc7d37e5fa0 R15: 00007ffebaaf6148 [ 339.079982][ T9554] [ 339.080013][ T9554] socket: no more sockets [ 342.123286][ T9594] ptrace attach of "./syz-executor exec"[8511] was attempted by ""[9594] [ 342.936074][ T9603] FAULT_INJECTION: forcing a failure. [ 342.936074][ T9603] name fail_futex, interval 1, probability 0, space 0, times 0 [ 342.959827][ T9603] CPU: 0 UID: 0 PID: 9603 Comm: syz.0.648 Not tainted syzkaller #0 PREEMPT(full) [ 342.959862][ T9603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 342.959878][ T9603] Call Trace: [ 342.959886][ T9603] [ 342.959895][ T9603] dump_stack_lvl+0x16c/0x1f0 [ 342.959930][ T9603] should_fail_ex+0x512/0x640 [ 342.959955][ T9603] get_futex_key+0x1d0/0x1560 [ 342.959976][ T9603] ? __pfx_get_futex_key+0x10/0x10 [ 342.959994][ T9603] ? __pick_eevdf+0x30a/0x670 [ 342.960014][ T9603] futex_wait_setup+0x9d/0x550 [ 342.960047][ T9603] __futex_wait+0x194/0x2f0 [ 342.960069][ T9603] ? __pfx___futex_wait+0x10/0x10 [ 342.960089][ T9603] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 342.960110][ T9603] ? lockdep_hardirqs_on+0x7c/0x110 [ 342.960135][ T9603] ? __pfx_futex_wake_mark+0x10/0x10 [ 342.960159][ T9603] ? futex_private_hash_put+0x176/0x300 [ 342.960177][ T9603] ? futex_private_hash_put+0x18a/0x300 [ 342.960195][ T9603] futex_wait+0xe8/0x380 [ 342.960223][ T9603] ? __pfx_futex_wait+0x10/0x10 [ 342.960267][ T9603] ? preempt_schedule_thunk+0x16/0x30 [ 342.960294][ T9603] do_futex+0x229/0x350 [ 342.960312][ T9603] ? __pfx_do_futex+0x10/0x10 [ 342.960331][ T9603] ? __pfx_sched_core_share_pid+0x10/0x10 [ 342.960349][ T9603] __x64_sys_futex+0x1e0/0x4c0 [ 342.960370][ T9603] ? __pfx___x64_sys_futex+0x10/0x10 [ 342.960389][ T9603] ? __pfx___do_sys_prctl+0x10/0x10 [ 342.960408][ T9603] do_syscall_64+0xcd/0x4c0 [ 342.960422][ T9603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.960436][ T9603] RIP: 0033:0x7fc7d358eec9 [ 342.960449][ T9603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 342.960462][ T9603] RSP: 002b:00007fc7d44e20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 342.960476][ T9603] RAX: ffffffffffffffda RBX: 00007fc7d37e5fa8 RCX: 00007fc7d358eec9 [ 342.960486][ T9603] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fc7d37e5fa8 [ 342.960494][ T9603] RBP: 00007fc7d37e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 342.960502][ T9603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.960510][ T9603] R13: 00007fc7d37e6038 R14: 00007ffebaaf6060 R15: 00007ffebaaf6148 [ 342.960527][ T9603] [ 344.003433][ T9611] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78008 [ 344.018744][ T9611] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 344.032733][ T9611] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 344.040712][ T9611] page_type: f5(slab) [ 344.045029][ T9611] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 344.054070][ T9611] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 344.062756][ T9611] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 344.097404][ T9611] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 344.113163][ T9611] head: 00fff00000000003 ffffea0001e00201 00000000ffffffff 00000000ffffffff [ 344.133468][ T9611] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 344.163241][ T9611] page dumped because: unmovable page [ 344.204044][ T9611] page_owner tracks the page as allocated [ 344.236924][ T9611] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5878, tgid 5878 (udevd), ts 338473200716, free_ts 338453449444 [ 344.335216][ T9611] post_alloc_hook+0x1c0/0x230 [ 344.344904][ T9611] get_page_from_freelist+0x132b/0x38e0 [ 344.350507][ T9611] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 344.357609][ T9611] alloc_pages_mpol+0x1fb/0x550 [ 344.362527][ T9611] new_slab+0x247/0x330 [ 344.367741][ T9611] ___slab_alloc+0xcf2/0x1750 [ 344.372436][ T9611] __slab_alloc.constprop.0+0x56/0xb0 [ 344.378312][ T9611] __kmalloc_noprof+0x2f2/0x510 [ 344.437897][ T9611] tomoyo_realpath_from_path+0xc2/0x6e0 [ 344.443784][ T9611] tomoyo_check_open_permission+0x2ab/0x3c0 [ 344.449829][ T9611] tomoyo_file_open+0x6b/0x90 [ 344.454638][ T9611] security_file_open+0x84/0x1e0 [ 344.459688][ T9611] do_dentry_open+0x596/0x1530 [ 344.464684][ T9611] vfs_open+0x82/0x3f0 [ 344.468816][ T9611] path_openat+0x1de4/0x2cb0 [ 344.473713][ T9611] do_filp_open+0x20b/0x470 [ 344.479710][ T9611] page last free pid 5237 tgid 5237 stack trace: [ 344.486144][ T9611] __free_frozen_pages+0x7d5/0x10f0 [ 344.492521][ T9611] __put_partials+0x165/0x1c0 [ 344.497370][ T9611] qlist_free_all+0x4d/0x120 [ 344.502047][ T9611] kasan_quarantine_reduce+0x195/0x1e0 [ 344.507678][ T9611] __kasan_slab_alloc+0x69/0x90 [ 344.513452][ T9611] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 344.522765][ T9611] getname_flags.part.0+0x4c/0x550 [ 344.529171][ T9611] getname_flags+0x93/0xf0 [ 344.533890][ T9611] do_readlinkat+0xb4/0x3a0 [ 344.538914][ T9611] __x64_sys_readlink+0x78/0xc0 [ 344.544069][ T9611] do_syscall_64+0xcd/0x4c0 [ 344.548602][ T9611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.161165][ T9637] usb usb15: usbfs: process 9637 (syz.1.652) did not claim interface 0 before use [ 347.888781][ T9656] ptrace attach of "./syz-executor exec"[5866] was attempted by ""[9656] [ 348.767823][ T9671] overlayfs: missing 'lowerdir' [ 350.630606][ T9701] ptrace attach of "./syz-executor exec"[5871] was attempted by ""[9701] [ 350.727547][ T9700] tipc: Started in network mode [ 350.756562][ T9700] tipc: Node identity 45e5412, cluster identity 4711 [ 350.763278][ T9700] tipc: Node number set to 73290770 [ 350.886797][ T9700] FAULT_INJECTION: forcing a failure. [ 350.886797][ T9700] name failslab, interval 1, probability 0, space 0, times 0 [ 350.953319][ T9709] ptrace attach of "./syz-executor exec"[8511] was attempted by ""[9709] [ 350.961963][ T9700] CPU: 1 UID: 0 PID: 9700 Comm: syz.2.668 Not tainted syzkaller #0 PREEMPT(full) [ 350.961998][ T9700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 350.962014][ T9700] Call Trace: [ 350.962023][ T9700] [ 350.962033][ T9700] dump_stack_lvl+0x16c/0x1f0 [ 350.962075][ T9700] should_fail_ex+0x512/0x640 [ 350.962114][ T9700] ? fs_reclaim_acquire+0xae/0x150 [ 350.962164][ T9700] should_failslab+0xc2/0x120 [ 350.962200][ T9700] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 350.962233][ T9700] ? security_inode_alloc+0x3b/0x2b0 [ 350.962267][ T9700] security_inode_alloc+0x3b/0x2b0 [ 350.962303][ T9700] inode_init_always_gfp+0xce4/0x1030 [ 350.962338][ T9700] alloc_inode+0x86/0x240 [ 350.962373][ T9700] iget_locked+0x2e4/0x830 [ 350.962423][ T9700] ? __pfx_iget_locked+0x10/0x10 [ 350.962463][ T9700] ? find_held_lock+0x2b/0x80 [ 350.962491][ T9700] ? kernfs_root+0xee/0x2a0 [ 350.962530][ T9700] kernfs_get_inode+0x48/0x460 [ 350.962563][ T9700] kernfs_iop_lookup+0x1a7/0x2d0 [ 350.962598][ T9700] ? __pfx_kernfs_iop_lookup+0x10/0x10 [ 350.962630][ T9700] lookup_open.isra.0+0x4da/0x1580 [ 350.962666][ T9700] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 350.962715][ T9700] ? mnt_get_write_access+0x20c/0x300 [ 350.962759][ T9700] path_openat+0x893/0x2cb0 [ 350.962802][ T9700] ? __pfx_path_openat+0x10/0x10 [ 350.962843][ T9700] do_filp_open+0x20b/0x470 [ 350.962874][ T9700] ? __pfx_do_filp_open+0x10/0x10 [ 350.962933][ T9700] ? alloc_fd+0x471/0x7d0 [ 350.962972][ T9700] do_sys_openat2+0x11b/0x1d0 [ 350.963010][ T9700] ? __pfx_do_sys_openat2+0x10/0x10 [ 350.963054][ T9700] ? __pfx___might_resched+0x10/0x10 [ 350.963096][ T9700] __x64_sys_openat+0x174/0x210 [ 350.963127][ T9700] ? __pfx___x64_sys_openat+0x10/0x10 [ 350.963167][ T9700] do_syscall_64+0xcd/0x4c0 [ 350.963195][ T9700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.963225][ T9700] RIP: 0033:0x7fd88958eec9 [ 350.963247][ T9700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.963272][ T9700] RSP: 002b:00007fd88a46a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 350.963301][ T9700] RAX: ffffffffffffffda RBX: 00007fd8897e5fa0 RCX: 00007fd88958eec9 [ 350.963318][ T9700] RDX: 000000000000a001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 350.963335][ T9700] RBP: 00007fd889611f91 R08: 0000000000000000 R09: 0000000000000000 [ 350.963350][ T9700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 350.963365][ T9700] R13: 00007fd8897e6038 R14: 00007fd8897e5fa0 R15: 00007ffdf95d3e38 [ 350.963401][ T9700] [ 351.587451][ T9711] netlink: 342 bytes leftover after parsing attributes in process `syz.2.671'. [ 352.833034][ T9734] netlink: 28 bytes leftover after parsing attributes in process `syz.1.675'. [ 352.895672][ T9734] geneve1: entered promiscuous mode [ 352.930691][ T9734] geneve1: entered allmulticast mode [ 353.569190][ T9742] netlink: 28 bytes leftover after parsing attributes in process `syz.1.677'. [ 355.422866][ T9742] team0 (unregistering): Port device team_slave_0 removed [ 355.487157][ T9742] team0 (unregistering): Port device team_slave_1 removed [ 357.934949][ T9792] usb usb15: usbfs: process 9792 (syz.4.689) did not claim interface 0 before use [ 360.974420][ T9828] IPVS: length: 131 != 8 [ 363.407027][ T9829] netlink: 268 bytes leftover after parsing attributes in process `syz.4.697'. [ 367.144770][ T9858] usb usb15: usbfs: process 9858 (syz.0.701) did not claim interface 0 before use [ 367.688103][ T9861] sctp: [Deprecated]: syz.2.703 (pid 9861) Use of struct sctp_assoc_value in delayed_ack socket option. [ 367.688103][ T9861] Use struct sctp_sack_info instead [ 367.996019][ T30] audit: type=1326 audit(4294968566.429:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9859 comm="syz.2.703" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd88958eec9 code=0x0 [ 368.286155][ T9870] ptrace attach of "./syz-executor exec"[8511] was attempted by ""[9870] [ 370.964996][ T9884] FAULT_INJECTION: forcing a failure. [ 370.964996][ T9884] name failslab, interval 1, probability 0, space 0, times 0 [ 370.977921][ T9884] CPU: 1 UID: 0 PID: 9884 Comm: syz.1.708 Not tainted syzkaller #0 PREEMPT(full) [ 370.977940][ T9884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 370.977949][ T9884] Call Trace: [ 370.977954][ T9884] [ 370.977959][ T9884] dump_stack_lvl+0x16c/0x1f0 [ 370.977991][ T9884] should_fail_ex+0x512/0x640 [ 370.978014][ T9884] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 370.978033][ T9884] should_failslab+0xc2/0x120 [ 370.978052][ T9884] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 370.978068][ T9884] ? __pfx___might_resched+0x10/0x10 [ 370.978083][ T9884] ? __anon_vma_prepare+0xae/0x5e0 [ 370.978101][ T9884] __anon_vma_prepare+0xae/0x5e0 [ 370.978115][ T9884] ? do_raw_spin_lock+0x12c/0x2b0 [ 370.978139][ T9884] __vmf_anon_prepare+0x11c/0x240 [ 370.978166][ T9884] do_huge_pmd_anonymous_page+0x161/0x2080 [ 370.978183][ T9884] ? __pmd_alloc+0x3fb/0x930 [ 370.978205][ T9884] __handle_mm_fault+0x1ccd/0x2a50 [ 370.978225][ T9884] ? __pfx___handle_mm_fault+0x10/0x10 [ 370.978255][ T9884] handle_mm_fault+0x589/0xd10 [ 370.978274][ T9884] __get_user_pages+0x551/0x34a0 [ 370.978304][ T9884] ? __pfx___get_user_pages+0x10/0x10 [ 370.978331][ T9884] populate_vma_page_range+0x267/0x3f0 [ 370.978360][ T9884] ? __pfx_populate_vma_page_range+0x10/0x10 [ 370.978385][ T9884] ? __pfx_find_vma_intersection+0x10/0x10 [ 370.978406][ T9884] ? do_mmap+0x69c/0x1210 [ 370.978428][ T9884] __mm_populate+0x1d8/0x380 [ 370.978441][ T9884] ? __pfx___mm_populate+0x10/0x10 [ 370.978455][ T9884] ? up_write+0x1b2/0x520 [ 370.978477][ T9884] vm_mmap_pgoff+0x37f/0x470 [ 370.978500][ T9884] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 370.978523][ T9884] ? __x64_sys_futex+0x1e0/0x4c0 [ 370.978541][ T9884] ? __x64_sys_futex+0x1e9/0x4c0 [ 370.978567][ T9884] ksys_mmap_pgoff+0x7d/0x5c0 [ 370.978586][ T9884] ? xfd_validate_state+0x61/0x180 [ 370.978609][ T9884] ? __pfx_ksys_write+0x10/0x10 [ 370.978629][ T9884] __x64_sys_mmap+0x125/0x190 [ 370.978653][ T9884] do_syscall_64+0xcd/0x4c0 [ 370.978667][ T9884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.978681][ T9884] RIP: 0033:0x7fd4b438eec9 [ 370.978696][ T9884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 370.978708][ T9884] RSP: 002b:00007fd4b5262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 370.978722][ T9884] RAX: ffffffffffffffda RBX: 00007fd4b45e5fa0 RCX: 00007fd4b438eec9 [ 370.978731][ T9884] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 370.978739][ T9884] RBP: 00007fd4b4411f91 R08: 0000000000000007 R09: 0000000800008000 [ 370.978748][ T9884] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 370.978755][ T9884] R13: 00007fd4b45e6038 R14: 00007fd4b45e5fa0 R15: 00007ffcceff26f8 [ 370.978774][ T9884] [ 372.157265][ T6032] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 376.189819][ T9932] overlayfs: missing 'lowerdir' [ 377.602439][ T9970] FAULT_INJECTION: forcing a failure. [ 377.602439][ T9970] name failslab, interval 1, probability 0, space 0, times 0 [ 377.666970][ T9970] CPU: 1 UID: 0 PID: 9970 Comm: syz.1.721 Not tainted syzkaller #0 PREEMPT(full) [ 377.667007][ T9970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 377.667021][ T9970] Call Trace: [ 377.667029][ T9970] [ 377.667038][ T9970] dump_stack_lvl+0x16c/0x1f0 [ 377.667081][ T9970] should_fail_ex+0x512/0x640 [ 377.667116][ T9970] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 377.667149][ T9970] should_failslab+0xc2/0x120 [ 377.667181][ T9970] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 377.667209][ T9970] ? __d_alloc+0x32/0xae0 [ 377.667242][ T9970] __d_alloc+0x32/0xae0 [ 377.667275][ T9970] d_alloc_pseudo+0x1c/0xc0 [ 377.667308][ T9970] alloc_file_pseudo+0xcf/0x230 [ 377.667344][ T9970] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 377.667388][ T9970] __shmem_file_setup+0x1a3/0x330 [ 377.667418][ T9970] shmem_zero_setup+0x93/0x1a0 [ 377.667451][ T9970] __mmap_region+0x2081/0x27b0 [ 377.667485][ T9970] ? finish_task_switch.isra.0+0x21c/0xc10 [ 377.667513][ T9970] ? __pfx___mmap_region+0x10/0x10 [ 377.667542][ T9970] ? rcu_is_watching+0x12/0xc0 [ 377.667576][ T9970] ? rcu_is_watching+0x12/0xc0 [ 377.667602][ T9970] ? trace_sched_exit_tp+0xd1/0x120 [ 377.667639][ T9970] ? __schedule+0x11a3/0x5de0 [ 377.667672][ T9970] ? __lock_acquire+0x62e/0x1ce0 [ 377.667724][ T9970] ? __pfx___schedule+0x10/0x10 [ 377.667808][ T9970] ? trace_cap_capable+0x18d/0x200 [ 377.667851][ T9970] mmap_region+0x1ab/0x3f0 [ 377.667883][ T9970] ? __get_unmapped_area+0x267/0x440 [ 377.667924][ T9970] do_mmap+0xa3e/0x1210 [ 377.667967][ T9970] ? __pfx_do_mmap+0x10/0x10 [ 377.668004][ T9970] ? __pfx_down_write_killable+0x10/0x10 [ 377.668036][ T9970] vm_mmap_pgoff+0x29e/0x470 [ 377.668079][ T9970] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 377.668123][ T9970] ? __x64_sys_futex+0x1e0/0x4c0 [ 377.668155][ T9970] ? __x64_sys_futex+0x1e9/0x4c0 [ 377.668191][ T9970] ksys_mmap_pgoff+0x7d/0x5c0 [ 377.668226][ T9970] ? xfd_validate_state+0x61/0x180 [ 377.668261][ T9970] ? __pfx_ksys_write+0x10/0x10 [ 377.668296][ T9970] __x64_sys_mmap+0x125/0x190 [ 377.668339][ T9970] do_syscall_64+0xcd/0x4c0 [ 377.668365][ T9970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.668397][ T9970] RIP: 0033:0x7fd4b438eec9 [ 377.668417][ T9970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 377.668442][ T9970] RSP: 002b:00007fd4b5241038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 377.668466][ T9970] RAX: ffffffffffffffda RBX: 00007fd4b45e6090 RCX: 00007fd4b438eec9 [ 377.668484][ T9970] RDX: 00000000000000df RSI: 0000000004020009 RDI: 0000000000000000 [ 377.668500][ T9970] RBP: 00007fd4b4411f91 R08: 0000000000000401 R09: 0000000000008000 [ 377.668516][ T9970] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 377.668531][ T9970] R13: 00007fd4b45e6128 R14: 00007fd4b45e6090 R15: 00007ffcceff26f8 [ 377.668567][ T9970] [ 377.952999][ T9956] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 377.959071][ T9956] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 377.965815][ T9956] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 377.972004][ T9956] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 377.977977][ T9956] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 378.301244][ T9956] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 378.729396][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.741133][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.521346][ T6032] Bluetooth: hci1: command 0x0406 tx timeout [ 379.587834][ T9989] ptrace attach of "./syz-executor exec"[8511] was attempted by ""[9989] [ 380.001201][ T6032] Bluetooth: hci4: command 0x0c1a tx timeout [ 380.007449][ T6032] Bluetooth: hci3: command 0x0406 tx timeout [ 380.013607][ T7655] Bluetooth: hci2: command 0x0406 tx timeout [ 382.084167][ T6032] Bluetooth: hci4: command 0x0c1a tx timeout [ 384.163547][ T6032] Bluetooth: hci4: command 0x0c1a tx timeout [ 386.018896][ T6032] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 386.026483][ T6032] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 390.154582][ T30] audit: type=1800 audit(4294968588.578:10): pid=10130 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.758" name="features" dev="configfs" ino=53923 res=0 errno=0 [ 390.265025][T10123] FAULT_INJECTION: forcing a failure. [ 390.265025][T10123] name fail_futex, interval 1, probability 0, space 0, times 0 [ 390.406307][T10123] CPU: 0 UID: 0 PID: 10123 Comm: syz.4.757 Not tainted syzkaller #0 PREEMPT(full) [ 390.406341][T10123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 390.406356][T10123] Call Trace: [ 390.406365][T10123] [ 390.406373][T10123] dump_stack_lvl+0x16c/0x1f0 [ 390.406401][T10123] should_fail_ex+0x512/0x640 [ 390.406426][T10123] get_futex_key+0x1d0/0x1560 [ 390.406448][T10123] ? __pfx_get_futex_key+0x10/0x10 [ 390.406470][T10123] futex_wake+0xea/0x530 [ 390.406491][T10123] ? rcu_is_watching+0x12/0xc0 [ 390.406506][T10123] ? __pfx_futex_wake+0x10/0x10 [ 390.406528][T10123] ? kmem_cache_free+0x2d1/0x4d0 [ 390.406544][T10123] ? fd_install+0x225/0x750 [ 390.406559][T10123] ? putname+0x154/0x1a0 [ 390.406588][T10123] do_futex+0x1e3/0x350 [ 390.406608][T10123] ? __pfx_do_futex+0x10/0x10 [ 390.406626][T10123] ? __fget_files+0x204/0x3c0 [ 390.406645][T10123] __x64_sys_futex+0x1e0/0x4c0 [ 390.406666][T10123] ? __x64_sys_openat+0x174/0x210 [ 390.406679][T10123] ? __pfx___x64_sys_futex+0x10/0x10 [ 390.406704][T10123] do_syscall_64+0xcd/0x4c0 [ 390.406718][T10123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.406733][T10123] RIP: 0033:0x7f89b038eec9 [ 390.406745][T10123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 390.406759][T10123] RSP: 002b:00007f89b12cf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 390.406773][T10123] RAX: ffffffffffffffda RBX: 00007f89b05e6098 RCX: 00007f89b038eec9 [ 390.406783][T10123] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f89b05e609c [ 390.406792][T10123] RBP: 00007f89b05e6090 R08: 00007f89b12f1000 R09: 0000000000000000 [ 390.406800][T10123] R10: 000000000000000c R11: 0000000000000246 R12: 0000000000000000 [ 390.406808][T10123] R13: 00007f89b05e6128 R14: 00007ffcf4e82210 R15: 00007ffcf4e822f8 [ 390.406826][T10123] [ 394.965152][T10186] XFS: Clearing xfsstats [ 396.496667][T10221] __vm_enough_memory: pid: 10221, comm: syz.0.774, bytes: 4398046511104 not enough memory for the allocation [ 396.797453][T10209] sp0: Synchronizing with TNC [ 400.935059][T10294] ptrace attach of "./syz-executor exec"[8511] was attempted by ""[10294] [ 401.098325][T10299] netlink: 186 bytes leftover after parsing attributes in process `syz.1.786'. [ 402.573008][T10330] overlayfs: missing 'lowerdir' [ 405.367689][T10379] FAULT_INJECTION: forcing a failure. [ 405.367689][T10379] name failslab, interval 1, probability 0, space 0, times 0 [ 405.484523][T10379] CPU: 0 UID: 0 PID: 10379 Comm: syz.0.804 Not tainted syzkaller #0 PREEMPT(full) [ 405.484578][T10379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 405.484592][T10379] Call Trace: [ 405.484600][T10379] [ 405.484609][T10379] dump_stack_lvl+0x16c/0x1f0 [ 405.484650][T10379] should_fail_ex+0x512/0x640 [ 405.484684][T10379] ? fs_reclaim_acquire+0xae/0x150 [ 405.484722][T10379] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 405.484755][T10379] should_failslab+0xc2/0x120 [ 405.484776][T10379] __kmalloc_noprof+0xd2/0x510 [ 405.484797][T10379] tomoyo_realpath_from_path+0xc2/0x6e0 [ 405.484819][T10379] ? tomoyo_profile+0x47/0x60 [ 405.484834][T10379] tomoyo_path_number_perm+0x245/0x580 [ 405.484851][T10379] ? tomoyo_path_number_perm+0x237/0x580 [ 405.484869][T10379] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 405.484892][T10379] ? find_held_lock+0x2b/0x80 [ 405.484927][T10379] ? find_held_lock+0x2b/0x80 [ 405.484940][T10379] ? hook_file_ioctl_common+0x145/0x410 [ 405.484963][T10379] ? __fget_files+0x20e/0x3c0 [ 405.484982][T10379] security_file_ioctl+0x9b/0x240 [ 405.485001][T10379] __x64_sys_ioctl+0xb7/0x210 [ 405.485028][T10379] do_syscall_64+0xcd/0x4c0 [ 405.485042][T10379] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 405.485057][T10379] RIP: 0033:0x7fc7d358eec9 [ 405.485069][T10379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 405.485082][T10379] RSP: 002b:00007fc7d44a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 405.485095][T10379] RAX: ffffffffffffffda RBX: 00007fc7d37e6180 RCX: 00007fc7d358eec9 [ 405.485104][T10379] RDX: 0000000000000000 RSI: 00000000c0984124 RDI: 0000000000000002 [ 405.485112][T10379] RBP: 00007fc7d44a0090 R08: 0000000000000000 R09: 0000000000000000 [ 405.485120][T10379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 405.485128][T10379] R13: 00007fc7d37e6218 R14: 00007fc7d37e6180 R15: 00007ffebaaf6148 [ 405.485146][T10379] [ 405.485172][T10379] ERROR: Out of memory at tomoyo_realpath_from_path. [ 406.203159][T10386] FAULT_INJECTION: forcing a failure. [ 406.203159][T10386] name failslab, interval 1, probability 0, space 0, times 0 [ 406.220202][T10386] CPU: 0 UID: 0 PID: 10386 Comm: syz.1.806 Not tainted syzkaller #0 PREEMPT(full) [ 406.220236][T10386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 406.220250][T10386] Call Trace: [ 406.220258][T10386] [ 406.220267][T10386] dump_stack_lvl+0x16c/0x1f0 [ 406.220309][T10386] should_fail_ex+0x512/0x640 [ 406.220344][T10386] ? __kmalloc_noprof+0xbf/0x510 [ 406.220375][T10386] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 406.220403][T10386] should_failslab+0xc2/0x120 [ 406.220442][T10386] __kmalloc_noprof+0xd2/0x510 [ 406.220471][T10386] ? kmem_cache_free+0x2d1/0x4d0 [ 406.220503][T10386] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 406.220539][T10386] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 406.220568][T10386] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 406.220594][T10386] ? rcu_is_watching+0x12/0xc0 [ 406.220631][T10386] ? bpf_lsm_capable+0x9/0x10 [ 406.220654][T10386] ? security_capable+0x7e/0x260 [ 406.220687][T10386] genl_rcv_msg+0x55c/0x800 [ 406.220722][T10386] ? __pfx_genl_rcv_msg+0x10/0x10 [ 406.220753][T10386] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 