last executing test programs: 7.17902788s ago: executing program 2 (id=1613): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/uevent\x00', 0x800, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cpu/0/msr\x00', 0x8142, 0x0) ioctl$auto_X86_IOC_WRMSR_REGS(r2, 0xc02063a1, &(0x7f0000000440)=[0x7acb, 0x6, 0x9, 0x3, 0x4, 0x7f, 0x3, 0x2]) socket(0x2c, 0x3, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x48501, 0x0) io_uring_setup$auto(0x1, 0x0) r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) pipe$auto(0x0) ioctl$auto_I2C_SMBUS(r3, 0x720, 0x0) adjtimex$auto(0x0) timerfd_settime$auto(r1, 0x3, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/16, 0x10) 6.815107595s ago: executing program 2 (id=1615): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x73) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x3, 0xff) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0xa, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) preadv$auto(0x40000000000003, 0x0, 0xa, 0xfffffffffffff806, 0x4) r0 = socket(0x2b, 0x1, 0xffffffff) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) madvise$auto(0x0, 0xffffffffffff0004, 0x19) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r2, 0x9210641f, 0xd) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x4, 0x20, 0x0, 0x2c, 0x2d, 0x7, 0x3}) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) socket(0x1f, 0x3, 0xffffffff) 6.032610267s ago: executing program 3 (id=1618): adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002dbd7000f9dbdf250100000005000d00100000000500070010000000080009009c781e2108000a000800000014001f0000211e789c0000000a00ffff0000000014002000ff01faffffff0000000000000000000006"], 0x78}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/dev\x00', 0x40100, 0x0) pread64$auto(r3, 0x0, 0x10001, 0x830) write$auto(r2, 0x0, 0x100) read$auto(0x3, 0x0, 0x80) unshare$auto(0x40000080) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRESHEX=r2, @ANYBLOB="010026bd7000fcdbdf250100000008000200", @ANYBLOB="080001002e53520008000200299604044fd4a51b3fe6069c9828ee7b3a5e16ba6775e89c1262b0563d7c891b267fcf6ddb51c53725c0c3f6a943674a41ccec006a142932a4d7289ac6f2c824c09ff3119ea2cfc72b15d43e993d3c327652f1a5427b014be7d9c98d988e59c0c0918d4e09077ad2be00371f57ba208c7301a71c72390bc3c511734141cb81bcc13a2df82cd95bd7", @ANYRES32=0x9, @ANYBLOB="0800070004"], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0xc0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 5.786453787s ago: executing program 2 (id=1619): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) ioctl$auto(r0, 0x5609, r1) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0xeb1, r0, 0x8002) madvise$auto(0x0, 0xffffffffffff0005, 0x17) ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c03, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r3 = socket(0xa, 0x1, 0x84) r4 = getsockopt$auto(r3, 0x84, 0x1b, 0x0, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) select$auto(0xa, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x203, 0x0, 0xc, 0x5, 0x3, 0x5, 0x2000000000000002, 0x9, 0x8, 0x400000000ff, 0xa, 0x4, 0xaab, 0x5, 0x7]}, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r5, 0x0, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) openat$auto_bridges_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/encoder-1/bridges\x00', 0x14040, 0x0) mmap$auto(0x80000000, 0x202000b, 0x9, 0xeb6, r4, 0x8000) write$auto(0x3, 0x0, 0x100082) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 5.125290541s ago: executing program 0 (id=1621): mmap$auto(0x0, 0x2020009, 0x3, 0x1c, 0xfffffffffffffffa, 0x8000) (async) r0 = openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/stats\x00', 0x0, 0x0) (async) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = socket(0x10, 0x5, 0x4000) ioctl$auto(r1, 0x8946, r0) 4.884215699s ago: executing program 3 (id=1623): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20f42, 0x0) mmap$auto(0x0, 0x9, 0x9, 0xeb3, 0xfffefffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) fcntl$auto(r1, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/192, 0xc0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x8, 0xc, 0x0, 0x567) unshare$auto(0x40000080) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x800002, 0x1000000e, 0x83e2}) socket(0xf, 0x2, 0xfffffff8) io_uring_setup$auto(0x6, 0x0) migrate_pages$auto(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000001c0)=0x8) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0) r4 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$auto_TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)=0x4) sendfile$auto(r3, r3, 0x0, 0x5) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x6d2fc1, 0x0) 4.047920297s ago: executing program 0 (id=1624): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/uevent\x00', 0x800, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x45b, 0x401, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) adjtimex$auto(0x0) timerfd_settime$auto(r1, 0x3, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/16, 0x10) 3.870392769s ago: executing program 1 (id=1625): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x18000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioperm$auto(0x7fb, 0x1, 0x4000007) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.4/usb18/bConfigurationValue\x00', 0x0, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/sub1/hw_params\x00', 0x149801, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="20edd9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x19) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0x3ff) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) r2 = socket(0x1, 0x5, 0x1) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00'}) ioctl$auto(r1, 0x1260, 0x5) r3 = socket(0x2, 0x5, 0x0) socket(0xa, 0x801, 0x100) listen$auto(0x3, 0x83) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x80805, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0xad3d, &(0x7f00000000c0)={0x0, 0x4}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x0, @rand_addr=0x64010101}, 0x55) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) ustat$auto(0x801, 0x0) close_range$auto(0x0, 0xfffff004, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x83, 0x0, 0x8) 3.863791173s ago: executing program 0 (id=1626): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x73) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x3, 0xff) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0xa, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) connect$auto(0x3, 0x0, 0x55) ioperm$auto(0x3b, 0xf99b, 0x6) close_range$auto(0x0, 0xffffffffffffefff, 0x4000000000002) fanotify_init$auto(0x5, 0x2) open(&(0x7f0000000000)='./file0\x00', 0x7ffd, 0x10c) pwritev$auto(0x1, 0x0, 0x0, 0x9, 0x2) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) r0 = socket(0x2b, 0x6, 0xffffffff) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) madvise$auto(0x0, 0xffffffffffff0004, 0x19) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r2, 0x9210641f, 0xd) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/pagemap\x00', 0x202, 0x0) ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x4, 0x20, 0x0, 0x2c, 0x2d, 0x7, 0x3}) 3.493579187s ago: executing program 1 (id=1627): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x5, 0x15f4da08, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) mmap$auto(0x5, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) mincore$auto(0x1000, 0x8004, 0x0) connect$auto(0x3, 0x0, 0x10) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r2, 0x80083314, &(0x7f0000000080)=0x9) unshare$auto(0x40000080) mmap$auto(0xfffffffffffffffd, 0x400008, 0xffffffffffffff6e, 0x9b72, r0, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) accept4$auto(0xffffffffffffffff, &(0x7f0000000180)=@l2tp={0x2, 0x0, @remote, 0x3}, &(0x7f00000001c0)=0x5, 0x8001) capset$auto(0x0, 0x0) open(0x0, 0x8c1badae8aa1a932, 0x0) unshare$auto(0x9) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x5, 0x100000003, 0x9, 0x5, 0x1ff, 0x100000000, 0x3, 0x1, 0x401, 0x0, 0x8, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x8000000000000000, 0x2, 0xb, 0x1, 0x9, 0x100, 0x9, 0xa, 0x18f, 0x5, 0x3, 0x5a1, 0x1000, 0x80000001, 0x1]}, &(0x7f0000000380)={[0xefe9, 0x2, 0x1, 0x5, 0xb, 0xf, 0x4, 0x3, 0x59fc8000, 0x6, 0x8000000000000000, 0x3, 0x800, 0x9, 0x96c6, 0x5]}, &(0x7f0000000280)={0x10006, 0x8}) socket(0x2b, 0x1, 0x1) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd0\x00', 0x20240, 0x0) 3.108404176s ago: executing program 0 (id=1628): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x73) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x3, 0xff) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0xa, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) preadv$auto(0x40000000000003, 0x0, 0xa, 0xfffffffffffff806, 0x4) r0 = socket(0x2b, 0x1, 0xffffffff) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) madvise$auto(0x0, 0xffffffffffff0004, 0x19) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r2, 0x9210641f, 0xd) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x4, 0x20, 0x0, 0x2c, 0x2d, 0x7, 0x3}) (fail_nth: 2) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) socket(0x1f, 0x3, 0xffffffff) 2.979006822s ago: executing program 3 (id=1629): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@vsock={0x28, 0x0, 0xffffffff, @hyper}, 0x139b) setsockopt$auto(r0, 0x114, 0x1, 0x0, 0x1c) sysfs$auto(0x5, 