last executing test programs: 9m59.648873125s ago: executing program 2 (id=3703): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/netdevsim/del_device\x00', 0x228041, 0x0) socket(0xa, 0x3, 0x3b) r0 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x28, r0, 0x202, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x6}, @NL80211_ATTR_BEACON_TAIL={0xa, 0xf, "22764410cbe9"}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000841}, 0x4004004) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2f212dbd7000fcdbdf25211f000008000300", @ANYRES32=r3, @ANYBLOB="08009e"], 0x24}}, 0x4000000) 9m59.071345913s ago: executing program 2 (id=3706): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.5/usb6/6-0:1.0/usb6-port1/early_stop\x00', 0x80302, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) listen$auto(0x3, 0x81) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x11, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) capget$auto(&(0x7f0000001840)={0x1, 0xffffffffffffffff}, &(0x7f0000001880)={0x0, 0x7, 0x200}) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) (fail_nth: 3) write$auto(0x4, 0x0, 0x100082) 9m57.994143529s ago: executing program 2 (id=3712): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) (async) write$auto(0x3, 0x0, 0x17) (async) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x400, 0x0) mmap$auto(0x0, 0x180002, 0xdf, 0x9b72, 0x4, 0x400000008000) (async) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) r0 = socket(0x15, 0x5, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) select$auto(0x8, 0x0, 0x0, &(0x7f0000000240)={[0xe, 0x91e3, 0xb, 0xc, 0x0, 0xf58, 0x4, 0x4412d, 0x8, 0x0, 0x4, 0xf, 0x8000000000000, 0x84c, 0x1, 0x7]}, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) (async) close_range$auto(0x2, 0xa, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x42400, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ram7\x00', 0x14f402, 0x0) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000) getrandom$auto(&(0x7f0000000000)='^:.\\[]\\\x00', 0x9, 0x7) (async) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) (async) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x40100, 0x0) (async) socket(0xa, 0x801, 0x84) (async) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) (async) socket(0x2c, 0x3, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000100)="000004") (async) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0) write$auto_fuse_dev_operations_fuse_i(r3, &(0x7f0000000440)="1100000007000000000000000000000001", 0x11) (async) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0) 9m56.826058328s ago: executing program 2 (id=3718): io_uring_setup$auto(0x6, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x110c230000, 0x8031ca, 0x9) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) semctl$auto_IPC_INFO(0xa7, 0xf, 0x3, 0x0) ioctl$auto_SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, 0x0) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) setresuid$auto(0x8, 0x0, 0x4) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x842, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) read$auto_cachefiles_daemon_fops_internal(r1, &(0x7f0000000080)=""/232, 0xe8) write$auto(r1, &(0x7f00000001c0)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3dec) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) keyctl$auto(0xe, 0x1, 0x0, 0x5eaf, 0x8) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x88042, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) timer_settime$auto(0x0, 0x519a, &(0x7f0000000100)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') open(&(0x7f0000000100)='.\x00', 0x591002, 0x408) syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000140)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x100) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) 9m56.198069861s ago: executing program 2 (id=3721): socket(0x1a, 0x3, 0x9) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0x7b}) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) close_range$auto(0x2, 0x8, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffe, 0x103, 0x10000007, 0x1f, 0x86, 0x1ffde, 0xb099, 0x3, 0x9, 0x6, 0x3, 0x884, 0x1, 0xb7, 0x9, 0x8, 0xc, 0xb2, 0x4, 0x0, 0xb, 0x2004, 0x20000200, 0x300000, 0x83, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0xc0, 0x0, 0x7, 0x0, 0xb, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0xad3, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00', @ANYBLOB="1000"], 0x3c}}, 0xf7374674b920089e) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x0, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='r'], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x6, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) 9m55.417330452s ago: executing program 2 (id=3725): r0 = openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000000940)='/sys/kernel/debug/netdevsim/netdevsim4/ports/2/bpf_tc_non_bound_accept\x00', 0x100, 0x0) mmap$auto(0x657, 0x2020009, 0x3, 0xeb1, r0, 0x0) r1 = io_uring_setup$auto(0x86, 0x0) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000180)='{', 0x1) close_range$auto(0x2, 0x8, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x2c, r7, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x1021}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) getpid() socket(0x10, 0x2, 0x0) socket(0x2a, 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r1, 0x0, 0x4004004) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000a80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000081) sendfile$auto(r2, r2, 0x0, 0x7) r8 = socket(0x1e, 0x1, 0x0) bind$auto(r8, &(0x7f0000000040)=@generic={0x1e, "0abc988d53c600522300c8574560"}, 0x66) openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/max_vfs\x00', 0x48002, 0x0) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/hugepages-8kB/shmem_enabled\x00', 0x1a1842, 0x0) sendfile$auto(r9, r9, 0x0, 0x6) 9m55.121295893s ago: executing program 32 (id=3725): r0 = openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000000940)='/sys/kernel/debug/netdevsim/netdevsim4/ports/2/bpf_tc_non_bound_accept\x00', 0x100, 0x0) mmap$auto(0x657, 0x2020009, 0x3, 0xeb1, r0, 0x0) r1 = io_uring_setup$auto(0x86, 0x0) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000180)='{', 0x1) close_range$auto(0x2, 0x8, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x2c, r7, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x1021}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) getpid() socket(0x10, 0x2, 0x0) socket(0x2a, 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(r1, 0x0, 0x4004004) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000a80)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000081) sendfile$auto(r2, r2, 0x0, 0x7) r8 = socket(0x1e, 0x1, 0x0) bind$auto(r8, &(0x7f0000000040)=@generic={0x1e, "0abc988d53c600522300c8574560"}, 0x66) openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/max_vfs\x00', 0x48002, 0x0) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/hugepages-8kB/shmem_enabled\x00', 0x1a1842, 0x0) sendfile$auto(r9, r9, 0x0, 0x6) 7m50.178317377s ago: executing program 4 (id=4237): mmap$auto(0x0, 0x20009, 0x7fff, 0x330, 0x401, 0x7c) unshare$auto(0x40000080) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x102, 0x0) ioctl$auto(r0, 0x900064b8, r0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) openat$auto_ima_htable_violations_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0xc002, 0x0) landlock_restrict_self$auto(r3, 0x3) close_range$auto(0x2, 0xa, 0x0) 7m49.793257421s ago: executing program 4 (id=4243): r0 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) preadv$auto(r0, &(0x7f0000000100)={&(0x7f0000000040), 0x82}, 0x8, 0xe637, 0x6) r1 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x3, 0x80000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) fstat$auto(0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) setsockopt$auto(0x3, 0x10f, 0x8a, 0x0, 0x14) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2242, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) pidfd_open$auto(0x1, 0x80) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001ff, 0x20000000007, 0x41, 0xbc3, 0x20800, 0xffffffffffffffff, 0x510, 0xc, 0x400000000003, 0x4, 0x0, 0xfffffffffffffffe, 0x6, 0xffffffffffffff01, 0xffffffffffffff81, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0x80108907, r1) bind$auto(0x3, &(0x7f0000000040)=@hci={0x1f, 0x0, 0x2}, 0x6a) connect$auto(0x3, &(0x7f0000000000)=@generic={0x2, "00008d00"}, 0x20000b5c) 7m46.956489723s ago: executing program 4 (id=4256): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x5522, 0xf15) ioctl$auto(r0, 0x5523, r0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = bpf$auto(0x8000000, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3, 0x80, 0x8, 0x4, 0x1, 0x200, 0x8, 0x401, 0x2, 0xe2, 0x4, 0xc28}, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2062, 0x0) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r4, 0x0, 0x24000000) write$auto(r5, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x40e00, 0x0) pread64$auto(r6, 0x0, 0x3, 0x5ef6) syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3b) socket(0xa, 0x3, 0x3b) r7 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r7, 0x1, 0x70bd28, 0x25dfdbb9, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x401}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040415}, 0x20000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) socketpair$auto(0x1, 0x1, 0x2a340, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x1ff, 0x3, 0x1, 0x7, 0xfffffffffffffffb, 0x15f4da05, 0x10, 0x1000, 0x3, 0x11d4, 0x200000000000006, 0x10, 0x8cfb7, 0x9, 0x6]}, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000240)="e769ffff91a9bccbf2a814c2b1c2da6a4642e71e42496c6bac2cd2cc3aa9633c36df13128be76976577ef8b494eb27dd7c5c300903663e1e87c15519219ff691bef8e8162e8a841e0b720ba4c432a0b5e1e6ce3fba9b6c4462c74f701a8daaf2a07cdcee8ef120a79f8ecfef3532373fcfc0602284e9ecfab10a02", 0x7b) getsockopt$auto_SO_BPF_EXTENSIONS(r3, 0x9, 0x30, &(0x7f0000000180)='\xf8\x1b\xf3', &(0x7f0000000200)) 7m45.141874379s ago: executing program 4 (id=4259): r0 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x2, 0x1) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) read$auto(0x3, 0x0, 0xf3c) io_uring_setup$auto(0x6, 0x0) sendto$auto(r1, 0x0, 0xb, 0xc, &(0x7f0000000000), 0x1c) r2 = getsockopt$auto(r0, 0x0, 0x61, 0x0, &(0x7f00000000c0)=0x1e) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) r4 = getpid() move_mount$auto(r2, &(0x7f0000000040)='./file0\x00', r2, &(0x7f0000000080)='./file0\x00', 0x1bcf) process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r3, 0xc0505510, &(0x7f00000000c0)={0x2, 0x6, 0x1, @raw=0x8, 0x0, "c659491445a51b365f4e27e0b5d5f45157b60c95830c727cfc4f3d31beb5e1eec43735fd1b3784bbc591a7f61ea489070095"}) 7m44.772473165s ago: executing program 4 (id=4261): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x5522, 0xf15) ioctl$auto(r0, 0x5523, r0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = bpf$auto(0x8000000, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3, 0x80, 0x8, 0x4, 0x1, 0x200, 0x8, 0x401, 0x2, 0xe2, 0x4, 0xc28}, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r4, 0x0, 0x24000000) write$auto(r5, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x40e00, 0x0) pread64$auto(r6, 0x0, 0x3, 0x5ef6) syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3b) socket(0xa, 0x3, 0x3b) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r8, 0x1, 0x70bd28, 0x25dfdbb9, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x401}]}, 0x24}, 0x1, 0x0, 0x0, 0x24040415}, 0x20000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) socketpair$auto(0x1, 0x1, 0x2a340, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x1ff, 0x3, 0x1, 0x7, 0xfffffffffffffffb, 0x15f4da05, 0x10, 0x1000, 0x3, 0x11d4, 0x200000000000006, 0x10, 0x8cfb7, 0x9, 0x6]}, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000240)="e769ffff91a9bccbf2a814c2b1c2da6a4642e71e42496c6bac2cd2cc3aa9633c36df13128be76976577ef8b494eb27dd7c5c300903663e1e87c15519219ff691bef8e8162e8a841e0b720ba4c432a0b5e1e6ce3fba9b6c4462c74f701a8daaf2a07cdcee8ef120a79f8ecfef3532373fcfc0602284e9ecfab10a", 0x7a) getsockopt$auto_SO_BPF_EXTENSIONS(r3, 0x9, 0x30, &(0x7f0000000180)='\xf8\x1b\xf3', &(0x7f0000000200)) 7m43.239912511s ago: executing program 4 (id=4264): r0 = epoll_create$auto(0x8ca0d1a) epoll_pwait2$auto(r0, 0x0, 0x9, &(0x7f0000000100)={0x0, 0x7f}, &(0x7f0000000140)={0x7}, 0x8) openat$auto_ep0_operations_inode(0xffffffffffffff9c, 0x0, 0x8a001, 0x0) r1 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer2\x00', 0x2c083, 0x0) openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim3/take_snapshot\x00', 0x82622, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS1\x00', 0x0, 0x0) mmap$auto(0x10, 0x7, 0xdf, 0x800000000010, r0, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$auto(0x400000000000003, 0x28, 0x6, 0x0, 0x56d) mmap$auto(0x0, 0x1, 0xfffffffffffffffe, 0x19, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) munmap$auto(0xfffffffffffffe01, 0xfd9) madvise$auto(0x0, 0x7fffffff7fffffff, 0xa) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x400000, 0x0) ioctl$auto_BLKROSET(r4, 0x125d, 0x0) syz_clone3(&(0x7f0000000300)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000180)={@_si_pad}, 0xffff, &(0x7f0000000440)={{0x5, 0x6}, {0x3, 0x7}, 0x80000001, 0xffffffff00000001, 0x7, 0x3597, 0x9eca, 0x0, 0x80000000, 0x93, 0x9, 0x3, 0x1, 0x1, 0x5, 0x101}) ioctl$auto_OSS_ALSAEMULVER(r1, 0x40086602, &(0x7f0000001180)="8c4c30ad09cbf26b382305688530f925cceb1c537b4c091395ebc10f77695b64cd08c6683f569be86bd1893c3252c1641c9d5f57e561694f5179cb437631e9e10700000000000000ca3df9ff0f000000000000bfdf6c12d1f91550026521306aa9ac009b68f6cc41dcf507aee21eb600000000000000000000000000e74b34cd1041d041546d6d7a931d9a15ebde0df53fa0f4f14cbbb4e66fe92b87235a697c0e231975794a6acc58b740f9265b514e940d60821e90534a52aeee02f8474b9df4e71c9a99b56f12b7125ad3a42cc6d60b9157708805835561a55b6a7e0ea2558e0b8e053588245ab1f3ee90d21aaf5b6f723434732faabf05058657ba675466e5b61afa89294b0ae3c2395030a763aceb2e955c43faf04e7e7c665470897ffa1dfbc174527f679413bac20c5b661d3288c68e2d3ec8af5a3c01f84c7d4beb3ee6adb18c7200"/341) bpf$auto_BPF_LINK_UPDATE(0x1d, &(0x7f00000002c0)=@info={r0, 0xff, 0x1}, 0x101) madvise$auto(0x100000000, 0x0, 0x4) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/console\x00', 0x342, 0x0) write$auto_console_fops_tty_io(r5, 0x0, 0x0) mmap$auto(0x0, 0x1000000000000005, 0x4000000000df, 0x40eb1, 0x401, 0x300000004000) 7m28.200690272s ago: executing program 33 (id=4264): r0 = epoll_create$auto(0x8ca0d1a) epoll_pwait2$auto(r0, 0x0, 0x9, &(0x7f0000000100)={0x0, 0x7f}, &(0x7f0000000140)={0x7}, 0x8) openat$auto_ep0_operations_inode(0xffffffffffffff9c, 0x0, 0x8a001, 0x0) r1 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer2\x00', 0x2c083, 0x0) openat$auto_nsim_dev_take_snapshot_fops_dev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim3/take_snapshot\x00', 0x82622, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS1\x00', 0x0, 0x0) mmap$auto(0x10, 0x7, 0xdf, 0x800000000010, r0, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='cifs\x00', 0x8002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x0, 0x0) setsockopt$auto(0x400000000000003, 0x28, 0x6, 0x0, 0x56d) mmap$auto(0x0, 0x1, 0xfffffffffffffffe, 0x19, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) munmap$auto(0xfffffffffffffe01, 0xfd9) madvise$auto(0x0, 0x7fffffff7fffffff, 0xa) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x400000, 0x0) ioctl$auto_BLKROSET(r4, 0x125d, 0x0) syz_clone3(&(0x7f0000000300)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000180)={@_si_pad}, 0xffff, &(0x7f0000000440)={{0x5, 0x6}, {0x3, 0x7}, 0x80000001, 0xffffffff00000001, 0x7, 0x3597, 0x9eca, 0x0, 0x80000000, 0x93, 0x9, 0x3, 0x1, 0x1, 0x5, 0x101}) ioctl$auto_OSS_ALSAEMULVER(r1, 0x40086602, &(0x7f0000001180)="8c4c30ad09cbf26b382305688530f925cceb1c537b4c091395ebc10f77695b64cd08c6683f569be86bd1893c3252c1641c9d5f57e561694f5179cb437631e9e10700000000000000ca3df9ff0f000000000000bfdf6c12d1f91550026521306aa9ac009b68f6cc41dcf507aee21eb600000000000000000000000000e74b34cd1041d041546d6d7a931d9a15ebde0df53fa0f4f14cbbb4e66fe92b87235a697c0e231975794a6acc58b740f9265b514e940d60821e90534a52aeee02f8474b9df4e71c9a99b56f12b7125ad3a42cc6d60b9157708805835561a55b6a7e0ea2558e0b8e053588245ab1f3ee90d21aaf5b6f723434732faabf05058657ba675466e5b61afa89294b0ae3c2395030a763aceb2e955c43faf04e7e7c665470897ffa1dfbc174527f679413bac20c5b661d3288c68e2d3ec8af5a3c01f84c7d4beb3ee6adb18c7200"/341) bpf$auto_BPF_LINK_UPDATE(0x1d, &(0x7f00000002c0)=@info={r0, 0xff, 0x1}, 0x101) madvise$auto(0x100000000, 0x0, 0x4) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/console\x00', 0x342, 0x0) write$auto_console_fops_tty_io(r5, 0x0, 0x0) mmap$auto(0x0, 0x1000000000000005, 0x4000000000df, 0x40eb1, 0x401, 0x300000004000) 2m45.617445233s ago: executing program 3 (id=5329): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/transparent_hugepage/khugepaged/pages_to_scan\x00', 0x1e2102, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffffff, &(0x7f0000000000)=""/121, 0x79) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x4}, 0x8) r1 = io_uring_setup$auto(0x6, 0x0) close_range$auto(r0, r1, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f00000000c0), 0x10b642, 0x3f) 2m45.364983692s ago: executing program 3 (id=5331): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r2 = socket(0x2b, 0x1, 0x1) socket(0x2c, 0x80003, 0x0) setsockopt$auto(0x3, 0x11b, 0x2, 0xffffffffffffffff, 0x9) getsockopt$auto(r2, 0x0, 0x80, 0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x942, 0x1ffe4, 0x3, 0x6, 0x4, 0x20b, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0xfffffffffffffffc, 0xe, 0x0, 0x0, 0x0, 0x3, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961]}, 0x1fb, 0x81) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x54d502, 0x0) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/loop6/rqos/wbt/id\x00', 0x101a00, 0x0) socket(0x2c, 0x3, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0xa, 0xd, 0x8fd6, 0x948b, 0x4, 0xe, 0x100000000003, 0x3, 0x62, 0x80000001, 0x40000000000007, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r1) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) write$auto(r5, &(0x7f0000000440)='ON\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)=ANY=[@ANYBLOB="1abdcdf2", @ANYRES16=r4, @ANYBLOB="010027bd7000fbdbdf2504000000080017000800000004000e00"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 2m44.834571489s ago: executing program 3 (id=5334): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x9, 0x202000a, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x11, 0x800, 0x800000d) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/admmidi2\x00', 0x450f82, 0x0) write$auto(r2, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, 0x0, 0x5b020f7d7a84fe6e) unshare$auto(0x40000080) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/net/ip_vs_stats_percpu\x00', 0x80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r0) ioprio_set$auto(0x3, 0x0, 0x4b34) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x4, 0x4000d, 0xe2, 0x9b71, 0x7, 0x28002) ioctl$auto_XFS_IOC_FREESP64(r1, 0x40305825, &(0x7f0000000040)={0x3, 0x2, 0x8000000000000000, 0x80000001, 0x106}) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x189002, 0x0) mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0xf, 0x0, 0x6) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000000), 0x205ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x4}, 0x20000005}, 0x5, 0xcae) 2m43.614294029s ago: executing program 3 (id=5339): mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) close_range$auto(0x2, 0x8, 0x0) setns(0xffffffffffffffff, 0x8000000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x7, &(0x7f0000000080)={&(0x7f0000000040), 0x101}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="080100e6", @ANYRES16=0x0, @ANYBLOB="51032bbd7000fcdbdf2507"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x20000800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) (async) close_range$auto(0x2, 0x8, 0x0) (async) setns(0xffffffffffffffff, 0x8000000) (async) io_uring_setup$auto(0x6, 0x0) (async) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x7, &(0x7f0000000080)={&(0x7f0000000040), 0x101}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="080100e6", @ANYRES16=0x0, @ANYBLOB="51032bbd7000fcdbdf2507"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x20000800) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c"], 0x1ac}}, 0x40000) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) 2m42.798042338s ago: executing program 3 (id=5341): ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f00000002c0)={{@raw=0x7, 0x8, 0x4, 0xa2, "c6e47a44a36664a5e709f0e4c97056bc9fa32c617bb88dc98fa7591aefc4647f5af349f8e1e79c823b22958f"}, 0x1, @enumerated=@item=[0x0, 0x3, 0x1, 0xb, 0x6, 0x8001, 0x10, 0x6, 0x10000, 0x4, 0xffffffb9, 0x5, 0x8001, 0x62f, 0x101, 0x4, 0x200, 0xfffffff0, 0x1000, 0x7, 0x3, 0x3, 0x0, 0x6, 0xb94, 0x0, 0x1, 0x7, 0x3, 0xe8, 0x4, 0x0, 0x9, 0x46f, 0x8, 0x1, 0x6, 0x4, 0x6, 0x8, 0x80, 0x9, 0x65b, 0x9, 0x7, 0x81, 0x1cec, 0x9, 0x34b5, 0xfff, 0x5, 0x4, 0x2002, 0x1000, 0x9, 0x0, 0x400, 0xd, 0x0, 0x0, 0x207d, 0xa7a, 0x5, 0x5, 0x4, 0x80, 0x6ed, 0x0, 0x1, 0x1, 0x6, 0x4, 0x8, 0x1, 0x4003ff, 0x5, 0x8, 0x6, 0x0, 0x7, 0x2, 0x1000005, 0x400, 0x6, 0x4, 0x9, 0x29, 0x8, 0x30971ad3, 0x9, 0x78d, 0x7f, 0x0, 0x8001, 0x20000, 0x40, 0x0, 0x4, 0x5, 0xfffff43e, 0x0, 0x4f000, 0xfe, 0x5, 0x7, 0xd49e923b, 0x4, 0x80000000, 0x77, 0xf2, 0x0, 0x7fffffff, 0x7f77, 0x9, 0x5b, 0x9, 0x10001, 0x8, 0x0, 0xc2, 0x0, 0x5, 0x1000, 0x1, 0x7, 0x400, 0x8, 0x3], "4570dcfd140074f863fc1385c4fd7abe6fce96c0b442897f58fd7d975d164deff4eef5b9f9173fa400163669eae95125d4bd68ca54ca1b0aefb60ffa8d501b1329af8d4108ac145aa564c6e7a09ea1b2dfae0f309c6ea508833d7d134b13d8cb3ef95bf5ed43801c280c02a5a853512e6f730d43226f00af1c5ac268ecc1d18f"}) socket(0x2, 0x1, 0x106) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC2\x00', 0x361101, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0x5452, &(0x7f0000000100)={0x81, 0x1}) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) ioctl$auto_OSS_GETVERSION2(r1, 0x80044d76, &(0x7f0000000080)) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x103800, 0x0) ioctl$auto(r2, 0x4b45, 0x1) r3 = io_uring_setup$auto(0x401, 0x0) ioctl$auto_MEMLOCK(r3, 0x40084d05, &(0x7f00000000c0)={0xfffffffe, 0x7fffffff}) timer_gettime$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xcff, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, &(0x7f00000003c0)='7\x00\\\xa0\x04\x9c\"\xa9Nd_\xff\xa0k\xd8\xc9\xba\x00\xb5\x89\x8cg\xa84\xd8D)\xfdcR8\xdb\x98\xc5\xd7\x94\x94\xda\xc0r\x8f)\xbb_\xa2\fz\xe1\xffm\xf9t\x012A\xc8%H\x88\xaej\xda\xae\x1dO\xd7\x88?\x19\xf3\x068\xb4e\xb5\x93\x9a\xb9|Kh\xc2d\xb2\x9f\xb0\xf7\b\xba\x17\"-\x90\xda\xac\xe5\x1fb~8\xf2q\x0e\x98A[\xbb5\xb8\xeb\n!\x80r*}\x9cS5\xff0\xe9\xafx\xe9\x17\xbd\xf9m\xfa\xac`\x1d\xa3\xeb\xb1[\x971\xd92\xce=V\xe8\xb3}\xc2\x17k{\x182}\xe1\xa5\x05!\aws(\x19\xfe\x82?\x14L\x7f\xc0By\xa7\xca\xcbB\xd7?