last executing test programs: 8.486049343s ago: executing program 0 (id=1005): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/fcloop/ctl/add_remote_port\x00', 0x80801, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/fcloop/ctl/add_remote_port\x00', 0x80801, 0x0) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xdeb) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) socket(0x2, 0x2, 0x0) (async) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) (async) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) (async) pipe$auto(0x0) pipe$auto(0x0) socket(0x10, 0x2, 0xc) socket(0xa, 0x3, 0x3b) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) r3 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r3, 0x0, 0x8fb5) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x123042, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) (async) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x0, 0x0, 0x10) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) (async) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r4 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) statx$auto(r4, 0x0, 0x401006, 0x4015, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x28, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x40, r2, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x1c, 0x3, 0x0, 0x1, [@nested={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0x70, 0x0, 0x0, @ipv6=@empty}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f00000012c0)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)=ANY=[@ANYBLOB='\t\x00', @ANYRES16, @ANYBLOB="00042dbd7000fcdbdf251e0000000c000600ff07000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4040041}, 0x40) 5.495812095s ago: executing program 3 (id=1015): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0xb8642, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80002, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_l2tp(0x0, r1) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, 0x0, 0xc800) write$auto(r0, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r3 = socket(0x2b, 0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103b02, 0x0) sendfile$auto(r4, r4, 0x0, 0x8080000001) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000) r5 = io_uring_setup$auto(0x6, 0x0) socket(0x18, 0x2, 0x0) sendmsg$auto_IPVS_CMD_SET_CONFIG(r5, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={0x0}}, 0x40084) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x340000000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa081, 0x0) write$auto(0x3, 0x0, 0xffd8) ioctl$auto_SNDRV_PCM_IOCTL_PAUSE(r1, 0x40044145, &(0x7f0000000080)=0x1) write$auto(0xffffffffffffffff, &(0x7f0000000400)='\x14\xf4\xb6\xce\x97\xf5\x83\b\x11\x19\xdd\x1c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xae\x06\x00\x92N\x8c\xc9c5\x1e\xf1\xd39\f\xa2n\x9b\xdc\x83\xa5m%\x85\xca\xcc(\x11V\xc4{\x81\xcf}\x7f\xfe\xdf5s\xb4\x11|\xa2\xc0\xf3\xabd\xd4\xb9\xfc/\x9d\x12\x8a\xf0\x80\xc0\xbb\xc5\a\xe7\xd3*`60R%\xd5\x88EP\xaa#>:\x8d\xf4.\r\v\x8f#)\xc8\x8d)\xe4q\x8ejS\xa6\xd9\x0fD\xdd$/\x92\xdb\xaf\xd5\b\x19\x0f9`\xf2\xfb\x1aZ$\xfb\x9f\x1e\x9e[\x14\xb3\x02\xc36\xf9\xe8\xe7M\xa5\x01\xeca\xaa\xc8B\xe4)\r/\xa8\'h\x92\x90v\x95\xc2\xee\vO\x10\xbb\x934t\x9e\xe7j\xe7&\xa0j\x13\x9e\xf2', 0x7e) 5.43685398s ago: executing program 0 (id=1016): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) close_range$auto(0x0, r0, 0xbf9) newfstatat$auto(r0, 0x0, 0x0, 0x1000) mmap$auto(0x0, 0x40009, 0x1ff, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'veth0_virt_wifi\x00'}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0x11, 0x3, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x40010) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x110f, 0x87, 0x0, 0x8) setsockopt$auto(r0, 0x2, 0x200, 0x0, 0x2) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x52d, 0x9}, 0x2}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) socketpair$auto(0x1f, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TCFLSH2(r3, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto(r2, 0x89f0, r2) 5.364193128s ago: executing program 2 (id=1017): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r0, 0x8000) (async) sendfile$auto(r0, 0xffffffffffffffff, &(0x7f0000000040)=0xe, 0x2) (async, rerun: 64) write$auto(0x3, 0x0, 0xfdf3) (async, rerun: 64) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/bpf_stats_enabled\x00', 0x163041, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async, rerun: 32) r2 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) (rerun: 32) write$auto(r2, 0x0, 0xfffffdf1) (async, rerun: 64) linkat$auto(r2, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) (async, rerun: 64) fsetxattr$auto(r2, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) (async) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x880, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='./cgroup.net/blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) (async) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram0\x00', 0x2, 0x0) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x3, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(0xffffffffffffffff, 0x810c5701, &(0x7f0000000200)={0xb6aa, 0x7f, 0x8, 0x0, 0x9, "e19d5f82034e477d056d37136f70c49b7d4ac910cc1a0fc1a16fc5068a12ebbc141d6110fc86897f568910ba51a7707775a7ccdd7e4144dbf514c564a2501f7d", "132f914de02a3f6ac9e6d146729efcb6ad1f96ba378d9cda275cc848b631be9949f2e1c4a07b69481f3eba12245c6c416da7e6b2c821e1438198cf31c53c45527def3db11604c0e9a5f43fb451b89fbc", "50ea3a9198fbebc467ea858a2a21cc3c44ee3d81fed1d42f2021e79bb84a0aa1", 0x401, 0x7, 0x3, "491b0604f8dea406ae0b777e129f5e3fb155ba7df336a8b6e9704828ac623073f35cd6bf8736adb38c68cd7084aa8790055cc68d41838579ca03d4e8"}) (async) ioctl$auto_KVM_CHECK_EXTENSION(r4, 0xae03, 0x42) (async) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0xfff5}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) 4.426347771s ago: executing program 3 (id=1018): mmap$auto(0xfffffffffffffffe, 0x4, 0x2000000, 0x17, 0x401, 0x871) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x1, 0x84) close_range$auto(0x2, 0x8, 0x0) r0 = io_uring_setup$auto(0xa, 0x0) socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x3, 0x6, 0x73) socket(0x2, 0x1, 0x84) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000000)=0x0) bind$auto(0x3, &(0x7f0000000040)=@nfc={0x27, r1, 0xffffffffffffffff}, 0x80) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x6, 0x1, 0x4) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) capset$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x81) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0) getsockopt$auto_SO_DEBUG(r2, 0x404, 0x1, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/mac80211_hwsim/hwsim1/ieee80211/phy1/rfkill3/state\x00', 0x102, 0x0) sendfile$auto(r3, r2, 0x0, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) 4.208504859s ago: executing program 1 (id=1019): mknod$auto(&(0x7f0000000180)=':,\x00', 0xc3, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) mkdir$auto(&(0x7f0000000000)='./file0/file1\x00', 0x2) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mknodat$auto(r0, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) renameat2$auto(r1, &(0x7f0000000200)='./file0\x00', r1, &(0x7f0000000240)='./file1\x00', 0x2) r2 = clone$auto(0x4, 0x0, 0x0, 0x0, 0x8) r3 = set_tid_address$auto(0x0) kcmp$auto(r2, r3, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) prctl$auto(0x7, 0x0, r2, 0xfffffffffffffff2, 0x200) 4.07814759s ago: executing program 0 (id=1020): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0) write$auto(r0, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x1) sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, 0x0, 0x4000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553) timer_getoverrun$auto(0x80000000) connect$auto(r0, &(0x7f0000000040)=@vsock={0x28, 0x0, 0x2710, @host}, 0x50) write$auto(r0, 0x0, 0x2) 4.075799816s ago: executing program 3 (id=1021): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000400)='/dev/sequencer2\x00', 0x200, 0x0) r0 = epoll_create$auto(0x6) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.7/usb8/ltm_capable\x00', 0xae002, 0x0) (async) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd4/integrity/read_verify\x00', 0x20a800, 0x0) socket(0x10, 0x2, 0x4) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x40100, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r1, 0x0, 0xc3) (async) mmap$auto(0x2000000000000005, 0x3fffffff8000000, 0x0, 0x19, 0xffffffffffffffff, 0x7ffd) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) read$auto_check_wx_fops_(r0, &(0x7f0000000240)=""/126, 0x7e) (async) sendmsg$auto_NL80211_CMD_SET_CQM(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd7000fddbdf251c31000008000300", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40800) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) (async) r5 = socket(0x1, 0x3, 0x85) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x24048cd3) sendmmsg$auto(r5, &(0x7f00000000c0)={{&(0x7f0000000440)="c0ce0ccb55ab9498dd97aa24671c42fa0a724c5916a8fb1ff74a15bdfa24bb547a6c2d7d113ce086bc5179e22f444d04ad2d8b0f300f8a38242631911cbe7692b0b582db38260ee2c067cac3f6ef95ab2fa304538de7e61c07340ad2dbcfeae259745d318541d8b2b8f5d76b99012852f92090a727d17206c07c52133da8e6c1c23e0bec8f6a", 0x8, &(0x7f00000001c0)={0x0, 0xfff}, 0x17, 0x0, 0x4, 0x4af}, 0x7}, 0x5, 0x7fffffff) 3.916751288s ago: executing program 1 (id=1022): r0 = socket(0x29, 0x5, 0x0) getsockopt$auto_SO_BPF_EXTENSIONS(r0, 0x5, 0x30, 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000100), r0) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="0008273d70fa1bdbdf250a0000000500020000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x400c040) mmap$auto(0xffffffffffffbfc0, 0x0, 0x40, 0x58, r0, 0x800008) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x2a742, 0x0) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x1010, r2, 0xfffffffffffffffc) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x5) ioctl$auto_UI_SET_FFBIT(r4, 0x4004556b, &(0x7f0000000040)=0x10800) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/irq/6/effective_affinity\x00', 0x6a202, 0x0) pread64$auto(r5, 0x0, 0x6, 0x1ff) readv$auto(r2, 0x0, 0x4000000004c) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x20000007}, 0x3ff) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) 3.744034017s ago: executing program 3 (id=1023): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socketcall$auto(0x8000, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0xeb) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r2, 0x1, 0x820, 0x7fff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) memfd_secret$auto(0x3) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x201, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r4, &(0x7f0000000040)=""/4096, 0xfffffe82) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unlinkat$auto(0xffffffffffffffff, 0x0, 0x200) close_range$auto(0x2, 0x8, 0x0) 3.425918913s ago: executing program 0 (id=1024): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000080), 0x2003, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram8\x00', 0x12d602, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/drivers\x00', 0x14b402, 0x0) read$auto(r2, 0x0, 0xffffffff) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0xc050) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, 0x0, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) keyctl$auto_KEYCTL_PKEY_SIGN(0x1b, 0xffffffffffffff55, 0x5, 0x80000000, 0x6) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40000, 0x0) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80180, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x0, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_LANES={0x8, 0x9, 0x3ce}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0xa}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000}, 0x40000) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x40146f2c, 0x0) ioctl$auto(r1, 0x6f2d, r1) 2.845492616s ago: executing program 1 (id=1025): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xfffffffffffffffc) socket(0xa, 0x1, 0x84) r0 