0x10000000000002a, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) mmap$auto(0x0, 0x400008, 0x8, 0x9b72, r0, 0x8000) madvise$auto(0xfff, 0xffffffffffff0000, 0x8) shmdt$auto(0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram0\x00', 0x40000, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x2c, 0x1, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x3, 0x0, 0x100082) madvise$auto(0x0, 0xffffffffffff0001, 0x15) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xff7f}, 0x5) madvise$auto(0x0, 0x3, 0x15) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff8, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3034, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b6}, {0x4000, 0xfc, 0x9, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x800) bpf$auto(0x12, &(0x7f0000000040)=@link_detach, 0x26) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) 2.030612335s ago: executing program 2 (id=1630): readv$auto(0xffffffffffffffff, 0x0, 0x6) r0 = socket(0x2d, 0x2, 0x0) r1 = timerfd_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0xb0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth1_to_batadv\x00'}) sendmsg$auto_SMC_NETLINK_ENABLE_SEID(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x2d, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={0x0, 0xa0}}, 0x20040804) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0xe8) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) msgget$auto(0xc, 0xb46) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, r2, 0x28000) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, 0x0, 0x8, 0x7fffffff) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x579802, 0x0) r4 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r4, 0x0, 0x40) unshare$auto(0xb) 1.931803851s ago: executing program 0 (id=1631): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count\x00', 0xc0082, 0x0) write$auto(r0, &(0x7f0000000400)='\xca\x00', 0x9) r1 = ioctl$auto_TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, &(0x7f0000000040)=0x10) r2 = syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000140), 0xffffffffffffffff) fcntl$auto_F_WRLCK(r0, 0x0, 0x1) sendmsg$auto_NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="00012abd7000fddbdf250200000008000c00b30000003e5e4c5be0fbb0b522b2b7bc04b9e7db5b992932525444cc339441f06ca9c5f9941f9f073c3ffdfb2866b8b487acca31596490430244e4ae24dc85929c07b16ad7fd9b3871e1ef21f7b005fb2d747757656de03859701eeada3dc99a"], 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000000) r3 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D0c\x00', 0x180002, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_DRAIN2(r3, 0x4144, 0x0) unshare$auto(0x40000080) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r4) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x8200, 0x1001, 0x8, 0x1000000f, 0x66b, 0x0, 0x5}, 0x6f4) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) writev$auto(0x5, &(0x7f0000000100)={0x0, 0x7}, 0x201) vmsplice$auto(0x4, &(0x7f0000000040)={0x0, 0x80000000002}, 0x3, 0x4) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x400c080}, 0xc044040) 1.929870558s ago: executing program 3 (id=1632): mmap$auto(0xfffffffffffffffc, 0xa0009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x80002, 0x73) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyye\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfffffdef) read$auto(r0, 0x0, 0x8) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/afs/sysname\x00', 0x80002, 0x0) writev$auto(r1, &(0x7f0000000240)={0x0, 0x9}, 0xb) r2 = socket(0x25, 0x1, 0x5) mmap$auto(0x0, 0x2020009, 0x6, 0x1100eb1, 0xfffffffffffffffa, 0x8000) openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000000)='/dev/media8\x00', 0x2, 0x0) ioctl$auto(r3, 0x1, r3) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x440001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x3) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0x93, 0x0, 0x0, &(0x7f00000002c0)={[0x0, 0x9, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xfffeffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0x1f, 0x3, 0x1) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x0, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0xfffffff7effffd05, &(0x7f00000001c0)) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYRES32=r2, @ANYRES32=r4, @ANYRES32=r7], 0x2c}}, 0x4000000) readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9) 1.884032846s ago: executing program 1 (id=1633): socket(0x5, 0x3, 0x8) socket(0x22, 0x1, 0x80000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) madvise$auto(0x6, 0x1, 0xb) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x14, r1, 0x301, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810) ioctl$auto_BLKOPENZONE(r0, 0x40101286, &(0x7f0000000100)={0x8, 0xf}) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x80000000, 0xf3, 0x1) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x400c810}, 0x20000041) r2 = bpf$auto(0xfffff001, &(0x7f0000000000)=@bpf_attr_3={0xa332, 0x2, 0x7, 0x3, 0xfffffbff, 0x2, 0x1, 0x4, 0x7, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x8, 0x81, 0xb03, 0x0, 0x0, 0x7, @attach_prog_fd, 0x2, 0x630, 0x57d, 0x9, 0x8}, 0xa3) syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000140), r2) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) read$auto_uinput_fops_uinput(r3, &(0x7f0000001400)=""/4112, 0x1010) read$auto(r3, 0x0, 0xfdf3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x9, 0x0, 0x103, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0x0, 0x2, 0xec, 0x4, 0x2, 0x1, 0x4, 0xfffffffffffffff8}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) socket(0x10, 0x2, 0x0) 1.22735438s ago: executing program 2 (id=1634): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) io_uring_setup$auto(0x1, 0x0) socket(0x11, 0xa, 0xffff) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder0\x00', 0x200, 0x0) ioctl$auto_BINDER_FREEZE(r0, 0x400c620e, &(0x7f0000000400)) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) write$auto(0xffffffffffffffff, 0x0, 0x7) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYRES16=0x0], 0x14}}, 0x4000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ptrace$auto_PTRACE_GETSIGMASK(0x420a, 0x0, 0x1ff900000000000, 0x7) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x3]}, 0x0) close_range$auto(0xffffffffffffffff, 0x8, 0x1107) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x80002, 0x73) socket(0x21, 0x2, 0x2) prctl$auto(0x23, 0x200000000000009, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) socket(0xa, 0x1, 0x0) 1.169004856s ago: executing program 1 (id=1635): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pnp0/00:01/options\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = getpgid(0xffffffffffffffff) prctl$auto_PR_SET_MM_ENV_END(0x1, 0xb, r0, 0xd, 0x6b1) sysfs$auto(0x2, 0x3f, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) ioctl$auto_BLKTRACESETUP32(r1, 0xc0401273, &(0x7f00000001c0)={"88ee61a82c737df446e3870b1baddee477351ac6f8c7293f013ed518d85310d3", 0x0, 0x1, 0xfffffffa, 0x4, 0x1, 0xffffffffffffffff}) process_vm_readv$auto(r2, &(0x7f0000000400)={&(0x7f0000000300)="936f154406b7855d7dc8112084419b6c432838d1f9dad99deeab868c0f833d7dc6aa1147f1fb3c4c6398c4c98e0871c3c230b661d299bc4a4f8dfde99cf1734f1f934e5a01ecec5284ca602b92a5f6ae11b5cca242176ba19c505642227048feaccdf2792329c52e8580f850053e4eba3132c9cb9d9cff6833ea3780ff94cd9a716c2ead47e0b7a55ffbaaf4fe29756318f8327af3c006572e66624451368ebb7059fc47bb643e8b7f0a2355a463a93f4a8457a0817a42dbbbcc92100ba55071ad6ac8692afa0c927537d4ea6b922fd629f2", 0xffffffffffffffff}, 0x7, &(0x7f0000000540)={&(0x7f0000000440)="6aefc49b7711d4733e30e8c27f6ff030d9c64ae776a74e120643931937b56256f5930c2820d603e06439d9743036803c38d52ac7053da760851d893cc3adec08f3d8efb8b6000fe433855996802c789b265c05b6435cb14fae9aaeaccbf0dc8c8cec520b67475beb54d6bfc4a5163a9b44587e0aad2aca170cc252b9f0234593994f1d60bea541504ffc9eedcf37639d55c2fe5753c621f3c9c18a41188a940e4bbc33092968363552ced64e2c3a89cf36ee1ecf8d523830f5a64f39799ad28e28266cb2995c42600dd47c68f6fe6bd95e66034239662bd519b4d0a3bef064e0d2405449f6a1d5d088099228f4", 0x2}, 0xe9d7, 0x101) mmap$auto(0x3fc0000000000000, 0x8, 0xdf, 0x12, 0x2, 0x8000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0xa4000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x1, 0x200006, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) close_range$auto(0xffffffffffffffff, 0x8, 0x0) r4 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) write$auto(0x6, 0x0, 0x100000001) unlinkat$auto(r4, &(0x7f00000000c0)='./file0\x00', 0xffffffff) read$auto(r3, 0x0, 0x1f40) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000240)={0x0, 0x7}, 0x3) shmctl$auto_SHM_UNLOCK(0x2, 0xc, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x3) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/system/node/node1/hugepages/hugepages-1048576kB/demote\x00', 0x183841, 0x0) write$auto(r6, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0x4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) 956.01849ms ago: executing program 0 (id=1636): unshare$auto(0x40000080) (async) r0 = socket(0x11, 0x80003, 0x300) sendfile$auto(r0, r0, 0x0, 0xffffffff80000000) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) ioctl$auto_SG_GET_TIMEOUT2(0xffffffffffffffff, 0x2202, &(0x7f0000000300)="37b6ca423babc4ba651c378eb6edd8e65aa9cc68b725e1b5bc357741a85900b68d8769002263fd3eeee031f342f46d70f1be7ead3b54c58d0f5e80942d74d13539094de1777f1df3c60a9d297131124947359cf676a22ca0040720a53cf365b075962d50b596a1bcc2bb248a86b337026efed63f8cd2ab4d7ba4c1607ccda14d46fb6033ffc349ea97c95904fe315a5c") (async) madvise$auto(0x1, 