\x97', 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r4, 0x0, 0x7) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x9}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f00000002c0)={0xffffffffffffffff, 0xfff, 0x6}, 0x40, 0xffffc) madvise$auto(0x0, 0xffffffffffff0005, 0x17) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) ioctl$auto_KVM_GET_API_VERSION(r3, 0xae00, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r6 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sendmsg$auto_NL80211_CMD_GET_COALESCE(r6, 0x0, 0x10045) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 2m40.059125165s ago: executing program 3 (id=5350): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x9, 0x7, 0xffff, 0x800000000000eb1, 0xffffffffffffffff, 0x2) mmap$auto(0x0, 0x2020009, 0x7, 0x2000000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0x5, 0x0) socket(0x10, 0x2, 0x0) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x541c, r0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getsockname$auto(r1, 0x0, 0x0) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000000400)="85a8d00fede9eace3d1564e386c3dc6d7e4d4b5884475f10ad6202141a34e845042e735232a59ecc11ec01377536581bb82305f4ce74bd82b337132eff7be788f89f708e64ea19f02cade635827b3a04792b58e338d9408f5a0816109e55c7dffbb46109086e56262ececca86624249902474a5db4f6f4abcdc5ffdc59638daac8d8e2c0629b02cbbe82cd498d82cd32589aaf837db9d356b1545dcce2f8d84b45080b5ef753837480fed0ed54a06bf927402f3f3a180544ae9d7cf74bd2b3ad60e0da26b2950ad9d77a29826410104024d7454c9790a7a06a5833258381d8ccdf092e07d9d32a4d9d5d31ac67a24e12527a0c82b7f311c655040f1111ac16c67bbef1", 0x103) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x169000, 0x0) ioctl$auto(r3, 0x80405600, r3) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) sendmsg$auto_NL80211_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4044000) statx$auto(0xffffffffffffffff, 0x0, 0x401006, 0x4015, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) bind$auto(0xffffffffffffffff, 0x0, 0x6a) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x13e, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) 2m24.57796065s ago: executing program 34 (id=5350): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x9, 0x7, 0xffff, 0x800000000000eb1, 0xffffffffffffffff, 0x2) mmap$auto(0x0, 0x2020009, 0x7, 0x2000000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0x5, 0x0) socket(0x10, 0x2, 0x0) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x541c, r0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getsockname$auto(r1, 0x0, 0x0) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000000400)="85a8d00fede9eace3d1564e386c3dc6d7e4d4b5884475f10ad6202141a34e845042e735232a59ecc11ec01377536581bb82305f4ce74bd82b337132eff7be788f89f708e64ea19f02cade635827b3a04792b58e338d9408f5a0816109e55c7dffbb46109086e56262ececca86624249902474a5db4f6f4abcdc5ffdc59638daac8d8e2c0629b02cbbe82cd498d82cd32589aaf837db9d356b1545dcce2f8d84b45080b5ef753837480fed0ed54a06bf927402f3f3a180544ae9d7cf74bd2b3ad60e0da26b2950ad9d77a29826410104024d7454c9790a7a06a5833258381d8ccdf092e07d9d32a4d9d5d31ac67a24e12527a0c82b7f311c655040f1111ac16c67bbef1", 0x103) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x169000, 0x0) ioctl$auto(r3, 0x80405600, r3) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) sendmsg$auto_NL80211_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4044000) statx$auto(0xffffffffffffffff, 0x0, 0x401006, 0x4015, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) bind$auto(0xffffffffffffffff, 0x0, 0x6a) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x13e, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) 11.845524237s ago: executing program 5 (id=5774): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cec4\x00', 0x80402, 0x0) ioctl$auto_CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000080)={0x40000000001, 0x1, 0x6, 0x8, 0x6, 0x5, "8aa050a07c00", 0x0, 0x6, 0x86, 0x9, 0x8, 0x5, 0x3}) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r4 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0) ioctl$auto_RTC_IRQP_READ(r4, 0x8008700b, &(0x7f0000000200)=0x9) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), r5) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r5, &(0x7f0000000100)={0x0, 0xfffffe09, &(0x7f0000000140)={&(0x7f0000006400)={0x2e20, r6, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x2e07}]}, 0x2e20}, 0x1, 0x0, 0x0, 0x2000c040}, 0x4) r7 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x34, r7, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HSR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0xa}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000810}, 0x80) 9.476945743s ago: executing program 5 (id=5778): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) read$auto(r0, 0x0, 0x1) r1 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, 0x0, 0x1102, 0x0) write$auto(r1, 0x0, 0x4000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3b) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x1b}, 0x403) r2 = socket(0x11, 0x2, 0xe) sendmmsg$auto(r2, &(0x7f0000000480)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000380)='C', 0x49}, 0x8, &(0x7f0000000300), 0x6, 0x1000}, 0x5}, 0x2, 0xfd) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) setitimer$auto(0x2, 0x0, 0x0) mmap$auto(0x100000, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x9) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x9}, 0x3) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 6.927655654s ago: executing program 1 (id=5786): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x2}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) read$auto(r1, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, 0x0) 6.901252214s ago: executing program 5 (id=5787): r0 = socket(0x25, 0x1, 0x0) sendto$auto(r0, 0x0, 0x0, 0x0, 0x0, 0x3) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(r1, 0x1, 0x2, 0x6657) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0x1]}, 0x0) r3 = socket(0xa, 0x3, 0x87) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00800000ffefffffff0200000001"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) msync$auto(0x1, 0x9, 0xfffffff7) write$auto_proc_mem_operations_base(r4, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) r5 = prctl$auto_PR_SET_MM_START_BRK(0x7fff, 0x6, 0xffffffffffffffff, 0x5, 0xfffffffffffffff7) r6 = setfsuid$auto(0xee00) setreuid$auto(r6, 0x0) sendmsg$auto_NL802154_CMD_SET_BACKOFF_EXPONENT(r5, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001900)={0x1720, 0x0, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_DEVICE={0x48f, 0x2e, 0x0, 0x1, [@generic="72f423b2db43ece2316aa013796045a607d160e50496def7588ad2a6443470adafeaaace733026cdfc42e5ee234d1864ad1bd3d59a2be05e75e0a9e9c4f3a62d743d9c2f7e3e0c344ae824a28ea6ad507792c02d11df7d1865cbff", @typed={0x8, 0x75, 0x0, 0x0, @uid=0xffffffffffffffff}, @nested={0x345, 0x98, 0x0, 0x1, [@generic="b73320fdc2f616cef47166181359556501c59609fe068e03b8332d80d9dd1cc9f7323742fc161fad1b070c8b7755428fb8c2993564692705e2149a2388d0768a0928ae74a700651c2b2c9b18bebc07489774bfccece86801b15485c88e5f0bbc00e838769e37336f27230c3f66363a925cac23931dc8f50e282cadc5efd413c5dfc9d32041e58ba41446d17e21d400168a18375dd94b578337f4", @generic="2f9a11688127c68c90a210cbb9bfe17b341b05b5e9f2ba004c1feb43cf72b99e2343a421572a69b91d582fd2a9cece6173cdedcd8fa2f1bbdfc9b6a94042fcd8b1fdba41ab3dc42ca76a6028346905e15f9efb7a966bca7dd766fbb6d9c162eb7c268258837bcd03abdc6b9abb2f60f0a1a95001545f2185896fbb980b579f5af2cb028f25f770f26487eb2050415360de743cdbf72002482721a5c848d6353c48fd4eaa9963ac8fac7e65731c308e2c489e2062a2b82963e253e336052bad4a2cda43cb6bca5a", @typed={0x58, 0x82, 0x0, 0x0, @binary="bff77f7e37560c39b10292268ea8c2c7e604ee50eabeb8f995b618eafeaad946e797ca675ecf7630aff5ec0621c69bade513f89403e73798a6efe16100516c84bf1d17a62a5fc21ed46ac68de47e58f9aeb9ab46"}, @typed={0x8, 0xc4, 0x0, 0x0, @uid=r6}, @generic="fe889ff2f01e12505cd12249d39678b884c118817c12392fec9e15fbbb1cdba7953996da972f88c0dafd0f703e316271abae8ccd21770e3b262a1019f03b3871345674e771de0756b6b0137ad5d21cb489cbe8c57f82568dd8cacc5b4b398617514b03d1e947eaf22d05e34d63e7ba1ac906711e2567f6e959dea1399201709d4ed694d054669eebb93abb7c8baba7b884e4486fe6e5e9b68b5f220a344dd3af4aaa203ef6df43f9c8641f17644862d00eae77f9a1a40ccd9337cf71646735af02e2a090e7ef2736", @nested={0x4, 0xba}, @typed={0x8, 0x12a, 0x0, 0x0, @pid=0xffffffffffffffff}, @nested={0x4, 0x46}, @typed={0xa7, 0x6a, 0x0, 0x0, @str='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc'}]}, @nested={0xdd, 0x129, 0x0, 0x1, [@generic="af509542ad6d36d1628a3bb64ffeee9fbd3774dae0bd7e43bd50eeea79f763b959261e2ff095f53a9ff64b492b9ef1d418c00b8827f7884d9f471e1376344c2291283edda8e3a796e6a893f3fae6133bf4edc76a1fb8c03d866520efb16d4ce1214c23c74a7801f866b4fa4d3abeb6f6135bf018f0bd431107b92e6c9c2e27e8d7f4326c2493714fad71ced1bb57c9ce3fa910553356e2befad58ed3785a67408a5fa2c4f5c84784201961aa600e29957325b00ed4177208f6bba7f107b3525f7b6222f7e5098d9ae6ff5e8488ee464dd75d679975fd556517"]}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0xfff}, @NL802154_ATTR_SCAN_TYPE={0x5, 0x1f, 0x7}, @NL802154_ATTR_WPAN_PHY_CAPS={0x1268, 0x18, 0x0, 0x1, [@nested={0x264, 0xa0, 0x0, 0x1, [@nested={0x4, 0x142}, @typed={0x8, 0x2f, 0x0, 0x0, @fd=r3}, @nested={0x4, 0x11c}, @generic="31b2c01dc7f52a879a29c928e7268ac436fb9c1282ce8975b86309786bc979f39f229e6e0fd6e8c8b7e3fcdb74bceb158246512d04b5cae0b93f0cac7ea82bbc7000019a0c56d5394282fb9746a6e2bbb97bab8825761069a4e65cbfe66c42c334d3ff5417e8532af8f466ded0859ccf48d23ac2da4385ca8343ea864422b193be2c67e30c20ae1a450f14ebcaa56a1173a68db722ce2ad283011cc52a149ab4998ca7f82df6144188bd178f5689e72fcfc8", @generic="44491771ab063d0dd28ebcbd43504f005c78704cdce4c31174c24044b5e875a74acee9bb8bbb920ad3ef7e57d080d3825a330480ec7e68aaa9e6eb9f6f76f7b0d13dde814cba64f9393b21afacc97c7e542114159883090c24d1df0434ba86a75746ffd160289ff56b6b0a4f15ee06711bcffccd63e01c763d99ae7281e16a8e4792e41cff899d544e6c3caac5f4be64d617541b708f0b9b1d6662314be0", @typed={0xff, 0x49, 0x0, 0x0, @binary="00ff09dae86c417e601607b4ee11fbb1bb8502cfbdfbf7dc64889b490b6b9b2af317c40e267b1e6a71292e5e773dd19980179f5b294b1fa349a7143a35c08237abc7b6343bf105b81b35dfccd13bda7b2128f6a4b17d643b3efdce70f55946b73e60db623cec5455edf2bae643675d06db1237cc1377a732be564efe20553f2b51fe22e309aab1bc2c6ae84a66eccabca047152e65a498468a50efab71f331bb0925480e975480854bb73d3c05d5a8aa461198894921c7d2e36cb025295f4dab0e72a78480149f3579ae8a59945c4c177a20977e5504116a04365445860ba863d1f419fc33b1ae74fb1363f584e83fffb34eaece84fa05ed087220"}]}, @generic="f168a8b442d7ae4ff155e21985c4360476fbee0f08d5cf6bbe667dc42aaf24256e2c0acdc52d3f7e45e6df581608990a5f537fd33451e36d6a23bc79c53d879f5cc357767982e99636cc06291a678032e0c4167cc984d9c529902247bee55dc9a406954d8f69f6c3d7d42acc530ea9ae9cfec797dab775fed1c9ac80b76fd16334f683c7e1d99c5d130b1fe5956272c970c0cd7fe7ffeee9662b17df5754e0a2d55dd18e5bcbd9adc20149baa239f511d07af3c4cf6229e94242e37b3803cfdcda9921234a54b88c09ed70c16e4eb75c6cf5bbea03626a151527671f07f87767ff29866b9e08b640c3eeb5524abd9388732a6180b1d994afb0e9e1793ad5fd5a9801785a0f1d88b98536c399561cd4cccf781000fa42a90f77904a4e848f144bf27c6c09df04a2324cdbddbb5ed921a607d8ba5260a94a3f08e33b2ec452b35fff1eb855ea896c54fc75bedadf286fd3801cdba78a9faa159229c706292341699e21427692d039c8d72442decdc0b41bc49be3fad52ab3012e72fe1de3171ccf29ba6939c10816ec3ba2632c9757cafaaf539acc6ff514d21d9543cbac4c97aeba7578e8b4c6cbc02541a738074df9921f3a99108c293bcf0709b8881b7e9b31fe24d0e0b689496c509f49bf8e70d0e35381cbe07a9853d8e24819c2c09031c0061db1e855ebadd002dfe307671c27dd0b986f11bb8db32834f4a9bf7793cc2addf3b0ac37ef169a845893288bd35e477b5fd45cc6bf42b218d3e2d10bfda054e06ead8aaf849b3e6cc4a8c46f1b0d694f03e77040334a283df43eafaf78d55457b64cb665c39fcf2748e3ef7c73213859040bc0c80b8b990a71fafbaa773d603c28d01e7f38ef9b6b74424ccb5f28b8648d304b4b613cf72f55e96c8df1e62247cf68a82714a9f9e80ecb15267d227c23a98e9d8aa5768010f81c286a1ff627be07c9134f588c4a9e24bf5e332d7f7773d0f1426c8e8cf5514788651d65179d99b588297a82ec12a331d50c96c42d3830c6bbab982c871a36fd20002e5fd304d9d649acba17f566e3022daf253359a181d49d99e743d413fc19bf3a5c47befd3bdd27cadc953b762a7eae4cf86da49ca5d0b87f0f61d858dd68d4cc2b5baf38e09d831eb17f4c4b9f89945020c35a0d4a9c59b0ec199ab165d3e4afbde7820d92d66f8578f7730d17f246896c4300497fb836fe90fa724fb809c21dc47acdba39d25f1ade50c411cfce0a51187f430cd84c28cb612848672cb5c3c6dce0aa1a35d1971050ed9388d20d104845ae98edfb0221c9517254b1dc233d9067dadc219adbff7827f7f973f5ced2fc51d9f2764399ae53b3f96e1f74662ae88175971d98b5468412a657631993255526d280db397caf5d532d841b85a24fb923b39356f399ff7db4ae18c3bc9a2ab857f95a835774a3b8a2cee913fc27cddafbbce11417fabc5260b303fa54a351c68855dade38d4eeb4f31864427fe206c9ca939ea3c076b16f0858ce29f82627633cfc3e03baac7efeb704572e94b94b55e15284602afc84ae9b9aea9c9149db4bcbe4c48ea602e72a122c20a702c0b2be1c396ddd3d2f656eeda695f7a84c314df123c2481a0d2f26da2002dde4b1a0164fb8d4247b85d7d750fd66b42bd47a32e2e949fa1e1c42d7439a16d17c11bcbfc01b03f0a347b9878cf0417bfabf12ba0389123626a59cc784b29003e4f0ca7c738e3a2e9f14b82e8ca395d993b6b3f647a92dfcaac90192e54f9d87b80300b3470cf4c8aba225d672fd266c2950b77636462fb70081378a222a2f29bbd9c294d74e21188a2188f2102f198837bb8501087a3354e4093c29e0eca85441dd096f2c9ff37393c0fd6837e02b077454ee9d8ef7cbce697c214a9c90720526182756c3100017d903583815ac6a3b30c16870883bf30535c8956cf170aee6b6508437928ae1ff6ccdccc3c04ea24a25b10daa2bc1d613aef6ae74cfc6ff725f7c185da8a15ca2e69d2ce0a5276ba2667802c0d9a9c51ec0d436c4f1eaaecc881083371964f7dcd08da1bbcfb7a72dc4c39a2803c06582a9da464981fe40fa85bcddd734d0434c0986c07a1848c460d1ee42e2fcb79a127bc8e01957d40bc18f577d8fd6f2c463cd41d9517f79d76f94c84b4662dffaf0cacc6b7648c6af039066e11e501368c992fff95e811c9d24f78dd5136ecac565b239743cec7f4e8dee62a406769f98cb0a2b8d4fcf384fc2e867332f41ac7b2cf0421d5195bbfbb1a9c30d1250224ebe6868fad5f9b5542f9f50d07f4f1d93588b7cbbfb07fec06762fe9c632d6a4f0bfff11af61ff56a028a07170d8d6d6919d45a81c0dc2490212d2c7ad83dca6497895f65b7cd9eeff79987df545ae6a4164e659be3e4fc56005bb2cde3125d0af01a4583d25edb873f16635b4f1bddf39ddeb7b8b4e7ef5faaee7682b762719ea2b20e4834f017f6e846b709cefbf6195d5938ac9b9a1a25a8117204919bd1dc1598529f3016bd8937960a895f7920ece27f0f191ceb964a538150880b6265cf9e388354f7678a42a9c2a220e4a863498f6f2ec77d1112208114c20a49a2a8f964796a6701df8158e244a258ebb0a39b43940bbd739e6dbf07c5e81a7a3b367426cf15198f4fbc282502613a44597fd94f409ff31d0028de0f0962e4a8ce71361d79146fcc2a2086f723e7ffa4de60be34143b1bfbe2c84aace0937743ac80e0fcd9d2c2b9a0072c04761cc909cf0999cd13aba902483fa31510c1dda3645afe7d19a79eb1904f3787c1c322561e06623fb9b0b175420cc23d8f9b9beed9fddd5f6bab7b78028a3a845bfb20ae7838844c99618218faef8956655e14b270579900fb861851c206bd8c211332de3b60f09ceace16911bc48a11471941a2c471fdbc7021cbe9d493c30f171b798bccc7e878787ecdd6f6a784c765a07a55b4ecaf531530a9dfc6d573f27057a407013cba742c5a84bed5ea42e839c1322fde750669856e5c3ced75dd53d0102e7c5a36263ff33a8c6256febfb88be37f8a57c2496b4e3afd75399d4cd59dde75527293d6e956ee505b4b79ae7559c7ee7543772cc95fa18aeb33318a321413c2b8f027add03ff72358759cb9d6c8842e192b1ec801360e80a2b79c6f4265e1402dc0f8b28afad5a2a5b050b69a855e2750c06e116231d3a6d16aad0f4d45a7a8285b4216b1b9ed6b579c93ab67b1d6d35e78ddcf0eacff194fb7e9e623dd45b36f99146ee865976afd4e1806193eeff7453c45510be26da1756ca304a075a2695d80b70edc7328d5b2d9333db18599d3dbfd6b6a9a87c0b2bdeded90cb7e6f6f754cce4a098bc1cb43faec7e856475e840d8dd5253c7cc8a9a7c5e21d9f2c320ac4fca5886799f8b48d338c95ea4581c91e22ad45ec24732f3ec98a7825bacc728eda151b89a16b80f88591f6198a72717fa6bf85054beef2fdca35bf218b2b39f19dfbac1d51c152958f339501b2f8efeef644e7ce6588773149dc1bb3702c88899046d08a02a2b80cb95ab78a44a890e9ef7152c9e69a1cdc63648da81850206b07fa2259d4ccf899ab55aefe0bcea55a93c3ff0837ca60c5fc99722837adfa36711abe3b95501618f5afff6e4bbe818c99792888f0349fb4c869fc8dd6145164b9e850abb94e2e4812ee1943c1090435b5e177987eea1d83c13b798ada5474b1481b803fc0ad9acac7743f5299321dfcde6ce458fa4138e4ab8799f99965323a0c87a3c22de5da65f067069f33466e51d4d87c8a744885fdb9647e07a1de4e958caa34cdd8f1d289b71600c22d6027c149df467e843f67ee5fb4b8fb83caf2854b5e025aad87cc51a1f8c95b44ae191141f493f2f3259029e35470a614aace83415a341b772badd71d4554d9eb78d204ae270bc439e9f641e176b49571a9dfca274e06c1aeec4ec4675aca1a170fa467ddd4801c7283802ba24e86e03a375da7c570d7ee7a7d51ba9189f5fa6b2940ac23012e2f13af8b8fdff9d65d825e8a8107c228c5d32a9f94b0320252604b105855d00b6de62654d91907c263be439ec86710fd167f3463d6be87b696e8103c029e3906402155a9096929a213add02baf33cce33ddf9a161a751d1b78e90dc9069f2d35caac353ca4964a7e50b5c91e69c2c29fbf17df761921948cc7a4df9e155c2652a0d904c0a152b3dde7b914c4e4a5ea68029b487f06b6380af05a17c8706a609a8f13573f9243cf87e58d5f6315c6ca6c2deba7a2c3a6793eb627ddb8e1309746688e965a7761856b1f965df7bc19c9b0bd3fbad27be3d7903f07f3298689ac5342b091ea190a267c553550f1426379e1e1edc5190f6f474039d91a2643fcbd4f3d76e1aeab86ad3d6626e3a2e0f2f39b30c1dbbc34da97842af613487a026a8c0f5feff6f3093dea2aa290a628527839e03adebff02eb805de32539e328c562934d0dffa506030affe34e246bd2d4c749ba0376eaeb96897fdc22f5cc5285c45d3726f4eee74619ae19d4a7272eeffd8ff08ca7d5f92bf8e3f69c9fec45b4a5b0ea925533744ab2f672c2990d630dc66134e73cf982592066719d70193418a436243c42d1a8e402194659c51d5080e32b874fdcd20094a5ebb2beba147ee3354d07671a56c381480d0947673359b65552f6a5110119d6247987fce1f318b603834fc97a922309cd32409fa8874e49bf6f0ca8ce39c01c371c0f34e624346f77ce5077def0c63dfed54d4a7ad77ae30c8b65924c8bbe0eb8728def8e851080ec7c51ac82d9dbb8f2d05d4d5ed6fc8092c2afbaea46e4dc357f12a56f873fce294ac63cb0a624ea5a84005900b63a3544493b2329a9bea562b0b17859e79ce5b6b984b2bb74e989fb61a4c5cb05487411218fe01f40f2076c40b3cbda2c852fa5dbf256d93965755234c83088265e54850da330d0c01cf0b321777682c2f1f371c8768e77d38b1c7a5b4473586455024c822fc69ee9227a9c91a922e92f1024dd8deeda192637a77ab14844a55740a7df26cafec8ac700b4dc35b0229bcf6bee063e243b0272c56b4a00ad34a2c52bf362c37d6bae5f6a3b8d2d4bd27ae2d57f1b1a580a1f276b99b90f106664390da325689cba318585a28615328d88de0ef499474cb39c2a415bfb2d86c6b5021ab8cbf77ffd3401655bbe34f90e5c671c1b5becccd5c7ae84ca188d521b995bfdeec472718cca69b99edf816a3be40810f281cb7550de114927cc51feca66916d598c2d63f75091e62ccabc3d84d6b2bf035071f8f504fd4d0a91769bd2e5f5308cea988dd56dc25e6d2365a0114b1ebc0e8d31aa3d6d7c326ef976f9ce15596b83d2ccced786369159b577d393faae91a6083a924b485303c28b6665049181e0db3ce1a96b01251308b714ee831ea0be558c9b91f323df72201c085f4108cc9bc20154a1f3c32804dbd263d7bec7f45f7f55a6979a862caf8bcfe2b99da772f118279008152a1871ca54d4fac1ae427c62739bda322669aa06831a9ba5c32443541403a86cc5298c98e46aeba608406242fdb88f292f74ae387fb83f717330f3130c2669a071d972069b1bdbb46ed0536ac3dbe060893e3996e3b42907a38238d9a8eae03e1ccf0cc0409b5ad71b7e90352ea6e591851c211322af821af49ecbeb3e4c20ad5342c0950bcbcd8456d2d7d5395e539847bc77f6ad38f5ab84fe6300a23f6434c957d26d7a00fc9837e3a4c71c1de886262ed6576401d493e881ffb3bef64c965a78d9c7cdb81407dce48c4e9a625f3cf1588a36453a1d60e903f90f3fcf989e04e2daa44793608b601803b8597"]}]}, 0x1720}, 0x1, 0x0, 0x0, 0x4}, 0x20044010) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) 6.553125735s ago: executing program 1 (id=5789): ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000100)={{@raw=0xfffffffe, 0x85, 0x20e, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x6}, 0x0, @integer=@value=[0x42, 0x3, 0x4, 0x6, 0x9, 0xfffffffffffffffb, 0x9, 0x3, 0x101, 0xff, 0x22, 0x4, 0x6, 0x4, 0x7, 0xf, 0x1ff, 0x1, 0x400, 0x8, 0x5, 0x2, 0xe294, 0xa2, 0x8, 0x100000000, 0x2, 0x8, 0xae, 0xaeb, 0x3, 0xffffffffffffffff, 0x5, 0x8, 0xfffffffffffffffe, 0x10000, 0x55e2, 0x7, 0x8000, 0xe, 0xffffffffffffffff, 0x6, 0x9, 0x14f3, 0x1ff, 0x1, 0x6e7, 0x3, 0x8, 0x9, 0x0, 0x2, 0x7fffffff, 0x7, 0x2f79f1d9, 0x0, 0x401, 0x9, 0x6, 0x100000001, 0xffffffff, 0x800, 0x8001, 0x5, 0x5ed4, 0x1, 0x7, 0x80000000, 0x962, 0x5, 0xfffffffffffffffe, 0x8, 0xfffffffffffffff7, 0x401, 0x1, 0x3e44, 0x8, 0x4, 0x9, 0x1, 0xc98c, 0x68, 0x2, 0x6, 0x1, 0x3, 0xfffffffffffffffe, 0x4, 0xfffffffffffffffe, 0xffffffffffffffff, 0x55, 0x8, 0x30, 0x2d, 0x0, 0x3, 0x2, 0x0, 0x726, 0x7fffffff, 0x1000, 0x10000, 0x0, 0x4, 0x1, 0xbf, 0x2, 0x4, 0x0, 0x5, 0x1, 0x40, 0x6, 0x9, 0x8000, 0xffff, 0x7, 0x140, 0x0, 0xc7dd, 0xfc05, 0x0, 0x4, 0x6, 0x8, 0x0, 0x0, 0x4], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, 0x0, 0x426a2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/trace/enable\x00', 0xe3102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) write$auto_dfs_global_fops_debug(r0, &(0x7f0000000d80), 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x6, 0x6, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) ioctl$auto(0xffffffffffffffff, 0x64c6, r2) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r3, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) 5.962200491s ago: executing program 6 (id=5790): keyctl$auto(0xe, 0x1, 0x0, 0x5eaf, 0x8) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x2) pipe$auto(&(0x7f0000001480)) socket(0x2c, 0x80003, 0x0) readv$auto(0x3, 0x0, 0x3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mlockall$auto(0x7) close_range$auto(0x2, 0x8, 0x0) 5.374804583s ago: executing program 6 (id=5792): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/fs/orangefs/capcache/hard_limit\x00', 0xc8002, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/dsp\x00', 0x1, 0x0) (async) write$auto(r0, 0x0, 0x80000000) socket(0xa, 0x1, 0x84) (async) sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x4000000) (async, rerun: 32) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) (rerun: 32) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x80802, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r3, &(0x7f0000000040)={&(0x7f0000000380), 0x6}, 0x6, 0xffd, 0x3, 0x8) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r5, &(0x7f0000000e80)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="4c000013", @ANYRES16=r4, @ANYBLOB="010029bd700002dcdf251f0000000500060009000000080003000b00000005000400e900000008000200f7000000180001801400020076657468305f766972745f7769666900"], 0x4c}, 0x1, 0x0, 0x0, 0x4004084}, 0x82) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x80e42, 0x0) (async, rerun: 32) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram0\x00', 0x6e642, 0x0) (async, rerun: 32) r7 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x842, 0x0) (async) r8 = prctl$auto(0x3e, 0xfffffffffffffffd, 0x0, 0x1, 0x9) mmap$auto(0x0, 0xa00005, 0x9, 0x40abe, r8, 0x7) (async) ioctl$auto_VHOST_SET_VRING_CALL2(r8, 0x4008af21, &(0x7f0000000080)={0x7, r6}) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000100), r9) (async) write$auto(r7, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7kt\xdf\x1ao\x06\x89|%\'hf!\x04\xb4\x80U\xa14m\xfa\xf4\xa8g\ta{\xc4', 0x200000000009) (async, rerun: 32) write$auto(r6, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (rerun: 32) ioctl$auto(r2, 0x40081271, 0xffffffffffffffff) (async) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0x7, 0x2, 0x13, 0x1) (async) socket(0x1e, 0x4, 0x0) 4.803258627s ago: executing program 6 (id=5794): connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "f99c0301d407000000e50400"}, 0x55) epoll_create$auto(0x8800001) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) sendfile$auto(r1, r1, 0x0, 0x2) ioctl$auto_SNAPSHOT_FREE(r0, 0x3314, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x503e6badc8157bb2, 0x0) pipe$auto(0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800) r2 = syz_open_procfs$namespace(0x0, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, r3, 0x8000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r4 = socket(0xa, 0x5, 0x84) sendto$auto(r4, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) setns(r2, 0x0) mmap$auto(0x0, 0x220008, 0xdf, 0x10000000020eb1, 0x40000000000a5, 0x8000) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000000040)="f807ae89eda6137e6ef5b5612f837d6c00e8e2ac70510a6aaa94d473ae3b443d7ca035205dad506a76d90a99699db0e2c393d0522c3c829e7d73217b65866e98f750bb89b0280da7ffcd", 0x4a) move_pages$auto(0xffffffffffffffff, 0xa6, 0x0, 0x0, 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ram13\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) getrandom$auto(&(0x7f00000000c0)='\x98\xa6\x00\x18\x88*h\xf3\xed\xaa\xcd/Vs\xfd_\x7f\xf0\xa3\a\xbb\xf0\xeb\xd46lh\xd3J\xae\xb9\xd2\x814\x8b\xa5\x10\xf2\b\xd0\x16\xb4\xb3\v\xf5\xfb\xd4cg\xce6K1\xeb#U)w\xd8\x99}\x9fl\xb0E!\xc2\x91\xa0\xae\xaf\xf7\xe5\xa0\xb1\x10\xcb\x92\xab\x12\t\xdbD\x03mS\x159\xcc\xf4\xfc\x81\x87\x19i\xb9O\xf3\x8egm\xcc\xbc\v\x0e\r`F\xb1\x1d\xf7G\xf7\x0fM\xe2I#\xff\x0e\x06Z\xea\x9d\xa6\x93\xf6\xd9\xcb\xc9\x87\xdb\xa4\xbe|\x8f\xd4h\xec4]\x85\xe1\xfdU\xb7\xddF$\xdbz\x8f\rA\xa2\x8b`\xaa{\xaaz\x03', 0x3, 0x10001) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0) 4.775481105s ago: executing program 0 (id=5795): mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0xd, 0x0) r0 = fsopen$auto(0x0, 0x1) kexec_load$auto(0x7, 0x9, 0x0, 0xd8ef) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) fsconfig$auto_FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000300)='\v\'\bn\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x1e7\xbb\xedO#\x14mC\x97\x06\xd9bZ\xddL\'\x03\x00\xff\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\xc6\xc0\x8b\xc0CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xed<\x86[c4%\xa3\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6\b\xe5\xaaJ+\x02\x9b#\xa9\x9b\x17\x82\xd7\xee\xd1\xbf2\x03\x00\x00\x00\x00\x00\x00\x00B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\x00\x00\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\xb2\x1d\xb3\xef#\xcb}b\x90\xafR\xf5\x8cg\x95A\x89\x8d\x9a\xfcV\x9bm\xd4\x82\x7f9\x12\x98\x1c\x8e\x1f\xdc\xe5Y\x7f\xe8\xe1g%\xb8\xf9b!