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/kvm/halt_poll_invalid\x00', 0x200002, 0x0) read$auto_stat_fops_per_vm_kvm_main(r0, &(0x7f00000000c0)=""/166, 0xa6) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x1e, 0x1, 0x0) listen$auto(r1, 0x9) accept$auto(r1, 0x0, 0x0) close_range$auto(0x0, 0x5, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) poll$auto(0x0, 0x5, 0x108) fallocate$auto(0x8000000000000003, 0x1b, 0x4, 0xcbd5d) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 2.268397159s ago: executing program 2 (id=1026): openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/tracing_cpumask\x00', 0x6b01, 0x0) r0 = prctl$auto_PR_SET_MM_START_BRK(0x28000000, 0x6, 0xffffffffffffffff, 0x6, 0x5) ioctl$auto_SNDRV_PCM_IOCTL_TTSTAMP2(r0, 0x40044103, &(0x7f0000000040)=0x1) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_ADD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x14, 0x0, 0x400, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4) r1 = openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = ioctl$auto_TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000080)=0x80000000) setsockopt$auto_SO_RCVTIMEO_NEW(r2, 0x9, 0x42, &(0x7f00000000c0)='/sys/kernel/security/lsm\x00', 0xce) writev$auto(r1, &(0x7f00000001c0)={&(0x7f0000000340)="11b8c992c582fb629e0e1967dc6a4c16b41a1abaee63e01121bee5c380697e9e0b3321edeb2107267c00058b908c0d1393dbf4f2c4bf256ac11d23cee64d3130dfbcf0c3f6edac2b90f6fc66f3496e2fc64dcd5746e85bfe18b09b3b3cb6bf69e3f9a2c18d519e4de498c8d6348494dbd2d906bb40230064c3fc464b37b1b7c37fe26c934ee4bbdd3c03317e96089d040faab3d62636bc7c05881aba9b092f81f85efdcd8d843a28ab7e1c6028401ef3a396f1b62904b95841e05dedf907208df216cbd9b56186fb05784338991a6f37be31f5bb6acad87777b7616408ed34f62598d89ff02ba123934e7d04f0e7f5f92ea0", 0x1}, 0x6) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/midiC2D0\x00', 0x8000, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r3, 0xc0305710, &(0x7f0000000040)={0x0, 0x318f, 0x4, 0x0, 0xff, "50cfeeca8e00"}) readv$auto(r1, &(0x7f0000000200)={&(0x7f0000000080), 0x9}, 0x5) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 2.181860548s ago: executing program 2 (id=1027): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2000a, 0xdf, 0x12, 0x40000000000a5, 0x8000) socket(0x2, 0x4, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) mmap$auto(0x0, 0x400008, 0xe0, 0x9b72, 0x2, 0x800008000) socketcall$auto_SYS_SOCKET(0x1, &(0x7f00000000c0)=0x6) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/amidi2\x00', 0x33d0c1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9) getsockopt$auto_SO_MEMINFO(0xffffffffffffffff, 0xaa9, 0x37, &(0x7f0000000480)='nl80211\x00\xa8\x13\xb9\xbc\xbdo*\xad\x85\xc8<\xd0\xf1:N\x99\x8b\x97\x99\xb2\x8cw\xe6\xebpH-30\xe2\x02[~\xa8lP\xcd\x85\xeev\xabf\xba\xc8;\xfd\xfb\xf3\xfb\xfb\x0fB\xdf\xee\xe6\x91- \x99\xf8S\t\xa7\x0e\x918=\xfb\x7f\xb0\xdd\vn_\xcb\x99}\xea\xf4\xda\xac\x06w\xb0\xa7^@^PL\xc8\xa7n\x8c\x16{\xe8\xf2\xa6\xf6\xbc`\x9c\x9c1\x9f\xb7=q\xe9\x06\b\xe6\xe68F\a,p\xddhJ\xc1\xbfU\xa1>\x84^\xbb\x1e\x13\"\xee\xa8\x9f\x97\x8c\xb2\x8c\xff\xa1\xed\xa6\b\x00\x00\x00\x00\x00\x00\x00\xe8;\xbaC\x8e\x1c\x1f\x13U\xb3\xf0\n\x06\xf9\x9dzp\xc76\x9e\x9d\xab:\xc4A\xc5?_\x85=\xda2@pk\xc2\xa4\xf7c\x92\xfb\xf5\x004+\xf2\x1b\xa3\x1a\x93\xb8\x83\x99\bB\x96\xbd\x90\xf4\x8478=\x0e\x11\xf6rD\b\x10\r\xc6\x1c\x1c\xa6\x86tF\xf7\'<\xfd\xa9r\x8e\xa84\xa9$]', 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x8585, 0xd, 0x5) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) fsconfig$auto_FSCONFIG_SET_BINARY(r1, 0x2, &(0x7f0000000300)='\v\'\bn\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x1e7\xbb\xedO#\x14mC\x97\x06\xd9bZ\xddL\'\x03\x00\xff\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\xc6\xc0\x8b\xc0CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xed<\x86[c4%\xa3\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6\b\xe5\xaaJ+\x02\x9b#\xa9\x9b\x17\x82\xd7\xee\xd1\xbf2\x03\x00\x00\x00\x00\x00\x00\x00B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\x00\x00\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\xb2\x1d\xb3\xef#\xcb}b\x90\xafR\xf5\x8cg\x95A\x89\x8d\x9a\xfcV\x9bm\xd4\x82\x7f9\x12\x98\x1c\x8e\x1f\xdc\xe5Y\x7f\xe8\xe1g%\xb8\xf9b!\xc8\xa0\xf7\x06\xbb\xdf\x1d\xfb\x00\x979\x8e\xd0AP\xbf\x1fM\x1fd~\xeeS^8v\x80\x1b\xb1I\xb1\xa4\x89\xc7\x9d\xf2P\x04\x99N{\x9a\xfa\xf3\xcb\xc3Bx\xb5\xb8*\xa0-\xda\x84\xc5S\xe2\xc6\x92/\xed\xc2\xceK\xad\x00\x00*)Hh\x8d\x06cQ\xf1\x9d\xad\r}\x15e\x18\x06\xe3\xd2\xe4Q', &(0x7f0000000280), 0x5) socketpair$auto(0x3, 0x0, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r2 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) setsockopt$auto(0xffffffffffffffff, 0x3, 0x0, 0x0, 0x400) sendmmsg$auto(0x3, 0x0, 0x1f, 0x0) setsockopt$auto_SO_RCVBUF(r2, 0x8, 0x8, &(0x7f0000000080)='*){(\x91(!\xf3\x00', 0x5) 1.854856839s ago: executing program 2 (id=1028): r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) io_uring_setup$auto(0x6, 0x0) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x0, 0x401, 0x0, &(0x7f0000000040)=0x249e) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, 0x0, 0x24000004) shutdown$auto(r1, 0xe) r2 = openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) preadv$auto(r2, &(0x7f0000000100)={&(0x7f0000000040), 0x82}, 0x8, 0xe637, 0x6) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) socket(0x1d, 0x2, 0x2) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) r3 = semctl$auto_GETPID(0x1, 0x1, 0xb, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x20, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x4, 0x0) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0x3, 0x0, 0x4) bpf$auto(0x1a, &(0x7f0000000280)=@link_create={@prog_fd=r1, @target_fd=r2, 0x80000001, 0x81, @uprobe_multi={0x3, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4, r3}}, 0x96) 1.843241653s ago: executing program 1 (id=1029): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) socket(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x3e, 0x0, 0x0, 0x0, 0x1000000000000000) prctl$auto(0x404d, 0x800, 0x0, 0x0, 0x0) timer_create$auto_CLOCK_BOOTTIME_ALARM(0x9, 0x0, &(0x7f0000000180)=0xfffffff9) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x140242, 0x0) openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/mac80211_hwsim/hwsim15\x00', 0x600000, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy0/aql_pending\x00', 0x28080, 0x0) readv$auto(r2, &(0x7f0000000100)={&(0x7f0000000280), 0x1}, 0x4) writev$auto(r0, &(0x7f0000000200)={0x0, 0x10}, 0x3) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) 1.428539239s ago: executing program 1 (id=1030): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x1, 0x2, 0x13, 0xc) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x4, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x40, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r1) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000003c0), 0x143202, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x10000, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) fcntl$auto(r2, 0x10001, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) 1.133931813s ago: executing program 0 (id=1031): mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x1, 0x2, 0x13, 0xc) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x4, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x40, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r1) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000003c0), 0x143202, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_pipe\x00', 0x20c01, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) fcntl$auto(r2, 0x10001, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x8, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) 1.075567799s ago: executing program 2 (id=1032): r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x105202, 0x0) ioctl$auto(r0, 0xab07, r0) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000080)='/sys/kernel/debug/sync/sw_sync\x00', 0x0, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/ptp/ptp0/max_vclocks\x00', 0x103841, 0x0) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) (async) connect$auto(0x3, 0x0, 0x58) (async, rerun: 64) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (rerun: 64) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) ioctl$auto_BTRFS_IOC_SCRUB_PROGRESS(r1, 0xc400941d, &(0x7f0000000500)={0x40a, 0x3, 0x3ac, 0x8, {0x1, 0x4, 0xb, 0x3, 0x9, 0x4, 0x9, 0x2, 0xe, 0xa5, 0x1, 0x4, 0x0, 0xf, 0xff}}) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async, rerun: 32) ioctl$auto_BTRFS_IOC_QGROUP_CREATE(r1, 0x4010942a, &(0x7f0000000040)={0x10, 0x3}) (async, rerun: 32) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) (async) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x2000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x9, 0x2, 0x2, 0x1, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9"}, 0x0, @integer=@value=[0x400000000006, 0x12d800000000000, 0x179, 0xfffffffffffff8ad, 0x5, 0x7, 0x4, 0x8, 0x4, 0x7, 0x6, 0x7, 0x100000001, 0x3, 0x9, 0x5, 0x7f, 0x9f, 0x8, 0x9, 0xb1, 0x0, 0x3, 0x8, 0xffffffff, 0x10001, 0xfffffffffffffffd, 0x80000000, 0x8000, 0x9, 0x0, 0x80000000, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x7f, 0x800, 0x7, 0x3, 0x4f3, 0xc, 0x4, 0x7, 0x0, 0xe4, 0x5, 0x6, 0x81, 0x401, 0x400000000004, 0xa, 0xfffffffffffffffd, 0x6, 0x800, 0x0, 0x7, 0x101, 0x82, 0xc9d, 0x3fe, 0xa, 0x706, 0x640c, 0x3, 0x1000, 0x6, 0x201, 0x0, 0xec31, 0x9, 0x1ff, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x400000000080007, 0x7fffffffffffffff, 0x5, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x800000007, 0x8000000000000001, 0x7, 0x401, 0xfffffffffffffff7, 0x9, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x3, 0x1, 0x8000000000000001, 0x5, 0x1ff, 0x1, 0x40, 0x5, 0x7, 0x2, 0x3, 0x10000000008, 0x7, 0x8001, 0xc13, 0x6, 0xbf5, 0x2, 0xff, 0x7, 0xf, 0xe0, 0x3, 0x8, 0x3, 0x80000000, 0x6, 0x2, 0x1, 0xa, 0x5, 0x2, 0x100, 0xffff], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"}) (async, rerun: 64) r3 = io_uring_setup$auto(0x6, 0x0) (async, rerun: 64) close_range$auto(0x2, 0xa, 0x0) (async) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, 0x0, 0x0) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0xc12340, 0x0) write$auto(r4, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) (async, rerun: 32) ioctl$auto_BTRFS_IOC_ENCODED_READ(r3, 0x80809440, &(0x7f0000000240)={&(0x7f0000000180)={&(0x7f0000000080)="36e9a1f0ecc1f2ce80722314362b2c994a607012b5717882843a31365509616beaf8dd3baca0cd04559dc23201ca46ed0f5ae255f18470abf925b545de335aa270275352b3815d4a200e2e020dca800c017dbdc97bdc309204bb0cfecb8a3a2c8d66730c9760b358a3d1f0efb158d942fa5660a8bf7770a237c36851440265253b923a94b3b21fefe4cb9b3c7019640d4dce4458159335435e499201b31b38e7c10aecb32d6edbfd37ee38", 0x400}, 0xd03, 0x1, 0x2, 0x5, 0xfffffffffffffffa, 0x2, 0x80000001, 0x15ddee94, "1cfcc65a463cbcf53f9389b433fec3129ea3d486f7e8dfc0dc968a9927a3ea5bb7b8bf3ea6963aa815164082c370832ef80a3e894785ebe5365cf72c1638bcfc"}) (async, rerun: 32) io_setup$auto(0x200, 0x0) (async) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) (async) write$auto(0xffffffffffffffff, 0x0, 0x0) 776.365225ms ago: executing program 3 (id=1033): mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2002, 0x0) syslog$auto(0x9, &(0x7f0000000000)='#\'\x1c\x00', 0x17) socketpair$auto(0x1e, 0x5, 0x9, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptys5\x00', 0x2000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim0/fib/nexthop_bucket_activity\x00', 0x600000, 0x0) setsockopt$auto_SO_PRIORITY(r1, 0x9, 0xc, &(0x7f0000000040)='}@\x00', 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x26, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) lchown$auto(0x0, 0xee01, 0xee00) readv$auto(0x4, &(0x7f0000000100)={0x0, 0x1000}, 0x8) setsockopt$auto(0x3, 0x10000000084, 0x17, 0x0, 0x3ff) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x2d, 0x2, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), r3) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x28e40, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) socket(0x1d, 0x80008, 0x7fff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) write$auto(r2, 0x0, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000300)="db000000") 615.575666ms ago: executing program 3 (id=1034): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x169780, 0x0) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0xb8642, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80002, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_l2tp(0x0, r2) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, 0x0, 0xc800) write$auto(r1, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r4 = socket(0x2b, 0x1, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x8080000001) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000) io_uring_setup$auto(0x6, 0x0) socket(0x18, 0x2, 0x0) sendmsg$auto_IPVS_CMD_SET_CONFIG(r4, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x40084) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x340000000000) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa081, 0x0) splice$auto(r0, &(0x7f0000000080)=0x6, r6, &(0x7f00000000c0)=0x3, 0x6, 0x5) write$auto(0x3, 0x0, 0xffd8) write$auto(0xffffffffffffffff, &(0x7f0000000400)='\x14\xf4\xb6\xce\x97\xf5\x83\b\x11\x19\xdd\x1c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf7\xae\x06\x00\x92N\x8c\xc9c5\x1e\xf1\xd39\f\xa2n\x9b\xdc\x83\xa5m%\x85\xca\xcc(\x11V\xc4{\x81\xcf}\x7f\xfe\xdf5s\xb4\x11|\xa2\xc0\xf3\xabd\xd4\xb9\xfc/\x9d\x12\x8a\xf0\x80\xc0\xbb\xc5\a\xe7\xd3*`60R%\xd5\x88EP\xaa#>:\x8d\xf4.