0xd, 0x6) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x10, 0x2, 0x15) (async) openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim7/trap_flow_action_cookie\x00', 0x20600, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="10ee00"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x20004081) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x10000c4}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) (async) dup2$auto(0x0, 0x3) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-8/tx_timeout\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000080)=""/58, 0x3a) (async) sysfs$auto(0x1000006, 0x1, 0x0) (async) fcntl$auto(0x3, 0x4, 0xa553) (async) open(0x0, 0x2002, 0x1) r2 = open(&(0x7f0000000000)='./file0\x00', 0xb99864c41cced278, 0xec) fcntl$auto(0x3, 0x4, 0xa553) (async) read$auto(r2, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) (async) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) (async) r3 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0) read$auto_i2cdev_fops_i2c_dev(r3, 0x0, 0x0) (async) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/250, 0xfa) unshare$auto(0x6) (async) unshare$auto(0x40000080) (async) fcntl$auto(0x0, 0x407, 0x100000) 643.412697ms ago: executing program 3 (id=1637): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x3) r0 = socket(0xa, 0x2, 0x73) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x1, 0x6, 0x18) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x3, 0xff) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) io_uring_setup$auto(0xa, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_tracing_thresh_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/tracing_thresh\x00', 0x10001, 0x0) ioctl$auto(r1, 0x6, r0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) preadv$auto(0x40000000000003, 0x0, 0xa, 0xfffffffffffff806, 0x4) socket(0x2b, 0x1, 0xffffffff) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x4044000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r3, 0x9210641f, 0xd) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x4, 0x20, 0x0, 0x2c, 0x2d, 0x7, 0x3}) kill$auto(0x0, 0x21) madvise$auto(0x1ff, 0x400000000200009, 0x9df2) socket(0x1f, 0x3, 0xffffffff) 249.423082ms ago: executing program 3 (id=1638): unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x1f40) stat$auto(0x0, &(0x7f0000000380)={0x3, 0x3, 0x6, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0xa, 0xff, 0x100, 0x401, 0x5f57, 0x80000000, 0xaa}) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) getsockopt$auto_SO_PASSCRED(r3, 0x1, 0x10, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/tty/ptypb/power/control\x00', 0x124001, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, 0x0, 0x20048801) ioperm$auto(0xffff, 0xe, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) fcntl$auto_F_SETLK(0xffffffffffffffff, 0x6, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/can/rcvlist_inv\x00', 0x0, 0x0) pread64$auto(r4, 0x0, 0xe, 0x100000000007) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00'}) statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x9, 0x3, 0x400026, 0x940, 0x1ffde, 0x3, 0x6, 0x7ff, 0xfffffffa, 0x400005, 0xfff, 0x0, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2}, 0xfffff7fffffffffa, 0x81) mq_timedsend$auto(r2, &(0x7f0000000140)=')+{Q&[\x00', 0x7, 0x4c1, &(0x7f0000000440)={0x6, 0x4}) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) write$auto(0x3, 0x0, 0xfffffdef) 173.491292ms ago: executing program 2 (id=1639): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000011) preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x80) socket(0x2, 0x801, 0x100) mmap$auto(0x0, 0xdb33, 0xe2, 0xeb1, 0x405, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x1ff, 0xdf, 0x200000810, 0xffffffffffffffff, 0x8000) madvise$auto(0x1, 0x80000000006, 0x18) madvise$auto(0x0, 0x2003f0, 0x15) write$auto(0x3, 0x0, 0x100082) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29a02, 0x0) socket(0xa, 0x3, 0x3a) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001080)='/dev/v4l-touch5\x00', 0x2040, 0x0) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000180)=""/37, 0xfffffffffffffe92) r2 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto_proc_single_file_operations_base(r2, 0x0, 0x0) sendmsg$auto_TIPC_NL_PUBL_GET(0xffffffffffffffff, 0x0, 0x40001) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r3 = mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) ppoll$auto(&(0x7f0000000000)={r3, 0x81, 0x9}, 0x9, &(0x7f0000000040)={0x1}, &(0x7f00000000c0), 0x8) mq_timedsend$auto(r3, 0x0, 0x2000, 0x2, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_GPARAMS(r3, 0x40485404, &(0x7f0000000100)={{0x521, 0x9, 0x7, 0x9, 0xffffffff}, 0x6, 0x3, "c5a22f1570cdb0fe850e4cfaaf82a9c429d59c884998450cc5a6b0e78c6fd6e0"}) 143.145031ms ago: executing program 1 (id=1640): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), 0xffffffffffffffff) (async) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x121000, 0x0) fcntl$auto(0x3, 0x4, 0xa553) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/memory.kmem.tcp.limit_in_bytes\x00', 0xc2481, 0x0) getdents$auto(r1, &(0x7f0000000000)={0x8000000000000000, 0x1, 0x1000, "1dff6a77d4266cba903b9482eedac1340d561e6d762c65771c568044f45ec1"}, 0x1) writev$auto(r1, &(0x7f0000000080)={&(0x7f0000000580)='g', 0x6}, 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xb, 0x4, 0x5) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r4 = socket(0xa, 0x5, 0x0) getsockopt$auto(r4, 0x84, 0x12, 0x0, 0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop13\x00', 0x800, 0x0) ioctl$auto_BLKGETZONESZ(r5, 0x80041284, &(0x7f0000000180)=0x5) (async) rt_sigaction$auto(0x1, &(0x7f00000001c0)={&(0x7f0000000080)=0x0, 0x7fffffffffffffff, 0x0, {0x5}}, 0x0, 0x8) (async) rt_sigaction$auto(0x5, &(0x7f0000000140)={&(0x7f0000000040)=0x0, 0x9, 0x0, {0x81}}, 0x0, 0x8) (async) r6 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_l2cap_debugfs_fops_(r6, &(0x7f0000000240)=""/177, 0xb1) r7 = gettid() r8 = getpid() rt_tgsigqueueinfo$auto(r8, r7, 0x1, 0x0) (async) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000780)="beb89c7f5797b991b4ef30b37fce09069b299d6789f0a1068badb1ebc7fbfa20dca5c3f89c52090cbdba2481c52f9a8bc8ba8c8dac83050f1e27e0ffaa601dff3d74b411f203b0d193f592a9ee6ace9e64c117dc15c3e29a72605ce87987b53f9776af45c34b0f70462a3a29246703cacee170f17a97e9324ab404db48a6f75ec8d780f55b24fcaa19dee021c4269eab3c2008304c4f4e2e48e0e70137c1677d44d9d17be0bba071b407b8e9031d8ca589189928f94335a2a54a9bd217cad436cb80ae17bb85741d6149c36f21afbaec3021d985881f1ece2273dde647aadf7716831a58aefaad32abcc792d7c38cf3e37b809a41a576d2dbaee6a9ae352e6fb2aa1", 0x102) (async) io_pgetevents$auto(0x7, 0xe211, 0x2, &(0x7f0000000200)={0xff, 0x10000, 0x9, 0x100000000}, &(0x7f0000000300)={0x1, 0x120000000000}, &(0x7f0000000380)={&(0x7f0000000340)={0x9}}) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x2000, 0x0) (async) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002d9d7000fcdbdf252d00000018000180140002006d616376746170300000000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x400c0) 0s ago: executing program 1 (id=1641): socket(0x21, 0x1, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) (async) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x1, 0xe983, 0xb5, 0xeb2, r0, 0x167c) (async, rerun: 64) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async, rerun: 64) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) (async, rerun: 32) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (rerun: 32) close_range$auto(0x2, 0x8, 0x559) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x200300, 0x0) (async, rerun: 32) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x8080, 0x0) (async, rerun: 32) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x200, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r2) (async, rerun: 64) ioctl$auto_KVM_CREATE_VM(r1, 0xc040aed5, 0x0) (async, rerun: 64) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) (async) epoll_create$auto(0x4) (async, rerun: 32) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) (rerun: 32) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) (async) r3 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0) readv$auto(r3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0xa, 0x0) (async) getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0x80c, 0x6, &(0x7f0000000000)='!.