406.220782][T10386] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 406.220818][T10386] ? __pfx_nl80211_post_doit+0x10/0x10 [ 406.220855][T10386] netlink_rcv_skb+0x155/0x420 [ 406.220891][T10386] ? __pfx_genl_rcv_msg+0x10/0x10 [ 406.220919][T10386] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 406.220971][T10386] ? netlink_deliver_tap+0x1ae/0xd30 [ 406.221010][T10386] genl_rcv+0x28/0x40 [ 406.221032][T10386] netlink_unicast+0x5aa/0x870 [ 406.221080][T10386] ? __pfx_netlink_unicast+0x10/0x10 [ 406.221120][T10386] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 406.221153][T10386] ? __lock_acquire+0xb97/0x1ce0 [ 406.221195][T10386] netlink_sendmsg+0x8d1/0xdd0 [ 406.221237][T10386] ? __pfx_netlink_sendmsg+0x10/0x10 [ 406.221278][T10386] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 406.221314][T10386] ____sys_sendmsg+0xa95/0xc70 [ 406.221343][T10386] ? copy_msghdr_from_user+0x10a/0x160 [ 406.221378][T10386] ? __pfx_____sys_sendmsg+0x10/0x10 [ 406.221415][T10386] ? __pfx_futex_wake_mark+0x10/0x10 [ 406.221462][T10386] ___sys_sendmsg+0x134/0x1d0 [ 406.221500][T10386] ? __pfx____sys_sendmsg+0x10/0x10 [ 406.221582][T10386] __sys_sendmsg+0x16d/0x220 [ 406.221618][T10386] ? __pfx___sys_sendmsg+0x10/0x10 [ 406.221653][T10386] ? __x64_sys_futex+0x1e0/0x4c0 [ 406.221710][T10386] do_syscall_64+0xcd/0x4c0 [ 406.221736][T10386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 406.221762][T10386] RIP: 0033:0x7fd4b438eec9 [ 406.221783][T10386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 406.221808][T10386] RSP: 002b:00007fd4b5262038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 406.221831][T10386] RAX: ffffffffffffffda RBX: 00007fd4b45e5fa0 RCX: 00007fd4b438eec9 [ 406.221847][T10386] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000009 [ 406.221862][T10386] RBP: 00007fd4b4411f91 R08: 0000000000000000 R09: 0000000000000000 [ 406.221877][T10386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 406.221891][T10386] R13: 00007fd4b45e6038 R14: 00007fd4b45e5fa0 R15: 00007ffcceff26f8 [ 406.221925][T10386] [ 406.536341][ C0] vkms_vblank_simulate: vblank timer overrun [ 408.136829][T10401] FAULT_INJECTION: forcing a failure. [ 408.136829][T10401] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 408.151201][T10401] CPU: 0 UID: 0 PID: 10401 Comm: syz.1.809 Not tainted syzkaller #0 PREEMPT(full) [ 408.151238][T10401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 408.151254][T10401] Call Trace: [ 408.151263][T10401] [ 408.151273][T10401] dump_stack_lvl+0x16c/0x1f0 [ 408.151327][T10401] should_fail_ex+0x512/0x640 [ 408.151371][T10401] should_fail_alloc_page+0xe7/0x130 [ 408.151408][T10401] prepare_alloc_pages+0x3c2/0x610 [ 408.151444][T10401] ? stack_depot_save_flags+0x29/0x9c0 [ 408.151487][T10401] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 408.151519][T10401] ? kasan_save_stack+0x42/0x60 [ 408.151547][T10401] ? kasan_save_stack+0x33/0x60 [ 408.151573][T10401] ? kasan_save_track+0x14/0x30 [ 408.151600][T10401] ? __kasan_slab_alloc+0x89/0x90 [ 408.151627][T10401] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 408.151655][T10401] ? ptlock_alloc+0x1f/0x70 [ 408.151677][T10401] ? pte_alloc_one+0x82/0x3a0 [ 408.151702][T10401] ? __pte_alloc+0x6d/0x3c0 [ 408.151733][T10401] ? walk_pgd_range+0xb84/0x1f50 [ 408.151761][T10401] ? __walk_page_range+0x163/0x820 [ 408.151790][T10401] ? walk_page_range_mm+0x461/0xb40 [ 408.151820][T10401] ? madvise_vma_behavior+0xa62/0x2d60 [ 408.151854][T10401] ? madvise_walk_vmas+0x31f/0x9c0 [ 408.151887][T10401] ? madvise_do_behavior+0x1e2/0x530 [ 408.151921][T10401] ? do_madvise+0x176/0x240 [ 408.151953][T10401] ? __x64_sys_madvise+0xa9/0x110 [ 408.151986][T10401] ? do_syscall_64+0xcd/0x4c0 [ 408.152008][T10401] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.152037][T10401] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 408.152074][T10401] ? look_up_lock_class+0x59/0x150 [ 408.152125][T10401] ? __lock_acquire+0xb97/0x1ce0 [ 408.152158][T10401] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 408.152198][T10401] ? policy_nodemask+0xea/0x4e0 [ 408.152234][T10401] alloc_pages_mpol+0x1fb/0x550 [ 408.152269][T10401] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 408.152314][T10401] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 408.152361][T10401] alloc_pages_noprof+0x131/0x390 [ 408.152397][T10401] pte_alloc_one+0x1c/0x3a0 [ 408.152427][T10401] __pte_alloc+0x6d/0x3c0 [ 408.152461][T10401] ? __pfx___pte_alloc+0x10/0x10 [ 408.152495][T10401] ? walk_pgd_range+0x13b4/0x1f50 [ 408.152532][T10401] walk_pgd_range+0xb84/0x1f50 [ 408.152568][T10401] ? __pfx_guard_install_set_pte+0x10/0x10 [ 408.152606][T10401] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 408.152642][T10401] ? __pfx_guard_install_set_pte+0x10/0x10 [ 408.152681][T10401] ? __pfx_guard_install_set_pte+0x10/0x10 [ 408.152714][T10401] ? __pfx_guard_install_set_pte+0x10/0x10 [ 408.152747][T10401] ? __pfx_walk_pgd_range+0x10/0x10 [ 408.152789][T10401] __walk_page_range+0x163/0x820 [ 408.152824][T10401] ? find_vma+0xbf/0x140 [ 408.152861][T10401] ? __pfx_find_vma+0x10/0x10 [ 408.152896][T10401] ? walk_page_test+0x9b/0x180 [ 408.152929][T10401] walk_page_range_mm+0x461/0xb40 [ 408.152967][T10401] ? __pfx_walk_page_range_mm+0x10/0x10 [ 408.153011][T10401] ? __anon_vma_prepare+0x2e2/0x5e0 [ 408.153044][T10401] madvise_vma_behavior+0xa62/0x2d60 [ 408.153085][T10401] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 408.153124][T10401] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 408.153163][T10401] ? __pfx_mas_prev+0x10/0x10 [ 408.153210][T10401] ? find_vma_prev+0xda/0x160 [ 408.153245][T10401] ? __pfx_find_vma_prev+0x10/0x10 [ 408.153295][T10401] ? __lock_acquire+0x62e/0x1ce0 [ 408.153337][T10401] madvise_walk_vmas+0x31f/0x9c0 [ 408.153381][T10401] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 408.153431][T10401] madvise_do_behavior+0x1e2/0x530 [ 408.153466][T10401] ? futex_private_hash_put+0x18a/0x300 [ 408.153499][T10401] ? __pfx_madvise_do_behavior+0x10/0x10 [ 408.153537][T10401] ? down_read+0x13d/0x480 [ 408.153579][T10401] do_madvise+0x176/0x240 [ 408.153615][T10401] ? __pfx_do_madvise+0x10/0x10 [ 408.153648][T10401] ? do_futex+0x122/0x350 [ 408.153705][T10401] ? xfd_validate_state+0x61/0x180 [ 408.153740][T10401] ? __pfx_ksys_write+0x10/0x10 [ 408.153799][T10401] __x64_sys_madvise+0xa9/0x110 [ 408.153841][T10401] ? lockdep_hardirqs_on+0x7c/0x110 [ 408.153879][T10401] do_syscall_64+0xcd/0x4c0 [ 408.153906][T10401] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.153932][T10401] RIP: 0033:0x7fd4b438eec9 [ 408.153954][T10401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 408.153981][T10401] RSP: 002b:00007fd4b5220038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 408.154017][T10401] RAX: ffffffffffffffda RBX: 00007fd4b45e6180 RCX: 00007fd4b438eec9 [ 408.154036][T10401] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 408.154052][T10401] RBP: 00007fd4b4411f91 R08: 0000000000000000 R09: 0000000000000000 [ 408.154069][T10401] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 408.154084][T10401] R13: 00007fd4b45e6218 R14: 00007fd4b45e6180 R15: 00007ffcceff26f8 [ 408.154134][T10401] [ 408.627819][ C0] vkms_vblank_simulate: vblank timer overrun [ 410.466792][T10422] ptrace attach of "./syz-executor exec"[5873] was attempted by ""[10422] [ 410.506350][T10416] FAULT_INJECTION: forcing a failure. [ 410.506350][T10416] name failslab, interval 1, probability 0, space 0, times 0 [ 410.563960][T10416] CPU: 1 UID: 0 PID: 10416 Comm: syz.4.815 Not tainted syzkaller #0 PREEMPT(full) [ 410.563992][T10416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 