\r\v\x8f#)\xc8\x8d)\xe4q\x8ejS\xa6\xd9\x0fD\xdd$/\x92\xdb\xaf\xd5\b\x19\x0f9`\xf2\xfb\x1aZ$\xfb\x9f\x1e\x9e[\x14\xb3\x02\xc36\xf9\xe8\xe7M\xa5\x01\xeca\xaa\xc8B\xe4)\r/\xa8\'h\x92\x90v\x95\xc2\xee\vO\x10\xbb\x934t\x9e\xe7j\xe7&\xa0j\x13\x9e\xf2', 0x7e) 518.127714ms ago: executing program 1 (id=1035): r0 = prctl$auto(0x5, 0x80000000, 0x0, 0x78, 0x8) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) umount2$auto(&(0x7f0000000180)='/proc/bus/pci/00/01.3\x00', 0x1) seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0xfffffffc, 0x0) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) syz_clone(0x21000000, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f0000000200), 0xc0400, 0x0) ioctl$auto_BINDER_CTL_ADD(r2, 0xc1086201, &(0x7f0000000240)={"afc2b1ca92f66d6202000000000000000b20551d19ecba0a4aba723aa74284078ca298c23c09ce2f013cf795fb146dbb52f4c2c591720393044153446ead73a6d0d4e1aaee41af1ec4c0bf648f4702619de28dab3e030000000000000076f0e4246fa36f846c02cc2402d0fc7f8b6f84841c7bd4816934fe9754c906cf66454d154b0a198706f27ab92651e1aa6856ee9bb79124f4712e6f117b13c3b8704e9ec9344c4b59ce49bbf943968bd8bb951575d5932d08a387b96e6679d40511096c5aa292672f18a47748befa7cc5b10cc721f41e62982ebb5543972030b39cc4dea1cc387fc6ebbf4e9c917507ad84e3315313192786fde94536de560500", 0x4, 0x1}) shmdt$auto(&(0x7f0000000000)='(\x00') close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) getsockopt$auto_SO_REUSEADDR(r0, 0x8000, 0x2, &(0x7f0000000040)='^\x92[\x00', &(0x7f00000000c0)=0x6) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) pread64$auto(r3, 0x0, 0x9, 0x2) openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/failslab/probability\x00', 0x22042, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xc) write$auto(0x3, 0x0, 0x100082) getrlimit$auto(0x8, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r4, 0x127f, 0x0) r5 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x1892, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0xb, 0xa505}, 0x800}, 0x7, 0x4008) write$auto(r5, &(0x7f0000000240)='^\x92[\x00', 0x7) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0) socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) 79.649835ms ago: executing program 0 (id=1036): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty24\x00', 0x42880, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r0, 0x0, 0x1ff) write$auto(0x3, 0x0, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0x4000000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="0100"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r2], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) sysfs$auto(0x2, 0x2, 0x0) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x200000, 0x0) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x101202, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@info={0xffffffffffffffff, 0x4, 0x1}, 0x171) 0s ago: executing program 2 (id=1037): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/netdevsim3/sriov_numvfs\x00', 0x10b142, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vivid.0/video4linux/radio1/name\x00', 0xa2500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000002c0)=""/106, 0x6a) r2 = waitid$auto_P_PGID(0x2, 0x0, &(0x7f0000000080)={@_si_pad}, 0x3, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) openat$auto_clk_dump_fops_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/clk/clk_dump\x00', 0x200000, 0x0) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), 0xffffffffffffffff) process_vm_writev$auto(0x0, 0x0, 0x200000000017, 0x0, 0x7, 0x0) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) stat$auto(&(0x7f0000000340)='&&\x00', &(0x7f0000000380)={0x2, 0x9, 0x7fffffffffffffff, 0x5, 0xee00, 0xffffffffffffffff, 0x0, 0x6, 0x9, 0x100, 0x1, 0x4, 0x9, 0x7, 0x8, 0xef9b, 0x8}) shmctl$auto_SHM_STAT(0x0, 0xd, &(0x7f0000000580)={{0x2, 0xee01, 0xee00, 0x2, 0x0, 0x7, 0x8000}, 0x80, 0xc96, 0x6, 0xa2f, @inferred=r2, @inferred=r2, 0x7, 0x0, &(0x7f0000000440)="c3f4f21ba41c72c76d49e63365fbfec1108e753787c13b84931b166f77242aa992ad39cabeaf64a0f9d1c6331a0ffdec7f5b3fcc7e2c30de94fcdc14e265af8f55b061d8a590e9b8256f127ecd3dccdce273018518ddcf61b15ccf55fab6d7dfafd96e237325b418daa01204e7157e73b09243a376382569313671230b26a608449cf8ac72a076", &(0x7f0000000500)="76794cb2f249d6b5db1f9a08dfe19f023ec49d66c5a0b68a075a119aabd2ac959a5290f93d0fb86d908c46e40158158c32522be799cfd17b1441eb9e61407281c57206783560ded0c8c9d5f5c506b540d3b82025212e28c67575053e7f0b29539b523d5e97df286262b19cb148343affadf3949404ac1f1fdbc69f5c868867"}) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000002640)={&(0x7f0000000140), 0xc, &(0x7f0000002600)={&(0x7f0000000600)={0x1fc8, r3, 0x300, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_UNSPEC={0x1004, 0x0, "3b93894dfb2a67892a885f15f7669565fb6fbcda81f5caa7e18790963631f07bbfaad93bf352403f16681cd396ee4b69b7c7cf6f9208c2c7559d8959ade8b56c3b46d12400ebad77e299ac090eb39365bbdc7918d31c691ce605e7d5bb125b706412cbb644898f94139d7388e5521e82bbffa43266fdbb6d0cd09de467290f392c9ee229b5ae87e0f5d127e10210fb84ee22d040bd92338733cb264a2ce56bfa3f6e88bac7a21ff0a178db238b56f796ec084bc6d79c83b380944533e2976c47a64525f09719facf41dea8e7c259ee4ee8d399071bd641d182e6ec968ac585e710f4520362fad0f7e7a941889e1454809fae904e62293a661a5e1073f3d75ba15a67768cdab7972101be4f4f5d2984cf8a0cdb179938ab34ee01c462eed2303c86c2b56b288dbea39109625adc5d09a06817aee175d3fc9c1ab0664a7aa3395005ef864dae8fbbe8a8316286a360a225432f528b96a26ddf0d8c5ce695a70c22750e67a2d8992524f0e6fedcdc9b6375369b374de7cd2d5fcd382166ba441a0a2530d5337037cbd995dc614dcd1aac526e7b1d4872289f8ba59bcfbcadfaecdcae28ef3b4ad175e84a0dd40b62c4c7105b9d1db695d054ef2c202c4d64f60f20ae2a4289d05a7a343e197a2ab5d385fab095a73a93e881f7c18ef168c0563920363e7c60f2600acedffa7c11f87500752c48822b5f4d70af7c7be70e73443aef62be0609e3199b73842dc7511c5cb5ece6c3622742bf9fae993836fb1932819363d59167f765083f8457c1d229dd63c9ef7dd3826e0986076bfc0dc29c19bb3597ebb8dab87aff9d35b5f62ab321cc51eda94e0a47a41d819faf09a29fb2afddb8cd7d4db6fe2c98686da1544d2a0c079231e9e898a24007ab807d340ecd1623200fd72b9f280c43c8e90bb85505add1d1f59f673c33fe20771e350f368386e7993fa01d34209f822551a4de704160a7b92841c257b4ee5cee31e2901dbe342c22265361402465688c9fa8119f8379cb1f525ca8878cc78705dcfde254c50db19893be5de91bc976c9e870f378bbda2742077f3af225e83d9a0645a8f6636f40e4b4024ace7f3d1228579f73656bda26f8ae84dea566cd1c07ca61aae889a45b320bb3f9413c8ee08d411ff85508806966fddcac3e38368a2570ed4b98afc473bd4181367d3f016db1ad84abd6f19a5ae328391b04f2e019fb4528e9010ec226b8633628c2dfc61f40eeff66cc248139ea93e4168662331a992dcf8f277d6793ca479d11755646d2100eda5991176e7e3bcef14cff9cc427f42e34855b8e55b3c058424ef6f71ba651daa5d86fd8a8ca17ebcb37c0a2ffac0e82383a857c63d5b520ca195c7dd9de43ec0ebe2b81346ac75a743b2e6e8432a0ae066256b98d9efbf486ccdf53655d636729cbfc00177b2db5dc318589a66e1299a51dee649889503142c90c680e324a6e11a76cbe74cadd016b971a226e6a3254a50469748b88503a3855391f9b0c3582f4167e6e8355f1da4547e2c234506f7ea9df4f8e28b7a8e35dcf0d48071685a182e5c09924f1bb406de183edee7de998bbf7f010e1fc19ea311c349f656547c3974546b6faa9e91b8b78e7618d5f5876ea18984db7e50f7bfbdc7b8fa1b7715b00f96d8a4656119eca0b1afc5eb1ce1ed077734c4d056af3a8a9c6fe39fadcea58e7a727df425d0f638af21479ba565a7d458b1eb5619794398235ec3a671ab0d685659284f5079f0963bb9c84845ec0201c8c41a4547a9f8514633bb24c1bac665b68038b5f939a5cc2ffde73dd7c99765f4f82e8b1bbcdd31151250bcbc0b777155e4e0b51b191f49a7efac4fc642cfe2f66a0ea97f13163acbc7f8afa0adb664487e23fabdbade3c0e101a6a1e8336449dc8b201ce9b0372f62ab39fe39df72219b29b66abe271d50f4f686a11cca49794830d909a5be8a3c60c1ff17d5890b2163ca36d9aa9dc8d68301bb6d2fa96d7fceea122cb49d15ccb576421ba0776f3f2019b61de2ec283914b21ac6285ea698a831fe049893d4474a1b69105f52caa6680da7302da30eac9ca718354005d45af56a4d98a593382569b933b9a955c049690c589ff57cabbfe56907d495e940fd03cc264e3da4b07fb9016e9593391ab233fac0df226beb84b02862a67a5031c2eabdb74cb7d6e853b91b84c4b72172e538f84c009c860493b351d2194df9f1fd91c223c1727cab501757d907e972eb2ab09a0bb2f1666c921a41b22ba8103ebcfe15813ba06179c313475e0a0812ff614af3064dd1c5e1bdb8091a4b97defd608634b3069c00f129b80328d1102e72b637bdfbb60a1056a55ece2b326c7a8d7595ee538713e2f301f51f0df1ef24c0ebed513f0307fae5f88eeac7b29a4a57bece48d05f0040bb36811cc89f68aa446731cd22ba4406745835399953a81b4abab74a0ac01b5ec0434c010d60f8d74a1a11f01437b4310b1f87f7188c2f946e599621f2681bf058264f8620782f95e3ad884a2238ec07b0cb7b17b33db363b08dff80002ad2cb15b283e9223f91d337d9eac9ff145b1b60db6732d6da1f3466fd04ed59e494d5093a80eeb9ecc9247f579015b82a607bdf67ed9cdc38c80a8e786c55ee8551767acfcdcc8dced70f6ca6c0897414d5fc2379a18624daa37e724fe332a5c11aa5d733e3c3d4db030ff45cae91866598909b6f247d008dfd0f5ed8562154ede76dbd1225e9c8350ed3be1457d5992f34f6a3d4029cc0f625546d9c760e6d28b33e2a47a3c8e800920c6bf3e784b38e861e90b02c08bee56ab2238d970bd7c878cf42d41a35506edcb43cad85ee23b55ee3354344086f3c0966571905231dc9d5cafdc196ca12b9039ed38e724c3ed55443296dd9694d48d7d62d8cdf864ebbcbc14ffae7e52813907e0a199aa7b12ecee178b15a9b1e6344652d2d443862a5a79340c9949beb7f30e07dd00a5d8d4e603f95eea387c24ed609228223b764f5cf11fa99695c316f71e2bcc2722c3411f13cfb2af83073081e09d2576477d52cebbe4fdd95254bdbfc1564aa47303241481f398b84b5dd22d4f50c851ed253f8e244e1b2c7fe85e9ffe9390f7361d4455354ffd754d71471464d8fbc2ad9103990aeb9b61c61a6c90825b5b7907d5b3fee94fce250be1480df8f6df1289b8a4f8f784849b355d9ce14dc685b4a92c1e1d9cf74a1a24567bde86a2ad29cd975379851e52b6352fa5f60c951456a442624c3bac28cab5e7cac045b5ca1d743ac3f150f79ab8aa108b6f31c3d5f5a024093c13f1984348038d02eda38c164a567cc8c8e24c5b367fb173a8f7f3e1e587017d6b3b3c7c0ac271a139e3a13f1fcc5a83eb966e475c400f2e3b9b7aacc46ef50fd7fdc76b11c99e5d3226fbc42735707dd06ef7e141a7004dc56e2bc20648c31474b99b70f6b006a1063136898a015c716525ab9793ea2a647544c9d9bd7fdb374c2abcf4fa3364df48e61a56462e725bccd24cda4e2a5ec81b3f350469eede636b3285a3c403b49477a7499ea353f76e5c5c8dfa52599178fd3ec1c83ae0023e02ae86dc7b4e2d7de73b5be7d9e7fa94f96e19a8a6b7b7690a77e81a73508aa2d3b26e8c724481fb3ce66c853d86dd963ed026654945f0eb96f4f44268bd1325da6bfa6b34887726817a9d46a31cab962031433b985ee15856a88beaf875ac6b0c2d269cd22a3057d91a884623b2145e1d4744a91d3662bb9e72cac6030d219ec67273f4dc30dd8c8114596311b01bb114c7ac35bd92f2963dd3c0a63f4a126e855b7491a327db4690a8327f4830933c588152d52fbea304b8d331ec526ef7607ac41fd413b8c78b069d67054ffccccc56f5b142b8012a730b150d4d29873d862b8f71cfe17eac4f5530a58c81ccbd9a48590bd80881c385fab25bbc91d7688951e504d9582486e0d9c590beed6a6e367c2ddaf6b4c9ee2c11782282051e4d2fe4f6e36719fddc2c32063a95ab86f9858e6f1434a6ded51446985f645ae175c6e60d0532469143e9e266177dfb0db61aba6f073fc8c179b4fd073f4672c13a388d7a5b7792142d67faf3c249825bef21896ed36bcc78104cfcfd613c98860e500a36120a80e806a87158904f00c70e7286613b1e1567900f40570a09871aec3fa2bd1ae4394aa5e049c9fa0afcbc12eb40d1a6bb0164ab844e948a17f659ae0e77850d6d97a16fece85a1251b8bcf2d2f6d90b6c1412d70326714a3b6444fc94ba1e50c31c465e5ca9f6d93472aa050df51370b376e1cc71ad7102bbc544d13243d3da02880f32d9b7314bd5cdee48ddaefd8ca8b37298fc25939f4e2eb8a1ba512912c52a19a927023bde78a0876a1a0221d1218178b5f76b770aa47489fa54c81412e8486b735cbb902702b8424fc21373f7678be80a3128a42e525e0d4bb8c9313b728de64f50e048ff092e7d5623a6a712f23f597d27dfe31e45aa0cfec2e3f7fb45a05e734d235972aeb3762c3d30209b5b5081d39dad659af8fc23fce8ee80cc6f969c8e2189ddadad1622b11c60f5f8b3331a92fc88d5a4e280a9171f08777e88d541bc74aed6eabdda0aa7bb55cc3e1a940a6cfe6fb320156eda4bb9557addd7ace1af68178fd45bfb8ff6116c66540e660eec8c306aad087e95088a6979a513eb42386d19efe05afc688129b3a6a909b13b03ebacf91dae34b54ec391bed190518b0daf999ca8ef4aeb84f8a0026bcad6549ca43c0f78f80fee0d959973e1c2a03dc80b3800f39c61322442bdd3ec1b6a1be17e1f174cb8da20cba1b7284d5f9c12c8d406c9531bcccc33c7e6a437e03c6c0250c912db04277bad3b2a8a0e3cf00b75bf2e1a78c9dca3928d31f82c92247562c9d572bddd80393d123a3552d1fc947bb5f3c4d39606a23ea747e5c0853110418b28c914206e406b3e86bc6d8ac760828df05b1f274e7fdaa08ddbd33b00e58ea97210038343d85aa1f167c6bf02aaa2de56fff220dc6d4cd21a8088f33f4cf0efcf11896b76e7bfa8de774a8d490bff36462a75a9c48170596c1024b68886d686f1a407e6a49a76f8beb10440bb1127fc35bf4ac65b2798459cad2af5b3388e3420d3d80d2447804f16f0d5781124b136ab0543fba204fc02a90a2758a46caf758c3accc8e13264681697e6642a9ce598af6aed0aa7230e7aaf33c100d2351efe77961781c46e7694e0f97961f9e583148ca78b8b8b9185af6cfbbb8fb5b5f2e12638befd53c7086a9144e064fda7d22e5a0c85762fd00b5086319ceec9f6d5946a221731a3426af7e873584e7b806131d427c242adc47411d5a9be9ce4449862611e90c9344d32bea8792173897432a202e4bec6f960159ac28cc31730d6385043e1f8fe44d9562b62e6f02f8fcd6e8acd7cce9f8e27f4209ec72a8da7ec08780bfb1cf642eba078d0da98f9f8450b755dec51e1f15c55ccb4ecdba85b181f87af65d4b99096e0edb07a74c7d762a095b3f52fd39d1a58eca56b0f3b870db0e1a1581db280ba9f557c5e2e12aaecc9b9557c95b921626c180ecf91a79f3e888281cd0921cff5e6a02980d4228befd4a89b1075526d596716975cc44fc68689bf14059f9b7999271f134ece5bcd8dc12ae229c5202f7819b64e8d605a80df25e13596b55fa6fb81b288d39138f192dadc6dcd3dd3fde71a51ac106394aa8dd13a54af2be9be4b0f9e9be3e6be986a03c68ce9d87d6cd6da64b6c50b55f8fc4e1814c0c23f0036825fc0256ebfbbbc9c3c151787ff9083709e11237c313fd1489743e19d3ceff9668aecfc51f1fe3a6a08c31b225b761d8c2"}, @TIPC_NLA_UNSPEC={0xfb, 0x0, "6fe7d85616f95ca5bfe57248babde430de666879196b126ed790b7e497db414d8426fa74d6096bb5cb33763fff858477634071c16f1d243f1140b759114a6997163cb6d6d533a53986b1ad913104cc8c72ace41dc835459584b834d5476976b0a13f57c632da999fd988e177cd4e57477cd34c467f14190659bc0294aa762c86cf35d65aee2b66293e0205e24e18af76677d54c12a16c72a56620f649d4636e00815272754f0242747bfb5b15826d7a3d926dd1d03aa77b43fa7c9a4773ac649b4b39ff4bd72c3465317bb9a73a090ddb1a9814aa46e21f0b8718916d0428b68140f66e3c593b420b8b69116961e7b1a1031cbf16243af"}, @TIPC_NLA_NODE={0xc0, 0x6, 0x0, 0x1, [@generic="686acdb1763e466a8a8dc24977627af1e1218f16234285905efe6c0d3e7a2ecb48b5e2a58708fdb8a7d18dbe27e68fd8173630fdc65eceeceaf7d51fe9e7da0345ffe3002291d34cdf479e4d60e8b0ceba4e6b1a7bf4f5486b9652007a4bb7b54d84eca2", @typed={0x26, 0xd, 0x0, 0x0, @binary="c5dfa0bafd7fa9c36cac3f2da3de916b85bf335696e8ce21a81fc2fcb082e476d425"}, @typed={0x8, 0x5a, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @typed={0xc, 0x15, 0x0, 0x0, @u64=0x61d}, @typed={0x8, 0x75, 0x0, 0x0, @fd=r0}, @typed={0x14, 0xf9, 0x0, 0x0, @ipv6=@loopback}]}, @TIPC_NLA_LINK={0x95, 0x4, 0x0, 0x1, [@generic="9f1bad823bc403ed9f9eddd90ce0fec32a605bb816daec39c0057125c5d2789850e1c6592db57cbeb0fe28600e2a7201b4a21904a5d29b4efd1413d731d92f9a2dc209b5c3a3db22473288f983fb6f642975e9940b77341e070206f0b0b29ff5eafa8ceda1aa6e17992cce8252a5a4e40907bdaae58c15b348483524a12ce98fba86a83da126c13075509a0850089bba38"]}, @TIPC_NLA_UNSPEC={0x6a, 0x0, "bbad7bd017435b4457b8631264c7b57155b32f217772a4e2de16effd2273c75757ec46e83002b309932fdf6b3b34d83c62d35bbac83e98502103c8547e44e3ad625b99dc9adec92e42861e76a6738258f909151a9e43792802d04d9b0b138b11e64b30c09dc7"}, @TIPC_NLA_UNSPEC={0xbd, 0x0, "e2d732bec467ade8a847e79a4daa4e9214ff90862e0467c9343c1b459b09604064cd3d02402ae52cb9e57a83d0be27849f7f0ad37f6928b26707d8cee93b7becceb744c758c1c15b67eeec73a33abd9fba5f44ed7f916823416a0d123fa7b4defea4725af9b1bc23bea742c9361366149d1f6d9bd15b49410e3615ee5d786d6f2777960254f9b2d2c3e7eba44b09ac68c9cdb74a04b606ae98755e4715e903789c7759746fb96622a2a402832ae6907b4994c57bcf249f1918"}, @TIPC_NLA_NODE={0x297, 0x6, 0x0, 0x1, [@generic="0673eae82b38252fcf5014f244fe99baa74f5430571cc6511a3e129cd8b915d96be62616c49b4d81fa9ea6510766bf30a3f32c1c65b5554842210b94888f80f2a1fb5a338e6bf3bc4e490c3b5a51aedc4764d27445a939d36737e69616b5e591a498b5da751a8d5e8d3738ec610e946cf6946c7ebcefa0c46a1afc79254d68c46ae641ea3aad32d898e38e581c4d1e48318d810e182b063d1fed7d12bfe83fdb7f62328d1e6e422f2168d03c9f036df4d990ab1bff22e2e8901fda1918dac041539b2b4bcf83aa5038a816a300927214fa13e4ff680d8a039c1785d10e12622b6da8da91363eff3293e4c3718bd2978414ab777b72bf57d35443f76e25", @generic="f303dc15fcf2216bbdf17696d176c41a891c273330615dc75bb8dfcf", @generic="3be1687fc981f1251759b5f94accbf4dcac5d2a2d49195b291dd3ef55eb41aca86e51449e04b862dc7ec2500228486b2f3b9f9534679769bf66f57dd", @generic="8de3b483c7a5d00071786bb859e95f6b34297551fa117452b56c28bc7abf0ad7b407ee4f8e7694d68ee33e931dcdc6c0597b507ccc8c1afa4af9005e69ba0ed62ff67bef51e9bb01d34e25b93b276051fd3e6b059036f5e7a27e4a6703da9ce0683b32dbd1d5002bdcc76313f098419d7a3f4c271b947482ebb2290792511fec602a59c16ca6c1c37578f00fbac08fadcdc1705b286bf959806940a5246a2569d03bf66ea52937957dfe151d7a0bd43a109c898fd4375f3d015880ac4fee04419e3cb08b7021", @typed={0x8, 0x12f, 0x0, 0x0, @fd}, @typed={0x8, 0xd7, 0x0, 0x0, @uid}, @nested={0x4, 0xa1}, @generic="b6835365e9304c5ed09f598dc5a0f046e25f8d15e6a961e5268d115542a65b8495b760af9e3d3591b7dbcf84d1c70194", @typed={0x8, 0x77, 0x0, 0x0, @pid}, @nested={0x2c, 0xb3, 0x0, 0x1, [@nested={0x4, 0x6e}, @nested={0x4, 0x14d}, @generic="92878b9a8bce8e4f6c4c57622877e060a1d15c6cd010c12f00d30cd6", @nested={0x4, 0xf1}]}]}, @TIPC_NLA_NODE={0x438, 0x6, 0x0, 0x1, [@nested={0x431, 0x5, 0x0, 0x1, [@generic="6ff9545e53b0ee002dc29cf050ee6c44fbb87a59b10af6056cac2c0f3a6cf4cbf029d2940327f02049b68999a167fb22f33396056d41f3dff5afbd127057f3d233555806ef6fec30425e3d9e383bae5e15ee6454832eda002c53d64024b161f31a2c508d9f5ce3fe716f85ce34b08008c58b86a515264ea19683cba60df452b4d9dd2e7cbad309d5eb7ea5d6ce91859d788ad028e1e1220d88772f60d4c88b534a4f27a7bcb74192e8703be1a1b05abb3b4c9d", @generic="d116f861bfc89f7e7edb39b6fdf537a3c3a3a338c08621c0df16c4ed499a909ca91497a2c86009d6e73760d71e61f95209bbbf1503cd3c839846b0bd16042019022710cea6c380e38d0ae8a1669b82244c0d9417674eb56244b310aaad8cb4e71157dc1bf2004f9c5051b17a1d19d30a84e5bea865afc8a210d7496fc879ff4aab3b41836b09ced46faf41b5cae89224bf4811982402b181f35b91df172cb6fa3df9b2682845f634561a5241d78225887802a5899a893b9c5b104f123a0726e2697ec17d2c38468ffee49f59805ce19b329ef473c9ad47e41633ba2a6075ac70575d3ad4aff1349e30de2b3e2ac06ec440af236f209145", @nested={0x4, 0x12e}, @nested={0x4, 0x12e}, @generic="90a12f4815c322672213f2869709b4a46711cb1e30ed6369bb1007c7a8ae8ce0a77e3744c4418bc2dc1ce1ad9bfae85a0a408c59658c192420df2d1dc67c51d4390badb4e732b14aae5d70cab8015d5e6449fc31bf26fef9672c3c34184f73dfe62c883f58b2c4c832111cee763fdb95a7eda938bc9e31e8ea2a4a2f7b2271feff4ffa5c6b6b8641e5529d7993d4d5886a0289640c23356354e63d6bdca4fb6abc4f597934637851d2cc9b898d1b8de4aed199d5f530674c3921a63e2e1603b2344b17ce9f41b1f118365eed9dd57a284eb1853a053bb6498812314fe499a19abc7773e82de3fd46cc8f92aeee49c46d02f9af", @generic="ed70c9f91995de0f50e011c755e221f36252b5c7b329c586f0fb765b473d3d6778fb445190ad5aa0dea0230ce799afb58bdcf48b38e8a8cabc1557d7de0b0d5095d61103c39d64dc8dd0ca46212e0abf475571bd83161597924a35f9d44d33650eea01ac52a86d7ba5009624d01df29f3dc2e6b1c7cdd1c1630b82ae8c91153fea249f5073164080fb9aabaabae6bc55e5e2a5002f6b497d4a81cda5127a40f9766fe34ced1f", @generic="69a0d1513fc650d6450d0173f252eefbd786ae50a91585b42accf0e66e9412014c8c138162780607b1bb029aa689d9514436a054e5a20ef0f3a7e31ef0125d1d8bc172b437bbf8964828a03ee74a22935402e4bd691c83fd4f87a412b737674b6af79d82ebe19eb73c8304004078488d115e3dff9c711fd801ab352394c5f825e46f40088f21539a3226a5c63c1eb1fe1875d2fe1c38e094b71a1f4ba7ace979df857868240663ed3e630786f0efd37ecf5878b7948796ea8763855cbb657a8b22ec6541ea1155cd30fef433eab122200d126143000b5608f8d3ed786f7b5da10b89"]}]}, @TIPC_NLA_NODE={0x1bb, 0x6, 0x0, 0x1, [@generic="1029da05da38041f72d67905c1d3", @generic="9a51848d7a59f9adf14424cd5316a621fa3d47b39c031065c44a3e724a368b41c5cde1040feda85bda4de63ce9df5cae6fa7a839364c3e01aaeef1db063115c9fad8509331fcc0512950d646455cb1c5e7e6888e4ad6c05af05beb2e660b1b8b458d4fa35c5df1cc95d5d01b222d9fd2c54bfa3c9072771b48eaf05e2a422f567bfbc25d760b9fdd2311f0370a22c06a40217396f57b0dcad89d234557f5abd6bf4bba90e8ba2cff35266047accd3af171577cd835bdabcbf4d3b7387d9d65003fb48f96ae5ad888e9e99f4e16ae21425576017e34a27f51895112818ea18d8b90c3431af9fbf3", @typed={0x8, 0xf0, 0x0, 0x0, @uid}, @typed={0x8, 0x70, 0x0, 0x0, @uid}, @generic="ac2ec603aad015bd52f1b8cf30f3f122d0a87a3401b3a1524a282b4cef7799899a4b1fe222607f8ad4a29d08891985e5241976b0e4d74d73cccbf6275bc2942c9d3f92d75197d233941cde6d71e2a29674c4c5fabf311ce4a0fce6305cdd7e983b99d73e28d55f5897d2c92360ca", @nested={0x43, 0x49, 0x0, 0x1, [@generic="9fed6c5f48d3285836a6cb1690c7fdc674c02c87e8ce840d6b2c42bb02633d5ee61b4aefa60d0f72fc69844a8e956e37718978", @nested={0x4, 0x13c}, @nested={0x4, 0x9e}, @nested={0x4, 0x82}]}]}, @TIPC_NLA_MEDIA={0x3a3, 0x5, 0x0, 0x1, [@nested={0x3c, 0x52, 0x0, 0x1, [@typed={0x29, 0x6b, 0x0, 0x0, @str='/sys/devices/netdevsim3/sriov_numvfs\x00'}, @nested={0x4, 0x11d}, @typed={0x5, 0xe1, 0x0, 0x0, @str='\x00'}]}, @nested={0x122, 0x5, 0x0, 0x1, [@generic="811e3ad1e6d774102100c099cb94d44bc253a0cd47a7540d5d0bf2a48335ffde336a7025cfdfc2ce70e2b825d889b07f95d26eecc0e9f9efdfeeebd0e9cc5c8d0e96aedb745f5678a579bb7e17e91e67c3b3ff0d3d161e706358bab288a0fc43308db50496d0f65dc3df55c8cdb81c63c6f9fd4cdfd4bc65021c59962c9da1b8f949f95b4f7d71e92b78d299bb1021123bba462c3117b75bf1be39ce9a2e94fff7d2a047c53803ffaebf38b9d73fd8668ec0001538908270749a8c436ff6ca18764b3665535b90e07d235e65159cae", @generic="71891a797f3e9ebd2500bf9e776bf82e86baa91ba341cad95db6ddf1ac0958f61c3295e46cb88cd2bd791344807719c3d108be3d3a4ca8abfb4d7fffd37ea13be8ed5bf56453e2", @typed={0x8, 0x8, 0x0, 0x0, @uid=r6}]}, @typed={0x8, 0x121, 0x0, 0x0, @uid=r7}, @typed={0x8, 0xa, 0x0, 0x0, @pid=r2}, @nested={0x65, 0x9, 0x0, 0x1, [@generic="0ee609caab3bd3c3060f6e75510b566e7699d4bf0a1ce956de539b5380da93364afecb05196f6a466e0361bf882634e80e77576d3ea4af8cdbc5a14fcc147aa9e76d16a8701cd1b065599fe683895067600b87a8f659d8a6855e761bf7527a884f"]}, @nested={0xed, 0x88, 0x0, 0x1, [@generic="ece801a525d5f60e77276d100e6c1f417b7cd188e417f60613b1e5f0321cbb249cf6a36b8d99c3f3dbf2b67e4f102422d3798356fe3c33b6cd9931e4ddc66c1ea90137d4dca26cf02ebae7ed6dc07598de2040e9ff45bcaf870682b66828fa5552ce0d7b0c554fa20c2dc9b06671844aec08c4861454c5391d9a68dae3cbff4fad222f1c7acbe2ab8406e4f4c56e519f1f219ce778bac97d63a8af76b7f583943aaf258613a1c5a6789136672bfe011d5e9969893860b48b510fa24e3661572a3c1970228c36d7905536c7ba87e7447783afdf2f7a2943a8f1341873f7bd0c562138d558d5bdca822c"]}, @generic="c2a0d706d427386ca361725880a6e1d039b179b1255d5af337746d9cb4d2939a39ea7201df75868652ddcd2224e7ed1cf9af9ff0f73cfcf196191799fb6ea5cc4e683f6ddc91f7cbfa64fffddd255854c01b7fec24cd52bca9301a4c242eb47b473e440a16b57ba4aab4cb21ac8d244a7df3f0baebbbacdb56021700c0c620968be198b30ed421e281f43815627f37ec988cd8a725c787d58aab23129e3ac19cc8188217f523300cb564a42c0623ee34c715245f1cf2a20d65d0a0064655e058e646d6616dbb4da072990d253b144b", @typed={0x8, 0xf2, 0x0, 0x0, @pid=r2}]}]}, 0x1fc8}, 0x1, 0x0, 0x0, 0x4008850}, 0x0) mmap$auto(0x0, 0x202000c, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x7fffffff) ptrace$auto(0x10, r5, 0x4, 0x7ff) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, r8, 0x8641, 0x6) kernel console output (not intermixed with test programs): 840] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 86.708570][ T5840] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 