\xc8\xa0\xf7\x06\xbb\xdf\x1d\xfb\x00\x979\x8e\xd0AP\xbf\x1fM\x1fd~\xeeS^8v\x80\x1b\xb1I\xb1\xa4\x89\xc7\x9d\xf2P\x04\x99N{\x9a\xfa\xf3\xcb\xc3Bx\xb5\xb8*\xa0-\xda\x84\xc5S\xe2\xc6\x92/\xed\xc2\xceK\xad\x00\x00*)Hh\x8d\x06cQ\xf1\x9d\xad\r}\x15e\x18\x06\xe3\xd2\xe4Q', &(0x7f0000000280), 0x5) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) timer_create$auto_CLOCK_REALTIME(0x0, &(0x7f0000000040)={@sival_int=0x24, @raw=0xe, 0x4}, &(0x7f00000000c0)=0x2b) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)={0x28, r2, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x10}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x0) 4.469782872s ago: executing program 1 (id=5796): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) read$auto(r0, 0x0, 0x1) r1 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, 0x0, 0x1102, 0x0) write$auto(r1, 0x0, 0x4000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3b) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x1b}, 0x403) r2 = socket(0x11, 0x2, 0xe) sendmmsg$auto(r2, &(0x7f0000000480)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000380)='C', 0x49}, 0x8, &(0x7f0000000300), 0x6, 0x1000}, 0x5}, 0x2, 0xfd) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) setitimer$auto(0x2, 0x0, 0x0) mmap$auto(0x100000, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x9) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x9}, 0x3) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 4.276570712s ago: executing program 0 (id=5797): sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0x400000000006) sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0x400000000006) (async) 4.062007287s ago: executing program 0 (id=5798): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) mlockall$auto(0x800000000000005) mbind$auto(0x5, 0x2091d2, 0x2fffffffa, 0x0, 0x3, 0x2) syz_clone(0x20000011, 0x0, 0x0, 0x0, 0x0, 0x0) msgctl$auto_MSG_STAT(0x7, 0xb, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7ff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x41a800, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) ioctl$auto_FIFREEZE(r2, 0xc0045878, 0x2) mmap$auto(0x0, 0xe, 0x3, 0x16, 0xfffffffffffffffa, 0x8000) r3 = signalfd$auto(r2, &(0x7f0000000000)={0x100}, 0x8) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000440)={{@raw=0x200, 0x0, 0x0, 0x827, "d375de81aa00d12a4966014d253aff1830000000030003d352806dc60622efee7ca4ab25b300"}, 0x0, @bytes=@data_ptr=&(0x7f00000001c0)='\x10\xd6\x15\x14U\x89n\xa6\x1dOE#\xdd\xde\xbaw\xa8g\xb6N\ao\x9a\x946\x12\xb2\x05\xf6B\x1fke}\x88\xb5[\x00\x00\x9d\xbc\xe69\xfdd\xf7\xaeS\xe6d\xe4fS\xe9Z\x17\xb6{\n\bN\xd5#P{\xfc', "24a35540b5ce56ebcd6ffbd3179ea33f658e644d8e976182f6b9b6df3b83effcbfea77d24b7ebf46bd12bfbbd166da4e34a1dfd0871c349755b289f5a5dff333d1563c4bbc47930c917514b6cf6ce52efe9ae6162ca2fa783826deff1fd25f5a020fb82a4ac2aa24f6856d35482696190eb00c843498ba0c61c9e80c5709afd5"}) r4 = socket(0x10, 0x3, 0x9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/pci_bus/0000:00/cpuaffinity\x00', 0x30800, 0x0) read$auto(r5, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34) write$auto(r4, 0x0, 0x5) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000080)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000140)={0x9, &(0x7f0000000040)={0x15, 0x3, 0x1, @inferred=r1}}) ptrace$auto(0x8, r0, 0x43, 0x20000000) gettid() waitid$auto_P_ALL(0x0, 0x3, 0x0, 0x6, 0x0) mmap$auto(0x1ffc, 0x400008, 0xdf, 0x9b73, r1, 0x7d07) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mmap$auto(0x1000, 0xe983, 0x0, 0x19, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xb02, 0x0) 3.279065843s ago: executing program 6 (id=5799): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000033, 0x0) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) r1 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) read$auto(r1, 0x0, 0x3) 3.251742528s ago: executing program 1 (id=5800): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async, rerun: 64) read$auto(0x3, 0x0, 0x8080) (async) unshare$auto(0x40000080) (async, rerun: 64) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) (async, rerun: 64) read$auto(0xffffffffffffffff, 0x0, 0x20) (async) bind$auto(0x3, 0x0, 0x6a) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async, rerun: 32) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0xc, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) (rerun: 32) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2b, 0x1, 0x0) (async) socket(0xa, 0x2, 0x3a) (async) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) (async) ioctl$auto_SNDRV_CTL_IOCTL_POWER_STATE(r1, 0x800455d1, &(0x7f0000000100)=0xfffffffc) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x4, 0x8]}, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r2, 0x0) (async) mmap$auto(0x0, 0x9, 0xfffffffffffffff9, 0x8000000008011, 0x3, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) open(&(0x7f00000000c0)='./file0\x00', 0x12c42, 0xaa) (async) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0) socket(0xa, 0x3, 0x3a) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) 3.125916089s ago: executing program 5 (id=5801): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000033, 0x0) r0 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, 0x0) r1 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) read$auto(r1, 0x0, 0x3) (fail_nth: 2) 2.985814737s ago: executing program 6 (id=5802): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) symlink$auto(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x18, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_CIPHER_SUPPORT={0x4}]}, 0x18}}, 0x4044820) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) symlink$auto(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00') (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) (async) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x18, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_CIPHER_SUPPORT={0x4}]}, 0x18}}, 0x4044820) (async) 2.526034179s ago: executing program 5 (id=5803): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x149e42, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x149e42, 0x0) mmap$auto(0x0, 0x810002, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) mmap$auto(0x0, 0x810002, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x300, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x8002, 0x0) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x8002, 0x0) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) mmap$auto(0x0, 0x400008, 0xfffffffffffffffc, 0xdf, 0x2, 0xc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) r0 = io_uring_setup$auto(0x691, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(r0, r1, 0xff) socket(0x2, 0x3, 0x100) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x228e80, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xc048aec8, r1) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000180), 0xc375111f31e0b3fc, 0x0) (async) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000180), 0xc375111f31e0b3fc, 0x0) ioctl$auto_PPPIOCSNPMODE(r3, 0x4008744b, 0x0) readv$auto(0xffffffffffffffff, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040084}, 0x40090) (async) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040084}, 0x40090) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) (async) socket(0x10, 0x2, 0x0) 1.91227461s ago: executing program 0 (id=5804): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/admmidi2\x00', 0x450f82, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x40, &(0x7f00000001c0)={0x1200, 0x5, 0x10000, 0x9, 0x5b77b906, 0x0, 0xffffffffffffffff, [0xcfa, 0xe5d, 0x5], {0x8001, 0x38, 0x9, 0x4, 0x4, 0x3, 0x3ff, 0x3, 0xffff}, {0x20000000, 0x9, 0x7, 0x2, 0x2, 0xffff13a7, 0x0, 0x449e, 0x1}}) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0xf, 0x0, 0x6) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000000), 0x205ac, &(0x7f0000000100)={0x0, 0x7}, 0x5, 0x0, 0x5, 0x4}, 0x20000005}, 0x5, 0xcae) 1.677065679s ago: executing program 0 (id=5805): ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000100)={{@raw=0xfffffffe, 0x85, 0x20e, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x6}, 0x0, @integer=@value=[0x42, 0x3, 0x4, 0x6, 0x9, 0xfffffffffffffffb, 0x9, 0x3, 0x101, 0xff, 0x22, 0x4, 0x6, 0x4, 0x7, 0xf, 0x1ff, 0x1, 0x400, 0x8, 0x5, 0x2, 0xe294, 0xa2, 0x8, 0x100000000, 0x2, 0x8, 0xae, 0xaeb, 0x3, 0xffffffffffffffff, 0x5, 0x8, 0xfffffffffffffffe, 0x10000, 0x55e2, 0x7, 0x8000, 0xe, 0xffffffffffffffff, 0x6, 0x9, 0x14f3, 0x1ff, 0x1, 0x6e7, 0x3, 0x8, 0x9, 0x0, 0x2, 0x7fffffff, 0x7, 0x2f79f1d9, 0x0, 0x401, 0x9, 0x6, 0x100000001, 0xffffffff, 0x800, 0x8001, 0x5, 0x5ed4, 0x1, 0x7, 0x80000000, 0x962, 0x5, 0xfffffffffffffffe, 0x8, 0xfffffffffffffff7, 0x401, 0x1, 0x3e44, 0x8, 0x4, 0x9, 0x1, 0xc98c, 0x68, 0x2, 0x6, 0x1, 0x3, 0xfffffffffffffffe, 0x4, 0xfffffffffffffffe, 0xffffffffffffffff, 0x55, 0x8, 0x30, 0x2d, 0x0, 0x3, 0x2, 0x0, 0x726, 0x7fffffff, 0x1000, 0x10000, 0x0, 0x4, 0x1, 0xbf, 0x2, 0x4, 0x0, 0x5, 0x1, 0x40, 0x6, 0x9, 0x8000, 0xffff, 0x7, 0x140, 0x0, 0xc7dd, 0xfc05, 0x0, 0x4, 0x6, 0x8, 0x0, 0x0, 0x4], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, 0x0, 0x426a2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/trace/enable\x00', 0xe3102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) write$auto_dfs_global_fops_debug(r0, &(0x7f0000000d80), 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x6, 0x6, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) ioctl$auto(0xffffffffffffffff, 0x64c6, r2) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r3, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) 1.302098105s ago: executing program 1 (id=5806): r0 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy7/queues\x00', 0x20000, 0x0) r1 = openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/tracing_on\x00', 0x40100, 0x0) read$auto_rb_simple_fops_trace(r1, 0x0, 0x0) move_pages$auto(0x0, 0x2, &(0x7f00000002c0)=&(0x7f0000000240)="a459818816c0647044791855ab501d2e6cacc0268dc5adcebe0e2cf40653808108931649b8d4fc4c63c7c6f61266313830bbffffab22b15f1c9cbe80cabea54572afcd85e63da5cf8cec9b4828ae205129a0eaf11660c0ccf97d726e477f57139175c8e3f46607afda946fb85765957cf573ec4f6811b4e8e428a20c1252c6", &(0x7f0000000500)=0x101, &(0x7f0000000540)=0x92, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, r0, 0x5) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_stats_fops_2(0xffffffffffffff9c, &(0x7f000000b000), 0x80, 0x0) r4 = fsopen$auto(&(0x7f0000000040)='\x00', 0x1) read$auto_force_wakeup_fops_hci_vhci(r4, &(0x7f0000000300)=""/95, 0x5f) sendmsg$auto_NFC_CMD_DISABLE_SE(r2, &(0x7f0000000640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000600)={&(0x7f0000000380)=ANY=[@ANYBLOB="4da95fe309365358b50837b50978ec421035427bd1ebe2906a3037db329c5265b2eb6972567dae55f2f3d3aae828a6ef6e2ad372fd12f07ea8a20327c91aa37af5fe22b0a795f931c58df97e9ef245efc3dc9df81c20aaeaf318224a02970ae2f3ad821f67ede982ae9b5136193dd3b150017ddfd2695bcdba3504f1cf5577a319bc1ea2364a471f72f9719f2dfeb59ab5d160aedc4bd58cd077f4674f58fb2f3149e1cc0dd7bcb23df49e399cb8410b788c6b259438096d503ae170a55fadb2a5a5f2af626235bdb78d227da7955a76d2defb6a63322e409ad74820cb0999c8146203cf01ada1fd289e93c968ff51171df8da9407bd8c90678dfbb71f88f0e3654f4b68245fde756714692d55a189c400"/288, @ANYRES16=0x0, @ANYBLOB="000229bd7000ffdbdf2512000000050010008600000008001500030000000800030008000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40001}, 0x5) pread64$auto(r3, &(0x7f000000b040)='\xdc', 0x6, 0x3a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/netdevsim0/del_port\x00', 0xa001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) capset$auto(&(0x7f0000000200)={0x20080522}, 0x0) fstat$auto(r5, 0x0) socket(0x29, 0x5, 0x1) r6 = socket(0xa, 0x5, 0x0) ioctl$auto(r6, 0x8941, 0x8) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x240, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card0\x00', 0x121d02, 0x0) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x622340, 0x0) openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x20040, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0x80003, 0x304) socket(0x2, 0x5, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) 902.573415ms ago: executing program 1 (id=5807): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) brk$auto(0xffffffffffffff66) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r3, 0x0, 0x800003, 0x270) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x9, &(0x7f0000000080)={0x7fffffff, 0xd, 0xc000, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0x1000000f, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x10000}, {0x5, 0x1, 0x21bb800, 0x5, 0x6f, 0x2, 0x1, 0x8, 0x100002000}}) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x202, 0x0) personality$auto(0xfffff032) ppoll$auto(&(0x7f0000001ac0)={0xffffffffffffffff, 0x9, 0x7}, 0x8, &(0x7f0000001b00)={0xf2, 0x9}, &(0x7f00000002c0)={0x10000}, 0x8) mprotect$auto(0x110c230000, 0xa588, 0x6) socket(0x1e, 0x80000, 0x7fff) mremap$auto(0x110c231000, 0x0, 0x101, 0x3, 0x0) move_pages$auto(0x0, 0x9, 0x0, 0x0, 0x0, 0x2) msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001600)={{0x7b0, 0x0, 0x0, 0xd, 0x3ff, 0x7, 0xb}, &(0x7f0000000400)=0x9, &(0x7f0000000440)=0x10, 0x1, 0xd80, 0x9, 0x0, 0x8000000000000000, 0x6, 0xa, 0xfff9, @raw=0x80, @raw=0x9}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004c18}, 0x8894) 490.535505ms ago: executing program 5 (id=5808): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) read$auto(r0, 0x0, 0x1) r1 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, 0x0, 0x1102, 0x0) write$auto(r1, 0x0, 0x4000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3b) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x1b}, 0x403) r2 = socket(0x11, 0x2, 0xe) sendmmsg$auto(r2, &(0x7f0000000480)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000380)='C', 0x49}, 0x8, &(0x7f0000000300), 0x6, 0x1000}, 0x5}, 0x2, 0xfd) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) setitimer$auto(0x2, 0x0, 0x0) mmap$auto(0x100000, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x9) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x9}, 0x3) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 430.067783ms ago: executing program 6 (id=5809): ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000100)={{@raw=0xfffffffe, 0x85, 0x20e, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x6}, 0x0, @integer=@value=[0x42, 0x3, 0x4, 0x6, 0x9, 0xfffffffffffffffb, 0x9, 0x3, 0x101, 0xff, 0x22, 0x4, 0x6, 0x4, 0x7, 0xf, 0x1ff, 0x1, 0x400, 0x8, 0x5, 0x2, 0xe294, 0xa2, 0x8, 0x100000000, 0x2, 0x8, 0xae, 0xaeb, 0x3, 0xffffffffffffffff, 0x5, 0x8, 0xfffffffffffffffe, 0x10000, 0x55e2, 0x7, 0x8000, 0xe, 0xffffffffffffffff, 0x6, 0x9, 0x14f3, 0x1ff, 0x1, 0x6e7, 0x3, 0x8, 0x9, 0x0, 0x2, 0x7fffffff, 0x7, 0x2f79f1d9, 0x0, 0x401, 0x9, 0x6, 0x100000001, 0xffffffff, 0x800, 0x8001, 0x5, 0x5ed4, 0x1, 0x7, 0x80000000, 0x962, 0x5, 0xfffffffffffffffe, 0x8, 0xfffffffffffffff7, 0x401, 0x1, 0x3e44, 0x8, 0x4, 0x9, 0x1, 0xc98c, 0x68, 0x2, 0x6, 0x1, 0x3, 0xfffffffffffffffe, 0x4, 0xfffffffffffffffe, 0xffffffffffffffff, 0x55, 0x8, 0x30, 0x2d, 0x0, 0x3, 0x2, 0x0, 0x726, 0x7fffffff, 0x1000, 0x10000, 0x0, 0x4, 0x1, 0xbf, 0x2, 0x4, 0x0, 0x5, 0x1, 0x40, 0x6, 0x9, 0x8000, 0xffff, 0x7, 0x140, 0x0, 0xc7dd, 0xfc05, 0x0, 0x4, 0x6, 0x8, 0x0, 0x0, 0x4], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000680)=""/249, 0xf9) r0 = openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, 0x0, 0x426a2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) write$auto_dfs_global_fops_debug(r0, &(0x7f0000000d80), 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x6, 0x6, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) ioctl$auto(0xffffffffffffffff, 0x64c6, r2) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), 0xffffffffffffffff) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) sendmsg$auto(r3, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) 0s ago: executing program 0 (id=5810): close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0xffffffffffffffff, 0x5522, 0xf15) ioctl$auto(0xffffffffffffffff, 0x5523, 0xffffffffffffffff) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = bpf$auto(0x8000000, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x5, 0x9, 0x3, 0x80, 0x8, 0x4, 0x1, 0x200, 0x8, 0x401, 0x2, 0xe2, 0x4, 0xc28}, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2062, 0x0) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r3, 0x0, 0x24000000) write$auto(r4, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x40e00, 0x0) pread64$auto(r5, 0x0, 0x3, 0x5ef6) syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x3, 0x3b) r6 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x1c, r6, 0x1, 0x70bd28, 0x25dfdbb9, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24040415}, 0x20000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) socketpair$auto(0x1, 0x1, 0x2a340, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x1ff, 0x3, 0x1, 0x7, 0xfffffffffffffffb, 0x15f4da05, 0x10, 0x1000, 0x3, 0x11d4, 0x200000000000006, 0x10, 0x8cfb7, 0x9, 0x6]}, 0x0) (fail_nth: 2) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000240)="e769ffff91a9bccbf2a814c2b1c2da6a4642e71e42496c6bac2cd2cc3aa9633c36df13128be76976577ef8b494eb27dd7c5c300903663e1e87c15519219ff691bef8e8162e8a841e0b720ba4c432a0b5e1e6ce3fba9b6c4462c74f701a8daaf2a07cdcee8ef120a79f8ecfef3532373fcfc0602284e9ecfab10a02", 0x7b) getsockopt$auto_SO_BPF_EXTENSIONS(r2, 0x9, 0x30, &(0x7f0000000180)='\xf8\x1b\xf3', &(0x7f0000000200)) kernel console output (not intermixed with test programs): parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1308.528937][ T7226] Bluetooth: hci2: command 0x0c1a tx timeout [ 1312.896930][T28806] FAULT_INJECTION: forcing a failure. [ 1312.896930][T28806] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1313.001116][T28806] CPU: 1 UID: 0 PID: 28806 Comm: syz.6.5436 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1313.001166][T28806] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1313.001176][T28806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1313.001190][T28806] Call Trace: [ 1313.001198][T28806] [ 1313.001208][T28806] dump_stack_lvl+0x16c/0x1f0 [ 1313.001246][T28806] should_fail_ex+0x512/0x640 [ 1313.001275][T28806] get_futex_key+0x1d0/0x15f0 [ 1313.001303][T28806] ? __pfx_get_futex_key+0x10/0x10 [ 1313.001324][T28806] ? __mutex_unlock_slowpath+0x161/0x790 [ 1313.001361][T28806] futex_wake+0xea/0x530 [ 1313.001389][T28806] ? find_held_lock+0x2b/0x80 [ 1313.001414][T28806] ? __pfx_futex_wake+0x10/0x10 [ 1313.001442][T28806] ? rcu_is_watching+0x12/0xc0 [ 1313.001483][T28806] do_futex+0x1e3/0x350 [ 1313.001524][T28806] ? __pfx_do_futex+0x10/0x10 [ 1313.001558][T28806] __x64_sys_futex+0x1e0/0x4c0 [ 1313.001585][T28806] ? __fget_files+0x20e/0x3c0 [ 1313.001615][T28806] ? __pfx___x64_sys_futex+0x10/0x10 [ 1313.001646][T28806] ? fput+0x70/0xf0 [ 1313.001673][T28806] do_syscall_64+0xcd/0xf80 [ 1313.001706][T28806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1313.001728][T28806] RIP: 0033:0x7ff78198f7c9 [ 1313.001745][T28806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1313.001765][T28806] RSP: 002b:00007ff78280f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1313.001786][T28806] RAX: ffffffffffffffda RBX: 00007ff781be6188 RCX: 00007ff78198f7c9 [ 1313.001801][T28806] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff781be618c [ 1313.001814][T28806] RBP: 00007ff781be6180 R08: 00007ff782852000 R09: 0000000000000000 [ 1313.001829][T28806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1313.001843][T28806] R13: 00007ff781be6218 R14: 00007ffc67a92230 R15: 00007ffc67a92318 [ 1313.001879][T28806] [ 1313.990725][T28818] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5439'. [ 1315.152894][T28832] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1315.188862][T28832] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1315.945290][T28832] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1315.970969][T28832] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1316.012825][T28832] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1316.018959][T28832] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1316.083186][T28832] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1316.089331][T28832] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1317.197396][T28860] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1317.413481][ T7226] Bluetooth: hci1: command 0x0c1a tx timeout [ 1317.974348][ T7226] Bluetooth: hci4: command 0x0c1a tx timeout [ 1318.058266][T23255] Bluetooth: hci5: command 0x0c1a tx timeout [ 1318.064562][ T7226] Bluetooth: hci0: command 0x0c1a tx timeout [ 1318.133755][T23255] Bluetooth: hci3: command 0x0c1a tx timeout [ 1318.139882][ T7226] Bluetooth: hci2: command 0x0c1a tx timeout [ 1318.933889][T28877] FAULT_INJECTION: forcing a failure. [ 1318.933889][T28877] name failslab, interval 1, probability 0, space 0, times 0 [ 1318.983501][T28877] CPU: 0 UID: 0 PID: 28877 Comm: syz.1.5454 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1318.983533][T28877] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1318.983540][T28877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1318.983548][T28877] Call Trace: [ 1318.983556][T28877] [ 1318.983564][T28877] dump_stack_lvl+0x16c/0x1f0 [ 1318.983591][T28877] should_fail_ex+0x512/0x640 [ 1318.983606][T28877] ? fs_reclaim_acquire+0xae/0x150 [ 1318.983629][T28877] should_failslab+0xc2/0x120 [ 1318.983650][T28877] __kmalloc_noprof+0xeb/0x910 [ 1318.983666][T28877] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1318.983689][T28877] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1318.983706][T28877] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1318.983727][T28877] ? tomoyo_profile+0x47/0x60 [ 1318.983748][T28877] tomoyo_path_number_perm+0x245/0x580 [ 1318.983763][T28877] ? tomoyo_path_number_perm+0x237/0x580 [ 1318.983780][T28877] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1318.983797][T28877] ? find_held_lock+0x2b/0x80 [ 1318.983830][T28877] ? find_held_lock+0x2b/0x80 [ 1318.983847][T28877] ? hook_file_ioctl_common+0x144/0x410 [ 1318.983867][T28877] ? __fget_files+0x20e/0x3c0 [ 1318.983889][T28877] security_file_ioctl+0x9b/0x240 [ 1318.983906][T28877] __x64_sys_ioctl+0xb7/0x210 [ 1318.983925][T28877] do_syscall_64+0xcd/0xf80 [ 1318.983949][T28877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1318.983972][T28877] RIP: 0033:0x7f35f218f7c9 [ 1318.983989][T28877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1318.984010][T28877] RSP: 002b:00007f35f30ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1318.984028][T28877] RAX: ffffffffffffffda RBX: 00007f35f23e5fa0 RCX: 00007f35f218f7c9 [ 1318.984038][T28877] RDX: 0000000000000000 RSI: 0000000000004c00 RDI: 0000000000000003 [ 1318.984046][T28877] RBP: 00007f35f30ff090 R08: 0000000000000000 R09: 0000000000000000 [ 1318.984055][T28877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1318.984063][T28877] R13: 00007f35f23e6038 R14: 00007f35f23e5fa0 R15: 00007ffdb53aeb58 [ 1318.984083][T28877] [ 1319.264261][T28877] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1320.105182][T28888] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1320.586849][T28898] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1320.719089][T28899] serio: Serial port pty6 [ 1320.931770][T28904] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49 [ 1321.978848][T28906] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50 [ 1322.716987][T28919] FAULT_INJECTION: forcing a failure. [ 1322.716987][T28919] name failslab, interval 1, probability 0, space 0, times 0 [ 1322.730743][T28919] CPU: 0 UID: 0 PID: 28919 Comm: syz.6.5465 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1322.730769][T28919] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1322.730775][T28919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1322.730784][T28919] Call Trace: [ 1322.730791][T28919] [ 1322.730798][T28919] dump_stack_lvl+0x16c/0x1f0 [ 1322.730824][T28919] should_fail_ex+0x512/0x640 [ 1322.730843][T28919] should_failslab+0xc2/0x120 [ 1322.730865][T28919] kmem_cache_alloc_noprof+0x83/0x770 [ 1322.730882][T28919] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 1322.730904][T28919] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 1322.730920][T28919] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 1322.730940][T28919] idr_get_free+0x528/0xa30 [ 1322.730972][T28919] idr_alloc_u32+0x190/0x2f0 [ 1322.730993][T28919] ? __pfx_idr_alloc_u32+0x10/0x10 [ 1322.731013][T28919] ? lock_acquire+0x179/0x330 [ 1322.731030][T28919] idr_alloc_cyclic+0x10b/0x230 [ 1322.731049][T28919] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 1322.731067][T28919] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1322.731083][T28919] ? lsm_blob_alloc+0x2b/0x90 [ 1322.731106][T28919] map_create+0x143c/0x2a10 [ 1322.731127][T28919] ? find_held_lock+0x2b/0x80 [ 1322.731149][T28919] ? __pfx_map_create+0x10/0x10 [ 1322.731167][T28919] ? __might_fault+0xe3/0x190 [ 1322.731182][T28919] ? __might_fault+0xe3/0x190 [ 1322.731196][T28919] ? __might_fault+0x13b/0x190 [ 1322.731217][T28919] __sys_bpf+0x3d9d/0x4980 [ 1322.731234][T28919] ? __pfx___sys_bpf+0x10/0x10 [ 1322.731246][T28919] ? find_held_lock+0x2b/0x80 [ 1322.731266][T28919] ? find_held_lock+0x2b/0x80 [ 1322.731287][T28919] ? __mutex_unlock_slowpath+0x161/0x790 [ 1322.731319][T28919] ? fput+0x70/0xf0 [ 1322.731333][T28919] ? ksys_write+0x1ac/0x250 [ 1322.731351][T28919] ? __pfx_ksys_write+0x10/0x10 [ 1322.731373][T28919] __x64_sys_bpf+0x78/0xc0 [ 1322.731385][T28919] ? lockdep_hardirqs_on+0x7c/0x110 [ 1322.731405][T28919] do_syscall_64+0xcd/0xf80 [ 1322.731426][T28919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1322.731441][T28919] RIP: 0033:0x7ff78198f7c9 [ 1322.731454][T28919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1322.731468][T28919] RSP: 002b:00007ff782851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1322.731483][T28919] RAX: ffffffffffffffda RBX: 00007ff781be5fa0 RCX: 00007ff78198f7c9 [ 1322.731492][T28919] RDX: 0000000000000092 RSI: 0000200000000040 RDI: 0000000000000000 [ 1322.731500][T28919] RBP: 00007ff782851090 R08: 0000000000000000 R09: 0000000000000000 [ 1322.731509][T28919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1322.731517][T28919] R13: 00007ff781be6038 R14: 00007ff781be5fa0 R15: 00007ffc67a92318 [ 1322.731536][T28919] [ 1332.699325][T29066] FAULT_INJECTION: forcing a failure. [ 1332.699325][T29066] name failslab, interval 1, probability 0, space 0, times 0 [ 1332.781456][T29066] CPU: 1 UID: 0 PID: 29066 Comm: syz.1.5499 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1332.781501][T29066] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1332.781512][T29066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1332.781527][T29066] Call