410.564006][T10416] Call Trace: [ 410.564015][T10416] [ 410.564024][T10416] dump_stack_lvl+0x16c/0x1f0 [ 410.564071][T10416] should_fail_ex+0x512/0x640 [ 410.564106][T10416] ? fs_reclaim_acquire+0xae/0x150 [ 410.564143][T10416] ? tomoyo_encode2+0x100/0x3e0 [ 410.564175][T10416] should_failslab+0xc2/0x120 [ 410.564207][T10416] __kmalloc_noprof+0xd2/0x510 [ 410.564236][T10416] ? d_absolute_path+0x136/0x1a0 [ 410.564276][T10416] tomoyo_encode2+0x100/0x3e0 [ 410.564315][T10416] tomoyo_encode+0x29/0x50 [ 410.564346][T10416] tomoyo_realpath_from_path+0x18f/0x6e0 [ 410.564392][T10416] tomoyo_path_number_perm+0x245/0x580 [ 410.564421][T10416] ? tomoyo_path_number_perm+0x237/0x580 [ 410.564454][T10416] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 410.564486][T10416] ? find_held_lock+0x2b/0x80 [ 410.564545][T10416] ? find_held_lock+0x2b/0x80 [ 410.564569][T10416] ? hook_file_ioctl_common+0x145/0x410 [ 410.564609][T10416] ? __fget_files+0x20e/0x3c0 [ 410.564642][T10416] security_file_ioctl+0x9b/0x240 [ 410.564676][T10416] __x64_sys_ioctl+0xb7/0x210 [ 410.564716][T10416] do_syscall_64+0xcd/0x4c0 [ 410.564741][T10416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.564767][T10416] RIP: 0033:0x7f89b038eec9 [ 410.564787][T10416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 410.564809][T10416] RSP: 002b:00007f89b12f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 410.564832][T10416] RAX: ffffffffffffffda RBX: 00007f89b05e5fa0 RCX: 00007f89b038eec9 [ 410.564849][T10416] RDX: 0000000000000000 RSI: 00000000c0984124 RDI: 0000000000000002 [ 410.564864][T10416] RBP: 00007f89b12f0090 R08: 0000000000000000 R09: 0000000000000000 [ 410.564879][T10416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 410.564893][T10416] R13: 00007f89b05e6038 R14: 00007f89b05e5fa0 R15: 00007ffcf4e822f8 [ 410.564929][T10416] [ 410.564954][T10416] ERROR: Out of memory at tomoyo_realpath_from_path. [ 411.572546][T10413] FAULT_INJECTION: forcing a failure. [ 411.572546][T10413] name failslab, interval 1, probability 0, space 0, times 0 [ 411.612124][T10413] CPU: 0 UID: 0 PID: 10413 Comm: syz.2.811 Not tainted syzkaller #0 PREEMPT(full) [ 411.612158][T10413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 411.612174][T10413] Call Trace: [ 411.612182][T10413] [ 411.612191][T10413] dump_stack_lvl+0x16c/0x1f0 [ 411.612237][T10413] should_fail_ex+0x512/0x640 [ 411.612277][T10413] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 411.612314][T10413] should_failslab+0xc2/0x120 [ 411.612349][T10413] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 411.612379][T10413] ? __proc_create+0xc3/0x8e0 [ 411.612415][T10413] ? __proc_create+0x2ce/0x8e0 [ 411.612457][T10413] __proc_create+0x2ce/0x8e0 [ 411.612495][T10413] ? __pfx___proc_create+0x10/0x10 [ 411.612537][T10413] ? mark_held_locks+0x49/0x80 [ 411.612572][T10413] proc_create_reg+0x7d/0x180 [ 411.612611][T10413] proc_create_net_data+0x8e/0x1c0 [ 411.612649][T10413] ? __pfx_proc_create_net_data+0x10/0x10 [ 411.612687][T10413] ? __pfx___netlink_kernel_create+0x10/0x10 [ 411.612725][T10413] ? fib4_semantics_init+0x25/0x100 [ 411.612767][T10413] fib_proc_init+0x58/0x1b0 [ 411.612804][T10413] fib_net_init+0x2af/0x3f0 [ 411.612828][T10413] ? __pfx___register_sysctl_table+0x10/0x10 [ 411.612866][T10413] ? __pfx_fib_net_init+0x10/0x10 [ 411.612890][T10413] ? lockdep_init_map_type+0x5c/0x280 [ 411.612925][T10413] ? __pfx_nl_fib_input+0x10/0x10 [ 411.612956][T10413] ? devinet_init_net+0x5c2/0x910 [ 411.612988][T10413] ? __pfx_fib_net_init+0x10/0x10 [ 411.613012][T10413] ops_init+0x1e2/0x5f0 [ 411.613048][T10413] setup_net+0x10f/0x380 [ 411.613071][T10413] ? lockdep_init_map_type+0x5c/0x280 [ 411.613108][T10413] ? __pfx_setup_net+0x10/0x10 [ 411.613135][T10413] ? debug_mutex_init+0x37/0x70 [ 411.613168][T10413] copy_net_ns+0x2a6/0x5f0 [ 411.613200][T10413] create_new_namespaces+0x3ea/0xa90 [ 411.613253][T10413] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 411.613290][T10413] ksys_unshare+0x45b/0xa40 [ 411.613328][T10413] ? __pfx_ksys_unshare+0x10/0x10 [ 411.613365][T10413] ? xfd_validate_state+0x61/0x180 [ 411.613414][T10413] __x64_sys_unshare+0x31/0x40 [ 411.613448][T10413] do_syscall_64+0xcd/0x4c0 [ 411.613483][T10413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 411.613509][T10413] RIP: 0033:0x7fd88958eec9 [ 411.613534][T10413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 411.613560][T10413] RSP: 002b:00007fd88a46a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 411.613587][T10413] RAX: ffffffffffffffda RBX: 00007fd8897e5fa0 RCX: 00007fd88958eec9 [ 411.613606][T10413] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 411.613622][T10413] RBP: 00007fd889611f91 R08: 0000000000000000 R09: 0000000000000000 [ 411.613639][T10413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 411.613655][T10413] R13: 00007fd8897e6038 R14: 00007fd8897e5fa0 R15: 00007ffdf95d3e38 [ 411.613702][T10413] [ 413.338395][T10440] netlink: 186 bytes leftover after parsing attributes in process `syz.4.818'. [ 413.748386][T10446] ptrace attach of "./syz-executor exec"[5871] was attempted by ""[10446] [ 414.615393][T10454] Invalid ELF header magic: != ELF [ 416.763083][T10482] FAULT_INJECTION: forcing a failure. [ 416.763083][T10482] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 416.813867][T10482] CPU: 1 UID: 0 PID: 10482 Comm: syz.4.825 Not tainted syzkaller #0 PREEMPT(full) [ 416.813888][T10482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 416.813897][T10482] Call Trace: [ 416.813902][T10482] [ 416.813907][T10482] dump_stack_lvl+0x16c/0x1f0 [ 416.813934][T10482] should_fail_ex+0x512/0x640 [ 416.813960][T10482] should_fail_alloc_page+0xe7/0x130 [ 416.813981][T10482] prepare_alloc_pages+0x3c2/0x610 [ 416.814006][T10482] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 416.814026][T10482] ? __lock_acquire+0xb97/0x1ce0 [ 416.814051][T10482] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 416.814070][T10482] ? lock_acquire+0x179/0x350 [ 416.814087][T10482] ? find_held_lock+0x2b/0x80 [ 416.814103][T10482] ? mark_held_locks+0x49/0x80 [ 416.814121][T10482] ? finish_task_switch.isra.0+0x221/0xc10 [ 416.814137][T10482] ? finish_task_switch.isra.0+0x2fa/0xc10 [ 416.814152][T10482] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 416.814175][T10482] ? policy_nodemask+0xea/0x4e0 [ 416.814196][T10482] alloc_pages_mpol+0x1fb/0x550 [ 416.814215][T10482] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 416.814239][T10482] alloc_pages_noprof+0x131/0x390 [ 416.814258][T10482] pte_alloc_one+0x1c/0x3a0 [ 416.814274][T10482] do_pte_missing+0x1afc/0x3ba0 [ 416.814339][T10482] ? mtree_range_walk+0x718/0xc00 [ 416.814362][T10482] __handle_mm_fault+0x152a/0x2a50 [ 416.814379][T10482] ? mt_find+0x3ef/0xa30 [ 416.814394][T10482] ? __pfx___handle_mm_fault+0x10/0x10 [ 416.814407][T10482] ? __pfx_mt_find+0x10/0x10 [ 416.814431][T10482] ? find_vma+0xbf/0x140 [ 416.814448][T10482] ? __pfx_find_vma+0x10/0x10 [ 416.814469][T10482] handle_mm_fault+0x589/0xd10 [ 416.814484][T10482] ? trace_raw_output_exceptions+0x131/0x150 [ 416.814507][T10482] do_user_addr_fault+0x7a6/0x1370 [ 416.814531][T10482] ? rcu_is_watching+0x12/0xc0 [ 416.814548][T10482] exc_page_fault+0x5c/0xb0 [ 416.814569][T10482] asm_exc_page_fault+0x26/0x30 [ 416.814582][T10482] RIP: 0010:__get_user_4+0x14/0x20 [ 416.814600][T10482] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 50 17 04 00 90 90 90 90 90 90 90 90 90 90 [ 416.814614][T10482] RSP: 0018:ffffc900041efbb8 EFLAGS: 00050287 [ 416.814626][T10482] RAX: 000000000000005c RBX: 1ffff9200083df78 RCX: ffffc900041efb5c [ 416.814635][T10482] RDX: 