86.753349][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.766955][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.789640][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.827442][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.951286][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.974643][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.991538][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.030334][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.135020][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.154637][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.167253][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.184796][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.250699][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.304843][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.318661][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.352432][ T2203] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.359712][ T2203] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.387276][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.394570][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.419284][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.452915][ T2203] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.460056][ T2203] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.490014][ T2203] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.497156][ T2203] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.543095][ T5834] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 87.563276][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.574738][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.646259][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.661521][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.687527][ T3730] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.694798][ T3730] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.708664][ T3730] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.715905][ T3730] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.759815][ T3730] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.767016][ T3730] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.784229][ T3730] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.791394][ T3730] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.988701][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.127867][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.194611][ T51] Bluetooth: hci0: command tx timeout [ 88.218669][ T5834] veth0_vlan: entered promiscuous mode [ 88.261112][ T5834] veth1_vlan: entered promiscuous mode [ 88.274311][ T5150] Bluetooth: hci2: command tx timeout [ 88.279918][ T51] Bluetooth: hci1: command tx timeout [ 88.354533][ T51] Bluetooth: hci3: command tx timeout [ 88.381016][ T5840] veth0_vlan: entered promiscuous mode [ 88.390595][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.416157][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.435838][ T5834] veth0_macvtap: entered promiscuous mode [ 88.448702][ T5840] veth1_vlan: entered promiscuous mode [ 88.461396][ T5834] veth1_macvtap: entered promiscuous mode [ 88.519381][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.546012][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.553410][ T5843] veth0_vlan: entered promiscuous mode [ 88.585557][ T5840] veth0_macvtap: entered promiscuous mode [ 88.599625][ T3730] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.609749][ T3730] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.623768][ T3730] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.635536][ T5831] veth0_vlan: entered promiscuous mode [ 88.641892][ T5843] veth1_vlan: entered promiscuous mode [ 88.648975][ T5840] veth1_macvtap: entered promiscuous mode [ 88.655877][ T3730] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.681925][ T5831] veth1_vlan: entered promiscuous mode [ 88.731912][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.767765][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.793658][ T5843] veth0_macvtap: entered promiscuous mode [ 88.821104][ T5831] veth0_macvtap: entered promiscuous mode [ 88.829859][ T5843] veth1_macvtap: entered promiscuous mode [ 88.838926][ T3730] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.848173][ T3730] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.867974][ T3730] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.876929][ T3730] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.886334][ T5831] veth1_macvtap: entered promiscuous mode [ 88.911545][ T2203] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.927682][ T2203] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.963504][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.996729][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.011859][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.021737][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.038609][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.050299][ T1007] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.092886][ T1007] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.102382][ T1007] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.119178][ T5834] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.141327][ T1007] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.162639][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.170525][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.214142][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.243215][ T3675] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.257154][ T3675] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.287180][ T3675] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.302377][ T3675] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.367733][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.376737][ T3675] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.392464][ T3675] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.403765][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.490422][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.500345][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.599889][ T3675] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.635251][ T3675] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.720496][ T1007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.753977][ T1007] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.904514][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.179024][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.277735][ T51] Bluetooth: hci0: command tx timeout [ 90.357869][ T5150] Bluetooth: hci2: command tx timeout [ 90.364919][ T51] Bluetooth: hci1: command tx timeout [ 90.434622][ T51] Bluetooth: hci3: command tx timeout [ 90.684271][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.885652][ T5954] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 90.935557][ T5955] nvme_fabrics: unknown parameter or missing value '@' in ctrl creation request [ 91.196536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.431923][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 91.888718][ T981] cfg80211: failed to load regulatory.db [ 92.354525][ T51] Bluetooth: hci0: command tx timeout [ 92.446868][ T5150] Bluetooth: hci2: command tx timeout [ 92.452286][ T51] Bluetooth: hci1: command tx timeout [ 92.514576][ T51] Bluetooth: hci3: command tx timeout [ 92.833767][ T5987] Zero length message leads to an empty skb [ 93.414754][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.474365][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 93.483442][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 93.538387][ T30] audit: type=1800 audit(1766864850.465:2): pid=6001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.13" name="lu_gp_id" dev="configfs" ino=7666 res=0 errno=0 [ 93.564884][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 93.582884][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 94.369446][ T6007] syz.1.17 uses obsolete (PF_INET,SOCK_PACKET) [ 95.919532][ T6044] Console: switching to colour VGA+ 80x25 [ 96.112328][ T6045] Console: switching to colour frame buffer device 128x48 [ 96.344203][ T6054] futex_wake_op: syz.3.26 tries to shift op by -2048; fix this program [ 96.354524][ T6054] futex_wake_op: syz.3.26 tries to shift op by -2048; fix this program [ 97.230560][ T6071] futex_wake_op: syz.2.30 tries to shift op by -2048; fix this program [ 97.288654][ T6071] futex_wake_op: syz.2.30 tries to shift op by -2048; fix this program [ 97.448948][ T6068] i2c i2c-0: delete_device: Extra parameters [ 97.760164][ T6089] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 97.776331][ T6088] FAULT_INJECTION: forcing a failure. [ 97.776331][ T6088] name fail_futex, interval 1, probability 0, space 0, times 1 [ 97.823511][ T6088] CPU: 1 UID: 0 PID: 6088 Comm: syz.1.32 Not tainted syzkaller #0 PREEMPT(full) [ 97.823552][ T6088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 97.823572][ T6088] Call Trace: [ 97.823582][ T6088] [ 97.823594][ T6088] dump_stack_lvl+0x16c/0x1f0 [ 97.823648][ T6088] should_fail_ex+0x512/0x640 [ 97.823681][ T6088] get_futex_key+0x1d0/0x15f0 [ 97.823713][ T6088] ? __pfx_get_futex_key+0x10/0x10 [ 97.823744][ T6088] ? find_held_lock+0x2b/0x80 [ 97.823786][ T6088] futex_wait_setup+0x9d/0x570 [ 97.823833][ T6088] __futex_wait+0x193/0x2f0 [ 97.823868][ T6088] ? __pfx___futex_wait+0x10/0x10 [ 97.823907][ T6088] ? __pfx_futex_wake_mark+0x10/0x10 [ 97.823950][ T6088] ? find_held_lock+0x2b/0x80 [ 97.823989][ T6088] ? futex_private_hash_put+0x160/0x1b0 [ 97.824021][ T6088] futex_wait+0xe8/0x380 [ 97.824057][ T6088] ? __pfx_futex_wait+0x10/0x10 [ 97.824102][ T6088] ? putname+0xf5/0x1a0 [ 97.824136][ T6088] do_futex+0x229/0x350 [ 97.824168][ T6088] ? __pfx_do_futex+0x10/0x10 [ 97.824211][ T6088] ? find_held_lock+0x2b/0x80 [ 97.824251][ T6088] __x64_sys_futex+0x1e0/0x4c0 [ 97.824286][ T6088] ? __x64_sys_openat+0x174/0x210 [ 97.824319][ T6088] ? __pfx___x64_sys_futex+0x10/0x10 [ 97.824352][ T6088] ? xfd_validate_state+0x61/0x180 [ 97.824390][ T6088] do_syscall_64+0xcd/0xf80 [ 97.824432][ T6088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.824460][ T6088] RIP: 0033:0x7fd945b8f7c9 [ 97.824491][ T6088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.824518][ T6088] RSP: 002b:00007fd943df60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 97.824544][ T6088] RAX: ffffffffffffffda RBX: 00007fd945de6098 RCX: 00007fd945b8f7c9 [ 97.824564][ T6088] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd945de6098 [ 97.824581][ T6088] RBP: 00007fd945de6090 R08: 0000000000000000 R09: 0000000000000000 [ 97.824598][ T6088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 97.824615][ T6088] R13: 00007fd945de6128 R14: 00007ffff042d1c0 R15: 00007ffff042d2a8 [ 97.824652][ T6088] [ 98.369990][ T6097] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 98.674769][ T6102] futex_wake_op: syz.3.37 tries to shift op by -2048; fix this program [ 98.709144][ T6102] futex_wake_op: syz.3.37 tries to shift op by -2048; fix this program [ 98.793157][ T6100] zswap: compressor not available [ 98.800619][ T6106] block2mtd: illegal erase size [ 99.084791][ T6114] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 99.914009][ T6125] futex_wake_op: syz.0.41 tries to shift op by -2048; fix this program [ 99.922469][ T6125] futex_wake_op: syz.0.41 tries to shift op by -2048; fix this program [ 100.691625][ T6167] netlink: 4 bytes leftover after parsing attributes in process `syz.0.47'. [ 101.185543][ T6174] futex_wake_op: syz.2.48 tries to shift op by -2048; fix this program [ 101.214291][ T6174] futex_wake_op: syz.2.48 tries to shift op by -2048; fix this program [ 101.516508][ T6184] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 102.017414][ T6134] nfs: Unknown parameter ' ^.q [ 107.464147][ T6305] dump_stack_lvl+0x16c/0x1f0 [ 107.464188][ T6305] should_fail_ex+0x512/0x640 [ 107.464220][ T6305] should_fail_alloc_page+0xe7/0x130 [ 107.464263][ T6305] prepare_alloc_pages+0x401/0x670 [ 107.464301][ T6305] ? rcu_is_watching+0x12/0xc0 [ 107.464337][ T6305] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 107.464374][ T6305] ? kasan_save_stack+0x42/0x60 [ 107.464419][ T6305] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 107.464464][ T6305] ? __mod_zone_page_state+0xcc/0x1a0 [ 107.464503][ T6305] ? __lock_acquire+0x436/0x2890 [ 107.464531][ T6305] ? __lock_acquire+0x436/0x2890 [ 107.464555][ T6305] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 