Trace: [ 1332.781537][T29066] [ 1332.781548][T29066] dump_stack_lvl+0x16c/0x1f0 [ 1332.781588][T29066] should_fail_ex+0x512/0x640 [ 1332.781604][T29066] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1332.781623][T29066] should_failslab+0xc2/0x120 [ 1332.781644][T29066] __kmalloc_cache_noprof+0x80/0x800 [ 1332.781658][T29066] ? __radix_tree_lookup+0x21f/0x2c0 [ 1332.781676][T29066] ? i2cdev_open+0x95/0x190 [ 1332.781697][T29066] ? i2cdev_open+0x95/0x190 [ 1332.781713][T29066] ? __pfx_i2cdev_open+0x10/0x10 [ 1332.781729][T29066] i2cdev_open+0x95/0x190 [ 1332.781747][T29066] chrdev_open+0x234/0x6a0 [ 1332.781766][T29066] ? __pfx_apparmor_file_open+0x10/0x10 [ 1332.781781][T29066] ? __pfx_chrdev_open+0x10/0x10 [ 1332.781801][T29066] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1332.781824][T29066] do_dentry_open+0x748/0x1590 [ 1332.781842][T29066] ? __pfx_chrdev_open+0x10/0x10 [ 1332.781865][T29066] vfs_open+0x82/0x3f0 [ 1332.781881][T29066] path_openat+0x2078/0x3140 [ 1332.781915][T29066] ? __pfx_path_openat+0x10/0x10 [ 1332.781943][T29066] do_filp_open+0x20b/0x470 [ 1332.781963][T29066] ? __pfx_do_filp_open+0x10/0x10 [ 1332.781996][T29066] ? alloc_fd+0x471/0x7d0 [ 1332.782021][T29066] do_sys_openat2+0x121/0x290 [ 1332.782036][T29066] ? __pfx_do_sys_openat2+0x10/0x10 [ 1332.782058][T29066] __x64_sys_openat+0x174/0x210 [ 1332.782073][T29066] ? __pfx___x64_sys_openat+0x10/0x10 [ 1332.782094][T29066] do_syscall_64+0xcd/0xf80 [ 1332.782115][T29066] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1332.782129][T29066] RIP: 0033:0x7f35f218f7c9 [ 1332.782142][T29066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1332.782155][T29066] RSP: 002b:00007f35f30ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1332.782170][T29066] RAX: ffffffffffffffda RBX: 00007f35f23e5fa0 RCX: 00007f35f218f7c9 [ 1332.782179][T29066] RDX: 0000000000000002 RSI: 0000200000008040 RDI: ffffffffffffff9c [ 1332.782188][T29066] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1332.782197][T29066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1332.782206][T29066] R13: 00007f35f23e6038 R14: 00007f35f23e5fa0 R15: 00007ffdb53aeb58 [ 1332.782224][T29066] [ 1333.175910][ T7225] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 7 with max blocks 2 with error 117 [ 1333.389588][ T7225] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1333.389588][ T7225] [ 1333.453478][ T7225] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 937 with max blocks 8 with error 117 [ 1333.481187][ T7225] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1333.481187][ T7225] [ 1334.856708][T29088] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5505'. [ 1334.928205][T29088] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1334.953793][T29088] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1334.976741][T29088] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1334.992063][T29088] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1335.100525][ T7226] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1335.100564][ T7226] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 1335.115994][ T7226] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1335.921446][T29107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1335.983135][T29107] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1336.320391][T29115] FAULT_INJECTION: forcing a failure. [ 1336.320391][T29115] name failslab, interval 1, probability 0, space 0, times 0 [ 1336.422818][T29115] CPU: 0 UID: 0 PID: 29115 Comm: syz.0.5512 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1336.422865][T29115] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1336.422876][T29115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1336.422892][T29115] Call Trace: [ 1336.422900][T29115] [ 1336.422911][T29115] dump_stack_lvl+0x16c/0x1f0 [ 1336.422955][T29115] should_fail_ex+0x512/0x640 [ 1336.422981][T29115] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1336.423015][T29115] should_failslab+0xc2/0x120 [ 1336.423052][T29115] kmem_cache_alloc_noprof+0x83/0x770 [ 1336.423080][T29115] ? alloc_empty_file+0x55/0x1e0 [ 1336.423113][T29115] ? alloc_empty_file+0x55/0x1e0 [ 1336.423137][T29115] alloc_empty_file+0x55/0x1e0 [ 1336.423165][T29115] alloc_file_pseudo+0x13a/0x230 [ 1336.423193][T29115] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1336.423219][T29115] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1336.423260][T29115] create_pipe_files+0x36d/0x9a0 [ 1336.423300][T29115] do_pipe2+0xaf/0x1c0 [ 1336.423334][T29115] ? __pfx_do_pipe2+0x10/0x10 [ 1336.423368][T29115] ? xfd_validate_state+0x61/0x180 [ 1336.423390][T29115] ? __pfx_ksys_write+0x10/0x10 [ 1336.423430][T29115] __x64_sys_pipe+0x33/0x50 [ 1336.423461][T29115] do_syscall_64+0xcd/0xf80 [ 1336.423495][T29115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1336.423532][T29115] RIP: 0033:0x7f6e41b8f7c9 [ 1336.423554][T29115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1336.423580][T29115] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1336.423604][T29115] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1336.423623][T29115] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1336.423638][T29115] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1336.423654][T29115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1336.423671][T29115] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1336.423709][T29115] [ 1336.657811][T29119] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1336.687742][T29115] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5512'. [ 1337.031660][T29128] usb usb36: usbfs: process 29128 (syz.1.5514) did not claim interface 0 before use [ 1337.433560][ T7226] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1337.433596][ T7226] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 1337.452555][ T7226] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1337.819571][T29150] FAULT_INJECTION: forcing a failure. [ 1337.819571][T29150] name failslab, interval 1, probability 0, space 0, times 0 [ 1337.885014][T29150] CPU: 0 UID: 0 PID: 29150 Comm: syz.0.5520 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1337.885061][T29150] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1337.885072][T29150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1337.885087][T29150] Call Trace: [ 1337.885096][T29150] [ 1337.885107][T29150] dump_stack_lvl+0x16c/0x1f0 [ 1337.885147][T29150] should_fail_ex+0x512/0x640 [ 1337.885171][T29150] ? __kmalloc_noprof+0xca/0x910 [ 1337.885198][T29150] should_failslab+0xc2/0x120 [ 1337.885231][T29150] __kmalloc_noprof+0xeb/0x910 [ 1337.885254][T29150] ? sk_prot_alloc+0x1a8/0x2a0 [ 1337.885293][T29150] ? sk_prot_alloc+0x1a8/0x2a0 [ 1337.885325][T29150] sk_prot_alloc+0x1a8/0x2a0 [ 1337.885359][T29150] sk_alloc+0x36/0xe30 [ 1337.885388][T29150] alg_create+0x9e/0x150 [ 1337.885417][T29150] __sock_create+0x339/0x8a0 [ 1337.885445][T29150] __sys_socket+0x14d/0x260 [ 1337.885470][T29150] ? __pfx___sys_socket+0x10/0x10 [ 1337.885492][T29150] ? xfd_validate_state+0x61/0x180 [ 1337.885523][T29150] __x64_sys_socket+0x72/0xb0 [ 1337.885546][T29150] ? lockdep_hardirqs_on+0x7c/0x110 [ 1337.885580][T29150] do_syscall_64+0xcd/0xf80 [ 1337.885615][T29150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1337.885639][T29150] RIP: 0033:0x7f6e41b8f7c9 [ 1337.885659][T29150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1337.885694][T29150] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1337.885740][T29150] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1337.885760][T29150] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000026 [ 1337.885776][T29150] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1337.885799][T29150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1337.885814][T29150] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1337.885853][T29150] [ 1339.785195][T29179] kAFS: unparsable volume name [ 1340.230125][T29180] FAULT_INJECTION: forcing a failure. [ 1340.230125][T29180] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1340.273120][T29180] CPU: 0 UID: 0 PID: 29180 Comm: syz.1.5525 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1340.273168][T29180] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1340.273178][T29180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1340.273191][T29180] Call Trace: [ 1340.273199][T29180] [ 1340.273209][T29180] dump_stack_lvl+0x16c/0x1f0 [ 1340.273247][T29180] should_fail_ex+0x512/0x640 [ 1340.273277][T29180] should_fail_futex+0x4c/0x60 [ 1340.273302][T29180] __x64_sys_futex+0x25e/0x4c0 [ 1340.273333][T29180] ? __pfx___x64_sys_futex+0x10/0x10 [ 1340.273372][T29180] do_syscall_64+0xcd/0xf80 [ 1340.273406][T29180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1340.273429][T29180] RIP: 0033:0x7f35f218f7c9 [ 1340.273448][T29180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1340.273470][T29180] RSP: 002b:00007ffdb53aecb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1340.273492][T29180] RAX: ffffffffffffffda RBX: 00000000001472f1 RCX: 00007f35f218f7c9 [ 1340.273509][T29180] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f35f23e618c [ 1340.273522][T29180] RBP: 0000000000000032 R08: 00007f35f3100000 R09: 00000019b53aefaf [ 1340.273537][T29180] R10: 00007ffdb53aedb0 R11: 0000000000000246 R12: 00007f35f23e618c [ 1340.273552][T29180] R13: 00007ffdb53aedb0 R14: 0000000000147323 R15: 00007ffdb53aedd0 [ 1340.273586][T29180] [ 1341.470445][T29188] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1341.694858][T29200] tc_dump_action: action bad kind [ 1342.914919][T29212] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5533'. [ 1344.237721][ T7226] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1344.237759][ T7226] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 1344.257027][ T7226] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1344.621405][ T7226] Bluetooth: hci5: unexpected event 0x3e length: 726 > 260 [ 1344.621444][ T7226] Bluetooth: hci5: unexpected subevent 0x0e length: 725 > 15 [ 1344.642854][ T7226] Bluetooth: hci5: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1345.096064][T29252] FAULT_INJECTION: forcing a failure. [ 1345.096064][T29252] name failslab, interval 1, probability 0, space 0, times 0 [ 1345.217381][T29252] CPU: 1 UID: 0 PID: 29252 Comm: syz.5.5539 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1345.217424][T29252] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1345.217434][T29252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1345.217449][T29252] Call Trace: [ 1345.217458][T29252] [ 1345.217469][T29252] dump_stack_lvl+0x16c/0x1f0 [ 1345.217510][T29252] should_fail_ex+0x512/0x640 [ 1345.217542][T29252] should_failslab+0xc2/0x120 [ 1345.217577][T29252] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1345.217624][T29252] ? percpu_ref_put_many.constprop.0+0xc4/0x2a0 [ 1345.217650][T29252] ? zswap_store+0x850/0x2800 [ 1345.217682][T29252] ? zswap_store+0x850/0x2800 [ 1345.217705][T29252] zswap_store+0x850/0x2800 [ 1345.217746][T29252] ? __pfx_zswap_store+0x10/0x10 [ 1345.217773][T29252] ? folio_free_swap+0x229/0x740 [ 1345.217807][T29252] ? do_raw_spin_unlock+0x172/0x230 [ 1345.217834][T29252] ? _raw_spin_unlock+0x28/0x50 [ 1345.217863][T29252] ? folio_free_swap+0x285/0x740 [ 1345.217892][T29252] ? rcu_is_watching+0x12/0xc0 [ 1345.217928][T29252] swap_writeout+0x3f4/0x1090 [ 1345.217954][T29252] ? _raw_spin_unlock_irq+0x23/0x50 [ 1345.217985][T29252] shmem_writeout+0xc21/0x1140 [ 1345.218018][T29252] ? __pfx_shmem_writeout+0x10/0x10 [ 1345.218048][T29252] ? inode_to_bdi+0x9e/0x160 [ 1345.218077][T29252] ? folio_clear_dirty_for_io+0x112/0x6b0 [ 1345.218115][T29252] shrink_folio_list+0x2ffc/0x4bc0 [ 1345.218153][T29252] ? __pfx_shrink_folio_list+0x10/0x10 [ 1345.218181][T29252] ? lock_acquire+0x179/0x330 [ 1345.218208][T29252] ? rcu_is_watching+0x12/0xc0 [ 1345.218238][T29252] ? mod_memcg_lruvec_state+0x381/0x5f0 [ 1345.218269][T29252] ? __mod_zone_page_state+0xcc/0x1a0 [ 1345.218296][T29252] ? isolate_lru_folios+0xac0/0xf10 [ 1345.218359][T29252] ? find_held_lock+0x2b/0x80 [ 1345.218391][T29252] ? mark_held_locks+0x49/0x80 [ 1345.218417][T29252] shrink_lruvec+0xf46/0x2b00 [ 1345.218464][T29252] ? __pfx_shrink_lruvec+0x10/0x10 [ 1345.218488][T29252] ? finish_task_switch.isra.0+0x207/0xbd0 [ 1345.218519][T29252] ? lockdep_hardirqs_on+0x7c/0x110 [ 1345.218570][T29252] ? __lock_acquire+0x436/0x2890 [ 1345.218602][T29252] ? __lock_acquire+0x436/0x2890 [ 1345.218648][T29252] ? __pfx___might_resched+0x10/0x10 [ 1345.218677][T29252] ? page_counter_calculate_protection+0x23/0x720 [ 1345.218704][T29252] ? mem_cgroup_iter+0x38a/0x710 [ 1345.218739][T29252] shrink_node+0x8a6/0x3bb0 [ 1345.218766][T29252] ? find_held_lock+0x2b/0x80 [ 1345.218806][T29252] ? __pfx_shrink_node+0x10/0x10 [ 1345.218835][T29252] ? queue_work_on+0x12a/0x1f0 [ 1345.218860][T29252] ? lockdep_hardirqs_on+0x7c/0x110 [ 1345.218892][T29252] ? queue_work_on+0x8b/0x1f0 [ 1345.218919][T29252] ? vmpressure+0x2b9/0x340 [ 1345.218948][T29252] ? do_try_to_free_pages+0x362/0x1920 [ 1345.218973][T29252] do_try_to_free_pages+0x362/0x1920 [ 1345.219019][T29252] ? __pfx_do_try_to_free_pages+0x10/0x10 [ 1345.219056][T29252] try_to_free_mem_cgroup_pages+0x31b/0x740 [ 1345.219086][T29252] ? __pfx_try_to_free_mem_cgroup_pages+0x10/0x10 [ 1345.219128][T29252] ? psi_memstall_enter+0x225/0x310 [ 1345.219160][T29252] ? lockdep_hardirqs_on+0x7c/0x110 [ 1345.219197][T29252] try_charge_memcg+0x42a/0xd30 [ 1345.219237][T29252] ? __pfx_try_charge_memcg+0x10/0x10 [ 1345.219271][T29252] ? find_held_lock+0x2b/0x80 [ 1345.219301][T29252] ? rcu_read_unlock+0x17/0x60 [ 1345.219333][T29252] charge_memcg+0x8a/0x230 [ 1345.219367][T29252] __mem_cgroup_charge+0x2b/0x1e0 [ 1345.219393][T29252] do_anonymous_page+0xca9/0x2190 [ 1345.219432][T29252] __handle_mm_fault+0x1ecf/0x2bb0 [ 1345.219467][T29252] ? __pfx___handle_mm_fault+0x10/0x10 [ 1345.219495][T29252] ? __pte_offset_map_lock+0x174/0x310 [ 1345.219528][T29252] ? find_held_lock+0x2b/0x80 [ 1345.219567][T29252] ? follow_page_pte+0x5cf/0x1390 [ 1345.219613][T29252] handle_mm_fault+0x3fe/0xad0 [ 1345.219646][T29252] __get_user_pages+0x54e/0x3590 [ 1345.219694][T29252] ? __pfx___get_user_pages+0x10/0x10 [ 1345.219736][T29252] populate_vma_page_range+0x267/0x3f0 [ 1345.219773][T29252] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1345.219806][T29252] ? __pfx_find_vma_intersection+0x10/0x10 [ 1345.219841][T29252] ? do_mmap+0x69c/0x1210 [ 1345.219876][T29252] __mm_populate+0x1d8/0x380 [ 1345.219911][T29252] ? __pfx___mm_populate+0x10/0x10 [ 1345.219947][T29252] ? up_write+0x282/0x4e0 [ 1345.219976][T29252] vm_mmap_pgoff+0x37f/0x470 [ 1345.220012][T29252] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1345.220052][T29252] ? __x64_sys_futex+0x1e0/0x4c0 [ 1345.220095][T29252] ? __x64_sys_futex+0x1e9/0x4c0 [ 1345.220125][T29252] ksys_mmap_pgoff+0x7d/0x5c0 [ 1345.220157][T29252] ? syscall_user_dispatch+0x78/0x140 [ 1345.220188][T29252] __x64_sys_mmap+0x125/0x190 [ 1345.220219][T29252] do_syscall_64+0xcd/0xf80 [ 1345.220254][T29252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1345.220278][T29252] RIP: 0033:0x7faaec38f7c9 [ 1345.220300][T29252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1345.220323][T29252] RSP: 002b:00007faaed274038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1345.220347][T29252] RAX: ffffffffffffffda RBX: 00007faaec5e5fa0 RCX: 00007faaec38f7c9 [ 1345.220364][T29252] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 1345.220379][T29252] RBP: 00007faaec413f91 R08: 0000000000000002 R09: 0000000000008000 [ 1345.220394][T29252] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1345.220408][T29252] R13: 00007faaec5e6038 R14: 00007faaec5e5fa0 R15: 00007ffcef8975e8 [ 1345.220443][T29252] [ 1346.711648][T29257] FAULT_INJECTION: forcing a failure. [ 1346.711648][T29257] name failslab, interval 1, probability 0, space 0, times 0 [ 1346.787982][T29257] CPU: 1 UID: 0 PID: 29257 Comm: syz.0.5541 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1346.788025][T29257] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1346.788035][T29257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1346.788048][T29257] Call Trace: [ 1346.788055][T29257] [ 1346.788065][T29257] dump_stack_lvl+0x16c/0x1f0 [ 1346.788108][T29257] should_fail_ex+0x512/0x640 [ 1346.788134][T29257] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 1346.788168][T29257] should_failslab+0xc2/0x120 [ 1346.788207][T29257] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1346.788239][T29257] ? __alloc_skb+0x156/0x410 [ 1346.788274][T29257] ? __alloc_skb+0x156/0x410 [ 1346.788298][T29257] __alloc_skb+0x156/0x410 [ 1346.788323][T29257] ? __alloc_skb+0x35d/0x410 [ 1346.788348][T29257] ? __pfx___alloc_skb+0x10/0x10 [ 1346.788382][T29257] ? find_held_lock+0x2b/0x80 [ 1346.788417][T29257] __ip6_append_data+0x2b74/0x4740 [ 1346.788453][T29257] ? __pfx_raw6_getfrag+0x10/0x10 [ 1346.788503][T29257] ? __pfx___ip6_append_data+0x10/0x10 [ 1346.788530][T29257] ? __pfx_ip6_mtu+0x10/0x10 [ 1346.788561][T29257] ? ip6_setup_cork+0xc51/0x1530 [ 1346.788591][T29257] ip6_append_data+0x1ba/0x4c0 [ 1346.788618][T29257] ? __pfx_raw6_getfrag+0x10/0x10 [ 1346.788658][T29257] rawv6_sendmsg+0x163e/0x4860 [ 1346.788694][T29257] ? aa_label_sk_perm+0x194/0x5f0 [ 1346.788737][T29257] ? aa_profile_af_perm+0x2c0/0x390 [ 1346.788771][T29257] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1346.788808][T29257] ? select_task_rq_fair+0x35d0/0x4670 [ 1346.788887][T29257] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1346.788925][T29257] ? inet_sendmsg+0x11c/0x140 [ 1346.788951][T29257] inet_sendmsg+0x11c/0x140 [ 1346.788979][T29257] ____sys_sendmsg+0x973/0xc30 [ 1346.789015][T29257] ? copy_msghdr_from_user+0x10a/0x160 [ 1346.789045][T29257] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1346.789088][T29257] ? __pfx___schedule+0x10/0x10 [ 1346.789126][T29257] ___sys_sendmsg+0x134/0x1d0 [ 1346.789158][T29257] ? __pfx____sys_sendmsg+0x10/0x10 [ 1346.789223][T29257] ? __pfx___might_resched+0x10/0x10 [ 1346.789262][T29257] __sys_sendmmsg+0x200/0x420 [ 1346.789297][T29257] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1346.789338][T29257] ? __pfx_do_futex+0x10/0x10 [ 1346.789363][T29257] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1346.789435][T29257] ? fput+0x70/0xf0 [ 1346.789462][T29257] ? xfd_validate_state+0x61/0x180 [ 1346.789484][T29257] ? __pfx_do_writev+0x10/0x10 [ 1346.789521][T29257] __x64_sys_sendmmsg+0x9c/0x100 [ 1346.789550][T29257] ? lockdep_hardirqs_on+0x7c/0x110 [ 1346.789583][T29257] do_syscall_64+0xcd/0xf80 [ 1346.789619][T29257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1346.789645][T29257] RIP: 0033:0x7f6e41b8f7c9 [ 1346.789667][T29257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1346.789693][T29257] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1346.789725][T29257] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1346.789743][T29257] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1346.789759][T29257] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1346.789776][T29257] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1346.789792][T29257] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1346.789830][T29257] [ 1347.583323][T29264] netlink: 330 bytes leftover after parsing attributes in process `syz.1.5543'. [ 1349.055045][T29275] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5546'. [ 1351.310715][T29298] zswap: compressor not available [ 1351.366403][T29306] FAULT_INJECTION: forcing a failure. [ 1351.366403][T29306] name failslab, interval 1, probability 0, space 0, times 0 [ 1351.441407][T29306] CPU: 0 UID: 0 PID: 29306 Comm: syz.1.5552 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1351.441454][T29306] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1351.441464][T29306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1351.441480][T29306] Call Trace: [ 1351.441489][T29306] [ 1351.441500][T29306] dump_stack_lvl+0x16c/0x1f0 [ 1351.441540][T29306] should_fail_ex+0x512/0x640 [ 1351.441567][T29306] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 1351.441602][T29306] should_failslab+0xc2/0x120 [ 1351.441637][T29306] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1351.441668][T29306] ? __alloc_skb+0x156/0x410 [ 1351.441702][T29306] ? __alloc_skb+0x156/0x410 [ 1351.441726][T29306] __alloc_skb+0x156/0x410 [ 1351.441750][T29306] ? __alloc_skb+0x35d/0x410 [ 1351.441775][T29306] ? __pfx___alloc_skb+0x10/0x10 [ 1351.441807][T29306] ? find_held_lock+0x2b/0x80 [ 1351.441842][T29306] __ip6_append_data+0x2b74/0x4740 [ 1351.441879][T29306] ? __pfx_raw6_getfrag+0x10/0x10 [ 1351.441947][T29306] ? __pfx___ip6_append_data+0x10/0x10 [ 1351.441974][T29306] ? __pfx_ip6_mtu+0x10/0x10 [ 1351.442002][T29306] ? ip6_setup_cork+0xc51/0x1530 [ 1351.442032][T29306] ip6_append_data+0x1ba/0x4c0 [ 1351.442058][T29306] ? __pfx_raw6_getfrag+0x10/0x10 [ 1351.442099][T29306] rawv6_sendmsg+0x163e/0x4860 [ 1351.442136][T29306] ? aa_label_sk_perm+0x194/0x5f0 [ 1351.442170][T29306] ? aa_profile_af_perm+0x2c0/0x390 [ 1351.442202][T29306] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1351.442236][T29306] ? select_task_rq_fair+0x35d0/0x4670 [ 1351.442306][T29306] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1351.442345][T29306] ? inet_sendmsg+0x11c/0x140 [ 1351.442372][T29306] inet_sendmsg+0x11c/0x140 [ 1351.442401][T29306] ____sys_sendmsg+0x973/0xc30 [ 1351.442444][T29306] ? copy_msghdr_from_user+0x10a/0x160 [ 1351.442476][T29306] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1351.442519][T29306] ? __pfx___schedule+0x10/0x10 [ 1351.442560][T29306] ___sys_sendmsg+0x134/0x1d0 [ 1351.442594][T29306] ? __pfx____sys_sendmsg+0x10/0x10 [ 1351.442657][T29306] ? __pfx___might_resched+0x10/0x10 [ 1351.442697][T29306] __sys_sendmmsg+0x200/0x420 [ 1351.442733][T29306] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1351.442775][T29306] ? __pfx_do_futex+0x10/0x10 [ 1351.442801][T29306] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1351.442852][T29306] ? fput+0x70/0xf0 [ 1351.442878][T29306] ? xfd_validate_state+0x61/0x180 [ 1351.442902][T29306] ? __pfx_do_writev+0x10/0x10 [ 1351.442939][T29306] __x64_sys_sendmmsg+0x9c/0x100 [ 1351.442970][T29306] ? lockdep_hardirqs_on+0x7c/0x110 [ 1351.443003][T29306] do_syscall_64+0xcd/0xf80 [ 1351.443052][T29306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1351.443079][T29306] RIP: 0033:0x7f35f218f7c9 [ 1351.443101][T29306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1351.443126][T29306] RSP: 002b:00007f35f30ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1351.443152][T29306] RAX: ffffffffffffffda RBX: 00007f35f23e5fa0 RCX: 00007f35f218f7c9 [ 1351.443170][T29306] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1351.443185][T29306] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1351.443201][T29306] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1351.443216][T29306] R13: 00007f35f23e6038 R14: 00007f35f23e5fa0 R15: 00007ffdb53aeb58 [ 1351.443252][T29306] [ 1351.843679][ T7226] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 1351.843717][ T7226] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15 [ 1351.866523][ T7226] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1352.109294][T29320] FAULT_INJECTION: forcing a failure. [ 1352.109294][T29320] name failslab, interval 1, probability 0, space 0, times 0 [ 1352.202267][T29320] CPU: 0 UID: 0 PID: 29320 Comm: syz.1.5554 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1352.202314][T29320] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1352.202324][T29320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1352.202340][T29320] Call Trace: [ 1352.202349][T29320] [ 1352.202360][T29320] dump_stack_lvl+0x16c/0x1f0 [ 1352.202402][T29320] should_fail_ex+0x512/0x640 [ 1352.202430][T29320] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1352.202465][T29320] should_failslab+0xc2/0x120 [ 1352.202503][T29320] kmem_cache_alloc_noprof+0x83/0x770 [ 1352.202532][T29320] ? mas_alloc_nodes+0x27b/0x380 [ 1352.202568][T29320] ? mas_alloc_nodes+0x27b/0x380 [ 1352.202595][T29320] mas_alloc_nodes+0x27b/0x380 [ 1352.202629][T29320] mas_preallocate+0x5e3/0xee0 [ 1352.202670][T29320] ? __pfx_mas_preallocate+0x10/0x10 [ 1352.202714][T29320] ? vm_area_alloc+0x1f/0x160 [ 1352.202742][T29320] ? lockdep_init_map_type+0x5c/0x270 [ 1352.202772][T29320] __mmap_region+0x1262/0x2a00 [ 1352.202806][T29320] ? __pfx___mmap_region+0x10/0x10 [ 1352.202840][T29320] ? kvm_sched_clock_read+0x11/0x20 [ 1352.202870][T29320] ? sched_clock+0x38/0x60 [ 1352.202912][T29320] ? rcu_is_watching+0x12/0xc0 [ 1352.203037][T29320] ? rcu_is_watching+0x12/0xc0 [ 1352.203081][T29320] mmap_region+0x1ab/0x3f0 [ 1352.203112][T29320] ? __get_unmapped_area+0x267/0x3f0 [ 1352.203152][T29320] do_mmap+0xa3e/0x1210 [ 1352.203193][T29320] ? __pfx_do_mmap+0x10/0x10 [ 1352.203225][T29320] ? __pfx_down_write_killable+0x10/0x10 [ 1352.203257][T29320] vm_mmap_pgoff+0x29e/0x470 [ 1352.203297][T29320] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1352.203338][T29320] ? __x64_sys_futex+0x1e0/0x4c0 [ 1352.203364][T29320] ? __x64_sys_futex+0x1e9/0x4c0 [ 1352.203396][T29320] ksys_mmap_pgoff+0x7d/0x5c0 [ 1352.203428][T29320] ? xfd_validate_state+0x61/0x180 [ 1352.203450][T29320] ? __pfx_ksys_write+0x10/0x10 [ 1352.203487][T29320] __x64_sys_mmap+0x125/0x190 [ 1352.203517][T29320] do_syscall_64+0xcd/0xf80 [ 1352.203552][T29320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1352.203578][T29320] RIP: 0033:0x7f35f218f7c9 [ 1352.203599][T29320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1352.203624][T29320] RSP: 002b:00007f35f30de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1352.203649][T29320] RAX: ffffffffffffffda RBX: 00007f35f23e6090 RCX: 00007f35f218f7c9 [ 1352.203667][T29320] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1352.203684][T29320] RBP: 00007f35f2213f91 R08: fffffffffffffffa R09: 0000000000008000 [ 1352.203701][T29320] R10: 00000000000000f8 R11: 0000000000000246 R12: 0000000000000000 [ 1352.203717][T29320] R13: 00007f35f23e6128 R14: 00007f35f23e6090 R15: 00007ffdb53aeb58 [ 1352.203755][T29320] [ 1356.449695][T29366] FAULT_INJECTION: forcing a failure. [ 1356.449695][T29366] name failslab, interval 1, probability 0, space 0, times 0 [ 1356.554656][T29366] CPU: 1 UID: 0 PID: 29366 Comm: syz.1.5567 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1356.554685][T29366] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1356.554691][T29366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1356.554700][T29366] Call Trace: [ 1356.554713][T29366] [ 1356.554721][T29366] dump_stack_lvl+0x16c/0x1f0 [ 1356.554749][T29366] should_fail_ex+0x512/0x640 [ 1356.554764][T29366] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 1356.554784][T29366] should_failslab+0xc2/0x120 [ 1356.554806][T29366] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1356.554826][T29366] ? __alloc_skb+0x156/0x410 [ 1356.554845][T29366] ? __alloc_skb+0x156/0x410 [ 1356.554859][T29366] __alloc_skb+0x156/0x410 [ 1356.554872][T29366] ? __alloc_skb+0x35d/0x410 [ 1356.554887][T29366] ? __pfx___alloc_skb+0x10/0x10 [ 1356.554906][T29366] ? find_held_lock+0x2b/0x80 [ 1356.554926][T29366] __ip6_append_data+0x2b74/0x4740 [ 1356.554946][T29366] ? __pfx_raw6_getfrag+0x10/0x10 [ 1356.554973][T29366] ? __pfx___ip6_append_data+0x10/0x10 [ 1356.554988][T29366] ? __pfx_ip6_mtu+0x10/0x10 [ 1356.555006][T29366] ? ip6_setup_cork+0xc51/0x1530 [ 1356.555022][T29366] ip6_append_data+0x1ba/0x4c0 [ 1356.555036][T29366] ? __pfx_raw6_getfrag+0x10/0x10 [ 1356.555057][T29366] rawv6_sendmsg+0x163e/0x4860 [ 1356.555077][T29366] ? aa_label_sk_perm+0x194/0x5f0 [ 1356.555096][T29366] ? aa_profile_af_perm+0x2c0/0x390 [ 1356.555114][T29366] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1356.555159][T29366] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1356.555183][T29366] ? inet_sendmsg+0x11c/0x140 [ 1356.555197][T29366] inet_sendmsg+0x11c/0x140 [ 1356.555212][T29366] ____sys_sendmsg+0x973/0xc30 [ 1356.555233][T29366] ? copy_msghdr_from_user+0x10a/0x160 [ 1356.555250][T29366] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1356.555273][T29366] ? __pfx___schedule+0x10/0x10 [ 1356.555294][T29366] ___sys_sendmsg+0x134/0x1d0 [ 1356.555312][T29366] ? __pfx____sys_sendmsg+0x10/0x10 [ 1356.555345][T29366] ? __pfx___might_resched+0x10/0x10 [ 1356.555366][T29366] __sys_sendmmsg+0x200/0x420 [ 1356.555385][T29366] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1356.555407][T29366] ? __pfx_do_futex+0x10/0x10 [ 1356.555421][T29366] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1356.555448][T29366] ? fput+0x70/0xf0 [ 1356.555462][T29366] ? xfd_validate_state+0x61/0x180 [ 1356.555474][T29366] ? __pfx_do_writev+0x10/0x10 [ 1356.555494][T29366] __x64_sys_sendmmsg+0x9c/0x100 [ 1356.555510][T29366] ? lockdep_hardirqs_on+0x7c/0x110 [ 1356.555529][T29366] do_syscall_64+0xcd/0xf80 [ 1356.555549][T29366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1356.555563][T29366] RIP: 0033:0x7f35f218f7c9 [ 1356.555577][T29366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1356.555590][T29366] RSP: 002b:00007f35f30bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1356.555604][T29366] RAX: ffffffffffffffda RBX: 00007f35f23e6180 RCX: 00007f35f218f7c9 [ 1356.555613][T29366] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1356.555622][T29366] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1356.555632][T29366] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1356.555641][T29366] R13: 00007f35f23e6218 R14: 00007f35f23e6180 R15: 00007ffdb53aeb58 [ 1356.555660][T29366] [ 1358.129781][T29394] vhci_hcd vhci_hcd.0: invalid port number 16 [ 1358.361917][ T7226] Bluetooth: hci5: unexpected event 0x3e length: 726 > 260 [ 1358.361958][ T7226] Bluetooth: hci5: unexpected subevent 0x0e length: 725 > 15 [ 1358.384704][ T7226] Bluetooth: hci5: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1358.651804][T29403] openvswitch: netlink: Key type 1539 is out of range max 32 [ 1358.759874][T29403] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1359.446552][ T7226] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1359.446588][ T7226] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 1359.471925][ T7226] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1359.626399][T29416] FAULT_INJECTION: forcing a failure. [ 1359.626399][T29416] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1359.694458][T29416] CPU: 1 UID: 0 PID: 29416 Comm: syz.1.5579 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1359.694505][T29416] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1359.694515][T29416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1359.694531][T29416] Call Trace: [ 1359.694540][T29416] [ 1359.694551][T29416] dump_stack_lvl+0x16c/0x1f0 [ 1359.694594][T29416] should_fail_ex+0x512/0x640 [ 1359.694626][T29416] _copy_from_user+0x2e/0xd0 [ 1359.694654][T29416] copy_msghdr_from_user+0x98/0x160 [ 1359.694686][T29416] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1359.694734][T29416] ? find_held_lock+0x2b/0x80 [ 1359.694779][T29416] ___sys_sendmsg+0xfe/0x1d0 [ 1359.694813][T29416] ? __pfx____sys_sendmsg+0x10/0x10 [ 1359.694876][T29416] ? __pfx___might_resched+0x10/0x10 [ 1359.694916][T29416] __sys_sendmmsg+0x200/0x420 [ 1359.694950][T29416] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1359.694990][T29416] ? __pfx_do_futex+0x10/0x10 [ 1359.695014][T29416] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1359.695068][T29416] ? fput+0x70/0xf0 [ 1359.695094][T29416] ? xfd_validate_state+0x61/0x180 [ 1359.695116][T29416] ? __pfx_do_writev+0x10/0x10 [ 1359.695152][T29416] __x64_sys_sendmmsg+0x9c/0x100 [ 1359.695185][T29416] ? lockdep_hardirqs_on+0x7c/0x110 [ 1359.695218][T29416] do_syscall_64+0xcd/0xf80 [ 1359.695253][T29416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1359.695279][T29416] RIP: 0033:0x7f35f218f7c9 [ 1359.695306][T29416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1359.695332][T29416] RSP: 002b:00007f35f30de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1359.695357][T29416] RAX: ffffffffffffffda RBX: 00007f35f23e6090 RCX: 00007f35f218f7c9 [ 1359.695380][T29416] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1359.695395][T29416] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1359.695410][T29416] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1359.695431][T29416] R13: 00007f35f23e6128 R14: 00007f35f23e6090 R15: 00007ffdb53aeb58 [ 1359.695467][T29416] [ 1363.832292][T29455] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1364.153729][T29458] FAULT_INJECTION: forcing a failure. [ 1364.153729][T29458] name failslab, interval 1, probability 0, space 0, times 0 [ 1364.245523][T29458] CPU: 1 UID: 0 PID: 29458 Comm: syz.1.5588 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1364.245568][T29458] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1364.245579][T29458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1364.245593][T29458] Call Trace: [ 1364.245603][T29458] [ 1364.245613][T29458] dump_stack_lvl+0x16c/0x1f0 [ 1364.245655][T29458] should_fail_ex+0x512/0x640 [ 1364.245682][T29458] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 1364.245718][T29458] should_failslab+0xc2/0x120 [ 1364.245754][T29458] kmem_cache_alloc_node_noprof+0x86/0x800 [ 1364.245783][T29458] ? __alloc_skb+0x156/0x410 [ 1364.245817][T29458] ? __alloc_skb+0x156/0x410 [ 1364.245841][T29458] __alloc_skb+0x156/0x410 [ 1364.245865][T29458] ? __alloc_skb+0x35d/0x410 [ 1364.245889][T29458] ? __pfx___alloc_skb+0x10/0x10 [ 1364.245929][T29458] ? find_held_lock+0x2b/0x80 [ 1364.245966][T29458] __ip6_append_data+0x2b74/0x4740 [ 1364.246003][T29458] ? __pfx_raw6_getfrag+0x10/0x10 [ 1364.246055][T29458] ? __pfx___ip6_append_data+0x10/0x10 [ 1364.246081][T29458] ? __pfx_ip6_mtu+0x10/0x10 [ 1364.246112][T29458] ? ip6_setup_cork+0xc51/0x1530 [ 1364.246141][T29458] ip6_append_data+0x1ba/0x4c0 [ 1364.246168][T29458] ? __pfx_raw6_getfrag+0x10/0x10 [ 1364.246207][T29458] rawv6_sendmsg+0x163e/0x4860 [ 1364.246242][T29458] ? aa_label_sk_perm+0x194/0x5f0 [ 1364.246277][T29458] ? aa_profile_af_perm+0x2c0/0x390 [ 1364.246309][T29458] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1364.246341][T29458] ? select_task_rq_fair+0x35d0/0x4670 [ 1364.246414][T29458] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 1364.246447][T29458] ? inet_sendmsg+0x11c/0x140 [ 1364.246468][T29458] inet_sendmsg+0x11c/0x140 [ 1364.246494][T29458] ____sys_sendmsg+0x973/0xc30 [ 1364.246529][T29458] ? copy_msghdr_from_user+0x10a/0x160 [ 1364.246555][T29458] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1364.246588][T29458] ? trace_sched_set_need_resched_tp+0xf3/0x130 [ 1364.246627][T29458] ? __pfx___schedule+0x10/0x10 [ 1364.246661][T29458] ___sys_sendmsg+0x134/0x1d0 [ 1364.246691][T29458] ? __pfx____sys_sendmsg+0x10/0x10 [ 1364.246751][T29458] ? __pfx___might_resched+0x10/0x10 [ 1364.246789][T29458] __sys_sendmmsg+0x200/0x420 [ 1364.246821][T29458] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1364.246860][T29458] ? __pfx_do_futex+0x10/0x10 [ 1364.246884][T29458] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1364.246940][T29458] ? fput+0x70/0xf0 [ 1364.246967][T29458] ? xfd_validate_state+0x61/0x180 [ 1364.246990][T29458] ? __pfx_do_writev+0x10/0x10 [ 1364.247024][T29458] __x64_sys_sendmmsg+0x9c/0x100 [ 1364.247052][T29458] ? lockdep_hardirqs_on+0x7c/0x110 [ 1364.247083][T29458] do_syscall_64+0xcd/0xf80 [ 1364.247117][T29458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1364.247142][T29458] RIP: 0033:0x7f35f218f7c9 [ 1364.247162][T29458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1364.247187][T29458] RSP: 002b:00007f35f30de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1364.247213][T29458] RAX: ffffffffffffffda RBX: 00007f35f23e6090 RCX: 00007f35f218f7c9 [ 1364.247229][T29458] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1364.247243][T29458] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1364.247259][T29458] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1364.247274][T29458] R13: 00007f35f23e6128 R14: 00007f35f23e6090 R15: 00007ffdb53aeb58 [ 1364.247308][T29458] [ 1365.535477][T29467] FAULT_INJECTION: forcing a failure. [ 1365.535477][T29467] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.607391][T29467] CPU: 1 UID: 0 PID: 29467 Comm: syz.1.5590 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1365.607438][T29467] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1365.607449][T29467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1365.607487][T29467] Call Trace: [ 1365.607496][T29467] [ 1365.607506][T29467] dump_stack_lvl+0x16c/0x1f0 [ 1365.607549][T29467] should_fail_ex+0x512/0x640 [ 1365.607576][T29467] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 1365.607610][T29467] should_failslab+0xc2/0x120 [ 1365.607647][T29467] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 1365.607675][T29467] ? inode_set_ctime_to_ts+0x137/0x3b0 [ 1365.607712][T29467] ? __d_alloc+0x35/0xa80 [ 1365.607736][T29467] ? __d_alloc+0x35/0xa80 [ 1365.607760][T29467] __d_alloc+0x35/0xa80 [ 1365.607788][T29467] d_alloc_pseudo+0x1c/0xc0 [ 1365.607817][T29467] alloc_file_pseudo+0xcf/0x230 [ 1365.607846][T29467] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1365.607870][T29467] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1365.607913][T29467] create_pipe_files+0x36d/0x9a0 [ 1365.607951][T29467] do_pipe2+0xaf/0x1c0 [ 1365.607984][T29467] ? __pfx_do_pipe2+0x10/0x10 [ 1365.608017][T29467] ? xfd_validate_state+0x61/0x180 [ 1365.608040][T29467] ? __pfx_ksys_write+0x10/0x10 [ 1365.608080][T29467] __x64_sys_pipe+0x33/0x50 [ 1365.608114][T29467] do_syscall_64+0xcd/0xf80 [ 1365.608151][T29467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1365.608175][T29467] RIP: 0033:0x7f35f218f7c9 [ 1365.608196][T29467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1365.608221][T29467] RSP: 002b:00007f35f30ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1365.608247][T29467] RAX: ffffffffffffffda RBX: 00007f35f23e5fa0 RCX: 00007f35f218f7c9 [ 1365.608265][T29467] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1365.608283][T29467] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1365.608300][T29467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1365.608316][T29467] R13: 00007f35f23e6038 R14: 00007f35f23e5fa0 R15: 00007ffdb53aeb58 [ 1365.608352][T29467] [ 1366.649868][T29479] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(11) [ 1366.728749][T29479] vhci_hcd vhci_hcd.2: invalid port number 16 [ 1366.734881][T29479] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 1366.887841][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 1366.894566][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 1368.303695][T29497] bond0: invalid ARP target specified [ 1369.115057][ T7226] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1369.115095][ T7226] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 1369.130791][ T7226] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1369.786166][T29509] FAULT_INJECTION: forcing a failure. [ 1369.786166][T29509] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1369.949787][T29509] CPU: 1 UID: 0 PID: 29509 Comm: syz.6.5599 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1369.949833][T29509] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1369.949844][T29509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1369.949860][T29509] Call Trace: [ 1369.949868][T29509] [ 1369.949905][T29509] dump_stack_lvl+0x16c/0x1f0 [ 1369.949951][T29509] should_fail_ex+0x512/0x640 [ 1369.949984][T29509] _copy_from_user+0x2e/0xd0 [ 1369.950013][T29509] copy_msghdr_from_user+0x98/0x160 [ 1369.950045][T29509] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1369.950079][T29509] ? find_held_lock+0x2b/0x80 [ 1369.950119][T29509] ___sys_sendmsg+0xfe/0x1d0 [ 1369.950152][T29509] ? __pfx____sys_sendmsg+0x10/0x10 [ 1369.950223][T29509] ? __pfx___might_resched+0x10/0x10 [ 1369.950266][T29509] __sys_sendmmsg+0x200/0x420 [ 1369.950303][T29509] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1369.950353][T29509] ? __pfx_do_futex+0x10/0x10 [ 1369.950381][T29509] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1369.950440][T29509] ? fput+0x70/0xf0 [ 1369.950468][T29509] ? xfd_validate_state+0x61/0x180 [ 1369.950491][T29509] ? __pfx_do_writev+0x10/0x10 [ 1369.950529][T29509] __x64_sys_sendmmsg+0x9c/0x100 [ 1369.950559][T29509] ? lockdep_hardirqs_on+0x7c/0x110 [ 1369.950593][T29509] do_syscall_64+0xcd/0xf80 [ 1369.950629][T29509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1369.950655][T29509] RIP: 0033:0x7ff78198f7c9 [ 1369.950676][T29509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1369.950701][T29509] RSP: 002b:00007ff782830038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1369.950726][T29509] RAX: ffffffffffffffda RBX: 00007ff781be6090 RCX: 00007ff78198f7c9 [ 1369.950745][T29509] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1369.950761][T29509] RBP: 00007ff781a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1369.950778][T29509] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1369.950794][T29509] R13: 00007ff781be6128 R14: 00007ff781be6090 R15: 00007ffc67a92318 [ 1369.950832][T29509] [ 1371.662218][T29524] FAULT_INJECTION: forcing a failure. [ 1371.662218][T29524] name failslab, interval 1, probability 0, space 0, times 0 [ 1371.692937][T29524] CPU: 0 UID: 0 PID: 29524 Comm: syz.6.5602 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1371.692986][T29524] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1371.692996][T29524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1371.693012][T29524] Call Trace: [ 1371.693021][T29524] [ 1371.693032][T29524] dump_stack_lvl+0x16c/0x1f0 [ 1371.693078][T29524] should_fail_ex+0x512/0x640 [ 1371.693104][T29524] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 1371.693140][T29524] should_failslab+0xc2/0x120 [ 1371.693192][T29524] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 1371.693222][T29524] ? inode_set_ctime_to_ts+0x137/0x3b0 [ 1371.693259][T29524] ? __d_alloc+0x35/0xa80 [ 1371.693288][T29524] ? __d_alloc+0x35/0xa80 [ 1371.693307][T29524] __d_alloc+0x35/0xa80 [ 1371.693335][T29524] d_alloc_pseudo+0x1c/0xc0 [ 1371.693364][T29524] alloc_file_pseudo+0xcf/0x230 [ 1371.693407][T29524] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1371.693431][T29524] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1371.693473][T29524] create_pipe_files+0x36d/0x9a0 [ 1371.693511][T29524] do_pipe2+0xaf/0x1c0 [ 1371.693543][T29524] ? __pfx_do_pipe2+0x10/0x10 [ 1371.693578][T29524] ? xfd_validate_state+0x61/0x180 [ 1371.693600][T29524] ? __pfx_ksys_write+0x10/0x10 [ 1371.693637][T29524] __x64_sys_pipe+0x33/0x50 [ 1371.693666][T29524] do_syscall_64+0xcd/0xf80 [ 1371.693701][T29524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1371.693727][T29524] RIP: 0033:0x7ff78198f7c9 [ 1371.693749][T29524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1371.693776][T29524] RSP: 002b:00007ff782851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1371.693800][T29524] RAX: ffffffffffffffda RBX: 00007ff781be5fa0 RCX: 00007ff78198f7c9 [ 1371.693818][T29524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1371.693833][T29524] RBP: 00007ff781a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1371.693850][T29524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1371.693864][T29524] R13: 00007ff781be6038 R14: 00007ff781be5fa0 R15: 00007ffc67a92318 [ 1371.693899][T29524] [ 1373.461899][T29545] netlink: 334 bytes leftover after parsing attributes in process `syz.6.5607'. [ 1373.833487][T29528] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1374.622234][T29552] FAULT_INJECTION: forcing a failure. [ 1374.622234][T29552] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1374.722115][T29552] CPU: 1 UID: 0 PID: 29552 Comm: syz.0.5609 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1374.722162][T29552] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1374.722172][T29552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1374.722187][T29552] Call Trace: [ 1374.722197][T29552] [ 1374.722208][T29552] dump_stack_lvl+0x16c/0x1f0 [ 1374.722251][T29552] should_fail_ex+0x512/0x640 [ 1374.722284][T29552] _copy_from_user+0x2e/0xd0 [ 1374.722312][T29552] copy_msghdr_from_user+0x98/0x160 [ 1374.722343][T29552] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1374.722373][T29552] ? find_held_lock+0x2b/0x80 [ 1374.722410][T29552] ___sys_sendmsg+0xfe/0x1d0 [ 1374.722441][T29552] ? __pfx____sys_sendmsg+0x10/0x10 [ 1374.722500][T29552] ? __pfx___might_resched+0x10/0x10 [ 1374.722536][T29552] __sys_sendmmsg+0x200/0x420 [ 1374.722582][T29552] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1374.722627][T29552] ? __pfx_do_futex+0x10/0x10 [ 1374.722652][T29552] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1374.722703][T29552] ? fput+0x70/0xf0 [ 1374.722730][T29552] ? xfd_validate_state+0x61/0x180 [ 1374.722752][T29552] ? __pfx_do_writev+0x10/0x10 [ 1374.722788][T29552] __x64_sys_sendmmsg+0x9c/0x100 [ 1374.722815][T29552] ? lockdep_hardirqs_on+0x7c/0x110 [ 1374.722849][T29552] do_syscall_64+0xcd/0xf80 [ 1374.722885][T29552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1374.722910][T29552] RIP: 0033:0x7f6e41b8f7c9 [ 1374.722931][T29552] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1374.722957][T29552] RSP: 002b:00007f6e429bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1374.722982][T29552] RAX: ffffffffffffffda RBX: 00007f6e41de6090 RCX: 00007f6e41b8f7c9 [ 1374.723001][T29552] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1374.723016][T29552] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1374.723033][T29552] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1374.723048][T29552] R13: 00007f6e41de6128 R14: 00007f6e41de6090 R15: 00007ffc44192ec8 [ 1374.723083][T29552] [ 1375.428301][T29558] FAULT_INJECTION: forcing a failure. [ 1375.428301][T29558] name failslab, interval 1, probability 0, space 0, times 0 [ 1375.463402][T29558] CPU: 0 UID: 0 PID: 29558 Comm: syz.6.5613 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1375.463451][T29558] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1375.463461][T29558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1375.463476][T29558] Call Trace: [ 1375.463485][T29558] [ 1375.463495][T29558] dump_stack_lvl+0x16c/0x1f0 [ 1375.463544][T29558] should_fail_ex+0x512/0x640 [ 1375.463571][T29558] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 1375.463607][T29558] should_failslab+0xc2/0x120 [ 1375.463644][T29558] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 1375.463670][T29558] ? inode_set_ctime_to_ts+0x137/0x3b0 [ 1375.463706][T29558] ? __d_alloc+0x35/0xa80 [ 1375.463733][T29558] ? __d_alloc+0x35/0xa80 [ 1375.463752][T29558] __d_alloc+0x35/0xa80 [ 1375.463777][T29558] d_alloc_pseudo+0x1c/0xc0 [ 1375.463805][T29558] alloc_file_pseudo+0xcf/0x230 [ 1375.463834][T29558] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1375.463857][T29558] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1375.463898][T29558] create_pipe_files+0x36d/0x9a0 [ 1375.463936][T29558] do_pipe2+0xaf/0x1c0 [ 1375.463968][T29558] ? __pfx_do_pipe2+0x10/0x10 [ 1375.464001][T29558] ? xfd_validate_state+0x61/0x180 [ 1375.464023][T29558] ? __pfx_ksys_write+0x10/0x10 [ 1375.464063][T29558] __x64_sys_pipe+0x33/0x50 [ 1375.464095][T29558] do_syscall_64+0xcd/0xf80 [ 1375.464131][T29558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1375.464155][T29558] RIP: 0033:0x7ff78198f7c9 [ 1375.464175][T29558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1375.464199][T29558] RSP: 002b:00007ff782851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1375.464224][T29558] RAX: ffffffffffffffda RBX: 00007ff781be5fa0 RCX: 00007ff78198f7c9 [ 1375.464241][T29558] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1375.464255][T29558] RBP: 00007ff781a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1375.464271][T29558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1375.464286][T29558] R13: 00007ff781be6038 R14: 00007ff781be5fa0 R15: 00007ffc67a92318 [ 1375.464319][T29558] [ 1377.564257][T29592] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5618'. [ 1378.746551][T29605] FAULT_INJECTION: forcing a failure. [ 1378.746551][T29605] name failslab, interval 1, probability 0, space 0, times 0 [ 1378.784273][T29605] CPU: 0 UID: 0 PID: 29605 Comm: syz.6.5624 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1378.784318][T29605] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1378.784329][T29605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1378.784344][T29605] Call Trace: [ 1378.784354][T29605] [ 1378.784364][T29605] dump_stack_lvl+0x16c/0x1f0 [ 1378.784406][T29605] should_fail_ex+0x512/0x640 [ 1378.784432][T29605] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1378.784466][T29605] should_failslab+0xc2/0x120 [ 1378.784503][T29605] __kmalloc_cache_noprof+0x80/0x800 [ 1378.784531][T29605] ? snd_pcm_oss_change_params_locked+0x211/0x3ab0 [ 1378.784565][T29605] ? snd_pcm_oss_change_params_locked+0x211/0x3ab0 [ 1378.784590][T29605] snd_pcm_oss_change_params_locked+0x211/0x3ab0 [ 1378.784619][T29605] ? __mutex_lock+0x27b/0x1ca0 [ 1378.784657][T29605] ? snd_pcm_oss_make_ready+0xc4/0x1b0 [ 1378.784683][T29605] ? __flush_work+0xa48/0xcc0 [ 1378.784713][T29605] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1378.784737][T29605] ? __pfx___mutex_lock+0x10/0x10 [ 1378.784774][T29605] ? __lock_acquire+0x436/0x2890 [ 1378.784818][T29605] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1378.784845][T29605] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 1378.784870][T29605] ? lockdep_hardirqs_on+0x7c/0x110 [ 1378.784907][T29605] snd_pcm_oss_poll+0x5a5/0xb90 [ 1378.784936][T29605] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1378.784959][T29605] ? __fget_files+0x20e/0x3c0 [ 1378.785000][T29605] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1378.785024][T29605] do_sys_poll+0x55c/0xdf0 [ 1378.785069][T29605] ? __pfx_do_sys_poll+0x10/0x10 [ 1378.785134][T29605] ? preempt_schedule_common+0x44/0xc0 [ 1378.785245][T29605] ? __pfx_timespec64_add_safe+0x10/0x10 [ 1378.785276][T29605] ? ktime_get_ts64+0x2d2/0x400 [ 1378.785303][T29605] ? read_tsc+0x9/0x20 [ 1378.785334][T29605] ? ktime_get_ts64+0x256/0x400 [ 1378.785369][T29605] __x64_sys_poll+0x1a6/0x450 [ 1378.785401][T29605] ? __pfx___x64_sys_poll+0x10/0x10 [ 1378.785444][T29605] do_syscall_64+0xcd/0xf80 [ 1378.785480][T29605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1378.785506][T29605] RIP: 0033:0x7ff78198f7c9 [ 1378.785527][T29605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1378.785551][T29605] RSP: 002b:00007ff782851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 1378.785576][T29605] RAX: ffffffffffffffda RBX: 00007ff781be5fa0 RCX: 00007ff78198f7c9 [ 1378.785594][T29605] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 1378.785611][T29605] RBP: 00007ff781a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1378.785628][T29605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1378.785644][T29605] R13: 00007ff781be6038 R14: 00007ff781be5fa0 R15: 00007ffc67a92318 [ 1378.785682][T29605] [ 1380.405549][T29617] openvswitch: netlink: Key type 11267 is out of range max 32 [ 1380.448007][T29617] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1380.758018][T29601] kexec: Could not allocate control_code_buffer [ 1381.413992][ T7226] Bluetooth: hci5: unexpected event 0x3e length: 726 > 260 [ 1381.414029][ T7226] Bluetooth: hci5: unexpected subevent 0x0e length: 725 > 15 [ 1381.429943][ T7226] Bluetooth: hci5: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1382.149347][T29645] random: crng reseeded on system resumption [ 1382.163915][T29646] openvswitch: netlink: Key type 11267 is out of range max 32 [ 1382.178909][T29646] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1383.880888][T29680] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 1386.761280][T29755] netlink: 'syz.1.5659': attribute type 27 has an invalid length. [ 1386.795593][T29755] netlink: 334 bytes leftover after parsing attributes in process `syz.1.5659'. [ 1388.327831][T29775] kexec: Could not allocate control_code_buffer [ 1388.701928][T29806] input: f as /devices/virtual/input/input51 [ 1389.379902][T29817] FAULT_INJECTION: forcing a failure. [ 1389.379902][T29817] name failslab, interval 1, probability 0, space 0, times 0 [ 1389.450430][T29817] CPU: 1 UID: 0 PID: 29817 Comm: syz.1.5674 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1389.450473][T29817] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1389.450483][T29817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1389.450499][T29817] Call Trace: [ 1389.450508][T29817] [ 1389.450518][T29817] dump_stack_lvl+0x16c/0x1f0 [ 1389.450561][T29817] should_fail_ex+0x512/0x640 [ 1389.450588][T29817] ? kmem_cache_alloc_noprof+0x62/0x770 [ 1389.450621][T29817] should_failslab+0xc2/0x120 [ 1389.450656][T29817] kmem_cache_alloc_noprof+0x83/0x770 [ 1389.450683][T29817] ? alloc_empty_file+0x55/0x1e0 [ 1389.450715][T29817] ? alloc_empty_file+0x55/0x1e0 [ 1389.450739][T29817] alloc_empty_file+0x55/0x1e0 [ 1389.450766][T29817] alloc_file_pseudo+0x13a/0x230 [ 1389.450793][T29817] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1389.450817][T29817] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1389.450859][T29817] create_pipe_files+0x36d/0x9a0 [ 1389.450897][T29817] do_pipe2+0xaf/0x1c0 [ 1389.450930][T29817] ? __pfx_do_pipe2+0x10/0x10 [ 1389.450962][T29817] ? xfd_validate_state+0x61/0x180 [ 1389.450984][T29817] ? __pfx_ksys_write+0x10/0x10 [ 1389.451024][T29817] __x64_sys_pipe+0x33/0x50 [ 1389.451069][T29817] do_syscall_64+0xcd/0xf80 [ 1389.451108][T29817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1389.451135][T29817] RIP: 0033:0x7f35f218f7c9 [ 1389.451156][T29817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1389.451180][T29817] RSP: 002b:00007f35f30ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1389.451204][T29817] RAX: ffffffffffffffda RBX: 00007f35f23e5fa0 RCX: 00007f35f218f7c9 [ 1389.451221][T29817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1389.451236][T29817] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1389.451252][T29817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1389.451267][T29817] R13: 00007f35f23e6038 R14: 00007f35f23e5fa0 R15: 00007ffdb53aeb58 [ 1389.451303][T29817] [ 1389.810448][T29818] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5673'. [ 1391.144442][ T7226] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 1391.144477][ T7226] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15 [ 1391.165201][ T7226] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1391.656295][T29854] delete_channel: no stack [ 1391.714904][T29858] FAULT_INJECTION: forcing a failure. [ 1391.714904][T29858] name failslab, interval 1, probability 0, space 0, times 0 [ 1391.789724][T29854] hub 1-0:1.0: USB hub found [ 1391.805161][T29858] CPU: 1 UID: 0 PID: 29858 Comm: syz.0.5683 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1391.805212][T29858] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1391.805223][T29858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1391.805238][T29858] Call Trace: [ 1391.805245][T29858] [ 1391.805254][T29858] dump_stack_lvl+0x16c/0x1f0 [ 1391.805298][T29858] should_fail_ex+0x512/0x640 [ 1391.805324][T29858] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 1391.805358][T29858] should_failslab+0xc2/0x120 [ 1391.805393][T29858] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 1391.805420][T29858] ? inode_set_ctime_to_ts+0x137/0x3b0 [ 1391.805455][T29858] ? __d_alloc+0x35/0xa80 [ 1391.805483][T29858] ? __d_alloc+0x35/0xa80 [ 1391.805502][T29858] __d_alloc+0x35/0xa80 [ 1391.805527][T29858] d_alloc_pseudo+0x1c/0xc0 [ 1391.805556][T29858] alloc_file_pseudo+0xcf/0x230 [ 1391.805585][T29858] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1391.805609][T29858] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1391.805651][T29858] create_pipe_files+0x36d/0x9a0 [ 1391.805689][T29858] do_pipe2+0xaf/0x1c0 [ 1391.805737][T29858] ? __pfx_do_pipe2+0x10/0x10 [ 1391.805771][T29858] ? xfd_validate_state+0x61/0x180 [ 1391.805793][T29858] ? __pfx_ksys_write+0x10/0x10 [ 1391.805843][T29858] __x64_sys_pipe+0x33/0x50 [ 1391.805879][T29858] do_syscall_64+0xcd/0xf80 [ 1391.805919][T29858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1391.805943][T29858] RIP: 0033:0x7f6e41b8f7c9 [ 1391.805964][T29858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1391.805988][T29858] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1391.806012][T29858] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1391.806030][T29858] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1391.806043][T29858] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1391.806058][T29858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1391.806073][T29858] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1391.806108][T29858] [ 1392.022924][T29854] hub 1-0:1.0: 1 port detected [ 1393.075830][T29892] FAULT_INJECTION: forcing a failure. [ 1393.075830][T29892] name failslab, interval 1, probability 0, space 0, times 0 [ 1393.133187][T29892] CPU: 1 UID: 0 PID: 29892 Comm: syz.6.5693 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1393.133235][T29892] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1393.133245][T29892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1393.133261][T29892] Call Trace: [ 1393.133270][T29892] [ 1393.133280][T29892] dump_stack_lvl+0x16c/0x1f0 [ 1393.133322][T29892] should_fail_ex+0x512/0x640 [ 1393.133348][T29892] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 1393.133383][T29892] should_failslab+0xc2/0x120 [ 1393.133418][T29892] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 1393.133444][T29892] ? inode_set_ctime_to_ts+0x137/0x3b0 [ 1393.133480][T29892] ? __d_alloc+0x35/0xa80 [ 1393.133507][T29892] ? __d_alloc+0x35/0xa80 [ 1393.133526][T29892] __d_alloc+0x35/0xa80 [ 1393.133552][T29892] d_alloc_pseudo+0x1c/0xc0 [ 1393.133580][T29892] alloc_file_pseudo+0xcf/0x230 [ 1393.133610][T29892] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1393.133634][T29892] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1393.133674][T29892] create_pipe_files+0x36d/0x9a0 [ 1393.133722][T29892] do_pipe2+0xaf/0x1c0 [ 1393.133757][T29892] ? __pfx_do_pipe2+0x10/0x10 [ 1393.133793][T29892] ? xfd_validate_state+0x61/0x180 [ 1393.133816][T29892] ? __pfx_ksys_write+0x10/0x10 [ 1393.133857][T29892] __x64_sys_pipe+0x33/0x50 [ 1393.133889][T29892] do_syscall_64+0xcd/0xf80 [ 1393.133926][T29892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1393.133949][T29892] RIP: 0033:0x7ff78198f7c9 [ 1393.133971][T29892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1393.133994][T29892] RSP: 002b:00007ff782851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1393.134019][T29892] RAX: ffffffffffffffda RBX: 00007ff781be5fa0 RCX: 00007ff78198f7c9 [ 1393.134036][T29892] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1393.134052][T29892] RBP: 00007ff781a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1393.134067][T29892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1393.134083][T29892] R13: 00007ff781be6038 R14: 00007ff781be5fa0 R15: 00007ffc67a92318 [ 1393.134120][T29892] [ 1393.396670][T29889] zswap: compressor not available [ 1393.907863][T29908] FAULT_INJECTION: forcing a failure. [ 1393.907863][T29908] name failslab, interval 1, probability 0, space 0, times 0 [ 1393.993419][T29908] CPU: 1 UID: 0 PID: 29908 Comm: syz.0.5694 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1393.993465][T29908] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1393.993476][T29908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1393.993491][T29908] Call Trace: [ 1393.993500][T29908] [ 1393.993511][T29908] dump_stack_lvl+0x16c/0x1f0 [ 1393.993553][T29908] should_fail_ex+0x512/0x640 [ 1393.993579][T29908] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1393.993618][T29908] should_failslab+0xc2/0x120 [ 1393.993655][T29908] __kmalloc_cache_noprof+0x80/0x800 [ 1393.993685][T29908] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1393.993717][T29908] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1393.993742][T29908] snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1393.993776][T29908] ? snd_pcm_oss_make_ready+0xc4/0x1b0 [ 1393.993804][T29908] ? __flush_work+0xa48/0xcc0 [ 1393.993833][T29908] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1393.993857][T29908] ? __pfx___mutex_lock+0x10/0x10 [ 1393.993897][T29908] ? __lock_acquire+0x436/0x2890 [ 1393.993943][T29908] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1393.993970][T29908] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 1393.993996][T29908] ? lockdep_hardirqs_on+0x7c/0x110 [ 1393.994033][T29908] snd_pcm_oss_poll+0x5a5/0xb90 [ 1393.994062][T29908] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1393.994085][T29908] ? __fget_files+0x20e/0x3c0 [ 1393.994126][T29908] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1393.994150][T29908] do_sys_poll+0x55c/0xdf0 [ 1393.994193][T29908] ? __pfx_do_sys_poll+0x10/0x10 [ 1393.994256][T29908] ? preempt_schedule_common+0x44/0xc0 [ 1393.994356][T29908] ? __pfx_timespec64_add_safe+0x10/0x10 [ 1393.994384][T29908] ? ktime_get_ts64+0x2d2/0x400 [ 1393.994410][T29908] ? read_tsc+0x9/0x20 [ 1393.994438][T29908] ? ktime_get_ts64+0x256/0x400 [ 1393.994471][T29908] __x64_sys_poll+0x1a6/0x450 [ 1393.994502][T29908] ? __pfx___x64_sys_poll+0x10/0x10 [ 1393.994544][T29908] do_syscall_64+0xcd/0xf80 [ 1393.994579][T29908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1393.994611][T29908] RIP: 0033:0x7f6e41b8f7c9 [ 1393.994633][T29908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1393.994658][T29908] RSP: 002b:00007f6e429bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 1393.994682][T29908] RAX: ffffffffffffffda RBX: 00007f6e41de6090 RCX: 00007f6e41b8f7c9 [ 1393.994699][T29908] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 1393.994715][T29908] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1393.994731][T29908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1393.994746][T29908] R13: 00007f6e41de6128 R14: 00007f6e41de6090 R15: 00007ffc44192ec8 [ 1393.994783][T29908] [ 1394.408013][T13278] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 7 with max blocks 3 with error 117 [ 1394.501789][T13278] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1394.501789][T13278] [ 1394.576189][T13278] EXT4-fs (sda1): Delayed block allocation failed for inode 2030 at logical offset 7 with max blocks 4 with error 117 [ 1394.608913][T13278] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1394.608913][T13278] [ 1395.143013][ T7226] Bluetooth: hci5: unexpected event 0x3e length: 726 > 260 [ 1395.143049][ T7226] Bluetooth: hci5: unexpected subevent 0x0e length: 725 > 15 [ 1395.158262][ T7226] Bluetooth: hci5: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1395.370047][T29927] bond0: invalid ARP target specified [ 1395.408546][T29925] can: request_module (can-proto-3) failed. [ 1395.801399][T29934] FAULT_INJECTION: forcing a failure. [ 1395.801399][T29934] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1395.821412][T29934] CPU: 0 UID: 0 PID: 29934 Comm: syz.6.5701 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1395.821456][T29934] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1395.821467][T29934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1395.821482][T29934] Call Trace: [ 1395.821491][T29934] [ 1395.821502][T29934] dump_stack_lvl+0x16c/0x1f0 [ 1395.821545][T29934] should_fail_ex+0x512/0x640 [ 1395.821577][T29934] _copy_from_user+0x2e/0xd0 [ 1395.821605][T29934] copy_msghdr_from_user+0x98/0x160 [ 1395.821636][T29934] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1395.821673][T29934] ? find_held_lock+0x2b/0x80 [ 1395.821714][T29934] ___sys_sendmsg+0xfe/0x1d0 [ 1395.821747][T29934] ? __pfx____sys_sendmsg+0x10/0x10 [ 1395.821809][T29934] ? __pfx___might_resched+0x10/0x10 [ 1395.821849][T29934] __sys_sendmmsg+0x200/0x420 [ 1395.821883][T29934] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1395.821923][T29934] ? __pfx_do_futex+0x10/0x10 [ 1395.821949][T29934] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1395.821998][T29934] ? fput+0x70/0xf0 [ 1395.822025][T29934] ? xfd_validate_state+0x61/0x180 [ 1395.822047][T29934] ? __pfx_do_writev+0x10/0x10 [ 1395.822083][T29934] __x64_sys_sendmmsg+0x9c/0x100 [ 1395.822112][T29934] ? lockdep_hardirqs_on+0x7c/0x110 [ 1395.822145][T29934] do_syscall_64+0xcd/0xf80 [ 1395.822181][T29934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1395.822206][T29934] RIP: 0033:0x7ff78198f7c9 [ 1395.822227][T29934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1395.822250][T29934] RSP: 002b:00007ff782851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1395.822274][T29934] RAX: ffffffffffffffda RBX: 00007ff781be5fa0 RCX: 00007ff78198f7c9 [ 1395.822291][T29934] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1395.822307][T29934] RBP: 00007ff781a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1395.822323][T29934] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1395.822339][T29934] R13: 00007ff781be6038 R14: 00007ff781be5fa0 R15: 00007ffc67a92318 [ 1395.822383][T29934] [ 1397.096910][ T7226] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1397.096948][ T7226] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 1397.114056][ T7226] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1398.214096][T29961] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5708'. [ 1398.810836][T29981] FAULT_INJECTION: forcing a failure. [ 1398.810836][T29981] name failslab, interval 1, probability 0, space 0, times 0 [ 1398.842357][T29981] CPU: 0 UID: 0 PID: 29981 Comm: syz.1.5712 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1398.842385][T29981] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1398.842390][T29981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1398.842399][T29981] Call Trace: [ 1398.842406][T29981] [ 1398.842412][T29981] dump_stack_lvl+0x16c/0x1f0 [ 1398.842439][T29981] should_fail_ex+0x512/0x640 [ 1398.842455][T29981] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1398.842474][T29981] should_failslab+0xc2/0x120 [ 1398.842494][T29981] __kmalloc_cache_noprof+0x80/0x800 [ 1398.842510][T29981] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1398.842528][T29981] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1398.842542][T29981] snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1398.842561][T29981] ? snd_pcm_oss_make_ready+0xc4/0x1b0 [ 1398.842575][T29981] ? __flush_work+0xa48/0xcc0 [ 1398.842590][T29981] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1398.842604][T29981] ? __pfx___mutex_lock+0x10/0x10 [ 1398.842624][T29981] ? __lock_acquire+0x436/0x2890 [ 1398.842649][T29981] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1398.842664][T29981] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 1398.842678][T29981] ? lockdep_hardirqs_on+0x7c/0x110 [ 1398.842698][T29981] snd_pcm_oss_poll+0x5a5/0xb90 [ 1398.842713][T29981] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1398.842725][T29981] ? __fget_files+0x20e/0x3c0 [ 1398.842747][T29981] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1398.842760][T29981] do_sys_poll+0x55c/0xdf0 [ 1398.842784][T29981] ? __pfx_do_sys_poll+0x10/0x10 [ 1398.842817][T29981] ? preempt_schedule_common+0x44/0xc0 [ 1398.842870][T29981] ? __pfx_timespec64_add_safe+0x10/0x10 [ 1398.842885][T29981] ? ktime_get_ts64+0x2d2/0x400 [ 1398.842900][T29981] ? read_tsc+0x9/0x20 [ 1398.842916][T29981] ? ktime_get_ts64+0x256/0x400 [ 1398.842934][T29981] __x64_sys_poll+0x1a6/0x450 [ 1398.842951][T29981] ? __pfx___x64_sys_poll+0x10/0x10 [ 1398.842974][T29981] do_syscall_64+0xcd/0xf80 [ 1398.842994][T29981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1398.843034][T29981] RIP: 0033:0x7f35f218f7c9 [ 1398.843048][T29981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1398.843063][T29981] RSP: 002b:00007f35f30ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 1398.843078][T29981] RAX: ffffffffffffffda RBX: 00007f35f23e5fa0 RCX: 00007f35f218f7c9 [ 1398.843088][T29981] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 1398.843096][T29981] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1398.843105][T29981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1398.843113][T29981] R13: 00007f35f23e6038 R14: 00007f35f23e5fa0 R15: 00007ffdb53aeb58 [ 1398.843132][T29981] [ 1399.435141][T29986] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1400.525787][T29998] FAULT_INJECTION: forcing a failure. [ 1400.525787][T29998] name failslab, interval 1, probability 0, space 0, times 0 [ 1400.624968][T29998] CPU: 1 UID: 0 PID: 29998 Comm: syz.0.5716 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1400.624995][T29998] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1400.625001][T29998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1400.625009][T29998] Call Trace: [ 1400.625014][T29998] [ 1400.625021][T29998] dump_stack_lvl+0x16c/0x1f0 [ 1400.625046][T29998] should_fail_ex+0x512/0x640 [ 1400.625062][T29998] ? fs_reclaim_acquire+0xae/0x150 [ 1400.625085][T29998] should_failslab+0xc2/0x120 [ 1400.625106][T29998] __kmalloc_noprof+0xeb/0x910 [ 1400.625121][T29998] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1400.625144][T29998] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1400.625161][T29998] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1400.625184][T29998] ? tomoyo_profile+0x47/0x60 [ 1400.625206][T29998] tomoyo_path_number_perm+0x245/0x580 [ 1400.625220][T29998] ? tomoyo_path_number_perm+0x237/0x580 [ 1400.625237][T29998] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1400.625254][T29998] ? find_held_lock+0x2b/0x80 [ 1400.625287][T29998] ? find_held_lock+0x2b/0x80 [ 1400.625304][T29998] ? hook_file_ioctl_common+0x144/0x410 [ 1400.625324][T29998] ? __fget_files+0x20e/0x3c0 [ 1400.625346][T29998] security_file_ioctl+0x9b/0x240 [ 1400.625364][T29998] __x64_sys_ioctl+0xb7/0x210 [ 1400.625382][T29998] do_syscall_64+0xcd/0xf80 [ 1400.625404][T29998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1400.625419][T29998] RIP: 0033:0x7f6e41b8f7c9 [ 1400.625431][T29998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1400.625445][T29998] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1400.625459][T29998] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1400.625469][T29998] RDX: 0000000000000000 RSI: 0000000040505412 RDI: 0000000000000003 [ 1400.625477][T29998] RBP: 00007f6e429e0090 R08: 0000000000000000 R09: 0000000000000000 [ 1400.625486][T29998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1400.625494][T29998] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1400.625513][T29998] [ 1400.625753][T29998] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1402.890005][T30019] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1403.091912][T30015] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1404.857476][T30054] FAULT_INJECTION: forcing a failure. [ 1404.857476][T30054] name failslab, interval 1, probability 0, space 0, times 0 [ 1405.008347][T30054] CPU: 0 UID: 0 PID: 30054 Comm: syz.1.5727 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1405.008389][T30054] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1405.008399][T30054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1405.008412][T30054] Call Trace: [ 1405.008420][T30054] [ 1405.008431][T30054] dump_stack_lvl+0x16c/0x1f0 [ 1405.008469][T30054] should_fail_ex+0x512/0x640 [ 1405.008504][T30054] ? fs_reclaim_acquire+0xae/0x150 [ 1405.008541][T30054] should_failslab+0xc2/0x120 [ 1405.008571][T30054] __kmalloc_noprof+0xeb/0x910 [ 1405.008592][T30054] ? tomoyo_encode2+0x100/0x3e0 [ 1405.008622][T30054] ? tomoyo_encode2+0x100/0x3e0 [ 1405.008657][T30054] tomoyo_encode2+0x100/0x3e0 [ 1405.008690][T30054] tomoyo_encode+0x29/0x50 [ 1405.008717][T30054] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1405.008756][T30054] tomoyo_path_number_perm+0x245/0x580 [ 1405.008780][T30054] ? tomoyo_path_number_perm+0x237/0x580 [ 1405.008809][T30054] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1405.008837][T30054] ? find_held_lock+0x2b/0x80 [ 1405.008896][T30054] ? find_held_lock+0x2b/0x80 [ 1405.008922][T30054] ? hook_file_ioctl_common+0x144/0x410 [ 1405.008956][T30054] ? __fget_files+0x20e/0x3c0 [ 1405.008992][T30054] security_file_ioctl+0x9b/0x240 [ 1405.009020][T30054] __x64_sys_ioctl+0xb7/0x210 [ 1405.009050][T30054] do_syscall_64+0xcd/0xf80 [ 1405.009085][T30054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1405.009108][T30054] RIP: 0033:0x7f35f218f7c9 [ 1405.009128][T30054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1405.009150][T30054] RSP: 002b:00007f35f30ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1405.009173][T30054] RAX: ffffffffffffffda RBX: 00007f35f23e5fa0 RCX: 00007f35f218f7c9 [ 1405.009189][T30054] RDX: 0000000000000000 RSI: 0000000040505412 RDI: 0000000000000003 [ 1405.009204][T30054] RBP: 00007f35f30ff090 R08: 0000000000000000 R09: 0000000000000000 [ 1405.009218][T30054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1405.009232][T30054] R13: 00007f35f23e6038 R14: 00007f35f23e5fa0 R15: 00007ffdb53aeb58 [ 1405.009267][T30054] [ 1405.009864][T30054] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1405.861628][ T7226] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 1405.861665][ T7226] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15 [ 1405.885027][ T7226] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1406.273457][T30069] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5731'. [ 1406.381089][T30069] veth0_macvtap: left promiscuous mode [ 1406.422450][T30068] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5731'. [ 1406.530625][T30069] macvtap0: entered promiscuous mode [ 1406.587907][T30069] macvtap0: entered allmulticast mode [ 1407.451091][ T7226] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 1407.451129][ T7226] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15 [ 1407.467618][ T7226] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1407.643501][T30102] FAULT_INJECTION: forcing a failure. [ 1407.643501][T30102] name failslab, interval 1, probability 0, space 0, times 0 [ 1407.657280][T30105] openvswitch: netlink: Key type 1539 is out of range max 32 [ 1407.668260][T30105] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 1407.685118][T30102] CPU: 1 UID: 0 PID: 30102 Comm: syz.0.5736 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1407.685173][T30102] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1407.685185][T30102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1407.685202][T30102] Call Trace: [ 1407.685211][T30102] [ 1407.685223][T30102] dump_stack_lvl+0x16c/0x1f0 [ 1407.685266][T30102] should_fail_ex+0x512/0x640 [ 1407.685292][T30102] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1407.685326][T30102] should_failslab+0xc2/0x120 [ 1407.685362][T30102] __kmalloc_cache_noprof+0x80/0x800 [ 1407.685390][T30102] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1407.685423][T30102] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1407.685448][T30102] snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1407.685483][T30102] ? snd_pcm_oss_make_ready+0xc4/0x1b0 [ 1407.685510][T30102] ? __flush_work+0xa48/0xcc0 [ 1407.685541][T30102] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1407.685565][T30102] ? __pfx___mutex_lock+0x10/0x10 [ 1407.685601][T30102] ? __lock_acquire+0x436/0x2890 [ 1407.685648][T30102] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1407.685675][T30102] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 1407.685701][T30102] ? lockdep_hardirqs_on+0x7c/0x110 [ 1407.685738][T30102] snd_pcm_oss_poll+0x5a5/0xb90 [ 1407.685768][T30102] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1407.685791][T30102] ? __fget_files+0x20e/0x3c0 [ 1407.685831][T30102] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1407.685855][T30102] do_sys_poll+0x55c/0xdf0 [ 1407.685899][T30102] ? __pfx_do_sys_poll+0x10/0x10 [ 1407.685964][T30102] ? preempt_schedule_common+0x44/0xc0 [ 1407.686068][T30102] ? __pfx_timespec64_add_safe+0x10/0x10 [ 1407.686097][T30102] ? ktime_get_ts64+0x2d2/0x400 [ 1407.686124][T30102] ? read_tsc+0x9/0x20 [ 1407.686169][T30102] ? ktime_get_ts64+0x256/0x400 [ 1407.686205][T30102] __x64_sys_poll+0x1a6/0x450 [ 1407.686240][T30102] ? __pfx___x64_sys_poll+0x10/0x10 [ 1407.686283][T30102] do_syscall_64+0xcd/0xf80 [ 1407.686320][T30102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1407.686346][T30102] RIP: 0033:0x7f6e41b8f7c9 [ 1407.686368][T30102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1407.686393][T30102] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 1407.686419][T30102] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1407.686438][T30102] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 1407.686456][T30102] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1407.686473][T30102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1407.686490][T30102] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1407.686528][T30102] [ 1408.280012][T30109] FAULT_INJECTION: forcing a failure. [ 1408.280012][T30109] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1408.368725][T30109] CPU: 1 UID: 0 PID: 30109 Comm: syz.6.5738 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1408.368766][T30109] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1408.368776][T30109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1408.368790][T30109] Call Trace: [ 1408.368798][T30109] [ 1408.368808][T30109] dump_stack_lvl+0x16c/0x1f0 [ 1408.368846][T30109] should_fail_ex+0x512/0x640 [ 1408.368876][T30109] _copy_from_user+0x2e/0xd0 [ 1408.368900][T30109] snd_timer_user_params.isra.0+0xf5/0x920 [ 1408.368929][T30109] ? __pfx_snd_timer_user_params.isra.0+0x10/0x10 [ 1408.368957][T30109] ? kasan_quarantine_put+0x10a/0x240 [ 1408.368985][T30109] ? lockdep_hardirqs_on+0x7c/0x110 [ 1408.369027][T30109] ? tomoyo_path_number_perm+0x295/0x580 [ 1408.369062][T30109] __snd_timer_user_ioctl.isra.0+0x1494/0x27b0 [ 1408.369090][T30109] ? lock_acquire+0x179/0x330 [ 1408.369114][T30109] ? __pfx___snd_timer_user_ioctl.isra.0+0x10/0x10 [ 1408.369148][T30109] ? __pfx___might_resched+0x10/0x10 [ 1408.369180][T30109] ? rcu_is_watching+0x12/0xc0 [ 1408.369209][T30109] ? trace_contention_end+0xdd/0x110 [ 1408.369232][T30109] ? __mutex_lock+0x27b/0x1ca0 [ 1408.369266][T30109] ? do_vfs_ioctl+0x128/0x14f0 [ 1408.369291][T30109] ? snd_timer_user_ioctl+0x4a/0xd0 [ 1408.369314][T30109] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1408.369342][T30109] ? __pfx___mutex_lock+0x10/0x10 [ 1408.369380][T30109] ? find_held_lock+0x2b/0x80 [ 1408.369425][T30109] snd_timer_user_ioctl+0x76/0xd0 [ 1408.369447][T30109] ? __pfx_snd_timer_user_ioctl+0x10/0x10 [ 1408.369475][T30109] __x64_sys_ioctl+0x18e/0x210 [ 1408.369505][T30109] do_syscall_64+0xcd/0xf80 [ 1408.369539][T30109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1408.369563][T30109] RIP: 0033:0x7ff78198f7c9 [ 1408.369583][T30109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1408.369605][T30109] RSP: 002b:00007ff782851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1408.369628][T30109] RAX: ffffffffffffffda RBX: 00007ff781be5fa0 RCX: 00007ff78198f7c9 [ 1408.369645][T30109] RDX: 0000000000000000 RSI: 0000000040505412 RDI: 0000000000000003 [ 1408.369659][T30109] RBP: 00007ff782851090 R08: 0000000000000000 R09: 0000000000000000 [ 1408.369674][T30109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1408.369689][T30109] R13: 00007ff781be6038 R14: 00007ff781be5fa0 R15: 00007ffc67a92318 [ 1408.369724][T30109] [ 1410.046893][T30117] FAULT_INJECTION: forcing a failure. [ 1410.046893][T30117] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1410.144985][T30117] CPU: 1 UID: 0 PID: 30117 Comm: syz.1.5740 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1410.145013][T30117] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1410.145019][T30117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1410.145027][T30117] Call Trace: [ 1410.145033][T30117] [ 1410.145039][T30117] dump_stack_lvl+0x16c/0x1f0 [ 1410.145066][T30117] should_fail_ex+0x512/0x640 [ 1410.145085][T30117] get_futex_key+0x293/0x15f0 [ 1410.145103][T30117] ? __pfx_get_futex_key+0x10/0x10 [ 1410.145124][T30117] futex_wake+0xea/0x530 [ 1410.145149][T30117] ? __pfx_futex_wake+0x10/0x10 [ 1410.145178][T30117] do_futex+0x1e3/0x350 [ 1410.145193][T30117] ? __pfx_do_futex+0x10/0x10 [ 1410.145207][T30117] ? __might_fault+0xe3/0x190 [ 1410.145228][T30117] mm_release+0x24e/0x300 [ 1410.145247][T30117] do_exit+0x69e/0x2bd0 [ 1410.145264][T30117] ? __pfx_do_exit+0x10/0x10 [ 1410.145277][T30117] ? do_raw_spin_lock+0x12c/0x2b0 [ 1410.145292][T30117] ? find_held_lock+0x2b/0x80 [ 1410.145312][T30117] do_group_exit+0xd3/0x2a0 [ 1410.145326][T30117] get_signal+0x2671/0x26d0 [ 1410.145352][T30117] ? __pfx_get_signal+0x10/0x10 [ 1410.145371][T30117] ? do_futex+0x122/0x350 [ 1410.145387][T30117] arch_do_signal_or_restart+0x8f/0x7a0 [ 1410.145409][T30117] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1410.145433][T30117] ? __pfx___x64_sys_futex+0x10/0x10 [ 1410.145452][T30117] exit_to_user_mode_loop+0x8c/0x540 [ 1410.145471][T30117] do_syscall_64+0x4ee/0xf80 [ 1410.145493][T30117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1410.145507][T30117] RIP: 0033:0x7f35f218f7c9 [ 1410.145520][T30117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1410.145533][T30117] RSP: 002b:00007f35f30ff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1410.145548][T30117] RAX: fffffffffffffe00 RBX: 00007f35f23e5fa8 RCX: 00007f35f218f7c9 [ 1410.145557][T30117] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f35f23e5fa8 [ 1410.145565][T30117] RBP: 00007f35f23e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1410.145574][T30117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1410.145582][T30117] R13: 00007f35f23e6038 R14: 00007ffdb53aea70 R15: 00007ffdb53aeb58 [ 1410.145600][T30117] [ 1412.130762][ T7226] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1412.132330][ T7226] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 1412.153472][ T7226] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1413.479582][T30184] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1413.807856][T30187] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5754'. [ 1413.876755][T30187] tunl0: entered promiscuous mode [ 1413.918278][T30187] tunl0: entered allmulticast mode [ 1414.467103][T30181] FAULT_INJECTION: forcing a failure. [ 1414.467103][T30181] name failslab, interval 1, probability 0, space 0, times 0 [ 1414.531955][T30181] CPU: 0 UID: 0 PID: 30181 Comm: syz.5.5753 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1414.531999][T30181] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1414.532008][T30181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1414.532022][T30181] Call Trace: [ 1414.532031][T30181] [ 1414.532042][T30181] dump_stack_lvl+0x16c/0x1f0 [ 1414.532086][T30181] should_fail_ex+0x512/0x640 [ 1414.532112][T30181] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1414.532146][T30181] should_failslab+0xc2/0x120 [ 1414.532183][T30181] __kmalloc_cache_noprof+0x80/0x800 [ 1414.532211][T30181] ? lock_acquire+0x179/0x330 [ 1414.532232][T30181] ? snd_pcm_oss_change_params_locked+0x1db/0x3ab0 [ 1414.532267][T30181] ? snd_pcm_oss_change_params_locked+0x1db/0x3ab0 [ 1414.532291][T30181] snd_pcm_oss_change_params_locked+0x1db/0x3ab0 [ 1414.532321][T30181] ? __mutex_lock+0x27b/0x1ca0 [ 1414.532355][T30181] ? snd_pcm_oss_make_ready+0xc4/0x1b0 [ 1414.532381][T30181] ? __flush_work+0xa48/0xcc0 [ 1414.532410][T30181] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1414.532435][T30181] ? __pfx___mutex_lock+0x10/0x10 [ 1414.532469][T30181] ? __lock_acquire+0x436/0x2890 [ 1414.532515][T30181] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1414.532543][T30181] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 1414.532568][T30181] ? lockdep_hardirqs_on+0x7c/0x110 [ 1414.532606][T30181] snd_pcm_oss_poll+0x5a5/0xb90 [ 1414.532635][T30181] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1414.532657][T30181] ? __fget_files+0x20e/0x3c0 [ 1414.532697][T30181] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1414.532733][T30181] do_sys_poll+0x55c/0xdf0 [ 1414.532779][T30181] ? __pfx_do_sys_poll+0x10/0x10 [ 1414.532844][T30181] ? __futex_wait+0x24b/0x2f0 [ 1414.532944][T30181] ? __pfx_timespec64_add_safe+0x10/0x10 [ 1414.532972][T30181] ? ktime_get_ts64+0x2d2/0x400 [ 1414.532998][T30181] ? read_tsc+0x9/0x20 [ 1414.533026][T30181] ? ktime_get_ts64+0x256/0x400 [ 1414.533060][T30181] __x64_sys_poll+0x1a6/0x450 [ 1414.533091][T30181] ? __pfx___x64_sys_poll+0x10/0x10 [ 1414.533135][T30181] do_syscall_64+0xcd/0xf80 [ 1414.533170][T30181] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1414.533196][T30181] RIP: 0033:0x7faaec38f7c9 [ 1414.533217][T30181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1414.533242][T30181] RSP: 002b:00007faaed274038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 1414.533267][T30181] RAX: ffffffffffffffda RBX: 00007faaec5e5fa0 RCX: 00007faaec38f7c9 [ 1414.533285][T30181] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 1414.533302][T30181] RBP: 00007faaec413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1414.533318][T30181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1414.533333][T30181] R13: 00007faaec5e6038 R14: 00007faaec5e5fa0 R15: 00007ffcef8975e8 [ 1414.533370][T30181] [ 1414.932340][T30199] netlink: 32 bytes leftover after parsing attributes in process `syz.6.5757'. [ 1416.185466][T30224] serio: Serial port ttyS2 [ 1416.639139][T30238] FAULT_INJECTION: forcing a failure. [ 1416.639139][T30238] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1416.677330][T30238] CPU: 1 UID: 0 PID: 30238 Comm: syz.0.5765 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1416.677373][T30238] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1416.677384][T30238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1416.677399][T30238] Call Trace: [ 1416.677408][T30238] [ 1416.677418][T30238] dump_stack_lvl+0x16c/0x1f0 [ 1416.677458][T30238] should_fail_ex+0x512/0x640 [ 1416.677490][T30238] _copy_from_user+0x2e/0xd0 [ 1416.677516][T30238] copy_msghdr_from_user+0x98/0x160 [ 1416.677547][T30238] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1416.677585][T30238] ? find_held_lock+0x2b/0x80 [ 1416.677625][T30238] ___sys_sendmsg+0xfe/0x1d0 [ 1416.677657][T30238] ? __pfx____sys_sendmsg+0x10/0x10 [ 1416.677719][T30238] ? __pfx___might_resched+0x10/0x10 [ 1416.677759][T30238] __sys_sendmmsg+0x200/0x420 [ 1416.677793][T30238] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1416.677834][T30238] ? __pfx_do_futex+0x10/0x10 [ 1416.677860][T30238] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1416.677910][T30238] ? fput+0x70/0xf0 [ 1416.677937][T30238] ? xfd_validate_state+0x61/0x180 [ 1416.677959][T30238] ? __pfx_do_writev+0x10/0x10 [ 1416.677998][T30238] __x64_sys_sendmmsg+0x9c/0x100 [ 1416.678028][T30238] ? lockdep_hardirqs_on+0x7c/0x110 [ 1416.678063][T30238] do_syscall_64+0xcd/0xf80 [ 1416.678098][T30238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1416.678123][T30238] RIP: 0033:0x7f6e41b8f7c9 [ 1416.678144][T30238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1416.678168][T30238] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1416.678209][T30238] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1416.678228][T30238] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1416.678243][T30238] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1416.678260][T30238] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1416.678276][T30238] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1416.678312][T30238] [ 1416.946231][T30240] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5763'. [ 1417.543180][ T7226] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 1417.543358][ T7226] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15 [ 1417.558368][ T7226] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1417.681853][T30250] Invalid ELF header magic: != ELF [ 1417.698238][T30247] FAULT_INJECTION: forcing a failure. [ 1417.698238][T30247] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1417.731988][T30246] delete_channel: no stack [ 1417.783522][T30247] CPU: 0 UID: 0 PID: 30247 Comm: syz.1.5766 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1417.783563][T30247] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1417.783573][T30247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1417.783587][T30247] Call Trace: [ 1417.783595][T30247] [ 1417.783606][T30247] dump_stack_lvl+0x16c/0x1f0 [ 1417.783642][T30247] should_fail_ex+0x512/0x640 [ 1417.783672][T30247] should_fail_alloc_page+0xe7/0x130 [ 1417.783708][T30247] prepare_alloc_pages+0x401/0x670 [ 1417.783741][T30247] ? rcu_is_watching+0x12/0xc0 [ 1417.783775][T30247] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 1417.783803][T30247] ? should_fail_alloc_page+0xee/0x130 [ 1417.783836][T30247] ? rcu_is_watching+0x12/0xc0 [ 1417.783864][T30247] ? trace_mm_page_alloc+0x11b/0x180 [ 1417.783896][T30247] ? __alloc_frozen_pages_noprof+0x292/0x2430 [ 1417.783929][T30247] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1417.783961][T30247] ? stack_trace_save+0x8e/0xc0 [ 1417.783997][T30247] ? pcpu_get_vm_areas+0x520/0x56e0 [ 1417.784026][T30247] ? pcpu_alloc_noprof+0x123a/0x1470 [ 1417.784053][T30247] ? kasan_save_stack+0x42/0x60 [ 1417.784081][T30247] ? pcpu_alloc_noprof+0x123a/0x1470 [ 1417.784100][T30247] ? bpf_map_alloc_percpu+0x9a/0x4b0 [ 1417.784128][T30247] ? htab_map_alloc+0x10a9/0x1530 [ 1417.784150][T30247] ? map_create+0x65c/0x2a10 [ 1417.784180][T30247] alloc_pages_bulk_noprof+0x77a/0x1410 [ 1417.784208][T30247] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1417.784243][T30247] ? policy_nodemask+0xea/0x4e0 [ 1417.784280][T30247] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1417.784313][T30247] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1417.784362][T30247] __kasan_populate_vmalloc+0xfb/0x220 [ 1417.784399][T30247] pcpu_get_vm_areas+0x364a/0x56e0 [ 1417.784460][T30247] ? __kmalloc_noprof+0x35d/0x910 [ 1417.784486][T30247] ? __pfx_pcpu_get_vm_areas+0x10/0x10 [ 1417.784514][T30247] ? pcpu_mem_zalloc+0x77/0xb0 [ 1417.784546][T30247] pcpu_create_chunk+0x254/0x730 [ 1417.784574][T30247] pcpu_alloc_noprof+0x123a/0x1470 [ 1417.784616][T30247] bpf_map_alloc_percpu+0x9a/0x4b0 [ 1417.784649][T30247] htab_map_alloc+0x10a9/0x1530 [ 1417.784689][T30247] ? __pfx_htab_map_mem_usage+0x10/0x10 [ 1417.784718][T30247] map_create+0x65c/0x2a10 [ 1417.784760][T30247] ? __pfx_map_create+0x10/0x10 [ 1417.784790][T30247] ? __might_fault+0xe3/0x190 [ 1417.784814][T30247] ? __might_fault+0xe3/0x190 [ 1417.784838][T30247] ? __might_fault+0x13b/0x190 [ 1417.784874][T30247] __sys_bpf+0x3d9d/0x4980 [ 1417.784897][T30247] ? futex_private_hash_put+0x160/0x1b0 [ 1417.784926][T30247] ? __pfx___sys_bpf+0x10/0x10 [ 1417.784948][T30247] ? __pfx_futex_wait+0x10/0x10 [ 1417.784991][T30247] ? lock_acquire+0x179/0x330 [ 1417.785017][T30247] ? do_futex+0x122/0x350 [ 1417.785060][T30247] ? __do_sys_landlock_create_ruleset+0x2b2/0x4e0 [ 1417.785095][T30247] ? __x64_sys_openat+0x174/0x210 [ 1417.785125][T30247] ? xfd_validate_state+0x61/0x180 [ 1417.785156][T30247] __x64_sys_bpf+0x78/0xc0 [ 1417.785182][T30247] ? lockdep_hardirqs_on+0x7c/0x110 [ 1417.785215][T30247] do_syscall_64+0xcd/0xf80 [ 1417.785251][T30247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1417.785275][T30247] RIP: 0033:0x7f35f218f7c9 [ 1417.785295][T30247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1417.785319][T30247] RSP: 002b:00007f35f30bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1417.785343][T30247] RAX: ffffffffffffffda RBX: 00007f35f23e6180 RCX: 00007f35f218f7c9 [ 1417.785359][T30247] RDX: 00000000000006d4 RSI: 00002000000003c0 RDI: 0000000000000000 [ 1417.785374][T30247] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1417.785390][T30247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1417.785405][T30247] R13: 00007f35f23e6218 R14: 00007f35f23e6180 R15: 00007ffdb53aeb58 [ 1417.785446][T30247] [ 1418.708763][T30260] FAULT_INJECTION: forcing a failure. [ 1418.708763][T30260] name failslab, interval 1, probability 0, space 0, times 0 [ 1418.736224][T30260] CPU: 0 UID: 0 PID: 30260 Comm: syz.0.5769 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1418.736270][T30260] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1418.736281][T30260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1418.736296][T30260] Call Trace: [ 1418.736305][T30260] [ 1418.736324][T30260] dump_stack_lvl+0x16c/0x1f0 [ 1418.736367][T30260] should_fail_ex+0x512/0x640 [ 1418.736395][T30260] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 1418.736431][T30260] should_failslab+0xc2/0x120 [ 1418.736469][T30260] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 1418.736499][T30260] ? inode_set_ctime_to_ts+0x137/0x3b0 [ 1418.736535][T30260] ? __d_alloc+0x35/0xa80 [ 1418.736560][T30260] ? __d_alloc+0x35/0xa80 [ 1418.736578][T30260] __d_alloc+0x35/0xa80 [ 1418.736605][T30260] d_alloc_pseudo+0x1c/0xc0 [ 1418.736632][T30260] alloc_file_pseudo+0xcf/0x230 [ 1418.736662][T30260] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1418.736685][T30260] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1418.736727][T30260] create_pipe_files+0x36d/0x9a0 [ 1418.736771][T30260] do_pipe2+0xaf/0x1c0 [ 1418.736806][T30260] ? __pfx_do_pipe2+0x10/0x10 [ 1418.736843][T30260] ? xfd_validate_state+0x61/0x180 [ 1418.736865][T30260] ? __pfx_ksys_write+0x10/0x10 [ 1418.736905][T30260] __x64_sys_pipe+0x33/0x50 [ 1418.736938][T30260] do_syscall_64+0xcd/0xf80 [ 1418.736974][T30260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1418.736999][T30260] RIP: 0033:0x7f6e41b8f7c9 [ 1418.737020][T30260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1418.737042][T30260] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 1418.737068][T30260] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1418.737085][T30260] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1418.737099][T30260] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1418.737115][T30260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1418.737130][T30260] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1418.737166][T30260] [ 1419.105068][ T7226] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1419.105103][ T7226] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 1419.130659][ T7226] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1419.614655][T30270] FAULT_INJECTION: forcing a failure. [ 1419.614655][T30270] name failslab, interval 1, probability 0, space 0, times 0 [ 1419.682514][T30270] CPU: 1 UID: 0 PID: 30270 Comm: syz.0.5772 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1419.682561][T30270] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1419.682572][T30270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1419.682588][T30270] Call Trace: [ 1419.682598][T30270] [ 1419.682610][T30270] dump_stack_lvl+0x16c/0x1f0 [ 1419.682653][T30270] should_fail_ex+0x512/0x640 [ 1419.682680][T30270] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1419.682714][T30270] should_failslab+0xc2/0x120 [ 1419.682752][T30270] __kmalloc_cache_noprof+0x80/0x800 [ 1419.682783][T30270] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1419.682818][T30270] ? snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1419.682844][T30270] snd_pcm_oss_change_params_locked+0x247/0x3ab0 [ 1419.682881][T30270] ? snd_pcm_oss_make_ready+0xc4/0x1b0 [ 1419.682908][T30270] ? __flush_work+0xa48/0xcc0 [ 1419.682939][T30270] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1419.682964][T30270] ? __pfx___mutex_lock+0x10/0x10 [ 1419.683002][T30270] ? __lock_acquire+0x436/0x2890 [ 1419.683051][T30270] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 1419.683079][T30270] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 1419.683106][T30270] ? lockdep_hardirqs_on+0x7c/0x110 [ 1419.683145][T30270] snd_pcm_oss_poll+0x5a5/0xb90 [ 1419.683175][T30270] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1419.683199][T30270] ? __fget_files+0x20e/0x3c0 [ 1419.683251][T30270] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 1419.683276][T30270] do_sys_poll+0x55c/0xdf0 [ 1419.683322][T30270] ? __pfx_do_sys_poll+0x10/0x10 [ 1419.683386][T30270] ? preempt_schedule_common+0x44/0xc0 [ 1419.683494][T30270] ? __pfx_timespec64_add_safe+0x10/0x10 [ 1419.683523][T30270] ? ktime_get_ts64+0x2d2/0x400 [ 1419.683548][T30270] ? read_tsc+0x9/0x20 [ 1419.683574][T30270] ? ktime_get_ts64+0x256/0x400 [ 1419.683605][T30270] __x64_sys_poll+0x1a6/0x450 [ 1419.683634][T30270] ? __pfx___x64_sys_poll+0x10/0x10 [ 1419.683679][T30270] do_syscall_64+0xcd/0xf80 [ 1419.683715][T30270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1419.683739][T30270] RIP: 0033:0x7f6e41b8f7c9 [ 1419.683761][T30270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1419.683785][T30270] RSP: 002b:00007f6e429e0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 1419.683816][T30270] RAX: ffffffffffffffda RBX: 00007f6e41de5fa0 RCX: 00007f6e41b8f7c9 [ 1419.683833][T30270] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 1419.683848][T30270] RBP: 00007f6e41c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1419.683863][T30270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1419.683879][T30270] R13: 00007f6e41de6038 R14: 00007f6e41de5fa0 R15: 00007ffc44192ec8 [ 1419.683913][T30270] [ 1421.311985][T30277] FAULT_INJECTION: forcing a failure. [ 1421.311985][T30277] name failslab, interval 1, probability 0, space 0, times 0 [ 1421.419548][T30277] CPU: 1 UID: 0 PID: 30277 Comm: syz.5.5774 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1421.419598][T30277] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1421.419609][T30277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1421.419625][T30277] Call Trace: [ 1421.419636][T30277] [ 1421.419646][T30277] dump_stack_lvl+0x16c/0x1f0 [ 1421.419688][T30277] should_fail_ex+0x512/0x640 [ 1421.419715][T30277] ? __kmalloc_cache_noprof+0x5f/0x800 [ 1421.419749][T30277] should_failslab+0xc2/0x120 [ 1421.419785][T30277] __kmalloc_cache_noprof+0x80/0x800 [ 1421.419811][T30277] ? ovs_ct_limit_cmd_set+0x30a/0xa90 [ 1421.419842][T30277] ? ovs_ct_limit_cmd_set+0x30a/0xa90 [ 1421.419866][T30277] ovs_ct_limit_cmd_set+0x30a/0xa90 [ 1421.419904][T30277] ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10 [ 1421.419933][T30277] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1421.419971][T30277] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1421.420011][T30277] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1421.420055][T30277] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1421.420093][T30277] ? genl_get_cmd+0x194/0x580 [ 1421.420137][T30277] ? bpf_lsm_capable+0x9/0x10 [ 1421.420169][T30277] ? security_capable+0x7e/0x260 [ 1421.420206][T30277] ? ns_capable+0xd7/0x110 [ 1421.420238][T30277] genl_rcv_msg+0x55c/0x800 [ 1421.420272][T30277] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1421.420298][T30277] ? __pfx_ovs_ct_limit_cmd_set+0x10/0x10 [ 1421.420338][T30277] netlink_rcv_skb+0x158/0x420 [ 1421.420373][T30277] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1421.420398][T30277] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1421.420446][T30277] ? netlink_deliver_tap+0x1ae/0xd30 [ 1421.420482][T30277] genl_rcv+0x28/0x40 [ 1421.420513][T30277] netlink_unicast+0x5aa/0x870 [ 1421.420550][T30277] ? __pfx_netlink_unicast+0x10/0x10 [ 1421.420579][T30277] ? __asan_memset+0x23/0x50 [ 1421.420607][T30277] ? __build_skb_around+0x278/0x390 [ 1421.420633][T30277] ? is_vmalloc_addr+0x86/0xa0 [ 1421.420664][T30277] netlink_sendmsg+0x8c8/0xdd0 [ 