##\x00', &(0x7f0000000080)=0x20) (async) ioctl$auto_BTRFS_IOC_FORGET_DEV(0xffffffffffffffff, 0x50009405, &(0x7f00000001c0)={@raw=0xbe, "147f624b05a2b22a62eb108f57b62c1a128c0f4a188dab9dc484db51686adb5a70d52b7f2f66145c31facd1cbb574c587628bd4cd6107b246f8f98fc23c6a864a492955d4c9350848a1d376d48008c8245ef620306a514c0e2f4dccf4932b8161402a453d31f6a2849bd701d53c73b5c87638db257f5ee75b4b2f3050dcd85bdda18e5f6c8f07bcbafc93b528f48baacd00dff67c662817347d58f7e2540061f146deeeb8a8fbea98e59c0ed49ac5898827aaa13b42a504dc9de98747915c70a39df9e7ad1373109c541923589e6364976cd3168fe3d0f085186627bde1577bbf260387eb8ecb5ad8d705de9f1e9b3d50ce454db9cbecf236dffbd3b274b5a7a63d3be027f04c7111ed622df2830ad588ef1d8b6c480b0f0772b5e7f621f8afa59a92859c296e01a7fa3f30f0d0d4337652988adb2b9d680d2c4f9896e1139548670c3598f33ba0f43def8ca1044626e75ca4d2b886f6db26ebb438a587407e59cf70e6cedf804044a4ccbccdcdcfd3e18152f5ac92af75d4deb491679de72f1b13ad5478ed08bb7acfc503580dae5c23583d01fdfecc9207f9e276540cf2328ba7a585937fd6acbda9a3a770277729be4f41177789decd4e0854b9861c08504c89215d7e8ce3473a0ad98f25d1d9e5fe2054a4ba9d3e0a67718ac00f384b74f5c8b24097e30e63af0c374c78f21d0af94486933450a311f8194051592e9e37607542244627393d338575c5a0a51815a01bd5ecf313cadddbb3c6bd4941a5c636b0c884ea266740b25c397ff3ea626070602d43ffbbebc0bddfdc47602432ecedce3bb6b0aba196f0eb714251d210bc979b4518005e41b5b6b0fc0ba793a8e77edd81553ce3a99cf9e7f4a9a41858e1971ac4127fa9995c888259e3436b7366e1344955ec1dd8628581a07056ec537e8196f87ab570af4fb4744f874fb283f8a54cae01cb32f70543eb60b6f65cc5269171d7e5fff4cbe4cc0b76983aaba8d869d8848e496e2c5359251a39e5f9d1c0c6756456dcdd744e82594b2a6bfe3db7877c7fc123c259f8f70b36b3c48ae31875d5cf3eb6b00a32e107f419a079641e51c8233f4c304b4bf7942814ec1eb8166f0b168d76fb3c05cb1d0ccd66fd15cbb399f3730076246721f4d71f5bbcb63d2309c74878bb16ec592873f7514b66118673f808c2cb16b4a7b3be7b560b5183bb231be5829d9de866ecbf23c70779c6f9d37b7d185cdf53a328eeee8ea27931c68c68edad37f2a10fbfcffacbacb80e8c39a0504bddab3156c7c35ab417aee9c979bf14718975e59ec51a37516a71abd59ddc916de121937da400f09b85e96b554a1f5688b20e2df0f814163e46db2ef60268a6c57035008998b834560a7f9a69bcde2110f8d401321db671c7cd28fce473d9dd43d598ef1e576c93281a5a510fb48e7dbfe06451e2e9718ab0b6cd6ec02b6b62ae9d6cc7ec94af64311793125d92ef9ac91b0d99445c4dae30f46ef49f8068950a6a32661094ac22af30e313fc183ebe103e709be8bcb4e657a731ac05e55a5f3b772ec5f89074fce97e565f560d172c6975dd1edde80507a9e442b208fd57520cbbcac16ddcb26fc8ef1d19d2cfb07e80d32aab1769e628303478aff29f0143140478b50d392fb3e53e0d386ea97d901c27ae5911330f337ef7048cb7f5307fb0231066c100177c09722719372aa5dcffbfa6e84469bfa884446d5848d6af5c4a324f0805e5a1c82e97387239ba24e8406edccd92d37c0bafd97160cea312ba3ef96b6982d28e0d5e2b3bba83dcee9f5de3155d635deebc55bc030f9dadc659a0b6f5a84d539077e785ed5ed098115b576a7238c3532cea0fe9f00cfad2112908e57e66be5e86339812b5257a03e735727ea8c4cf5bcf0820dcf87a906bd962806a2767971f6079613acfb781d514111f35ba1fcdecaa15764d9ca817794c536cb4b1d4a2f60cf116520aa1cd2f7ade5d38c195ee6aaa196ceeaad0a3d642b0e4b54a5c9ffe8941e4f661aba9b9d77a0e2af0d1dd8120810f4b4f93bc56a2405b32ec460ccfae654ed07abfbfc3dab30d5e0b77538033ee73833910ecb297be29cf034a1133583e5afd7633e4a1b44c844cd34eb7d5e07d74e695b4abea1a70b5eb902385563e30134ec33ada8dc78433b4eefa2ead19df77dfc71148607e5c708f7692f1645e7a323f175849bd045f0bbed4f6a06169deceb2a4d361493ee6db8c7b0bd18b9782f48f7459c9d9033221dcf6a07464c04df0b11f99a943e12b1b0b6dc71c3bfef7128b2df83f1ee99952e4cc0a51189a21302e998fd2ed37b2ae8bfd96a47d50eb3d196fea3af714157e6a4e0630e0944de57556aa3225b485388faed23a9a9d595a5ff296e8e29452ef5541230954d4d0f916a27781041902f13cf0e962527e1a0f659a95a0c3831bb62841ba3e01c74859818283ad0725e76ed82f695405fffccd90ad1be0ad211891546a2ab3f75b9872c3ad68c2f5f4d8510cf1e087e789c5ab821ef46e197a36986434b1569499ad2717db7b200afd77b7542ba00a46192341aee8fe3bfe3d6e0c2767cafca11ce2beaf97602ef9095e815ab6eaec42399865f724ee9d96217f45a84a0def5d87375c65e0430cdc83422b8d367982f2722e793c6ba37687d34f0e2068c114fae854a3158abba5f5689a40488d095de19071a71d8d7a17f4389f2d20c4c0f9c16760d52d166acc5c201cfaecc0fc54b7143c60aaaac0ae196b36f3e1447e3e0992be2642ca8302b24514bd06cce84279ce361bb8ce245ca5152848ab4cced61c67e4579c0db21efd26efc0780cf4a04b02ddaa54335fa327d57320307e0dc3fe1f6cdb686150e2235e05ddeba10a193d49408ee47f57229a6ff30351dedf61b8789900eb15db5b0069c57984ba31710509d88da1d78b3eface0ad5b2cb7f303e248cb68abfd5a0c3ac672d1f6178fe54ef67e034d38c01e3458d9b64a97eb0cccfae7efbbbc0c8b806e75ae5dbdf641d8daa862f90cac0d460c6f70a7765169cd1e9fe305db403e4e453ce84c35a3573751a93ca7dd478ba547449254f3d7ac7b05f345bf0eec346db042b982c964c81545bf05986d033df8e41e9e19d3561250514ed703444048f44763261a860aa3cf0b539544af9a1fc4ba7f989111e00dcab0e64b538a1019467c3b43641e13c2707a4fdc78648b92302a54a0e7e3de53488e852f0fe658557ad1df2cf12a898515769bcde0f4a3386764d5b2f0eba5eee1e3257215c005b3bad612ff43b4121efc277fe9b80c69eee2c1ffdcb3ef843485d636a0025848254e22cd2f51c1f85202ae22d53969072c1ec4dbb973a157059ed523b8dad9671f6bba68a9d4521564a826b208df019ea32eeaf5b8f973263fdcab4c2519ac0d5ce4c181b12ba71bb3fc02388e72e89a24152e07b264fb00b425633ca2b2aaccd7208d5df00002b7fa4502656593a8e84e4b620bc65a60bf3d3c8b0c1d0ac93bcc711b9cf206b1037d3437e515913badbd7ce52a69b32cd5b828193dac41fe0ff1a869bf086927eff915e422be23f40a54a2384e478f74bb2a397ecd214224294d9300d921afad2f50960e9830dc1ac8ee08ea0ff474d40a23b1f7dbc7761120c889b3354281751342d2429eb2555a8a57063f61c6cb3115d99d41a040c4d9fb3c5ddec980abfef33562607b7ad6fc8ac67c8026d50f2e01d949d065a8ea488b3d0d7ba296c914352b99a6c36aad4c030d1f9bef8696cb6d9dee3835646695b2a43f8682405c118477dd6486699dcd9cb93d911dae691fabfdfcc76ae48bcdf5d5ea87fffdcaf4e14faaa36689da73c9012ff943a787ec0e83f52cf221219f3468bdc010698450a19717e4ed062ab7d682d9e18c4469581bd09cd31aeaf1d17afb02b9cd769f56830d0ad155e4898889b438edfb13fb40d46bfe082ae1cd0f287805e4f2d011f43cd070f883668f45612132b19ff2f406bf80a1e5e69c741c63bc366c102a7a7e78d92e058d1f771031e582094bc7536182ddf2b88ef13d6573d0d34183c5e4dff48654ec1d18a44f6b2c67b17eb06489523bc3e7908b612e5204985cad17ff99b41650e49e469d8d80f3a2e32e93826e02160fbf19d92ab300bee4319b333aa9e96ac46d22ed71cf8394663f62362fe145094d140588c2e6f3eadc0bc16f6f6172aeac1e9ca44d93fa1399c641729e21f97f25ce5b4163419235bb98a218fa9d50b7aaa835d122c0436352b27909dcab907e43630907b23713bb445b93b8ec840b17d3d4618dd38bf58f2a0a6c3272a00aa8704774078f565faa4195ddfc15b33b196e646ebd8ab55e74da11ab4c30d031785c7c168d30ca12d23dcfa4a5a4f883f3b887fb77d822dae0a161d6c3565037a1f36bb1cf1d8601d94e4111b4ee435a98c21577b1e647ba160921881339a00a2d04210e603dcd9dfe2c40d32e5d93d9e94a5c176ca6291d5befa75121ec0abd660e2bac1458bd5609a6d725af0895b0d559ad726f34b50a06fd45f86764508386ab65ade7c76d0ce07330bf0d342216a769c98edb854cad6f6b02e0d09e713bbb7e12c786edd9d1078f3c5d0a87d34d9326e938098d674fb2d1ab1e39e3683a3ef0e00d9b66d56582e9d5f2d61a60226ee2c9cda7d44ef0504d6109fcd7978207df3eb9ed5ac860e0172907362654efb54cd6d04f7a58578fa3853d65e9243730466085905cbf1e1b34ea7a2f9dd268495d49824045074debb4c9140dfdbfc81fc6d371ec49521ddd996fd8761ada5d427348503a57a73a3ac74a540df4c2af59a1ecf644c00ebfbffafbf2990776717a2687889da69fefd0b0cb33c8351d147bcf31f98c8909e554c7ffd2cc9f64e4eb6b9c4b232489a2d912f19f79108b73a38de79fafd4a885de47810bdc4658d6d773c97e523732997392f1e02396875eda8ff955ef0ad75145cc1819df6a53878b9f1c5964146dcd73eabed0df798aea5c533fc263bc8d2533e36cde59e2cdd2ffac12cd7e6bea69ccc14b0b22b7606a6f82e8528f8dc739cd5c0ed0795d49452f257be2068055dcfaa7589ca65820d31583a81834910d8d1327469e370339dce1d87c31a750a02270cdaef457da2d50abac6651357858c391464781009209d79cf4286045773fe247e705a14b162583cd89e850df91b7517bd0a4476ac02fdc1dbd0faa81fa1e829ad0a548236939efcdf63c15b868b8712ca05571d7c0b810cc02cba9d1ae63e987b59ec3281cd706d7571d6b69a92663f11a24a68dbc6b2436b8049986f78fbe8effcf94457d5085dbf8812abb1fd431c6b465203eb67070a936a665fb19273240ed1e3905ea27b996b74b31b1216a77734b106dd9752a5f430ac5aef718c6942379dbd342aa66537e655afa95ec78cadcfc80584045cd07d43911c4d7dc3a37a4cf3cdf6eea9904c441ec02cfe0515c6c360463237aa6b3fafebcb1a59be1bf5ebe4680819f3e78ccc1e517987db6220b45bf840fb8fc9b33757a0e258468a911f2504358981410b6daad15bb0ed81ff971ef3cc89f06dacfa45a37cb37e946f5010d0a308ff760227d439f07401839b7844bd4e5f5d1824c17797c5abfb5a326f6b4626f9789d8d7a074b7f223cc4183f68e14de037a197920a858c310e3602a3c6f319b506bc4c523af495a95b74eb88af2699cbbeecbab62811ed05a0ea5e292e72e565ccbeb3fda2f32ee05ff7bfa40bfead96ace132532026e553bc4438a65ea897d64e9cdec2baa75839f9ea4dba584b81a9b813dc648e3ac31c885ec5dcedda3efc7a3a7"}) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                [ 481.429849][T13000] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1514'. [ 481.470112][T12993] Invalid ELF header magic: != ELF [ 481.690444][T13006] FAULT_INJECTION: forcing a failure. [ 481.690444][T13006] name failslab, interval 1, probability 0, space 0, times 0 [ 481.715406][T13006] CPU: 0 UID: 0 PID: 13006 Comm: syz.1.1515 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 481.715453][T13006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 481.715474][T13006] Call Trace: [ 481.715486][T13006] [ 481.715499][T13006] dump_stack_lvl+0x16c/0x1f0 [ 481.715550][T13006] should_fail_ex+0x512/0x640 [ 481.715605][T13006] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 481.715648][T13006] should_failslab+0xc2/0x120 [ 481.715688][T13006] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 481.715726][T13006] ? security_file_alloc+0x34/0x2b0 [ 481.715775][T13006] security_file_alloc+0x34/0x2b0 [ 481.715818][T13006] init_file+0x93/0x4c0 [ 481.715857][T13006] alloc_empty_file+0x73/0x1e0 [ 481.715900][T13006] alloc_file_pseudo+0x13a/0x230 [ 481.715942][T13006] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 481.715985][T13006] ? alloc_fd+0x471/0x7d0 [ 481.716040][T13006] sock_alloc_file+0x50/0x210 [ 481.716083][T13006] __sys_socket+0x1c0/0x260 [ 481.716131][T13006] ? __pfx___sys_socket+0x10/0x10 [ 481.716180][T13006] ? rcu_is_watching+0x12/0xc0 [ 481.716215][T13006] __x64_sys_socket+0x72/0xb0 [ 481.716258][T13006] ? lockdep_hardirqs_on+0x7c/0x110 [ 481.716310][T13006] do_syscall_64+0xcd/0x230 [ 481.716360][T13006] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 481.716392][T13006] RIP: 0033:0x7f804438e969 [ 481.716418][T13006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 481.716449][T13006] RSP: 002b:00007f804514f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 481.716479][T13006] RAX: ffffffffffffffda RBX: 00007f80445b5fa0 RCX: 00007f804438e969 [ 481.716500][T13006] RDX: 000000000000000c RSI: 0000000000000002 RDI: 0000000000000010 [ 