107.464596][ T6305] ? policy_nodemask+0xea/0x4e0 [ 107.464639][ T6305] alloc_pages_mpol+0x1fb/0x550 [ 107.464679][ T6305] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 107.464729][ T6305] folio_alloc_mpol_noprof+0x36/0x2f0 [ 107.464759][ T6305] vma_alloc_folio_noprof+0xed/0x1e0 [ 107.464786][ T6305] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 107.464824][ T6305] do_anonymous_page+0xc81/0x2190 [ 107.464866][ T6305] __handle_mm_fault+0x1ecf/0x2bb0 [ 107.464904][ T6305] ? __pfx___handle_mm_fault+0x10/0x10 [ 107.464935][ T6305] ? __pte_offset_map_lock+0x174/0x310 [ 107.464972][ T6305] ? find_held_lock+0x2b/0x80 [ 107.465016][ T6305] ? follow_page_pte+0x5cf/0x1390 [ 107.465062][ T6305] handle_mm_fault+0x3fe/0xad0 [ 107.465097][ T6305] __get_user_pages+0x54e/0x3590 [ 107.465149][ T6305] ? __pfx___get_user_pages+0x10/0x10 [ 107.465198][ T6305] populate_vma_page_range+0x267/0x3f0 [ 107.465251][ T6305] ? __pfx_populate_vma_page_range+0x10/0x10 [ 107.465291][ T6305] ? __pfx_find_vma_intersection+0x10/0x10 [ 107.465331][ T6305] ? do_mmap+0x69c/0x1210 [ 107.465371][ T6305] __mm_populate+0x1d8/0x380 [ 107.465412][ T6305] ? __pfx___mm_populate+0x10/0x10 [ 107.465461][ T6305] ? up_write+0x282/0x4e0 [ 107.465493][ T6305] vm_mmap_pgoff+0x37f/0x470 [ 107.465533][ T6305] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 107.465569][ T6305] ? __might_fault+0x13b/0x190 [ 107.465604][ T6305] ? __x64_sys_futex+0x1e0/0x4c0 [ 107.465633][ T6305] ? __x64_sys_futex+0x1e9/0x4c0 [ 107.465668][ T6305] ksys_mmap_pgoff+0x7d/0x5c0 [ 107.465703][ T6305] ? xfd_validate_state+0x61/0x180 [ 107.465727][ T6305] ? __pfx___do_sys_prctl+0x10/0x10 [ 107.465760][ T6305] __x64_sys_mmap+0x125/0x190 [ 107.465791][ T6305] do_syscall_64+0xcd/0xf80 [ 107.465833][ T6305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.465860][ T6305] RIP: 0033:0x7f10f8b8f7c9 [ 107.465882][ T6305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.465906][ T6305] RSP: 002b:00007f10f9af4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 107.465930][ T6305] RAX: ffffffffffffffda RBX: 00007f10f8de5fa0 RCX: 00007f10f8b8f7c9 [ 107.465948][ T6305] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 107.465972][ T6305] RBP: 00007f10f8c13f91 R08: 0000000000000002 R09: 0000000000008000 [ 107.465988][ T6305] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 107.466004][ T6305] R13: 00007f10f8de6038 R14: 00007f10f8de5fa0 R15: 00007ffcc086c8d8 [ 107.466042][ T6305] [ 108.316141][ T6319] netlink: 'syz.0.81': attribute type 1 has an invalid length. [ 110.086641][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807ee60000: rx timeout, send abort [ 110.438449][ T6364] sctp: [Deprecated]: syz.2.93 (pid 6364) Use of struct sctp_assoc_value in delayed_ack socket option. [ 110.438449][ T6364] Use struct sctp_sack_info instead [ 110.595832][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807ee60000: abort rx timeout. Force session deactivation [ 110.906306][ T6368] process 'syz.3.94' launched './file0' with NULL argv: empty string added [ 110.983127][ T6379] netlink: 28 bytes leftover after parsing attributes in process `syz.3.94'. [ 111.085364][ T51] Bluetooth: hci0: unexpected event 0x10 length: 438 > 1 [ 111.086303][ T51] Bluetooth: hci0: hardware error 0x00 [ 111.435853][ T6385] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 111.455512][ T30] audit: type=1800 audit(1766864868.405:4): pid=6385 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.98" name="trace_pipe" dev="tracefs" ino=203 res=0 errno=0 [ 111.760645][ T6392] netlink: 4 bytes leftover after parsing attributes in process `syz.3.97'. [ 113.106195][ T6395] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 113.234646][ T51] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 113.524349][ T6421] netlink: 13 bytes leftover after parsing attributes in process `syz.2.107'. [ 114.357959][ T6442] netlink: set zone limit has 8 unknown bytes [ 114.427240][ T6442] netlink: 12 bytes leftover after parsing attributes in process `syz.3.111'. [ 114.561768][ T6442] HfR: entered promiscuous mode [ 115.431600][ T6463] netlink: 12 bytes leftover after parsing attributes in process `syz.1.118'. [ 115.526911][ T6463] HfR: entered promiscuous mode [ 116.603462][ T6475] syz.1.121 (6475) used greatest stack depth: 19688 bytes left [ 117.096405][ T6488] capability: warning: `syz.3.125' uses 32-bit capabilities (legacy support in use) [ 117.373070][ T6488] zswap: compressor not available [ 117.584518][ T6488] mmap: syz.3.125 (6488) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 117.774536][ T6499] futex_wake_op: syz.0.127 tries to shift op by -2048; fix this program [ 117.783048][ T6499] futex_wake_op: syz.0.127 tries to shift op by -2048; fix this program [ 119.324158][ T6518] netlink: 20 bytes leftover after parsing attributes in process `syz.0.131'. [ 119.333119][ T6518] nbd: must specify at least one socket [ 119.365184][ T6518] FAULT_INJECTION: forcing a failure. [ 119.365184][ T6518] name failslab, interval 1, probability 0, space 0, times 0 [ 119.396831][ T6518] CPU: 1 UID: 0 PID: 6518 Comm: syz.0.131 Not tainted syzkaller #0 PREEMPT(full) [ 119.396870][ T6518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 119.396888][ T6518] Call Trace: [ 119.396897][ T6518] [ 119.396908][ T6518] dump_stack_lvl+0x16c/0x1f0 [ 119.396954][ T6518] should_fail_ex+0x512/0x640 [ 119.396984][ T6518] ? kmem_cache_alloc_noprof+0x62/0x770 [ 119.397021][ T6518] should_failslab+0xc2/0x120 [ 119.397059][ T6518] kmem_cache_alloc_noprof+0x83/0x770 [ 119.397092][ T6518] ? getname_flags.part.0+0x4c/0x550 [ 119.397128][ T6518] ? getname_flags.part.0+0x4c/0x550 [ 119.397154][ T6518] getname_flags.part.0+0x4c/0x550 [ 119.397195][ T6518] getname_flags+0x93/0xf0 [ 119.397233][ T6518] do_sys_openat2+0xb9/0x290 [ 119.397263][ T6518] ? __pfx_do_sys_openat2+0x10/0x10 [ 119.397292][ T6518] ? __do_sys_ustat+0x126/0x1f0 [ 119.397340][ T6518] __x64_sys_openat+0x174/0x210 [ 119.397372][ T6518] ? __pfx___x64_sys_openat+0x10/0x10 [ 119.397419][ T6518] do_syscall_64+0xcd/0xf80 [ 119.397461][ T6518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.397489][ T6518] RIP: 0033:0x7fa6ceb8f7c9 [ 119.397510][ T6518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.397536][ T6518] RSP: 002b:00007fa6cfa4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 119.397564][ T6518] RAX: ffffffffffffffda RBX: 00007fa6cede5fa0 RCX: 00007fa6ceb8f7c9 [ 119.397581][ T6518] RDX: 0000000000002062 RSI: 0000200000000600 RDI: ffffffffffffff9c [ 119.397596][ T6518] RBP: 00007fa6cec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 119.397611][ T6518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.397627][ T6518] R13: 00007fa6cede6038 R14: 00007fa6cede5fa0 R15: 00007ffd9b5d8bf8 [ 119.397665][ T6518] [ 120.080931][ T6530] futex_wake_op: syz.0.134 tries to shift op by -2048; fix this program [ 120.136915][ T6530] futex_wake_op: syz.0.134 tries to shift op by -2048; fix this program [ 120.794672][ T6546] netlink: 28 bytes leftover after parsing attributes in process `syz.1.137'. [ 120.869899][ T6546] veth1_macvtap: left promiscuous mode [ 121.202778][ T6555] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list syzkaller syzkaller login: [ 122.273306][ T6591] futex_wake_op: syz.1.148 tries to shift op by -2048; fix this program [ 122.282606][ T6591] futex_wake_op: syz.1.148 tries to shift op by -2048; fix this program [ 123.495500][ T30] audit: type=1804 audit(1766864880.445:5): pid=6633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.155" name="file0" dev="tmpfs" ino=191 res=1 errno=0 [ 123.564135][ T30] audit: type=1804 audit(1766864880.475:6): pid=6633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.155" name="file0" dev="tmpfs" ino=191 res=1 errno=0 [ 124.427692][ T6653] futex_wake_op: syz.0.159 tries to shift op by -2048; fix this program [ 124.460004][ T6653] futex_wake_op: syz.0.159 tries to shift op by -2048; fix this program [ 125.589430][ T6678] kstrtoul() returned -22 for lu_gp_id [ 125.595630][ T30] audit: type=1800 audit(1766864882.525:7): pid=6678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.167" name="lu_gp_id" dev="configfs" ino=11392 res=0 errno=0 [ 125.720378][ T6685] futex_wake_op: syz.0.169 tries to shift op by -2048; fix this program [ 125.737032][ T6685] futex_wake_op: syz.0.169 tries to shift op by -2048; fix this program [ 126.510565][ T6706] futex_wake_op: syz.2.173 tries to shift op by -2048; fix this program [ 126.534928][ T6706] futex_wake_op: syz.2.173 tries to shift op by -2048; fix this program [ 127.198991][ T6727] netlink: 'syz.1.177': attribute type 1 has an invalid length. [ 127.208803][ T6726] netlink: 'syz.1.177': attribute type 1 has an invalid length. [ 127.339694][ T6729] futex_wake_op: syz.2.178 tries to shift op by -2048; fix this program [ 127.363696][ T6729] futex_wake_op: syz.2.178 tries to shift op by -2048; fix this program [ 127.946305][ T6749] netlink: 12 bytes leftover after parsing attributes in process `syz.1.181'. [ 127.976439][ T6749] openvswitch: HfR: Dropping previously announced user features [ 128.465324][ T6761] netlink: 346 bytes leftover after parsing attributes in process `syz.0.185'. [ 128.861085][ T6781] futex_wake_op: syz.3.190 tries to shift op by -2048; fix this program [ 128.927180][ T6781] futex_wake_op: syz.3.190 tries to shift op by -2048; fix this program [ 130.722243][ T6825] vhci_hcd vhci_hcd.2: invalid port number 16 [ 130.728526][ T6825] vhci_hcd vhci_hcd.2: invalid port number 16 [ 130.804641][ T6828] futex_atomic_op_inuser: 1 callbacks suppressed [ 130.804662][ T6828] futex_wake_op: syz.0.201 tries to shift op by -2048; fix this program [ 130.824266][ T6828] futex_wake_op: syz.0.201 tries to shift op by -2048; fix this program [ 131.082337][ T6814] NFSD: Failed to start, no listeners configured. [ 131.687184][ T6847] netlink: set zone limit has 8 unknown bytes [ 131.724543][ T6843] netlink: 25 bytes leftover after parsing attributes in process `syz.0.203'. [ 132.206058][ T6862] futex_wake_op: syz.3.212 tries to shift op by -2048; fix this program [ 132.218928][ T6862] futex_wake_op: syz.3.212 tries to shift op by -2048; fix this program [ 132.847115][ T6883] futex_wake_op: syz.3.216 tries to shift op by -2048; fix this program [ 132.919085][ T6883] futex_wake_op: syz.3.216 tries to shift op by -2048; fix this program [ 133.041821][ T6886] futex_wake_op: syz.0.217 tries to shift op by -2048; fix this program [ 133.069136][ T6886] futex_wake_op: syz.0.217 tries to shift op by -2048; fix this program [ 133.130218][ T6886] 0x000000000001-0x000000020000 : "" [ 133.181157][ T6886] ftl_cs: FTL header corrupt! [ 133.505542][ T6906] futex_wake_op: syz.3.221 tries to shift op by -2048; fix this program [ 133.522659][ T6906] futex_wake_op: syz.3.221 tries to shift op by -2048; fix this program [ 134.023019][ T6919] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 135.282653][ T6940] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 138.624377][ T7018] dump_stack_lvl+0x16c/0x1f0 [ 138.624425][ T7018] should_fail_ex+0x512/0x640 [ 138.624456][ T7018] ? __kmalloc_cache_noprof+0x5f/0x800 [ 138.624492][ T7018] should_failslab+0xc2/0x120 [ 138.624533][ T7018] __kmalloc_cache_noprof+0x80/0x800 [ 138.624566][ T7018] ? assoc_array_delete+0xff/0xd10 [ 138.624611][ T7018] ? assoc_array_delete+0xff/0xd10 [ 138.624647][ T7018] assoc_array_delete+0xff/0xd10 [ 138.624687][ T7018] ? __pfx___mutex_lock+0x10/0x10 [ 138.624734][ T7018] ? __pfx_assoc_array_delete+0x10/0x10 [ 138.624782][ T7018] ? down_write_nested+0x151/0x210 [ 138.624833][ T7018] key_move+0xda/0x6a0 [ 138.624874][ T7018] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 138.624906][ T7018] ? __pfx_key_move+0x10/0x10 [ 138.624951][ T7018] ? fput+0x70/0xf0 [ 138.624991][ T7018] keyctl_keyring_move+0xed/0x150 [ 138.625021][ T7018] __do_sys_keyctl+0x171/0x590 [ 138.625053][ T7018] do_syscall_64+0xcd/0xf80 [ 138.625098][ T7018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.625126][ T7018] RIP: 0033:0x7fa6ceb8f7c9 [ 138.625149][ T7018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.625176][ T7018] RSP: 