1421.420702][T30277] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1421.420739][T30277] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 1421.420782][T30277] ____sys_sendmsg+0xa5d/0xc30 [ 1421.420818][T30277] ? copy_msghdr_from_user+0x10a/0x160 [ 1421.420847][T30277] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1421.420890][T30277] ? __pfx_futex_wake_mark+0x10/0x10 [ 1421.420927][T30277] ___sys_sendmsg+0x134/0x1d0 [ 1421.420959][T30277] ? __pfx____sys_sendmsg+0x10/0x10 [ 1421.420989][T30277] ? futex_private_hash_put+0x160/0x1b0 [ 1421.421061][T30277] __sys_sendmsg+0x16d/0x220 [ 1421.421093][T30277] ? __pfx___sys_sendmsg+0x10/0x10 [ 1421.421120][T30277] ? __x64_sys_futex+0x1e0/0x4c0 [ 1421.421169][T30277] do_syscall_64+0xcd/0xf80 [ 1421.421206][T30277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1421.421230][T30277] RIP: 0033:0x7faaec38f7c9 [ 1421.421250][T30277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1421.421274][T30277] RSP: 002b:00007faaed274038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1421.421297][T30277] RAX: ffffffffffffffda RBX: 00007faaec5e5fa0 RCX: 00007faaec38f7c9 [ 1421.421314][T30277] RDX: 0000000000000004 RSI: 0000200000000100 RDI: 0000000000000008 [ 1421.421330][T30277] RBP: 00007faaec413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1421.421346][T30277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1421.421362][T30277] R13: 00007faaec5e6038 R14: 00007faaec5e5fa0 R15: 00007ffcef8975e8 [ 1421.421399][T30277] [ 1421.924472][T30287] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5776'. [ 1423.841667][T30298] FAULT_INJECTION: forcing a failure. [ 1423.841667][T30298] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1423.887238][T30326] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1423.997921][ T7226] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1423.997955][ T7226] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 1424.013705][ T7226] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1424.073884][T30298] CPU: 1 UID: 0 PID: 30298 Comm: syz.5.5778 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1424.073933][T30298] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1424.073944][T30298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1424.073960][T30298] Call Trace: [ 1424.073970][T30298] [ 1424.073983][T30298] dump_stack_lvl+0x16c/0x1f0 [ 1424.074026][T30298] should_fail_ex+0x512/0x640 [ 1424.074059][T30298] _copy_from_user+0x2e/0xd0 [ 1424.074088][T30298] copy_msghdr_from_user+0x98/0x160 [ 1424.074121][T30298] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1424.074158][T30298] ? find_held_lock+0x2b/0x80 [ 1424.074197][T30298] ___sys_sendmsg+0xfe/0x1d0 [ 1424.074229][T30298] ? __pfx____sys_sendmsg+0x10/0x10 [ 1424.074292][T30298] ? __pfx___might_resched+0x10/0x10 [ 1424.074331][T30298] __sys_sendmmsg+0x200/0x420 [ 1424.074365][T30298] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1424.074406][T30298] ? __pfx_do_futex+0x10/0x10 [ 1424.074431][T30298] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1424.074492][T30298] ? fput+0x70/0xf0 [ 1424.074517][T30298] ? __pfx___x64_sys_futex+0x10/0x10 [ 1424.074547][T30298] ? __pfx_do_writev+0x10/0x10 [ 1424.074587][T30298] __x64_sys_sendmmsg+0x9c/0x100 [ 1424.074618][T30298] ? lockdep_hardirqs_on+0x7c/0x110 [ 1424.074653][T30298] do_syscall_64+0xcd/0xf80 [ 1424.074690][T30298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1424.074715][T30298] RIP: 0033:0x7faaec38f7c9 [ 1424.074736][T30298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1424.074761][T30298] RSP: 002b:00007faaed253038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1424.074786][T30298] RAX: ffffffffffffffda RBX: 00007faaec5e6090 RCX: 00007faaec38f7c9 [ 1424.074803][T30298] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1424.074819][T30298] RBP: 00007faaec413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1424.074835][T30298] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1424.074852][T30298] R13: 00007faaec5e6128 R14: 00007faaec5e6090 R15: 00007ffcef8975e8 [ 1424.074889][T30298] [ 1424.802430][T30335] random: crng reseeded on system resumption [ 1426.289049][T30352] FAULT_INJECTION: forcing a failure. [ 1426.289049][T30352] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1426.370118][T30352] CPU: 0 UID: 0 PID: 30352 Comm: syz.6.5792 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1426.370160][T30352] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1426.370169][T30352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1426.370183][T30352] Call Trace: [ 1426.370191][T30352] [ 1426.370201][T30352] dump_stack_lvl+0x16c/0x1f0 [ 1426.370240][T30352] should_fail_ex+0x512/0x640 [ 1426.370277][T30352] _copy_from_user+0x2e/0xd0 [ 1426.370304][T30352] kstrtouint_from_user+0xd6/0x1d0 [ 1426.370334][T30352] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 1426.370362][T30352] ? __lock_acquire+0x436/0x2890 [ 1426.370391][T30352] ? lock_acquire+0x179/0x330 [ 1426.370420][T30352] proc_fail_nth_write+0x83/0x220 [ 1426.370444][T30352] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1426.370476][T30352] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1426.370497][T30352] vfs_write+0x2a0/0x11d0 [ 1426.370528][T30352] ? __pfx___mutex_lock+0x10/0x10 [ 1426.370563][T30352] ? __pfx_vfs_write+0x10/0x10 [ 1426.370602][T30352] ? __fget_files+0x20e/0x3c0 [ 1426.370642][T30352] ksys_write+0x12a/0x250 [ 1426.370671][T30352] ? __pfx_ksys_write+0x10/0x10 [ 1426.370711][T30352] do_syscall_64+0xcd/0xf80 [ 1426.370744][T30352] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1426.370768][T30352] RIP: 0033:0x7ff78198f7c9 [ 1426.370788][T30352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1426.370809][T30352] RSP: 002b:00007ff782851038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1426.370833][T30352] RAX: ffffffffffffffda RBX: 00007ff781be5fa0 RCX: 00007ff78198f7c9 [ 1426.370849][T30352] RDX: 0000200000000009 RSI: 0000200000000040 RDI: 000000000000002c [ 1426.370864][T30352] RBP: 00007ff781a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 1426.370878][T30352] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1426.370892][T30352] R13: 00007ff781be6038 R14: 00007ff781be5fa0 R15: 00007ffc67a92318 [ 1426.370927][T30352] [ 1427.016746][T30362] hub 1-0:1.0: USB hub found [ 1427.027082][T30362] hub 1-0:1.0: 1 port detected [ 1427.547988][T30372] FAULT_INJECTION: forcing a failure. [ 1427.547988][T30372] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1427.638981][T30372] CPU: 1 UID: 0 PID: 30372 Comm: syz.1.5796 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1427.639023][T30372] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1427.639034][T30372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1427.639049][T30372] Call Trace: [ 1427.639058][T30372] [ 1427.639069][T30372] dump_stack_lvl+0x16c/0x1f0 [ 1427.639110][T30372] should_fail_ex+0x512/0x640 [ 1427.639150][T30372] _copy_from_user+0x2e/0xd0 [ 1427.639179][T30372] copy_msghdr_from_user+0x98/0x160 [ 1427.639213][T30372] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1427.639248][T30372] ? find_held_lock+0x2b/0x80 [ 1427.639290][T30372] ___sys_sendmsg+0xfe/0x1d0 [ 1427.639322][T30372] ? __pfx____sys_sendmsg+0x10/0x10 [ 1427.639383][T30372] ? __pfx___might_resched+0x10/0x10 [ 1427.639421][T30372] __sys_sendmmsg+0x200/0x420 [ 1427.639455][T30372] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1427.639494][T30372] ? __pfx_do_futex+0x10/0x10 [ 1427.639519][T30372] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1427.639568][T30372] ? fput+0x70/0xf0 [ 1427.639593][T30372] ? xfd_validate_state+0x61/0x180 [ 1427.639614][T30372] ? __pfx_do_writev+0x10/0x10 [ 1427.639650][T30372] __x64_sys_sendmmsg+0x9c/0x100 [ 1427.639679][T30372] ? lockdep_hardirqs_on+0x7c/0x110 [ 1427.639711][T30372] do_syscall_64+0xcd/0xf80 [ 1427.639746][T30372] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1427.639771][T30372] RIP: 0033:0x7f35f218f7c9 [ 1427.639792][T30372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1427.639816][T30372] RSP: 002b:00007f35f30ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1427.639840][T30372] RAX: ffffffffffffffda RBX: 00007f35f23e5fa0 RCX: 00007f35f218f7c9 [ 1427.639856][T30372] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1427.639870][T30372] RBP: 00007f35f2213f91 R08: 0000000000000000 R09: 0000000000000000 [ 1427.639885][T30372] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 1427.639900][T30372] R13: 00007f35f23e6038 R14: 00007f35f23e5fa0 R15: 00007ffdb53aeb58 [ 1427.639934][T30372] [ 1428.367096][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 1428.375620][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 1428.577571][T30392] FAULT_INJECTION: forcing a failure. [ 1428.577571][T30392] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1428.641920][T30392] CPU: 0 UID: 0 PID: 30392 Comm: syz.5.5801 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1428.641962][T30392] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1428.641971][T30392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1428.641985][T30392] Call Trace: [ 1428.641994][T30392] [ 1428.642005][T30392] dump_stack_lvl+0x16c/0x1f0 [ 1428.642050][T30392] should_fail_ex+0x512/0x640 [ 1428.642081][T30392] _copy_to_iter+0x463/0x1710 [ 1428.642114][T30392] ? __pfx__copy_to_iter+0x10/0x10 [ 1428.642139][T30392] ? __bpf_trace_sync_timeline+0x20/0xd0 [ 1428.642166][T30392] ? __pfx_sync_info_debugfs_show+0x10/0x10 [ 1428.642192][T30392] ? seq_read_iter+0x830/0x12d0 [ 1428.642231][T30392] seq_read_iter+0xd02/0x12d0 [ 1428.642275][T30392] seq_read+0x3a3/0x570 [ 1428.642304][T30392] ? __pfx_seq_read+0x10/0x10 [ 1428.642332][T30392] ? lock_acquire+0x179/0x330 [ 1428.642370][T30392] ? rw_verify_area+0xcf/0x6c0 [ 1428.642397][T30392] ? __pfx_seq_read+0x10/0x10 [ 1428.642427][T30392] vfs_read+0x1e4/0xcf0 [ 1428.642458][T30392] ? __pfx___mutex_lock+0x10/0x10 [ 1428.642494][T30392] ? __pfx_vfs_read+0x10/0x10 [ 1428.642530][T30392] ? __fget_files+0x20e/0x3c0 [ 1428.642570][T30392] ksys_read+0x12a/0x250 [ 1428.642598][T30392] ? __pfx_ksys_read+0x10/0x10 [ 1428.642638][T30392] do_syscall_64+0xcd/0xf80 [ 1428.642673][T30392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1428.642697][T30392] RIP: 0033:0x7faaec38f7c9 [ 1428.642717][T30392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1428.642739][T30392] RSP: 002b:00007faaed274038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1428.642761][T30392] RAX: ffffffffffffffda RBX: 00007faaec5e5fa0 RCX: 00007faaec38f7c9 [ 1428.642778][T30392] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000005 [ 1428.642793][T30392] RBP: 00007faaed274090 R08: 0000000000000000 R09: 0000000000000000 [ 1428.642807][T30392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1428.642822][T30392] R13: 00007faaec5e6038 R14: 00007faaec5e5fa0 R15: 00007ffcef8975e8 [ 1428.642857][T30392] [ 1431.552134][ T31] INFO: task syz.3.5350:28396 blocked for more than 143 seconds. [ 1431.597315][ T31] Tainted: G U L syzkaller #0 [ 1431.621545][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1431.665893][ T31] task:syz.3.5350 state:D stack:26680 pid:28396 tgid:28382 ppid:25760 task_flags:0x400740 flags:0x00080002 [ 1431.681030][ T31] Call Trace: [ 1431.684347][ T31] [ 1431.687285][ T31] ? __schedule+0x10b9/0x6150 [ 1431.692640][ T31] __schedule+0x1139/0x6150 [ 1431.697334][ T31] ? __pfx___schedule+0x10/0x10 [ 1431.710248][ T31] ? find_held_lock+0x2b/0x80 [ 1431.715906][ T31] ? schedule+0x2d7/0x3a0 [ 1431.721566][ T31] schedule+0xe7/0x3a0 [ 1431.725808][ T31] schedule_timeout+0x257/0x290 [ 1431.731138][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1431.736760][ T31] ? rcu_is_watching+0x12/0xc0 [ 1431.774003][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1431.794059][ T31] __wait_for_common+0x2fc/0x4e0 [ 1431.811196][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1431.830556][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 1431.836318][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 1431.841915][ T31] wait_for_completion_state+0x1c/0x40 [ 1431.847550][ T31] vfs_coredump+0x848/0x55e0 [ 1431.852392][ T31] ? __pfx_vfs_coredump+0x10/0x10 [ 1431.857560][ T31] ? __lock_acquire+0x436/0x2890 [ 1431.862827][ T31] ? __lock_acquire+0x436/0x2890 [ 1431.867934][ T31] ? lock_acquire+0x179/0x330 [ 1431.873328][ T31] ? lock_acquire+0x179/0x330 [ 1431.878300][ T31] ? find_held_lock+0x2b/0x80 [ 1431.884845][ T31] ? is_bpf_text_address+0x8a/0x1a0 [ 1431.890216][ T31] ? bpf_ksym_find+0x124/0x1c0 [ 1431.906826][ T31] ? arch_stack_walk+0xa6/0x100 [ 1431.923682][ T31] ? stack_trace_save+0x8e/0xc0 [ 1431.930929][ T31] ? __pfx_stack_trace_save+0x10/0x10 [ 1431.936663][ T31] ? stack_depot_save_flags+0x29/0x9b0 [ 1431.970699][ T31] ? __lock_acquire+0x436/0x2890 [ 1431.975899][ T31] ? kasan_save_stack+0x42/0x60 [ 1431.982406][ T31] ? proc_coredump_connector+0x2d1/0x4f0 [ 1431.988386][ T31] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1431.995294][ T31] ? rcu_is_watching+0x12/0xc0 [ 1432.000424][ T31] get_signal+0x22e1/0x26d0 [ 1432.005709][ T31] ? __pfx_get_signal+0x10/0x10 [ 1432.011182][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1432.017179][ T31] ? force_sig_info_to_task+0x39f/0x660 [ 1432.023799][ T31] arch_do_signal_or_restart+0x8f/0x7a0 [ 1432.089692][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1432.142674][ T31] ? __pfx_force_exit_sig+0x10/0x10 [ 1432.200487][ T31] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 1432.253347][ T31] exit_to_user_mode_loop+0x8c/0x540 [ 1432.294352][ T31] do_syscall_64+0x4ee/0xf80 [ 1432.323461][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1432.355764][ T31] RIP: 0033:0x7fc16d38f7c9 [ 1432.384276][ T31] RSP: 002b:00007fc16e19c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1432.436136][ T31] RAX: ffffffffffffffda RBX: 00007fc16d5e6180 RCX: 00007fc16d38f7c9 [ 1432.456511][T30439] FAULT_INJECTION: forcing a failure. [ 1432.456511][T30439] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1432.490949][ T31] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1432.510917][T30439] CPU: 1 UID: 0 PID: 30439 Comm: syz.0.5810 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1432.510954][T30439] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1432.510963][T30439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1432.510976][T30439] Call Trace: [ 1432.510984][T30439] [ 1432.510993][T30439] dump_stack_lvl+0x16c/0x1f0 [ 1432.511031][T30439] should_fail_ex+0x512/0x640 [ 1432.511060][T30439] core_sys_select+0x4c5/0xc20 [ 1432.511093][T30439] ? __pfx_core_sys_select+0x10/0x10 [ 1432.511125][T30439] ? proc_fail_nth_write+0x9f/0x220 [ 1432.511180][T30439] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1432.511218][T30439] kern_select+0x15d/0x1e0 [ 1432.511245][T30439] ? __pfx_kern_select+0x10/0x10 [ 1432.511277][T30439] ? __pfx_ksys_write+0x10/0x10 [ 1432.511310][T30439] __x64_sys_select+0xbd/0x160 [ 1432.511336][T30439] ? do_syscall_64+0x91/0xf80 [ 1432.511367][T30439] ? lockdep_hardirqs_on+0x7c/0x110 [ 1432.511404][T30439] do_syscall_64+0xcd/0xf80 [ 1432.511438][T30439] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1432.511462][T30439] RIP: 0033:0x7f6e41b8f7c9 [ 1432.511482][T30439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1432.511505][T30439] RSP: 002b:00007f6e4299e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 1432.511527][T30439] RAX: ffffffffffffffda RBX: 00007f6e41de6180 RCX: 00007f6e41b8f7c9 [ 1432.511553][T30439] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 1432.511568][T30439] RBP: 00007f6e4299e090 R08: 0000000000000000 R09: 0000000000000000 [ 1432.511583][T30439] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001 [ 1432.511598][T30439] R13: 00007f6e41de6218 R14: 00007f6e41de6180 R15: 00007ffc44192ec8 [ 1432.511634][T30439] [ 1432.519614][ T31] RBP: 00007fc16d413f91 R08: 0000000000000000 R09: 0000000000000000 [ 1432.732123][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1432.743302][ T31] R13: 00007fc16d5e6218 R14: 00007fc16d5e6180 R15: 00007ffc15f96908 [ 1432.752496][ T31] [ 1432.755610][ T31] [ 1432.755610][ T31] Showing all locks held in the system: [ 1432.764337][ T31] 1 lock held by khungtaskd/31: [ 1432.769311][ T31] #0: ffffffff8e3c94a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 1432.780433][ T31] 2 locks held by kworker/u10:5/7242: [ 1432.785938][ T31] #0: ffff8881442de148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 [ 1432.818078][ T31] #1: ffff88803381c008 (&____s->seqcount#19){.-.-}-{0:0}, at: trace_ignore_this_task+0xbc/0x100 [ 1432.861109][ T31] 2 locks held by kworker/u10:10/22433: [ 1432.867064][ T31] #0: ffff8881442de148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 [ 1432.891067][ T31] #1: ffffc9000e7cfc90 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 [ 1432.910959][ T31] 1 lock held by syz.4.4264/23488: [ 1432.916126][ T31] 2 locks held by getty/25734: [ 1432.920905][ T31] #0: ffff8880304ca0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1432.970986][ T31] #1: ffffc9000be1b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x1510 [ 1432.991050][ T31] 3 locks held by kworker/0:1/26648: [ 1432.996392][ T31] #0: ffff88813ff55948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 [ 1433.021030][ T31] #1: ffffc90003b77c90 ((fqdir_free_work).work){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 [ 1433.043746][ T31] #2: ffffffff8e3d4ac0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6e0 [ 1433.071356][ T31] 1 lock held by syz.5.5808/30427: [ 1433.076521][ T31] #0: ffff8880284f8f80 (&mm->mmap_lock){++++}-{4:4}, at: do_mprotect_pkey+0x232/0xd40 [ 1433.101236][ T31] 1 lock held by syz.5.5808/30428: [ 1433.106447][ T31] [ 1433.108791][ T31] ============================================= [ 1433.108791][ T31] [ 1433.161102][ T31] NMI backtrace for cpu 0 [ 1433.161127][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 1433.161162][ T31] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1433.161171][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1433.161184][ T31] Call Trace: [ 1433.161192][ T31] [ 1433.161202][ T31] dump_stack_lvl+0x116/0x1f0 [ 1433.161240][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 1433.161267][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1433.161292][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1433.161322][ T31] sys_info+0x133/0x180 [ 1433.161343][ T31] watchdog+0xe66/0x1180 [ 1433.161382][ T31] ? rcu_is_watching+0x12/0xc0 [ 1433.161411][ T31] ? __pfx_watchdog+0x10/0x10 [ 1433.161439][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1433.161472][ T31] ? __kthread_parkme+0x19e/0x250 [ 1433.161505][ T31] ? __pfx_watchdog+0x10/0x10 [ 1433.161534][ T31] kthread+0x3c5/0x780 [ 1433.161557][ T31] ? __pfx_kthread+0x10/0x10 [ 1433.161581][ T31] ? rcu_is_watching+0x12/0xc0 [ 1433.161609][ T31] ? __pfx_kthread+0x10/0x10 [ 1433.161632][ T31] ret_from_fork+0x983/0xb10 [ 1433.161656][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1433.161682][ T31] ? __switch_to+0x7af/0x10d0 [ 1433.161709][ T31] ? __pfx_kthread+0x10/0x10 [ 1433.161733][ T31] ret_from_fork_asm+0x1a/0x30 [ 1433.161781][ T31] [ 1433.161789][ T31] Sending NMI from CPU 0 to CPUs 1: [ 1433.308549][ C1] NMI backtrace for cpu 1 [ 1433.308577][ C1] CPU: 1 UID: 0 PID: 23488 Comm: syz.4.4264 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1433.308613][ C1] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1433.308621][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1433.308636][ C1] RIP: 0010:sha256_transform_rorx+0xe48/0x1110 [ 1433.308669][ C1] Code: 44 21 de 41 21 c4 45 01 ef 44 01 cb 44 09 e6 45 01 f1 44 01 fb 45 01 f9 41 89 cf c4 63 7b f0 eb 19 c4 63 7b f0 f3 0b 45 31 c7 <45> 31 f5 c4 63 7b f0 f3 06 41 21 df 41 01 f1 45 31 f5 c4 43 7b f0 [ 1433.308692][ C1] RSP: 0018:ffffc90004b77120 EFLAGS: 00000202 [ 1433.308710][ C1] RAX: 00000000db65067f RBX: 000000005e991b50 RCX: 000000003b20abca [ 1433.308726][ C1] RDX: 00000000126ca787 RSI: 00000000da41077b RDI: 00000000000001c0 [ 1433.308741][ C1] RBP: ffffc90004b77338 R08: 000000006f8a6ddf R09: 00000000dfc0bcc8 [ 1433.308757][ C1] R10: 00000000ee41874a R11: 0000000090497f33 R12: 00000000ca41064a [ 1433.308771][ C1] R13: 000000004c8da82f R14: 000000006a0bd323 R15: 0000000054aac615 [ 1433.308787][ C1] FS: 00007f89da8666c0(0000) GS:ffff8881249fc000(0000) knlGS:0000000000000000 [ 1433.308809][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1433.308825][ C1] CR2: 0000000000000000 CR3: 000000003181c000 CR4: 00000000003526f0 [ 1433.308839][ C1] Call Trace: [ 1433.308847][ C1] [ 1433.308882][ C1] sha256_blocks_avx2+0x49/0x80 [ 1433.308909][ C1] __sha256_update+0x123/0x140 [ 1433.308934][ C1] crypto_sha256_update+0x23/0x30 [ 1433.308969][ C1] crypto_shash_finup+0x360/0x6d0 [ 1433.308999][ C1] ? ima_calc_file_hash_tfm+0x270/0x350 [ 1433.309025][ C1] ima_calc_file_hash_tfm+0x297/0x350 [ 1433.309048][ C1] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 1433.309089][ C1] ? stack_trace_save+0x10/0xc0 [ 1433.309121][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1433.309155][ C1] ? ima_alloc_tfm+0x21a/0x2e0 [ 1433.309175][ C1] ? generic_fillattr+0x6bf/0x940 [ 1433.309198][ C1] ima_calc_file_hash+0x1ba/0x490 [ 1433.309222][ C1] ima_collect_measurement+0x8a6/0xa50 [ 1433.309246][ C1] ? ksys_mmap_pgoff+0x1c8/0x5c0 [ 1433.309281][ C1] ? __pfx_ima_collect_measurement+0x10/0x10 [ 1433.309306][ C1] ? lock_acquire+0x179/0x330 [ 1433.309335][ C1] ? process_measurement+0x7f8/0x22d0 [ 1433.309369][ C1] ? is_bad_inode+0xd/0x40 [ 1433.309395][ C1] ? xattr_resolve_name+0x27b/0x3f0 [ 1433.309428][ C1] ? vfs_getxattr_alloc+0xec/0x350 [ 1433.309461][ C1] ? ima_get_hash_algo+0x27c/0x400 [ 1433.309493][ C1] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 1433.309529][ C1] ? process_measurement+0x11b9/0x22d0 [ 1433.309567][ C1] process_measurement+0x11b9/0x22d0 [ 1433.309606][ C1] ? __pfx_process_measurement+0x10/0x10 [ 1433.309638][ C1] ? kasan_save_stack+0x42/0x60 [ 1433.309666][ C1] ? kasan_save_track+0x14/0x30 [ 1433.309694][ C1] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 1433.309724][ C1] ? find_held_lock+0x2b/0x80 [ 1433.309752][ C1] ? aa_file_perm+0x29e/0x1560 [ 1433.309799][ C1] ima_file_mmap+0x1b6/0x1e0 [ 1433.309833][ C1] ? __pfx_ima_file_mmap+0x10/0x10 [ 1433.309870][ C1] security_mmap_file+0x88c/0x990 [ 1433.309898][ C1] vm_mmap_pgoff+0xec/0x470 [ 1433.309930][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1433.309959][ C1] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1433.309984][ C1] ? hugetlbfs_get_inode+0x31f/0x700 [ 1433.310019][ C1] ksys_mmap_pgoff+0x1c8/0x5c0 [ 1433.310054][ C1] __x64_sys_mmap+0x125/0x190 [ 1433.310079][ C1] do_syscall_64+0xcd/0xf80 [ 1433.310113][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1433.310136][ C1] RIP: 0033:0x7f89d998f7c9 [ 1433.310153][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1433.310174][ C1] RSP: 002b:00007f89da866038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1433.310195][ C1] RAX: ffffffffffffffda RBX: 00007f89d9be6090 RCX: 00007f89d998f7c9 [ 1433.310210][ C1] RDX: 00004000000000df RSI: 1000000000000005 RDI: 0000000000000000 [ 1433.310226][ C1] RBP: 00007f89d9a13f91 R08: 0000000000000401 R09: 0000300000004000 [ 1433.310241][ C1] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1433.310255][ C1] R13: 00007f89d9be6128 R14: 00007f89d9be6090 R15: 00007ffe69f53e28 [ 1433.310279][ C1] [ 1433.776608][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1433.783523][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 1433.794256][ T31] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1433.799463][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1433.809539][ T31] Call Trace: [ 1433.812831][ T31] [ 1433.815775][ T31] dump_stack_lvl+0x3d/0x1f0 [ 1433.820456][ T31] vpanic+0x640/0x6f0 [ 1433.824467][ T31] panic+0xca/0xd0 [ 1433.828219][ T31] ? __pfx_panic+0x10/0x10 [ 1433.832651][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1433.838652][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 1433.844831][ T31] ? nmi_trigger_cpumask_backtrace+0x2be/0x300 [ 1433.851011][ T31] ? watchdog+0xe83/0x1180 [ 1433.855452][ T31] ? watchdog+0xe76/0x1180 [ 1433.859892][ T31] watchdog+0xe94/0x1180 [ 1433.864204][ T31] ? rcu_is_watching+0x12/0xc0 [ 1433.869000][ T31] ? __pfx_watchdog+0x10/0x10 [ 1433.873797][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1433.879033][ T31] ? __kthread_parkme+0x19e/0x250 [ 1433.884102][ T31] ? __pfx_watchdog+0x10/0x10 [ 1433.888981][ T31] kthread+0x3c5/0x780 [ 1433.893078][ T31] ? __pfx_kthread+0x10/0x10 [ 1433.897695][ T31] ? rcu_is_watching+0x12/0xc0 [ 1433.902487][ T31] ? __pfx_kthread+0x10/0x10 [ 1433.907097][ T31] ret_from_fork+0x983/0xb10 [ 1433.911713][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1433.916882][ T31] ? __switch_to+0x7af/0x10d0 [ 1433.921674][ T31] ? __pfx_kthread+0x10/0x10 [ 1433.926291][ T31] ret_from_fork_asm+0x1a/0x30 [ 1433.931097][ T31] [ 1433.934516][ T31] Kernel Offset: disabled [ 1433.938828][ T31] Rebooting in 86400 seconds..