481.716517][T13006] RBP: 00007f8044410ab1 R08: 0000000000000000 R09: 0000000000000000 [ 481.716535][T13006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 481.716554][T13006] R13: 0000000000000000 R14: 00007f80445b5fa0 R15: 00007fffff4d78c8 [ 481.716594][T13006] [ 482.278051][T13024] binder: 13023:13024 ioctl 400c620e 200000000400 returned -22 [ 482.292113][T12993] Invalid ELF header magic: != ELF [ 483.896815][T13044] FAULT_INJECTION: forcing a failure. [ 483.896815][T13044] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 483.972308][T13044] CPU: 0 UID: 0 PID: 13044 Comm: syz.1.1522 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 483.972343][T13044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 483.972358][T13044] Call Trace: [ 483.972367][T13044] [ 483.972378][T13044] dump_stack_lvl+0x16c/0x1f0 [ 483.972416][T13044] should_fail_ex+0x512/0x640 [ 483.972452][T13044] _copy_from_user+0x2e/0xd0 [ 483.972488][T13044] get_timespec64+0x8b/0x1b0 [ 483.972513][T13044] ? __pfx_get_timespec64+0x10/0x10 [ 483.972542][T13044] ? common_nsleep+0xa1/0xd0 [ 483.972569][T13044] __x64_sys_clock_nanosleep+0x1ce/0x4a0 [ 483.972607][T13044] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 483.972653][T13044] do_syscall_64+0xcd/0x230 [ 483.972689][T13044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.972713][T13044] RIP: 0033:0x7f80443c1225 [ 483.972730][T13044] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 [ 483.972754][T13044] RSP: 002b:00007fffff4d79c0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 483.972776][T13044] RAX: ffffffffffffffda RBX: 00007f80445b5fa0 RCX: 00007f80443c1225 [ 483.972791][T13044] RDX: 00007fffff4d7a00 RSI: 0000000000000000 RDI: 0000000000000000 [ 483.972806][T13044] RBP: 00007f80445b7ba0 R08: 0000000000000000 R09: 00007f8045150000 [ 483.972821][T13044] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000764b2 [ 483.972835][T13044] R13: 00007f80445b6080 R14: ffffffffffffffff R15: 00007fffff4d7b40 [ 483.972864][T13044] [ 484.924296][T13059] binder: 13058:13059 ioctl 400c620e 200000000400 returned -22 [ 485.643721][T13072] FAULT_INJECTION: forcing a failure. [ 485.643721][T13072] name fail_futex, interval 1, probability 0, space 0, times 0 [ 485.676924][T13072] CPU: 0 UID: 0 PID: 13072 Comm: syz.0.1528 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 485.676971][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 485.676991][T13072] Call Trace: [ 485.677002][T13072] [ 485.677016][T13072] dump_stack_lvl+0x16c/0x1f0 [ 485.677067][T13072] should_fail_ex+0x512/0x640 [ 485.677146][T13072] get_futex_key+0x49e/0x1000 [ 485.677186][T13072] ? __pfx_get_futex_key+0x10/0x10 [ 485.677221][T13072] ? pick_eevdf+0x3be/0x5b0 [ 485.677260][T13072] ? update_curr_se+0x8b/0x270 [ 485.677304][T13072] ? update_curr+0x74/0x800 [ 485.677363][T13072] futex_wait_setup+0x78/0x290 [ 485.677419][T13072] __futex_wait+0x266/0x3c0 [ 485.677470][T13072] ? __pfx___futex_wait+0x10/0x10 [ 485.677514][T13072] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 485.677565][T13072] ? __pfx_futex_wake_mark+0x10/0x10 [ 485.677628][T13072] futex_wait+0xe8/0x380 [ 485.677684][T13072] ? __pfx_futex_wait+0x10/0x10 [ 485.677768][T13072] do_futex+0x229/0x350 [ 485.677806][T13072] ? __pfx_do_futex+0x10/0x10 [ 485.677857][T13072] ? __pfx___might_resched+0x10/0x10 [ 485.677898][T13072] __x64_sys_futex+0x1e0/0x4c0 [ 485.677940][T13072] ? __pfx___x64_sys_futex+0x10/0x10 [ 485.677977][T13072] ? rcu_is_watching+0x12/0xc0 [ 485.678030][T13072] do_syscall_64+0xcd/0x230 [ 485.678067][T13072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.678091][T13072] RIP: 0033:0x7f040698e969 [ 485.678115][T13072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.678139][T13072] RSP: 002b:00007f04078220e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 485.678161][T13072] RAX: ffffffffffffffda RBX: 00007f0406bb5fa8 RCX: 00007f040698e969 [ 485.678176][T13072] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0406bb5fa8 [ 485.678191][T13072] RBP: 00007f0406bb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 485.678205][T13072] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0406bb5fac [ 485.678219][T13072] R13: 0000000000000000 R14: 00007ffc77643870 R15: 00007ffc77643958 [ 485.678248][T13072] [ 487.777796][T13105] binder: 13104:13105 ioctl 400c620e 200000000400 returned -22 [ 491.430976][T13167] binder: 13166:13167 ioctl 400c620e 200000000400 returned -22 [ 493.305598][T13183] binder: 13182:13183 ioctl 400c620e 200000000400 returned -22 [ 494.759625][T13218] FAULT_INJECTION: forcing a failure. [ 494.759625][T13218] name failslab, interval 1, probability 0, space 0, times 0 [ 494.804312][T13218] CPU: 1 UID: 0 PID: 13218 Comm: syz.2.1554 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 494.804360][T13218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 494.804380][T13218] Call Trace: [ 494.804391][T13218] [ 494.804403][T13218] dump_stack_lvl+0x16c/0x1f0 [ 494.804454][T13218] should_fail_ex+0x512/0x640 [ 494.804501][T13218] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 494.804537][T13218] should_failslab+0xc2/0x120 [ 494.804577][T13218] __kmalloc_cache_noprof+0x6a/0x3e0 [ 494.804610][T13218] ? snd_seq_timer_new+0x42/0x190 [ 494.804652][T13218] snd_seq_timer_new+0x42/0x190 [ 494.804688][T13218] snd_seq_queue_alloc+0x177/0x550 [ 494.804744][T13218] snd_seq_ioctl_create_queue+0xa9/0x380 [ 494.804786][T13218] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 494.804834][T13218] alloc_seq_queue+0xda/0x180 [ 494.804896][T13218] ? __pfx_alloc_seq_queue+0x10/0x10 [ 494.805067][T13218] ? mark_held_locks+0x49/0x80 [ 494.805110][T13218] ? _raw_spin_unlock_irq+0x23/0x50 [ 494.805156][T13218] snd_seq_oss_open+0x38c/0xa20 [ 494.805212][T13218] odev_open+0x6f/0x90 [ 494.805252][T13218] ? __pfx_odev_open+0x10/0x10 [ 494.805292][T13218] soundcore_open+0x409/0x580 [ 494.805337][T13218] ? __pfx_soundcore_open+0x10/0x10 [ 494.805378][T13218] chrdev_open+0x231/0x6a0 [ 494.805413][T13218] ? __pfx_apparmor_file_open+0x10/0x10 [ 494.805459][T13218] ? __pfx_chrdev_open+0x10/0x10 [ 494.805501][T13218] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 494.805559][T13218] do_dentry_open+0x741/0x1c10 [ 494.805596][T13218] ? __pfx_chrdev_open+0x10/0x10 [ 494.805641][T13218] vfs_open+0x82/0x3f0 [ 494.805690][T13218] path_openat+0x1e5e/0x2d40 [ 494.805739][T13218] ? __pfx_path_openat+0x10/0x10 [ 494.805784][T13218] do_filp_open+0x20b/0x470 [ 494.805816][T13218] ? __pfx_do_filp_open+0x10/0x10 [ 494.805920][T13218] ? alloc_fd+0x471/0x7d0 [ 494.805984][T13218] do_sys_openat2+0x11b/0x1d0 [ 494.806029][T13218] ? __pfx_do_sys_openat2+0x10/0x10 [ 494.806091][T13218] __x64_sys_openat+0x174/0x210 [ 494.806136][T13218] ? __pfx___x64_sys_openat+0x10/0x10 [ 494.806182][T13218] ? rcu_is_watching+0x12/0xc0 [ 494.806237][T13218] do_syscall_64+0xcd/0x230 [ 494.806286][T13218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 494.806319][T13218] RIP: 0033:0x7ff8d958e969 [ 494.806344][T13218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 494.806378][T13218] RSP: 002b:00007ff8da3aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 494.806410][T13218] RAX: ffffffffffffffda RBX: 00007ff8d97b5fa0 RCX: 00007ff8d958e969 [ 494.806431][T13218] RDX: 0000000000000080 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 494.806452][T13218] RBP: 00007ff8d9610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 494.806471][T13218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 494.806490][T13218] R13: 0000000000000000 R14: 00007ff8d97b5fa0 R15: 00007ffe530d1028 [ 494.806531][T13218] [ 495.104229][ C1] vkms_vblank_simulate: vblank timer overrun [ 495.832332][ T5836] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 495.843601][ T5836] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 495.851192][ T5836] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 496.286185][T13238] binder: 13237:13238 ioctl 400c620e 200000000400 returned -22 [ 498.658509][T13267] binder: 13266:13267 ioctl 400c620e 200000000400 returned -22 [ 501.629851][T13327] binder: 13326:13327 ioctl 400c620e 200000000400 returned -22 [ 502.762702][T13358] binder: 13357:13358 ioctl 400c620e 200000000400 returned -22 [ 503.353867][T13366] FAULT_INJECTION: forcing a failure. [ 503.353867][T13366] name fail_futex, interval 1, probability 0, space 0, times 0 [ 503.462340][T13366] CPU: 1 UID: 0 PID: 13366 Comm: syz.3.1582 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 503.462382][T13366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 503.462401][T13366] Call Trace: [ 503.462411][T13366] [ 503.462424][T13366] dump_stack_lvl+0x16c/0x1f0 [ 503.462473][T13366] should_fail_ex+0x512/0x640 [ 503.462523][T13366] get_futex_key+0xabc/0x1000 [ 503.462567][T13366] ? __pfx_get_futex_key+0x10/0x10 [ 503.462613][T13366] futex_wake+0xe7/0x4e0 [ 503.462649][T13366] ? rcu_is_watching+0x12/0xc0 [ 503.462682][T13366] ? __pfx_futex_wake+0x10/0x10 [ 503.462760][T13366] do_futex+0x1e3/0x350 [ 503.462794][T13366] ? __pfx_do_futex+0x10/0x10 [ 503.462826][T13366] ? __might_fault+0xe3/0x190 [ 503.462873][T13366] mm_release+0x24e/0x300 [ 503.462909][T13366] do_exit+0x898/0x2c30 [ 503.462949][T13366] ? __pfx_futex_wake_mark+0x10/0x10 [ 503.462995][T13366] ? __pfx_do_exit+0x10/0x10 [ 503.463044][T13366] ? do_raw_spin_lock+0x12c/0x2b0 [ 503.463098][T13366] ? find_held_lock+0x2b/0x80 [ 503.463135][T13366] do_group_exit+0xd3/0x2a0 [ 