002b:00007fa6cfa4a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 138.625202][ T7018] RAX: ffffffffffffffda RBX: 00007fa6cede5fa0 RCX: 00007fa6ceb8f7c9 [ 138.625221][ T7018] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 000000000000001e [ 138.625238][ T7018] RBP: 00007fa6cec13f91 R08: 0000000000000001 R09: 0000000000000000 [ 138.625255][ T7018] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 138.625272][ T7018] R13: 00007fa6cede6038 R14: 00007fa6cede5fa0 R15: 00007ffd9b5d8bf8 [ 138.625311][ T7018] [ 138.640322][ T7020] futex_wake_op: syz.1.249 tries to shift op by -2048; fix this program [ 138.882884][ T7020] futex_wake_op: syz.1.249 tries to shift op by -2048; fix this program [ 139.147656][ T7026] netlink: 8 bytes leftover after parsing attributes in process `syz.0.252'. [ 144.717864][ T7128] FAULT_INJECTION: forcing a failure. [ 144.717864][ T7128] name failslab, interval 1, probability 0, space 0, times 0 [ 144.730704][ T7128] CPU: 0 UID: 0 PID: 7128 Comm: syz.1.269 Not tainted syzkaller #0 PREEMPT(full) [ 144.730725][ T7128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 144.730734][ T7128] Call Trace: [ 144.730740][ T7128] [ 144.730746][ T7128] dump_stack_lvl+0x16c/0x1f0 [ 144.730773][ T7128] should_fail_ex+0x512/0x640 [ 144.730793][ T7128] should_failslab+0xc2/0x120 [ 144.730815][ T7128] __kmalloc_cache_noprof+0x80/0x800 [ 144.730832][ T7128] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 144.730849][ T7128] ? tipc_nametbl_insert_publ+0x700/0x1740 [ 144.730874][ T7128] ? tipc_nametbl_insert_publ+0x700/0x1740 [ 144.730896][ T7128] tipc_nametbl_insert_publ+0x700/0x1740 [ 144.730920][ T7128] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 144.730935][ T7128] ? net_generic+0xea/0x2a0 [ 144.730960][ T7128] tipc_nametbl_publish+0x137/0x280 [ 144.730985][ T7128] tipc_sk_publish+0x1d8/0x430 [ 144.730999][ T7128] ? __pfx_tipc_sk_publish+0x10/0x10 [ 144.731014][ T7128] ? __local_bh_enable_ip+0xa4/0x120 [ 144.731037][ T7128] tipc_sk_bind+0x16f/0x380 [ 144.731052][ T7128] tipc_bind+0x190/0x2a0 [ 144.731066][ T7128] __sys_bind+0x1a7/0x260 [ 144.731082][ T7128] ? __pfx___sys_bind+0x10/0x10 [ 144.731102][ T7128] ? xfd_validate_state+0x61/0x180 [ 144.731115][ T7128] ? __pfx_do_writev+0x10/0x10 [ 144.731138][ T7128] __x64_sys_bind+0x72/0xb0 [ 144.731150][ T7128] ? lockdep_hardirqs_on+0x7c/0x110 [ 144.731171][ T7128] do_syscall_64+0xcd/0xf80 [ 144.731193][ T7128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.731208][ T7128] RIP: 0033:0x7fd945b8f7c9 [ 144.731221][ T7128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.731234][ T7128] RSP: 002b:00007fd943df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 144.731248][ T7128] RAX: ffffffffffffffda RBX: 00007fd945de6090 RCX: 00007fd945b8f7c9 [ 144.731258][ T7128] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000006 [ 144.731266][ T7128] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 144.731275][ T7128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.731283][ T7128] R13: 00007fd945de6128 R14: 00007fd945de6090 R15: 00007ffff042d2a8 [ 144.731302][ T7128] [ 144.731308][ T7128] tipc: Failed to bind to 65,0,0 [ 145.077015][ T7134] netlink: 8 bytes leftover after parsing attributes in process `syz.0.268'. [ 145.153475][ T7133] netlink: 4 bytes leftover after parsing attributes in process `syz.2.270'. [ 145.164846][ T7133] netlink: 98 bytes leftover after parsing attributes in process `syz.2.270'. [ 145.180176][ T7125] zswap: compressor not available [ 145.684728][ T7140] futex_wake_op: syz.3.271 tries to shift op by -2048; fix this program [ 145.693263][ T7140] futex_wake_op: syz.3.271 tries to shift op by -2048; fix this program [ 146.556477][ T7165] netlink: 342 bytes leftover after parsing attributes in process `syz.2.275'. [ 150.935515][ T7252] netlink: 28 bytes leftover after parsing attributes in process `syz.3.294'. [ 150.963149][ T7252] bridge_slave_1: left allmulticast mode [ 150.980155][ T7252] bridge_slave_1: left promiscuous mode [ 151.065918][ T7252] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.092861][ T7252] bridge_slave_0: left allmulticast mode [ 151.099283][ T7252] bridge_slave_0: left promiscuous mode [ 151.107076][ T7252] bridge0: port 1(bridge_slave_0) entered disabled state [ 151.397419][ T7257] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 151.415959][ T7257] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 151.569441][ T7257] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 151.621772][ T7257] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 151.657037][ T7257] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 151.707001][ T7257] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 151.761312][ T7257] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 151.779652][ T7257] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 151.867365][ T7257] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 152.222010][ T7280] futex_wake_op: syz.3.301 tries to shift op by -2048; fix this program [ 152.257914][ T7280] futex_wake_op: syz.3.301 tries to shift op by -2048; fix this program [ 153.393925][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 153.417569][ T7327] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 153.495027][ T7327] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 153.503003][ T7327] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 153.535503][ T7327] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 153.535583][ T7327] page dumped because: unmovable page [ 153.535611][ T7327] page_owner info is not present (never set?) [ 153.633900][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 153.809594][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 154.609627][ T7352] futex_wake_op: syz.3.315 tries to shift op by -2048; fix this program [ 154.655768][ T7352] futex_wake_op: syz.3.315 tries to shift op by -2048; fix this program [ 155.474686][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 155.714306][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 155.874399][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 156.102306][ T7390] netlink: set zone limit has 8 unknown bytes [ 156.103294][ T7392] netlink: 12 bytes leftover after parsing attributes in process `syz.1.324'. [ 156.663303][ T7390] openvswitch: HfR: Dropping previously announced user features [ 156.680594][ T7391] Invalid ELF header magic: != ELF [ 157.554115][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 157.619399][ T7427] zswap: compressor  not available [ 157.649140][ T7429] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 157.794768][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 157.955270][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 159.248705][ T51] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 159.398319][ T7469] netlink: 'syz.0.339': attribute type 1 has an invalid length. [ 159.427449][ T7469] netlink: 9 bytes leftover after parsing attributes in process `syz.0.339'. [ 160.986028][ T7508] futex_wake_op: syz.1.349 tries to shift op by -2048; fix this program [ 161.032423][ T7508] futex_wake_op: syz.1.349 tries to shift op by -2048; fix this program [ 161.048130][ T7508] 0x000000000001-0x000000020000 : "" [ 161.085062][ T7508] ftl_cs: FTL header corrupt! [ 161.192473][ T7517] futex_wake_op: syz.2.350 tries to shift op by -2048; fix this program [ 161.207828][ T7517] futex_wake_op: syz.2.350 tries to shift op by -2048; fix this program [ 161.269467][ T7517] 0x000000000001-0x000000020000 : "" [ 161.318032][ T7517] ftl_cs: FTL header corrupt! [ 163.357431][ T7550] netlink: set zone limit has 8 unknown bytes [ 163.405383][ T7550] netlink: 12 bytes leftover after parsing attributes in process `syz.2.358'. [ 163.476091][ T7555] openvswitch: HfR: Dropping previously announced user features [ 163.529783][ T7563] futex_wake_op: syz.3.361 tries to shift op by -2048; fix this program [ 163.546028][ T7563] futex_wake_op: syz.3.361 tries to shift op by -2048; fix this program [ 164.061880][ T7585] netlink: 12 bytes leftover after parsing attributes in process `syz.1.363'. [ 166.446083][ T7657] Invalid ELF header magic: != ELF [ 166.544926][ T7657] Invalid ELF header magic: != ELF [ 166.647786][ T7657] Invalid ELF header magic: != ELF [ 166.927876][ T7657] Invalid ELF header magic: != ELF [ 167.100682][ T7657] Invalid ELF header magic: != ELF [ 167.486847][ T7690] device-mapper: ioctl: only supply one of name or uuid, cmd(12) [ 167.503140][ T7691] netlink: 28 bytes leftover after parsing attributes in process `syz.2.385'. [ 167.503138][ T7690] netlink: 28 bytes leftover after parsing attributes in process `syz.2.385'. [ 167.562727][ T7693] netlink: 12 bytes leftover after parsing attributes in process `syz.1.386'. [ 167.590408][ T7690] team0 (unregistering): Port device team_slave_0 removed [ 167.605295][ T7690] team0 (unregistering): Port device team_slave_1 removed [ 167.637551][ T7693] openvswitch: HfR: Dropping previously announced user features [ 168.111330][ T51] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 169.824338][ T7734] netlink: 12 bytes leftover after parsing attributes in process `syz.3.397'. [ 169.923513][ T7736] openvswitch: HfR: Dropping previously announced user features [ 170.048763][ T51] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 170.194577][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.424291][ T7752] ovs_: entered promiscuous mode [ 170.430318][ T7753] openvswitch: ovs_: Dropping previously announced user features [ 170.670789][ T7757] netlink: 'syz.3.404': attribute type 2 has an invalid length. [ 171.702507][ T7783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.407'. [ 171.737178][ T7783] netlink: 5 bytes leftover after parsing attributes in process `syz.1.407'. [ 171.981626][ T7792] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 172.113976][ T5150] Bluetooth: hci3: command 0x0c1a tx timeout [ 172.275443][ T5841] Bluetooth: hci2: command 0x0c1a tx timeout [ 172.425914][ T7806] netlink: 12 bytes leftover after parsing attributes in process `syz.3.413'. [ 172.502853][ T7807] openvswitch: HfR: Dropping previously announced user features [ 172.551539][ T7804] netlink: set zone limit has 8 unknown bytes [ 172.690442][ T7794] Invalid ELF header magic: != ELF [ 172.828305][ T7816] futex_wake_op: syz.3.415 tries to shift op by -2048; fix this program [ 172.855565][ T7816] futex_wake_op: syz.3.415 tries to shift op by -2048; fix this program [ 174.194003][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 174.628135][ T7857] Invalid ELF header magic: != ELF [ 175.003441][ T7862] futex_wake_op: syz.0.425 tries to shift op by -2048; fix this program [ 175.312193][ T7862] futex_wake_op: syz.0.425 tries to shift op by -2048; fix this program [ 175.325383][ T7862] 0x000000000001-0x000000020000 : "" [ 175.459490][ T7862] ftl_cs: FTL header corrupt! [ 176.311460][ T7879] futex_wake_op: syz.1.429 tries to shift op by -2048; fix this program [ 176.330471][ T7879] futex_wake_op: syz.1.429 tries to shift op by -2048; fix this program [ 176.461433][ T7883] netlink: 12 bytes leftover after parsing attributes in process `syz.2.430'. [ 176.476796][ T7883] openvswitch: HfR: Dropping previously announced user features [ 176.960981][ T30] audit: type=1800 audit(5300631441.606:8): pid=7896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.433" name="dbroot" dev="configfs" ino=17717 res=0 errno=0 [ 177.098682][ T7899] random: crng reseeded on system resumption [ 177.264719][ T7902] futex_wake_op: syz.1.436 tries to shift op by -2048; fix this program [ 177.273350][ T7902] futex_wake_op: syz.1.436 tries to shift op by -2048; fix this program [ 177.285575][ T7902] 0x000000000001-0x000000020000 : "" [ 177.296344][ T7902] ftl_cs: FTL header corrupt! [ 177.935325][ T7915] netlink: 28 bytes leftover after parsing attributes in process `syz.2.435'. [ 178.009687][ T7915] veth1_macvtap: left promiscuous mode [ 178.247917][ T7920] netlink: 12 bytes leftover after parsing attributes in process `syz.3.440'. [ 178.832535][ T7923] openvswitch: HfR: Dropping previously announced user features [ 179.896174][ T7938] futex_wake_op: syz.0.444 tries to shift op by -2048; fix this program [ 179.907647][ T7938] futex_wake_op: syz.0.444 tries to shift op by -2048; fix this program [ 181.432780][ T7965] netlink: 12 bytes leftover after parsing attributes in process `syz.1.450'. [ 181.593610][ T7966] openvswitch: HfR: Dropping previously announced user features [ 183.435660][ T7987] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 183.717814][ T7995] ptrace attach of "./syz-executor exec"[5840] was attempted by "(_hA&z#]$ Ud\x0a#f>FŧGSU:\x1b;$;N?Gb \x07r\x5ceE w%): ',Dqp&r?O^U,Z\x0acћbk4YDMqՈt3jV\x07a;>\x09\x0dd|d\x0cHbėLs:\x5cGK_~>\x0d\x07H٫\x09#g?]rY_I[#-(ʷo=\x0a<{e\x1bgv_]U̪8yٕʴyQج*)Lug4Ĕ`xj>\x1b3|L!