00007ffffffff000 RSI: ffffffff892b2c63 RDI: ffffffff8c163780 [ 416.814644][T10482] RBP: ffff8880302cb800 R08: d5e9e978e57f2557 R09: 0000000000000001 [ 416.814653][T10482] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 416.814661][T10482] R13: ffff8880341136c0 R14: ffffc900041efbe0 R15: 0000000000000001 [ 416.814675][T10482] ? snd_pcm_status_user64+0xc3/0x190 [ 416.814698][T10482] snd_pcm_status_user64+0xcd/0x190 [ 416.814718][T10482] ? __pfx_snd_pcm_status_user64+0x10/0x10 [ 416.814745][T10482] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 416.814766][T10482] ? lockdep_hardirqs_on+0x7c/0x110 [ 416.814786][T10482] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 416.814805][T10482] ? __wake_up+0x3f/0x60 [ 416.814823][T10482] snd_pcm_common_ioctl+0x8d1/0x3b80 [ 416.814844][T10482] ? do_vfs_ioctl+0x128/0x14f0 [ 416.814867][T10482] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 416.814889][T10482] ? __pfx_snd_pcm_common_ioctl+0x10/0x10 [ 416.814916][T10482] ? find_held_lock+0x2b/0x80 [ 416.814929][T10482] ? hook_file_ioctl_common+0x145/0x410 [ 416.814952][T10482] ? __fget_files+0x20e/0x3c0 [ 416.814970][T10482] snd_pcm_ioctl+0x7e/0xb0 [ 416.814988][T10482] ? __pfx_snd_pcm_ioctl+0x10/0x10 [ 416.815008][T10482] __x64_sys_ioctl+0x18b/0x210 [ 416.815031][T10482] do_syscall_64+0xcd/0x4c0 [ 416.815045][T10482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.815058][T10482] RIP: 0033:0x7f89b038eec9 [ 416.815069][T10482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 416.815082][T10482] RSP: 002b:00007f89b12ae038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 416.815094][T10482] RAX: ffffffffffffffda RBX: 00007f89b05e6180 RCX: 00007f89b038eec9 [ 416.815104][T10482] RDX: 0000000000000000 RSI: 00000000c0984124 RDI: 0000000000000002 [ 416.815112][T10482] RBP: 00007f89b12ae090 R08: 0000000000000000 R09: 0000000000000000 [ 416.815119][T10482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 416.815127][T10482] R13: 00007f89b05e6218 R14: 00007f89b05e6180 R15: 00007ffcf4e822f8 [ 416.815145][T10482] [ 418.267660][T10496] ptrace attach of "./syz-executor exec"[5871] was attempted by ""[10496] [ 420.119410][T10519] FAULT_INJECTION: forcing a failure. [ 420.119410][T10519] name failslab, interval 1, probability 0, space 0, times 0 [ 420.151289][T10519] CPU: 1 UID: 0 PID: 10519 Comm: syz.0.835 Not tainted syzkaller #0 PREEMPT(full) [ 420.151320][T10519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 420.151333][T10519] Call Trace: [ 420.151341][T10519] [ 420.151349][T10519] dump_stack_lvl+0x16c/0x1f0 [ 420.151389][T10519] should_fail_ex+0x512/0x640 [ 420.151424][T10519] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 420.151457][T10519] should_failslab+0xc2/0x120 [ 420.151489][T10519] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 420.151518][T10519] ? __pmd_alloc+0xbf/0x930 [ 420.151557][T10519] __pmd_alloc+0xbf/0x930 [ 420.151595][T10519] __handle_mm_fault+0xa06/0x2a50 [ 420.151625][T10519] ? mt_find+0x3ef/0xa30 [ 420.151651][T10519] ? __pfx___handle_mm_fault+0x10/0x10 [ 420.151675][T10519] ? __pfx_mt_find+0x10/0x10 [ 420.151719][T10519] ? find_vma+0xbf/0x140 [ 420.151749][T10519] ? __pfx_find_vma+0x10/0x10 [ 420.151784][T10519] handle_mm_fault+0x589/0xd10 [ 420.151811][T10519] ? trace_raw_output_exceptions+0x131/0x150 [ 420.151851][T10519] do_user_addr_fault+0x7a6/0x1370 [ 420.151891][T10519] ? rcu_is_watching+0x12/0xc0 [ 420.151916][T10519] exc_page_fault+0x5c/0xb0 [ 420.151950][T10519] asm_exc_page_fault+0x26/0x30 [ 420.151974][T10519] RIP: 0010:__get_user_4+0x14/0x20 [ 420.152012][T10519] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 50 17 04 00 90 90 90 90 90 90 90 90 90 90 [ 420.152036][T10519] RSP: 0018:ffffc90003defbb8 EFLAGS: 00050287 [ 420.152056][T10519] RAX: 000000000000005c RBX: 1ffff920007bdf78 RCX: ffffc90003defb5c [ 420.152072][T10519] RDX: 00007ffffffff000 RSI: ffffffff892b2c63 RDI: ffffffff8c163780 [ 420.152088][T10519] RBP: ffff8880302cb800 R08: d5e9e978e57f2557 R09: 0000000000000001 [ 420.152104][T10519] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 420.152119][T10519] R13: ffff88802a817340 R14: ffffc90003defbe0 R15: 0000000000000001 [ 420.152146][T10519] ? snd_pcm_status_user64+0xc3/0x190 [ 420.152185][T10519] snd_pcm_status_user64+0xcd/0x190 [ 420.152218][T10519] ? __pfx_snd_pcm_status_user64+0x10/0x10 [ 420.152266][T10519] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 420.152303][T10519] ? lockdep_hardirqs_on+0x7c/0x110 [ 420.152336][T10519] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 420.152369][T10519] ? __wake_up+0x3f/0x60 [ 420.152400][T10519] snd_pcm_common_ioctl+0x8d1/0x3b80 [ 420.152436][T10519] ? do_vfs_ioctl+0x128/0x14f0 [ 420.152473][T10519] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 420.152510][T10519] ? __pfx_snd_pcm_common_ioctl+0x10/0x10 [ 420.152549][T10519] ? find_held_lock+0x2b/0x80 [ 420.152573][T10519] ? hook_file_ioctl_common+0x145/0x410 [ 420.152612][T10519] ? __fget_files+0x20e/0x3c0 [ 420.152645][T10519] snd_pcm_ioctl+0x7e/0xb0 [ 420.152674][T10519] ? __pfx_snd_pcm_ioctl+0x10/0x10 [ 420.152707][T10519] __x64_sys_ioctl+0x18b/0x210 [ 420.152746][T10519] do_syscall_64+0xcd/0x4c0 [ 420.152771][T10519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.152796][T10519] RIP: 0033:0x7fc7d358eec9 [ 420.152814][T10519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.152837][T10519] RSP: 002b:00007fc7d44a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 420.152858][T10519] RAX: ffffffffffffffda RBX: 00007fc7d37e6180 RCX: 00007fc7d358eec9 [ 420.152875][T10519] RDX: 0000000000000000 RSI: 00000000c0984124 RDI: 0000000000000002 [ 420.152889][T10519] RBP: 00007fc7d44a0090 R08: 0000000000000000 R09: 0000000000000000 [ 420.152904][T10519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 420.152919][T10519] R13: 00007fc7d37e6218 R14: 00007fc7d37e6180 R15: 00007ffebaaf6148 [ 420.152954][T10519] [ 422.859891][T10563] netlink: 186 bytes leftover after parsing attributes in process `syz.2.832'. [ 422.993385][T10570] FAULT_INJECTION: forcing a failure. [ 422.993385][T10570] name failslab, interval 1, probability 0, space 0, times 0 [ 423.032578][T10570] CPU: 1 UID: 0 PID: 10570 Comm: syz.1.846 Not tainted syzkaller #0 PREEMPT(full) [ 423.032600][T10570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 423.032609][T10570] Call Trace: [ 423.032614][T10570] [ 423.032625][T10570] dump_stack_lvl+0x16c/0x1f0 [ 423.032652][T10570] should_fail_ex+0x512/0x640 [ 423.032674][T10570] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 423.032693][T10570] should_failslab+0xc2/0x120 [ 423.032718][T10570] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 423.032735][T10570] ? ptlock_alloc+0x1f/0x70 [ 423.032752][T10570] ptlock_alloc+0x1f/0x70 [ 423.032765][T10570] pte_alloc_one+0x82/0x3a0 [ 423.032781][T10570] do_pte_missing+0x1afc/0x3ba0 [ 423.032797][T10570] ? mtree_range_walk+0x718/0xc00 [ 423.032820][T10570] __handle_mm_fault+0x152a/0x2a50 [ 423.032837][T10570] ? mt_find+0x3ef/0xa30 [ 423.032851][T10570] ? __pfx___handle_mm_fault+0x10/0x10 [ 423.032864][T10570] ? __pfx_mt_find+0x10/0x10 [ 423.032888][T10570] ? find_vma+0xbf/0x140 [ 423.032906][T10570] ? __pfx_find_vma+0x10/0x10 [ 423.032926][T10570] handle_mm_fault+0x589/0xd10 [ 423.032941][T10570] ? trace_raw_output_exceptions+0x131/0x150 [ 423.032965][T10570] do_user_addr_fault+0x7a6/0x1370 [ 423.032989][T10570] ? rcu_is_watching+0x12/0xc0 [ 423.033006][T10570] exc_page_fault+0x5c/0xb0 [ 423.033028][T10570] asm_exc_page_fault+0x26/0x30 [ 423.033041][T10570] RIP: 0010:__get_user_4+0x14/0x20 [ 423.033060][T10570] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 50 