503.463183][T13366] get_signal+0x2673/0x26d0 [ 503.463235][T13366] ? __pfx_get_signal+0x10/0x10 [ 503.463269][T13366] ? do_futex+0x122/0x350 [ 503.463304][T13366] ? __pfx_do_futex+0x10/0x10 [ 503.463344][T13366] arch_do_signal_or_restart+0x8f/0x7a0 [ 503.463392][T13366] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 503.463458][T13366] ? rcu_is_watching+0x12/0xc0 [ 503.463495][T13366] syscall_exit_to_user_mode+0x150/0x2a0 [ 503.463543][T13366] do_syscall_64+0xda/0x230 [ 503.463594][T13366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.463627][T13366] RIP: 0033:0x7f518db8e969 [ 503.463652][T13366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.463683][T13366] RSP: 002b:00007f518e9140e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 503.463713][T13366] RAX: fffffffffffffe00 RBX: 00007f518ddb6088 RCX: 00007f518db8e969 [ 503.463734][T13366] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f518ddb6088 [ 503.463754][T13366] RBP: 00007f518ddb6080 R08: 0000000000000000 R09: 0000000000000000 [ 503.463774][T13366] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f518ddb608c [ 503.463794][T13366] R13: 0000000000000000 R14: 00007ffc093f0de0 R15: 00007ffc093f0ec8 [ 503.463834][T13366] [ 503.706468][ C1] vkms_vblank_simulate: vblank timer overrun [ 505.196276][ T56] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 505.196321][ T56] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 505.211811][ T56] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 505.211864][ T56] Bluetooth: hci2: adv larger than maximum supported [ 505.221001][ T56] Bluetooth: hci2: adv larger than maximum supported [ 505.228767][ T56] Bluetooth: hci2: Malformed LE Event: 0x0d [ 505.320831][T13389] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1586'. [ 506.756954][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.763959][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.454636][T13442] netlink: 'syz.1.1598': attribute type 2 has an invalid length. [ 508.885993][T13432] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 508.909278][T13432] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 508.917397][T13432] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 508.923854][T13432] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 508.974129][T13432] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 509.158723][T13457] FAULT_INJECTION: forcing a failure. [ 509.158723][T13457] name failslab, interval 1, probability 0, space 0, times 0 [ 509.202290][T13457] CPU: 0 UID: 0 PID: 13457 Comm: syz.3.1600 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 509.202340][T13457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 509.202361][T13457] Call Trace: [ 509.202373][T13457] [ 509.202386][T13457] dump_stack_lvl+0x16c/0x1f0 [ 509.202438][T13457] should_fail_ex+0x512/0x640 [ 509.202517][T13457] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 509.202566][T13457] should_failslab+0xc2/0x120 [ 509.202607][T13457] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 509.202652][T13457] ? create_filter_start.constprop.0+0x16a/0x300 [ 509.202696][T13457] kstrdup+0x53/0x100 [ 509.202741][T13457] create_filter_start.constprop.0+0x16a/0x300 [ 509.202784][T13457] apply_subsystem_event_filter+0x185/0x1450 [ 509.202832][T13457] ? __might_fault+0xe3/0x190 [ 509.202870][T13457] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 509.202923][T13457] ? _copy_from_user+0x59/0xd0 [ 509.202979][T13457] subsystem_filter_write+0x95/0x120 [ 509.203021][T13457] vfs_write+0x25c/0x1180 [ 509.203051][T13457] ? __pfx_subsystem_filter_write+0x10/0x10 [ 509.203096][T13457] ? __pfx___mutex_lock+0x10/0x10 [ 509.203145][T13457] ? __pfx_vfs_write+0x10/0x10 [ 509.203192][T13457] ? __fget_files+0x20e/0x3c0 [ 509.203258][T13457] ksys_write+0x12a/0x240 [ 509.203290][T13457] ? __pfx_ksys_write+0x10/0x10 [ 509.203319][T13457] ? rcu_is_watching+0x12/0xc0 [ 509.203362][T13457] do_syscall_64+0xcd/0x230 [ 509.203416][T13457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.203450][T13457] RIP: 0033:0x7f518db8e969 [ 509.203486][T13457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.203520][T13457] RSP: 002b:00007f518e914038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 509.203553][T13457] RAX: ffffffffffffffda RBX: 00007f518ddb6080 RCX: 00007f518db8e969 [ 509.203575][T13457] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 509.203595][T13457] RBP: 00007f518dc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 509.203614][T13457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 509.203633][T13457] R13: 0000000000000000 R14: 00007f518ddb6080 R15: 00007ffc093f0ec8 [ 509.203677][T13457] [ 509.936713][T13463] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1602'. [ 510.080664][T13463] macsec0: entered allmulticast mode [ 510.091578][T13463] veth1_macvtap: entered allmulticast mode [ 510.598546][T13474] nvme_fabrics: missing parameter 'transport=%s' [ 510.606983][T13474] nvme_fabrics: missing parameter 'nqn=%s' [ 510.752343][ T56] Bluetooth: hci0: command 0x0c1a tx timeout [ 510.838669][T13480] binder: 13479:13480 ioctl 400c620e 200000000400 returned -22 [ 510.912311][ T56] Bluetooth: hci1: command 0x0c1a tx timeout [ 510.992454][ T5836] Bluetooth: hci2: command 0x0c1a tx timeout [ 510.998669][ T56] Bluetooth: hci3: command 0x0c1a tx timeout [ 511.536134][T13497] binder: 13496:13497 ioctl 400c620e 200000000400 returned -22 [ 511.551562][T13488] FAULT_INJECTION: forcing a failure. [ 511.551562][T13488] name fail_futex, interval 1, probability 0, space 0, times 0 [ 511.583422][T13488] CPU: 0 UID: 0 PID: 13488 Comm: syz.1.1608 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 511.583466][T13488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 511.583486][T13488] Call Trace: [ 511.583497][T13488] [ 511.583508][T13488] dump_stack_lvl+0x16c/0x1f0 [ 511.583558][T13488] should_fail_ex+0x512/0x640 [ 511.583609][T13488] get_futex_key+0xabc/0x1000 [ 511.583647][T13488] ? __pfx_get_futex_key+0x10/0x10 [ 511.583695][T13488] futex_wake+0xe7/0x4e0 [ 511.583730][T13488] ? rcu_is_watching+0x12/0xc0 [ 511.583765][T13488] ? __pfx_futex_wake+0x10/0x10 [ 511.583836][T13488] do_futex+0x1e3/0x350 [ 511.583870][T13488] ? __pfx_do_futex+0x10/0x10 [ 511.583901][T13488] ? __might_fault+0xe3/0x190 [ 511.583947][T13488] mm_release+0x24e/0x300 [ 511.583983][T13488] do_exit+0x898/0x2c30 [ 511.584022][T13488] ? __pfx_futex_wake_mark+0x10/0x10 [ 511.584067][T13488] ? __pfx_do_exit+0x10/0x10 [ 511.584106][T13488] ? do_raw_spin_lock+0x12c/0x2b0 [ 511.584151][T13488] ? find_held_lock+0x2b/0x80 [ 511.584204][T13488] do_group_exit+0xd3/0x2a0 [ 511.584246][T13488] get_signal+0x2673/0x26d0 [ 511.584290][T13488] ? __pfx_get_signal+0x10/0x10 [ 511.584322][T13488] ? do_futex+0x122/0x350 [ 511.584353][T13488] ? __pfx_do_futex+0x10/0x10 [ 511.584385][T13488] arch_do_signal_or_restart+0x8f/0x7a0 [ 511.584426][T13488] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 511.584480][T13488] ? rcu_is_watching+0x12/0xc0 [ 511.584514][T13488] syscall_exit_to_user_mode+0x150/0x2a0 [ 511.584557][T13488] do_syscall_64+0xda/0x230 [ 511.584602][T13488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.584631][T13488] RIP: 0033:0x7f804438e969 [ 511.584654][T13488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 511.584700][T13488] RSP: 002b:00007f804512e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 511.584728][T13488] RAX: fffffffffffffe00 RBX: 00007f80445b6088 RCX: 00007f804438e969 [ 511.584748][T13488] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f80445b6088 [ 511.584766][T13488] RBP: 00007f80445b6080 R08: 0000000000000000 R09: 0000000000000000 [ 511.584785][T13488] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f80445b608c [ 511.584803][T13488] R13: 0000000000000000 R14: 00007fffff4d77e0 R15: 00007fffff4d78c8 [ 511.584842][T13488] [ 512.209369][T13501] FAULT_INJECTION: forcing a failure. [ 512.209369][T13501] name failslab, interval 1, probability 0, space 0, times 0 [ 512.259814][T13501] CPU: 1 UID: 0 PID: 13501 Comm: syz.0.1612 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 512.259862][T13501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 512.259889][T13501] Call Trace: [ 512.259901][T13501] [ 512.259914][T13501] dump_stack_lvl+0x16c/0x1f0 [ 512.259965][T13501] should_fail_ex+0x512/0x640 [ 512.260015][T13501] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 512.260062][T13501] should_failslab+0xc2/0x120 [ 512.260104][T13501] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 512.260150][T13501] ? create_filter_start.constprop.0+0x16a/0x300 [ 512.260192][T13501] kstrdup+0x53/0x100 [ 512.260237][T13501] create_filter_start.constprop.0+0x16a/0x300 [ 512.260279][T13501] apply_subsystem_event_filter+0x185/0x1450 [ 512.260326][T13501] ? __might_fault+0xe3/0x190 [ 512.260364][T13501] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 512.260417][T13501] ? _copy_from_user+0x59/0xd0 [ 512.260473][T13501] subsystem_filter_write+0x95/0x120 [ 512.260514][T13501] vfs_write+0x25c/0x1180 [ 512.260543][T13501] ? __pfx_subsystem_filter_write+0x10/0x10 [ 512.260597][T13501] ? __pfx___mutex_lock+0x10/0x10 [ 512.260642][T13501] ? __pfx_vfs_write+0x10/0x10 [ 512.260683][T13501] ? __fget_files+0x20e/0x3c0 [ 512.260744][T13501] ksys_write+0x12a/0x240 [ 512.260773][T13501] ? __pfx_ksys_write+0x10/0x10 [ 512.260801][T13501] ? rcu_is_watching+0x12/0xc0 [ 512.260842][T13501] do_syscall_64+0xcd/0x230 [ 