17 04 00 90 90 90 90 90 90 90 90 90 90 [ 423.033073][T10570] RSP: 0018:ffffc900033b7bb8 EFLAGS: 00050287 [ 423.033086][T10570] RAX: 000000000000005c RBX: 1ffff92000676f78 RCX: ffffc900033b7b5c [ 423.033095][T10570] RDX: 00007ffffffff000 RSI: ffffffff892b2c63 RDI: ffffffff8c163780 [ 423.033104][T10570] RBP: ffff8880302cb800 R08: d5e9e978e57f2557 R09: 0000000000000001 [ 423.033113][T10570] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 423.033121][T10570] R13: ffff88806adddc00 R14: ffffc900033b7be0 R15: 0000000000000001 [ 423.033135][T10570] ? snd_pcm_status_user64+0xc3/0x190 [ 423.033159][T10570] snd_pcm_status_user64+0xcd/0x190 [ 423.033178][T10570] ? __pfx_snd_pcm_status_user64+0x10/0x10 [ 423.033206][T10570] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 423.033227][T10570] ? lockdep_hardirqs_on+0x7c/0x110 [ 423.033247][T10570] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 423.033267][T10570] ? __wake_up+0x3f/0x60 [ 423.033285][T10570] snd_pcm_common_ioctl+0x8d1/0x3b80 [ 423.033306][T10570] ? do_vfs_ioctl+0x128/0x14f0 [ 423.033329][T10570] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 423.033352][T10570] ? __pfx_snd_pcm_common_ioctl+0x10/0x10 [ 423.033375][T10570] ? find_held_lock+0x2b/0x80 [ 423.033388][T10570] ? hook_file_ioctl_common+0x145/0x410 [ 423.033411][T10570] ? __fget_files+0x20e/0x3c0 [ 423.033430][T10570] snd_pcm_ioctl+0x7e/0xb0 [ 423.033448][T10570] ? __pfx_snd_pcm_ioctl+0x10/0x10 [ 423.033467][T10570] __x64_sys_ioctl+0x18b/0x210 [ 423.033491][T10570] do_syscall_64+0xcd/0x4c0 [ 423.033505][T10570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.033519][T10570] RIP: 0033:0x7fd4b438eec9 [ 423.033531][T10570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.033544][T10570] RSP: 002b:00007fd4b5220038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 423.033556][T10570] RAX: ffffffffffffffda RBX: 00007fd4b45e6180 RCX: 00007fd4b438eec9 [ 423.033565][T10570] RDX: 0000000000000000 RSI: 00000000c0984124 RDI: 0000000000000002 [ 423.033573][T10570] RBP: 00007fd4b5220090 R08: 0000000000000000 R09: 0000000000000000 [ 423.033581][T10570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 423.033589][T10570] R13: 00007fd4b45e6218 R14: 00007fd4b45e6180 R15: 00007ffcceff26f8 [ 423.033607][T10570] [ 425.133816][T10575] zswap: compressor 000 not available [ 430.119784][T10639] netlink: 186 bytes leftover after parsing attributes in process `syz.0.865'. [ 431.549526][T10657] ptrace attach of "./syz-executor exec"[5871] was attempted by ""[10657] [ 431.699401][T10657] netlink: 25 bytes leftover after parsing attributes in process `syz.1.871'. [ 432.081376][T10666] netlink: 4 bytes leftover after parsing attributes in process `syz.0.873'. [ 432.097233][T10666] netlink: 25 bytes leftover after parsing attributes in process `syz.0.873'. [ 433.127323][T10692] FAULT_INJECTION: forcing a failure. [ 433.127323][T10692] name failslab, interval 1, probability 0, space 0, times 0 [ 433.199375][T10692] CPU: 1 UID: 0 PID: 10692 Comm: syz.1.878 Not tainted syzkaller #0 PREEMPT(full) [ 433.199397][T10692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 433.199407][T10692] Call Trace: [ 433.199412][T10692] [ 433.199417][T10692] dump_stack_lvl+0x16c/0x1f0 [ 433.199445][T10692] should_fail_ex+0x512/0x640 [ 433.199469][T10692] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 433.199486][T10692] should_failslab+0xc2/0x120 [ 433.199506][T10692] __kmalloc_cache_noprof+0x6a/0x3e0 [ 433.199522][T10692] ? ip6addrlbl_add+0xbb/0xc40 [ 433.199546][T10692] ip6addrlbl_add+0xbb/0xc40 [ 433.199567][T10692] ? lockdep_init_map_type+0x5c/0x280 [ 433.199590][T10692] ip6addrlbl_net_init+0x10a/0x380 [ 433.199613][T10692] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 433.199633][T10692] ops_init+0x1e2/0x5f0 [ 433.199649][T10692] setup_net+0x10f/0x380 [ 433.199660][T10692] ? lockdep_init_map_type+0x5c/0x280 [ 433.199704][T10692] ? __pfx_setup_net+0x10/0x10 [ 433.199717][T10692] ? debug_mutex_init+0x37/0x70 [ 433.199734][T10692] copy_net_ns+0x2a6/0x5f0 [ 433.199750][T10692] create_new_namespaces+0x3ea/0xa90 [ 433.199773][T10692] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 433.199792][T10692] ksys_unshare+0x45b/0xa40 [ 433.199812][T10692] ? __pfx_ksys_unshare+0x10/0x10 [ 433.199832][T10692] ? xfd_validate_state+0x61/0x180 [ 433.199858][T10692] __x64_sys_unshare+0x31/0x40 [ 433.199877][T10692] do_syscall_64+0xcd/0x4c0 [ 433.199891][T10692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.199906][T10692] RIP: 0033:0x7fd4b438eec9 [ 433.199917][T10692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 433.199931][T10692] RSP: 002b:00007fd4b5262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 433.199945][T10692] RAX: ffffffffffffffda RBX: 00007fd4b45e5fa0 RCX: 00007fd4b438eec9 [ 433.199954][T10692] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 433.199962][T10692] RBP: 00007fd4b4411f91 R08: 0000000000000000 R09: 0000000000000000 [ 433.199971][T10692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 433.199979][T10692] R13: 00007fd4b45e6038 R14: 00007fd4b45e5fa0 R15: 00007ffcceff26f8 [ 433.199998][T10692] [ 433.548629][T10676] zswap: compressor 000 not available [ 434.398698][T10697] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 434.492247][T10697] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 434.515901][T10697] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 434.669203][T10717] FAULT_INJECTION: forcing a failure. [ 434.669203][T10717] name failslab, interval 1, probability 0, space 0, times 0 [ 434.706378][T10717] CPU: 0 UID: 0 PID: 10717 Comm: syz.1.882 Not tainted syzkaller #0 PREEMPT(full) [ 434.706410][T10717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 434.706419][T10717] Call Trace: [ 434.706424][T10717] [ 434.706430][T10717] dump_stack_lvl+0x16c/0x1f0 [ 434.706457][T10717] should_fail_ex+0x512/0x640 [ 434.706479][T10717] ? __kvmalloc_node_noprof+0x124/0x620 [ 434.706498][T10717] should_failslab+0xc2/0x120 [ 434.706517][T10717] __kvmalloc_node_noprof+0x137/0x620 [ 434.706534][T10717] ? seq_read_iter+0x826/0x12c0 [ 434.706552][T10717] ? seq_read_iter+0x826/0x12c0 [ 434.706564][T10717] seq_read_iter+0x826/0x12c0 [ 434.706586][T10717] seq_read+0x3a3/0x570 [ 434.706600][T10717] ? __pfx_seq_read+0x10/0x10 [ 434.706627][T10717] full_proxy_read+0x131/0x1a0 [ 434.706650][T10717] ? __pfx_full_proxy_read+0x10/0x10 [ 434.706672][T10717] vfs_read+0x1e1/0xcf0 [ 434.706692][T10717] ? __pfx___mutex_lock+0x10/0x10 [ 434.706705][T10717] ? __pfx_vfs_read+0x10/0x10 [ 434.706726][T10717] ? __fget_files+0x20e/0x3c0 [ 434.706747][T10717] ksys_read+0x12a/0x250 [ 434.706763][T10717] ? __pfx_ksys_read+0x10/0x10 [ 434.706792][T10717] do_syscall_64+0xcd/0x4c0 [ 434.706806][T10717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.706821][T10717] RIP: 0033:0x7fd4b438eec9 [ 434.706833][T10717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 434.706846][T10717] RSP: 002b:00007fd4b5262038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 434.706859][T10717] RAX: ffffffffffffffda RBX: 00007fd4b45e5fa0 RCX: 00007fd4b438eec9 [ 434.706869][T10717] RDX: 000000000000002c RSI: 0000200000000100 RDI: 0000000000000003 [ 434.706877][T10717] RBP: 00007fd4b5262090 R08: 0000000000000000 R09: 0000000000000000 [ 434.706886][T10717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 434.706894][T10717] R13: 00007fd4b45e6038 R14: 00007fd4b45e5fa0 R15: 00007ffcceff26f8 [ 434.706912][T10717] [ 435.028988][T10697] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 436.369282][ T6032] Bluetooth: hci1: command 0x0406 tx timeout [ 436.603913][ T6049] Bluetooth: hci3: command 0x0406 tx timeout [ 