512.260898][T13501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 512.260931][T13501] RIP: 0033:0x7f040698e969 [ 512.260956][T13501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 512.260988][T13501] RSP: 002b:00007f0407801038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 512.261018][T13501] RAX: ffffffffffffffda RBX: 00007f0406bb6080 RCX: 00007f040698e969 [ 512.261039][T13501] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 512.261057][T13501] RBP: 00007f0406a10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 512.261075][T13501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 512.261093][T13501] R13: 0000000000000000 R14: 00007f0406bb6080 R15: 00007ffc77643958 [ 512.261133][T13501] [ 512.485713][ C1] vkms_vblank_simulate: vblank timer overrun [ 513.091025][ T56] Bluetooth: hci2: command 0x0c1a tx timeout [ 513.346650][T13519] FAULT_INJECTION: forcing a failure. [ 513.346650][T13519] name failslab, interval 1, probability 0, space 0, times 0 [ 513.498856][T13519] CPU: 0 UID: 0 PID: 13519 Comm: syz.1.1617 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 513.498903][T13519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 513.498922][T13519] Call Trace: [ 513.498934][T13519] [ 513.498953][T13519] dump_stack_lvl+0x16c/0x1f0 [ 513.499003][T13519] should_fail_ex+0x512/0x640 [ 513.499048][T13519] ? fs_reclaim_acquire+0xae/0x150 [ 513.499100][T13519] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 513.499146][T13519] should_failslab+0xc2/0x120 [ 513.499186][T13519] __kmalloc_noprof+0xd2/0x510 [ 513.499231][T13519] tomoyo_realpath_from_path+0xc2/0x6e0 [ 513.499282][T13519] ? tomoyo_profile+0x47/0x60 [ 513.499337][T13519] tomoyo_path_number_perm+0x245/0x580 [ 513.499375][T13519] ? tomoyo_path_number_perm+0x237/0x580 [ 513.499419][T13519] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 513.499462][T13519] ? find_held_lock+0x2b/0x80 [ 513.499531][T13519] ? find_held_lock+0x2b/0x80 [ 513.499561][T13519] ? hook_file_ioctl_common+0x145/0x410 [ 513.499606][T13519] ? __fget_files+0x20e/0x3c0 [ 513.499665][T13519] security_file_ioctl+0x9b/0x240 [ 513.499709][T13519] __x64_sys_ioctl+0xb7/0x200 [ 513.499756][T13519] do_syscall_64+0xcd/0x230 [ 513.499808][T13519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.499839][T13519] RIP: 0033:0x7f804438e969 [ 513.499865][T13519] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 513.499909][T13519] RSP: 002b:00007f804512e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 513.499938][T13519] RAX: ffffffffffffffda RBX: 00007f80445b6080 RCX: 00007f804438e969 [ 513.499966][T13519] RDX: 000020000000c380 RSI: 00000000c0606610 RDI: 0000000000000002 [ 513.499987][T13519] RBP: 00007f804512e090 R08: 0000000000000000 R09: 0000000000000000 [ 513.500005][T13519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 513.500024][T13519] R13: 0000000000000000 R14: 00007f80445b6080 R15: 00007fffff4d78c8 [ 513.500064][T13519] [ 513.500076][T13519] ERROR: Out of memory at tomoyo_realpath_from_path. [ 514.368523][T13539] binder: 13538:13539 ioctl 400c620e 200000000400 returned -22 [ 516.689194][T13569] FAULT_INJECTION: forcing a failure. [ 516.689194][T13569] name failslab, interval 1, probability 0, space 0, times 0 [ 516.703402][T13569] CPU: 0 UID: 0 PID: 13569 Comm: syz.0.1628 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 516.703433][T13569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 516.703447][T13569] Call Trace: [ 516.703455][T13569] [ 516.703463][T13569] dump_stack_lvl+0x16c/0x1f0 [ 516.703500][T13569] should_fail_ex+0x512/0x640 [ 516.703531][T13569] ? fs_reclaim_acquire+0xae/0x150 [ 516.703567][T13569] ? tomoyo_encode2+0x100/0x3e0 [ 516.703596][T13569] should_failslab+0xc2/0x120 [ 516.703624][T13569] __kmalloc_noprof+0xd2/0x510 [ 516.703663][T13569] tomoyo_encode2+0x100/0x3e0 [ 516.703698][T13569] tomoyo_encode+0x29/0x50 [ 516.703729][T13569] tomoyo_realpath_from_path+0x18f/0x6e0 [ 516.703765][T13569] ? tomoyo_profile+0x47/0x60 [ 516.703804][T13569] tomoyo_path_number_perm+0x245/0x580 [ 516.703830][T13569] ? tomoyo_path_number_perm+0x237/0x580 [ 516.703860][T13569] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 516.703890][T13569] ? find_held_lock+0x2b/0x80 [ 516.703937][T13569] ? find_held_lock+0x2b/0x80 [ 516.703958][T13569] ? hook_file_ioctl_common+0x145/0x410 [ 516.703990][T13569] ? __fget_files+0x20e/0x3c0 [ 516.704031][T13569] security_file_ioctl+0x9b/0x240 [ 516.704061][T13569] __x64_sys_ioctl+0xb7/0x200 [ 516.704095][T13569] do_syscall_64+0xcd/0x230 [ 516.704130][T13569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.704154][T13569] RIP: 0033:0x7f040698e969 [ 516.704172][T13569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 516.704195][T13569] RSP: 002b:00007f0407822038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 516.704217][T13569] RAX: ffffffffffffffda RBX: 00007f0406bb5fa0 RCX: 00007f040698e969 [ 516.704233][T13569] RDX: 000020000000c380 RSI: 00000000c0606610 RDI: 0000000000000002 [ 516.704248][T13569] RBP: 00007f0407822090 R08: 0000000000000000 R09: 0000000000000000 [ 516.704262][T13569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 516.704276][T13569] R13: 0000000000000000 R14: 00007f0406bb5fa0 R15: 00007ffc77643958 [ 516.704306][T13569] [ 516.704325][T13569] ERROR: Out of memory at tomoyo_realpath_from_path. [ 517.356099][T13581] FAULT_INJECTION: forcing a failure. [ 517.356099][T13581] name failslab, interval 1, probability 0, space 0, times 0 [ 517.384848][T13581] CPU: 1 UID: 0 PID: 13581 Comm: syz.2.1630 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 517.384898][T13581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 517.384919][T13581] Call Trace: [ 517.384929][T13581] [ 517.384942][T13581] dump_stack_lvl+0x16c/0x1f0 [ 517.384998][T13581] should_fail_ex+0x512/0x640 [ 517.385047][T13581] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 517.385086][T13581] should_failslab+0xc2/0x120 [ 517.385131][T13581] __kmalloc_cache_noprof+0x6a/0x3e0 [ 517.385165][T13581] ? apply_subsystem_event_filter+0x3c0/0x1450 [ 517.385211][T13581] apply_subsystem_event_filter+0x3c0/0x1450 [ 517.385275][T13581] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 517.385329][T13581] ? _copy_from_user+0x59/0xd0 [ 517.385384][T13581] subsystem_filter_write+0x95/0x120 [ 517.385426][T13581] vfs_write+0x25c/0x1180 [ 517.385455][T13581] ? __pfx_subsystem_filter_write+0x10/0x10 [ 517.385502][T13581] ? __pfx___mutex_lock+0x10/0x10 [ 517.385563][T13581] ? __pfx_vfs_write+0x10/0x10 [ 517.385611][T13581] ? __fget_files+0x20e/0x3c0 [ 517.385684][T13581] ksys_write+0x12a/0x240 [ 517.385719][T13581] ? __pfx_ksys_write+0x10/0x10 [ 517.385750][T13581] ? rcu_is_watching+0x12/0xc0 [ 517.385796][T13581] do_syscall_64+0xcd/0x230 [ 517.385849][T13581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 517.385883][T13581] RIP: 0033:0x7ff8d958e969 [ 517.385911][T13581] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 517.385946][T13581] RSP: 002b:00007ff8da389038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 517.385979][T13581] RAX: ffffffffffffffda RBX: 00007ff8d97b6080 RCX: 00007ff8d958e969 [ 517.386002][T13581] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 517.386022][T13581] RBP: 00007ff8d9610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 517.386043][T13581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 517.386063][T13581] R13: 0000000000000000 R14: 00007ff8d97b6080 R15: 00007ffe530d1028 [ 517.386108][T13581] [ 518.076892][T13600] binder: 13599:13600 ioctl 400c620e 200000000400 returned -22 [ 519.500779][T13628] FAULT_INJECTION: forcing a failure. [ 519.500779][T13628] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 519.610924][T13628] CPU: 1 UID: 0 PID: 13628 Comm: syz.3.1638 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 519.610974][T13628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 519.611007][T13628] Call Trace: [ 519.611017][T13628] [ 519.611030][T13628] dump_stack_lvl+0x16c/0x1f0 [ 519.611083][T13628] should_fail_ex+0x512/0x640 [ 519.611135][T13628] should_fail_alloc_page+0xe7/0x130 [ 519.611179][T13628] prepare_alloc_pages+0x3c2/0x610 [ 519.611227][T13628] ? rcu_is_watching+0x12/0xc0 [ 519.611263][T13628] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 519.611308][T13628] ? __lock_acquire+0x5ca/0x1ba0 [ 519.611353][T13628] ? xas_create+0x1d7/0x1460 [ 519.611404][T13628] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 519.611443][T13628] ? cgroup_rstat_updated+0x2a/0xb20 [ 519.611512][T13628] ? __lock_acquire+0x5ca/0x1ba0 [ 519.611553][T13628] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 519.611599][T13628] ? policy_nodemask+0xea/0x4e0 [ 519.611649][T13628] alloc_pages_mpol+0x1fb/0x550 [ 519.611689][T13628] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 519.611733][T13628] ? filemap_get_entry+0x1a7/0x3b0 [ 519.611783][T13628] folio_alloc_noprof+0x20/0x2d0 [ 519.611828][T13628] filemap_alloc_folio_noprof+0x3a1/0x470 [ 519.611866][T13628] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 519.611901][T13628] ? rcu_is_watching+0x12/0xc0 [ 519.611943][T13628] __filemap_get_folio+0x5e9/0xc10 [ 519.612006][T13628] ioctx_alloc+0x761/0x2060 [ 519.612073][T13628] ? __pfx_ioctx_alloc+0x10/0x10 [ 519.612117][T13628] ? __might_fault+0x13b/0x190 [ 519.612163][T13628] __x64_sys_io_setup+0xc9/0x210 [ 519.612213][T13628] do_syscall_64+0xcd/0x230 [ 519.612263][T13628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.612315][T13628] RIP: 0033:0x7f518db8e969 [ 519.612341][T13628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 519.612374][T13628] RSP: 002b:00007f518e914038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 519.612406][T13628] RAX: ffffffffffffffda RBX: 00007f518ddb6080 RCX: 00007f518db8e969 [ 519.612428][T13628] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 519.612449][T13628] RBP: 00007f518dc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 519.612470][T13628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 519.612499][T13628] R13: 0000000000000000 R14: 00007f518ddb6080 R15: 00007ffc093f0ec8 [ 519.612543][T13628] [ 519.668979][T13633] ================================================================== [ 519.669002][T13633] BUG: KASAN: use-after-free in fbcon_prepare_logo+0xa03/0xc70 [ 519.669057][T13633] Read of size 256 at addr ffff88804934fffe by task syz.3.1638/13633 [ 519.669088][T13633] [ 519.669105][T13633] CPU: 1 UID: 0 PID: 13633 Comm: syz.3.1638 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 519.669147][T13633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 519.669168][T13633] Call Trace: [ 519.669180][T13633] [ 519.669194][T13633] dump_stack_lvl+0x116/0x1f0 [ 519.669249][T13633] print_report+0xc3/0x670 [ 519.669289][T13633] ? __virt_addr_valid+0x5e/0x590 [ 519.669330][T13633] ? __phys_addr+0xc6/0x150 [ 519.669372][T13633] ? fbcon_prepare_logo+0xa03/0xc70 [ 519.669411][T13633] kasan_report+0xe0/0x110 [ 519.669450][T13633] ? fbcon_prepare_logo+0xa03/0xc70 [ 519.669493][T13633] kasan_check_range+0xef/0x1a0 [ 519.669538][T13633] __asan_memcpy+0x23/0x60 [ 519.669568][T13633] fbcon_prepare_logo+0xa03/0xc70 [ 519.669615][T13633] fbcon_init+0xd77/0x1900 [ 519.669655][T13633] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 519.669695][T13633] visual_init+0x31d/0x620 [ 519.669750][T13633] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 519.669795][T13633] store_bind+0x61d/0x760 [ 519.669831][T13633] ? sysfs_file_kobj+0xe4/0x290 [ 519.669879][T13633] ? __pfx_store_bind+0x10/0x10 [ 519.669913][T13633] dev_attr_store+0x55/0x80 [ 519.669953][T13633] ? __pfx_dev_attr_store+0x10/0x10 [ 519.669998][T13633] sysfs_kf_write+0xef/0x150 [ 519.670045][T13633] kernfs_fop_write_iter+0x351/0x510 [ 519.670088][T13633] ? __pfx_sysfs_kf_write+0x10/0x10 [ 519.670138][T13633] vfs_write+0x5ba/0x1180 [ 519.670169][T13633] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 519.670213][T13633] ? __pfx___mutex_lock+0x10/0x10 [ 519.670271][T13633] ? __pfx_vfs_write+0x10/0x10 [ 519.670316][T13633] ksys_write+0x12a/0x240 [ 519.670345][T13633] ? __pfx_ksys_write+0x10/0x10 [ 519.670376][T13633] ? rcu_is_watching+0x12/0xc0 [ 519.670413][T13633] do_syscall_64+0xcd/0x230 [ 519.670462][T13633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.670497][T13633] RIP: 0033:0x7f518db8e969 [ 519.670523][T13633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 519.670557][T13633] RSP: 002b:00007f518b9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 519.670589][T13633] RAX: ffffffffffffffda RBX: 00007f518ddb6160 RCX: 00007f518db8e969 [ 519.670611][T13633] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 519.670630][T13633] RBP: 00007f518dc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 519.670650][T13633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 519.670670][T13633] R13: 0000000000000000 R14: 00007f518ddb6160 R15: 00007ffc093f0ec8 [ 519.670702][T13633] [ 519.670713][T13633] [ 519.670723][T13633] The buggy address belongs to the physical page: [ 519.670745][T13633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x3431 pfn:0x4934f [ 519.670775][T13633] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 519.670819][T13633] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000 [ 519.670850][T13633] raw: 0000000000003431 0000000000000000 00000000ffffffff 0000000000000000 [ 519.670871][T13633] page dumped because: kasan: bad access detected [ 519.670887][T13633] page_owner tracks the page as freed [ 519.670902][T13633] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 13282, tgid 13282 (syz.1.1558), ts 502989847629, free_ts 509616035830 [ 519.670955][T13633] post_alloc_hook+0x181/0x1b0 [ 519.670987][T13633] get_page_from_freelist+0x135c/0x3920 [ 519.671022][T13633] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 519.671058][T13633] alloc_pages_mpol+0x1fb/0x550 [ 519.671095][T13633] folio_alloc_mpol_noprof+0x36/0x2f0 [ 519.671139][T13633] shmem_alloc_folio+0x135/0x160 [ 519.671167][T13633] shmem_alloc_and_add_folio+0x499/0xc20 [ 519.671202][T13633] shmem_get_folio_gfp+0x687/0x1530 [ 519.671242][T13633] shmem_write_begin+0x160/0x300 [ 519.671277][T13633] generic_perform_write+0x3cd/0x930 [ 519.671311][T13633] shmem_file_write_iter+0x10e/0x140 [ 519.671356][T13633] __kernel_write_iter+0x317/0xa90 [ 519.671386][T13633] dump_user_range+0x418/0xb30 [ 519.671428][T13633] elf_core_dump+0x288a/0x3a90 [ 519.671474][T13633] do_coredump+0x3183/0x4480 [ 519.671512][T13633] get_signal+0x22e3/0x26d0 [ 519.671546][T13633] page last free pid 13282 tgid 13282 stack trace: [ 519.671564][T13633] free_unref_folios+0x999/0x1630 [ 519.671597][T13633] folios_put_refs+0x56f/0x740 [ 519.671636][T13633] shmem_undo_range+0x58f/0x1150 [ 519.671673][T13633] shmem_evict_inode+0x3a1/0xbe0 [ 519.671709][T13633] evict+0x3e3/0x920 [ 519.671743][T13633] iput+0x521/0x880 [ 519.671776][T13633] dentry_unlink_inode+0x29c/0x480 [ 519.671810][T13633] __dentry_kill+0x1d0/0x600 [ 519.671843][T13633] dput.part.0+0x4b1/0x9b0 [ 519.671880][T13633] dput+0x1f/0x30 [ 519.671914][T13633] __fput+0x51c/0xb70 [ 519.671949][T13633] task_work_run+0x14d/0x240 [ 519.671998][T13633] do_exit+0xafb/0x2c30 [ 519.672038][T13633] do_group_exit+0xd3/0x2a0 [ 519.672081][T13633] get_signal+0x2673/0x26d0 [ 519.672114][T13633] arch_do_signal_or_restart+0x8f/0x7a0 [ 519.672157][T13633] [ 519.672164][T13633] Memory state around the buggy address: [ 519.672180][T13633] ffff88804934fe80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 519.672203][T13633] ffff88804934ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 519.672226][T13633] >ffff88804934ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 519.672253][T13633] ^ [ 519.672272][T13633] ffff888049350000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 519.672296][T13633] ffff888049350080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 519.672314][T13633] ================================================================== [ 519.685645][T13633] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 519.685672][T13633] CPU: 1 UID: 0 PID: 13633 Comm: syz.3.1638 Not tainted 6.15.0-rc5-syzkaller-00300-g3ce9925823c7 #0 PREEMPT(full) [ 519.685713][T13633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 519.685733][T13633] Call Trace: [ 519.685745][T13633] [ 519.685757][T13633] dump_stack_lvl+0x3d/0x1f0 [ 519.685804][T13633] panic+0x71c/0x800 [ 519.685842][T13633] ? __pfx_panic+0x10/0x10 [ 519.685880][T13633] ? irqentry_exit+0x3b/0x90 [ 519.685922][T13633] ? lockdep_hardirqs_on+0x7c/0x110 [ 519.685961][T13633] ? preempt_schedule_thunk+0x16/0x30 [ 519.686010][T13633] ? fbcon_prepare_logo+0xa03/0xc70 [ 519.686047][T13633] ? preempt_schedule_common+0x44/0xc0 [ 519.686089][T13633] ? fbcon_prepare_logo+0xa03/0xc70 [ 519.686121][T13633] check_panic_on_warn+0xab/0xb0 [ 519.686162][T13633] end_report+0x107/0x170 [ 519.686201][T13633] kasan_report+0xee/0x110 [ 519.686255][T13633] ? fbcon_prepare_logo+0xa03/0xc70 [ 519.686295][T13633] kasan_check_range+0xef/0x1a0 [ 519.686332][T13633] __asan_memcpy+0x23/0x60 [ 519.686357][T13633] fbcon_prepare_logo+0xa03/0xc70 [ 519.686414][T13633] fbcon_init+0xd77/0x1900 [ 519.686446][T13633] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 519.686479][T13633] visual_init+0x31d/0x620 [ 519.686524][T13633] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 519.686560][T13633] store_bind+0x61d/0x760 [ 519.686590][T13633] ? sysfs_file_kobj+0xe4/0x290 [ 519.686628][T13633] ? __pfx_store_bind+0x10/0x10 [ 519.686655][T13633] dev_attr_store+0x55/0x80 [ 519.686689][T13633] ? __pfx_dev_attr_store+0x10/0x10 [ 519.686721][T13633] sysfs_kf_write+0xef/0x150 [ 519.686759][T13633] kernfs_fop_write_iter+0x351/0x510 [ 519.686793][T13633] ? __pfx_sysfs_kf_write+0x10/0x10 [ 519.686832][T13633] vfs_write+0x5ba/0x1180 [ 519.686857][T13633] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 519.686894][T13633] ? __pfx___mutex_lock+0x10/0x10 [ 519.686933][T13633] ? __pfx_vfs_write+0x10/0x10 [ 519.686969][T13633] ksys_write+0x12a/0x240 [ 519.686995][T13633] ? __pfx_ksys_write+0x10/0x10 [ 519.687020][T13633] ? rcu_is_watching+0x12/0xc0 [ 519.687051][T13633] do_syscall_64+0xcd/0x230 [ 519.687091][T13633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 519.687119][T13633] RIP: 0033:0x7f518db8e969 [ 519.687140][T13633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 519.687169][T13633] RSP: 002b:00007f518b9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 519.687196][T13633] RAX: ffffffffffffffda RBX: 00007f518ddb6160 RCX: 00007f518db8e969 [ 519.687215][T13633] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 519.687233][T13633] RBP: 00007f518dc10ab1 R08: 0000000000000000 R09: 0000000000000000 [ 519.687259][T13633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 519.687276][T13633] R13: 0000000000000000 R14: 00007f518ddb6160 R15: 00007ffc093f0ec8 [ 519.687302][T13633] [ 519.692298][T13633] Kernel Offset: disabled