436.619418][ T6032] Bluetooth: hci2: command 0x0406 tx timeout [ 437.229697][ T6032] Bluetooth: hci4: command 0x0c1a tx timeout [ 438.206858][T10758] FAULT_INJECTION: forcing a failure. [ 438.206858][T10758] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 438.220186][T10758] CPU: 0 UID: 0 PID: 10758 Comm: syz.0.890 Not tainted syzkaller #0 PREEMPT(full) [ 438.220219][T10758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 438.220235][T10758] Call Trace: [ 438.220243][T10758] [ 438.220252][T10758] dump_stack_lvl+0x16c/0x1f0 [ 438.220280][T10758] should_fail_ex+0x512/0x640 [ 438.220305][T10758] strncpy_from_user+0x3b/0x2e0 [ 438.220328][T10758] getname_flags.part.0+0x8f/0x550 [ 438.220353][T10758] getname_flags+0x93/0xf0 [ 438.220369][T10758] do_sys_openat2+0xb8/0x1d0 [ 438.220390][T10758] ? __pfx_do_sys_openat2+0x10/0x10 [ 438.220428][T10758] __x64_sys_openat+0x174/0x210 [ 438.220441][T10758] ? __pfx___x64_sys_openat+0x10/0x10 [ 438.220462][T10758] do_syscall_64+0xcd/0x4c0 [ 438.220477][T10758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.220492][T10758] RIP: 0033:0x7fc7d358eec9 [ 438.220504][T10758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 438.220518][T10758] RSP: 002b:00007fc7d44e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 438.220533][T10758] RAX: ffffffffffffffda RBX: 00007fc7d37e5fa0 RCX: 00007fc7d358eec9 [ 438.220542][T10758] RDX: 000000000014be02 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 438.220552][T10758] RBP: 00007fc7d3611f91 R08: 0000000000000000 R09: 0000000000000000 [ 438.220560][T10758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.220569][T10758] R13: 00007fc7d37e6038 R14: 00007fc7d37e5fa0 R15: 00007ffebaaf6148 [ 438.220587][T10758] [ 438.815645][T10770] FAULT_INJECTION: forcing a failure. [ 438.815645][T10770] name failslab, interval 1, probability 0, space 0, times 0 [ 438.840722][T10770] CPU: 0 UID: 0 PID: 10770 Comm: syz.4.893 Not tainted syzkaller #0 PREEMPT(full) [ 438.840752][T10770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 438.840761][T10770] Call Trace: [ 438.840766][T10770] [ 438.840772][T10770] dump_stack_lvl+0x16c/0x1f0 [ 438.840798][T10770] should_fail_ex+0x512/0x640 [ 438.840820][T10770] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 438.840838][T10770] should_failslab+0xc2/0x120 [ 438.840857][T10770] __kmalloc_cache_noprof+0x6a/0x3e0 [ 438.840872][T10770] ? gpiolib_seq_start+0x69/0x270 [ 438.840893][T10770] gpiolib_seq_start+0x69/0x270 [ 438.840910][T10770] seq_read_iter+0x2c1/0x12c0 [ 438.840933][T10770] seq_read+0x3a3/0x570 [ 438.840947][T10770] ? __pfx_seq_read+0x10/0x10 [ 438.840975][T10770] full_proxy_read+0x131/0x1a0 [ 438.840998][T10770] ? __pfx_full_proxy_read+0x10/0x10 [ 438.841020][T10770] vfs_read+0x1e1/0xcf0 [ 438.841039][T10770] ? __pfx___mutex_lock+0x10/0x10 [ 438.841052][T10770] ? __pfx_vfs_read+0x10/0x10 [ 438.841073][T10770] ? __fget_files+0x20e/0x3c0 [ 438.841094][T10770] ksys_read+0x12a/0x250 [ 438.841110][T10770] ? __pfx_ksys_read+0x10/0x10 [ 438.841131][T10770] do_syscall_64+0xcd/0x4c0 [ 438.841145][T10770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.841160][T10770] RIP: 0033:0x7f89b038eec9 [ 438.841171][T10770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 438.841190][T10770] RSP: 002b:00007f89b12f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 438.841203][T10770] RAX: ffffffffffffffda RBX: 00007f89b05e5fa0 RCX: 00007f89b038eec9 [ 438.841213][T10770] RDX: 000000000000002c RSI: 0000200000000100 RDI: 0000000000000003 [ 438.841221][T10770] RBP: 00007f89b12f0090 R08: 0000000000000000 R09: 0000000000000000 [ 438.841229][T10770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 438.841237][T10770] R13: 00007f89b05e6038 R14: 00007f89b05e5fa0 R15: 00007ffcf4e822f8 [ 438.841256][T10770] [ 438.841308][T10770] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 439.049078][T10770] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 439.057470][T10770] CPU: 0 UID: 0 PID: 10770 Comm: syz.4.893 Not tainted syzkaller #0 PREEMPT(full) [ 439.066729][T10770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 439.076761][T10770] RIP: 0010:gpiolib_seq_stop+0x4c/0xe0 [ 439.082212][T10770] Code: 48 c1 ea 03 80 3c 02 00 0f 85 98 00 00 00 48 8b 9b e0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 60 8b [ 439.101801][T10770] RSP: 0018:ffffc9000ac2fad8 EFLAGS: 00010247 [ 439.107853][T10770] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000400 [ 439.115804][T10770] RDX: 0000000000000000 RSI: ffffffff8519aa7e RDI: 0000000000000004 [ 439.123753][T10770] RBP: 0000000000000000 R08: 0000000000000dc0 R09: 00000000ffffffff [ 439.131701][T10770] R10: ffffffff8e78b193 R11: 0000000000000001 R12: 0000000000000000 [ 439.139655][T10770] R13: ffffffff8c19ed60 R14: 000000000000002c R15: 0000000000000000 [ 439.147608][T10770] FS: 00007f89b12f06c0(0000) GS:ffff8881246b9000(0000) knlGS:0000000000000000 [ 439.156520][T10770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 439.163083][T10770] CR2: 00007f5563422440 CR3: 0000000077dbc000 CR4: 00000000003526f0 [ 439.171035][T10770] Call Trace: [ 439.174296][T10770] [ 439.177208][T10770] seq_read_iter+0x610/0x12c0 [ 439.181872][T10770] seq_read+0x3a3/0x570 [ 439.186005][T10770] ? __pfx_seq_read+0x10/0x10 [ 439.190675][T10770] full_proxy_read+0x131/0x1a0 [ 439.195435][T10770] ? __pfx_full_proxy_read+0x10/0x10 [ 439.200709][T10770] vfs_read+0x1e1/0xcf0 [ 439.204851][T10770] ? __pfx___mutex_lock+0x10/0x10 [ 439.209856][T10770] ? __pfx_vfs_read+0x10/0x10 [ 439.214536][T10770] ? __fget_files+0x20e/0x3c0 [ 439.219200][T10770] ksys_read+0x12a/0x250 [ 439.223427][T10770] ? __pfx_ksys_read+0x10/0x10 [ 439.228191][T10770] do_syscall_64+0xcd/0x4c0 [ 439.232673][T10770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.238544][T10770] RIP: 0033:0x7f89b038eec9 [ 439.242937][T10770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.262526][T10770] RSP: 002b:00007f89b12f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 439.270916][T10770] RAX: ffffffffffffffda RBX: 00007f89b05e5fa0 RCX: 00007f89b038eec9 [ 439.278867][T10770] RDX: 000000000000002c RSI: 0000200000000100 RDI: 0000000000000003 [ 439.286818][T10770] RBP: 00007f89b12f0090 R08: 0000000000000000 R09: 0000000000000000 [ 439.294768][T10770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 439.302722][T10770] R13: 00007f89b05e6038 R14: 00007f89b05e5fa0 R15: 00007ffcf4e822f8 [ 439.310678][T10770] [ 439.313676][T10770] Modules linked in: [ 439.318170][T10770] ---[ end trace 0000000000000000 ]--- [ 439.391336][T10770] RIP: 0010:gpiolib_seq_stop+0x4c/0xe0 [ 439.453668][T10770] Code: 48 c1 ea 03 80 3c 02 00 0f 85 98 00 00 00 48 8b 9b e0 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 04 84 d2 75 60 8b [ 439.504332][T10770] RSP: 0018:ffffc9000ac2fad8 EFLAGS: 00010247 [ 439.510577][T10770] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000400 [ 439.522906][T10770] RDX: 0000000000000000 RSI: ffffffff8519aa7e RDI: 0000000000000004 [ 439.540625][T10770] RBP: 0000000000000000 R08: 0000000000000dc0 R09: 00000000ffffffff [ 439.549170][T10770] R10: ffffffff8e78b193 R11: 0000000000000001 R12: 0000000000000000 [ 439.562906][T10770] R13: ffffffff8c19ed60 R14: 000000000000002c R15: 0000000000000000 [ 439.574363][T10770] FS: 00007f89b12f06c0(0000) GS:ffff8881247b9000(0000) knlGS:0000000000000000 [ 439.587926][T10770] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 439.599158][T10770] CR2: 0000000000007000 CR3: 0000000077dbc000 CR4: 00000000003526f0 [ 439.617564][T10770] Kernel panic - not syncing: Fatal exception [ 439.623794][T10770] Kernel Offset: disabled [ 439.628110][T10770] Rebooting in 86400 seconds..