+#q-6ŕL:MxbQC`xBó|d?]9٦\x09\x1bǮȥ4\x226Q4O+hW'zO_j[L(|I\x0c&)0\x07}F=W S[T\x22`-BܵU8g0ĽCRJ?C!D&\x0dʌ@\x0dg?j-ЎPkߙB{,cxDz\x22- TݖC]ΰzh-rƅ_ߖ؜Sg\x0cQ [ 184.000463][ T8002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.458'. [ 184.256966][ T8005] futex_wake_op: syz.0.456 tries to shift op by -2048; fix this program [ 184.327907][ T8005] futex_wake_op: syz.0.456 tries to shift op by -2048; fix this program [ 184.991407][ T8022] futex_wake_op: syz.1.462 tries to shift op by -2048; fix this program [ 185.058429][ T8022] futex_wake_op: syz.1.462 tries to shift op by -2048; fix this program [ 185.131476][ T8022] ubi1: attaching mtd0 [ 185.141472][ T8022] ubi1: scanning is finished [ 185.150802][ T8022] ubi1 error: ubi_read_volume_table: the layout volume was not found [ 185.306273][ T8022] ubi1 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 185.439912][ T8024] zswap: compressor 000 not available [ 185.463215][ T8036] futex_wake_op: syz.3.465 tries to shift op by -2048; fix this program [ 185.492564][ T8036] futex_wake_op: syz.3.465 tries to shift op by -2048; fix this program [ 185.976538][ T8050] futex_wake_op: syz.3.469 tries to shift op by -2048; fix this program [ 185.998051][ T8050] futex_wake_op: syz.3.469 tries to shift op by -2048; fix this program [ 186.964301][ T8064] vivid-007: ================= START STATUS ================= [ 186.983908][ T8064] vivid-007: Generate PTS: true [ 186.993892][ T8064] vivid-007: Generate SCR: true [ 187.003916][ T8064] tpg source WxH: 320x240 (Y'CbCr) [ 187.009065][ T8064] tpg field: 1 [ 187.035868][ T8064] tpg crop: (0,0)/320x240 [ 187.040223][ T8064] tpg compose: (0,0)/320x240 [ 187.078843][ T8064] tpg colorspace: 8 [ 187.082680][ T8064] tpg transfer function: 0/0 [ 187.124279][ T8064] tpg Y'CbCr encoding: 0/0 [ 187.137874][ T8064] tpg quantization: 0/0 [ 187.195344][ T8064] tpg RGB range: 0/2 [ 187.200549][ T8064] vivid-007: ================== END STATUS ================== [ 187.724558][ T8075] zswap: compressor not available [ 188.136037][ T8092] futex_wake_op: syz.3.478 tries to shift op by -2048; fix this program [ 188.164901][ T8092] futex_wake_op: syz.3.478 tries to shift op by -2048; fix this program [ 188.695023][ T8103] FAULT_INJECTION: forcing a failure. [ 188.695023][ T8103] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 188.750366][ T8103] CPU: 0 UID: 0 PID: 8103 Comm: syz.0.481 Not tainted syzkaller #0 PREEMPT(full) [ 188.750403][ T8103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 188.750419][ T8103] Call Trace: [ 188.750428][ T8103] [ 188.750440][ T8103] dump_stack_lvl+0x16c/0x1f0 [ 188.750467][ T8103] should_fail_ex+0x512/0x640 [ 188.750487][ T8103] should_fail_alloc_page+0xe7/0x130 [ 188.750512][ T8103] prepare_alloc_pages+0x401/0x670 [ 188.750533][ T8103] ? rcu_is_watching+0x12/0xc0 [ 188.750556][ T8103] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 188.750579][ T8103] ? __lock_acquire+0x436/0x2890 [ 188.750595][ T8103] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 188.750613][ T8103] ? __mod_zone_page_state+0xcc/0x1a0 [ 188.750629][ T8103] ? lru_gen_add_folio+0x1a4/0xef0 [ 188.750648][ T8103] ? __lock_acquire+0x436/0x2890 [ 188.750663][ T8103] ? __lock_acquire+0x436/0x2890 [ 188.750675][ T8103] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 188.750697][ T8103] ? policy_nodemask+0xea/0x4e0 [ 188.750720][ T8103] alloc_pages_mpol+0x1fb/0x550 [ 188.750742][ T8103] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 188.750768][ T8103] folio_alloc_mpol_noprof+0x36/0x2f0 [ 188.750784][ T8103] vma_alloc_folio_noprof+0xed/0x1e0 [ 188.750799][ T8103] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 188.750819][ T8103] do_anonymous_page+0xc81/0x2190 [ 188.750841][ T8103] __handle_mm_fault+0x1ecf/0x2bb0 [ 188.750861][ T8103] ? __pfx___handle_mm_fault+0x10/0x10 [ 188.750877][ T8103] ? __pte_offset_map_lock+0x174/0x310 [ 188.750897][ T8103] ? find_held_lock+0x2b/0x80 [ 188.750921][ T8103] ? follow_page_pte+0x5cf/0x1390 [ 188.750945][ T8103] handle_mm_fault+0x3fe/0xad0 [ 188.750963][ T8103] __get_user_pages+0x54e/0x3590 [ 188.750991][ T8103] ? __pfx___get_user_pages+0x10/0x10 [ 188.751021][ T8103] populate_vma_page_range+0x267/0x3f0 [ 188.751044][ T8103] ? __pfx_populate_vma_page_range+0x10/0x10 [ 188.751065][ T8103] ? __pfx_find_vma_intersection+0x10/0x10 [ 188.751086][ T8103] ? do_mmap+0x69c/0x1210 [ 188.751108][ T8103] __mm_populate+0x1d8/0x380 [ 188.751130][ T8103] ? __pfx___mm_populate+0x10/0x10 [ 188.751153][ T8103] ? up_write+0x282/0x4e0 [ 188.751170][ T8103] vm_mmap_pgoff+0x37f/0x470 [ 188.751192][ T8103] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 188.751211][ T8103] ? fd_install+0x223/0x570 [ 188.751234][ T8103] ? __x64_sys_futex+0x1e0/0x4c0 [ 188.751256][ T8103] ? __x64_sys_futex+0x1e9/0x4c0 [ 188.751275][ T8103] ksys_mmap_pgoff+0x7d/0x5c0 [ 188.751295][ T8103] ? xfd_validate_state+0x61/0x180 [ 188.751309][ T8103] ? __pfx___do_sys_close_range+0x10/0x10 [ 188.751334][ T8103] __x64_sys_mmap+0x125/0x190 [ 188.751351][ T8103] do_syscall_64+0xcd/0xf80 [ 188.751375][ T8103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.751390][ T8103] RIP: 0033:0x7fa6ceb8f7c9 [ 188.751404][ T8103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.751418][ T8103] RSP: 002b:00007fa6cfa4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 188.751432][ T8103] RAX: ffffffffffffffda RBX: 00007fa6cede5fa0 RCX: 00007fa6ceb8f7c9 [ 188.751441][ T8103] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 188.751450][ T8103] RBP: 00007fa6cec13f91 R08: ffffffffffffffff R09: 0000000000008000 [ 188.751459][ T8103] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 188.751467][ T8103] R13: 00007fa6cede6038 R14: 00007fa6cede5fa0 R15: 00007ffd9b5d8bf8 [ 188.751487][ T8103] [ 189.872700][ T8115] can: request_module (can-proto-0) failed. [ 190.253873][ T8121] FAULT_INJECTION: forcing a failure. [ 190.253873][ T8121] name failslab, interval 1, probability 0, space 0, times 0 [ 190.267098][ T8121] CPU: 1 UID: 0 PID: 8121 Comm: syz.1.485 Not tainted syzkaller #0 PREEMPT(full) [ 190.267135][ T8121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 190.267151][ T8121] Call Trace: [ 190.267161][ T8121] [ 190.267170][ T8121] dump_stack_lvl+0x16c/0x1f0 [ 190.267209][ T8121] should_fail_ex+0x512/0x640 [ 190.267237][ T8121] ? __kmalloc_noprof+0xca/0x910 [ 190.267271][ T8121] should_failslab+0xc2/0x120 [ 190.267314][ T8121] __kmalloc_noprof+0xeb/0x910 [ 190.267343][ T8121] ? __register_sysctl_table+0xe8e/0x1900 [ 190.267375][ T8121] ? __register_sysctl_table+0xea2/0x1900 [ 190.267414][ T8121] ? __register_sysctl_table+0xea2/0x1900 [ 190.267447][ T8121] __register_sysctl_table+0xea2/0x1900 [ 190.267483][ T8121] ? __pfx___register_sysctl_table+0x10/0x10 [ 190.267513][ T8121] ? kfree+0x261/0x6e0 [ 190.267542][ T8121] ? __asan_memcpy+0x3c/0x60 [ 190.267576][ T8121] setup_ipc_sysctls+0x1aa/0x300 [ 190.267620][ T8121] copy_ipcs+0x570/0x7d0 [ 190.267651][ T8121] create_new_namespaces+0x20a/0xab0 [ 190.267688][ T8121] ? security_capable+0x7e/0x260 [ 190.267735][ T8121] copy_namespaces+0x468/0x570 [ 190.267773][ T8121] copy_process+0x2a70/0x7430 [ 190.267811][ T8121] ? __pfx___schedule+0x10/0x10 [ 190.267864][ T8121] ? __pfx_copy_process+0x10/0x10 [ 190.267913][ T8121] ? _copy_from_user+0x59/0xd0 [ 190.267947][ T8121] kernel_clone+0xfc/0x910 [ 190.267990][ T8121] ? __pfx_kernel_clone+0x10/0x10 [ 190.268033][ T8121] ? futex_private_hash_put+0x160/0x1b0 [ 190.268074][ T8121] ? __pfx_futex_wake+0x10/0x10 [ 190.268118][ T8121] __do_sys_clone3+0x212/0x290 [ 190.268160][ T8121] ? __pfx___do_sys_clone3+0x10/0x10 [ 190.268218][ T8121] ? find_held_lock+0x2b/0x80 [ 190.268278][ T8121] do_syscall_64+0xcd/0xf80 [ 190.268320][ T8121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.268349][ T8121] RIP: 0033:0x7fd945b8f7c9 [ 190.268371][ T8121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.268398][ T8121] RSP: 002b:00007fd94694cf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 190.268425][ T8121] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fd945b8f7c9 [ 190.268444][ T8121] RDX: 00007fd94694cf20 RSI: 0000000000000058 RDI: 00007fd94694cf20 [ 190.268462][ T8121] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000058 [ 190.268480][ T8121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.268497][ T8121] R13: 00007fd945de6038 R14: 00007fd945de5fa0 R15: 00007ffff042d2a8 [ 190.268535][ T8121] [ 190.268546][ T8121] sysctl could not get directory: /kernel -12 [ 192.577817][ T8159] capability: warning: `syz.1.492' uses deprecated v2 capabilities in a way that may be insecure [ 198.196098][ T8245] tipc: Started in network mode [ 198.201997][ T8245] tipc: Node identity ffffffff, cluster identity 4711 [ 198.259493][ T8245] tipc: Node number set to 4294967295 [ 198.518589][ T8254] FAULT_INJECTION: forcing a failure. [ 198.518589][ T8254] name failslab, interval 1, probability 0, space 0, times 0 [ 198.578712][ T8254] CPU: 0 UID: 0 PID: 8254 Comm: syz.1.509 Not tainted syzkaller #0 PREEMPT(full) [ 198.578733][ T8254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 198.578742][ T8254] Call Trace: [ 198.578747][ T8254] [ 198.578753][ T8254] dump_stack_lvl+0x16c/0x1f0 [ 198.578778][ T8254] should_fail_ex+0x512/0x640 [ 198.578794][ T8254] ? __kmalloc_noprof+0xca/0x910 [ 198.578812][ T8254] should_failslab+0xc2/0x120 [ 198.578833][ T8254] __kmalloc_noprof+0xeb/0x910 [ 198.578848][ T8254] ? sk_prot_alloc+0x1a8/0x2a0 [ 198.578872][ T8254] ? sk_prot_alloc+0x1a8/0x2a0 [ 198.578891][ T8254] sk_prot_alloc+0x1a8/0x2a0 [ 198.578912][ T8254] sk_alloc+0x36/0xe30 [ 198.578928][ T8254] __netlink_create+0x5e/0x2c0 [ 198.578945][ T8254] ? __wake_up+0x3f/0x60 [ 198.578966][ T8254] netlink_create+0x39e/0x620 [ 198.578983][ T8254] ? __pfx_genl_bind+0x10/0x10 [ 198.579002][ T8254] ? __pfx_genl_unbind+0x10/0x10 [ 198.579028][ T8254] ? __pfx_genl_release+0x10/0x10 [ 198.579042][ T8254] __sock_create+0x339/0x8a0 [ 198.579058][ T8254] __sys_socket+0x14d/0x260 [ 198.579072][ T8254] ? __pfx___sys_socket+0x10/0x10 [ 198.579085][ T8254] ? xfd_validate_state+0x61/0x180 [ 198.579102][ T8254] __x64_sys_socket+0x72/0xb0 [ 198.579115][ T8254] ? lockdep_hardirqs_on+0x7c/0x110 [ 198.579136][ T8254] do_syscall_64+0xcd/0xf80 [ 198.579157][ T8254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.579172][ T8254] RIP: 0033:0x7fd945b8f7c9 [ 198.579184][ T8254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.579197][ T8254] RSP: 002b:00007fd94694d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 198.579211][ T8254] RAX: ffffffffffffffda RBX: 00007fd945de5fa0 RCX: 00007fd945b8f7c9 [ 198.579220][ T8254] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 198.579228][ T8254] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 198.579236][ T8254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.579244][ T8254] R13: 00007fd945de6038 R14: 00007fd945de5fa0 R15: 00007ffff042d2a8 [ 198.579268][ T8254] [ 199.404949][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.411270][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.891741][ T8280] FAULT_INJECTION: forcing a failure. [ 199.891741][ T8280] name failslab, interval 1, probability 0, space 0, times 0 [ 199.921688][ T8280] CPU: 1 UID: 0 PID: 8280 Comm: syz.1.515 Not tainted syzkaller #0 PREEMPT(full) [ 199.921724][ T8280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 199.921739][ T8280] Call Trace: [ 199.921749][ T8280] [ 199.921758][ T8280] dump_stack_lvl+0x16c/0x1f0 [ 199.921805][ T8280] should_fail_ex+0x512/0x640 [ 199.921835][ T8280] ? __kmalloc_cache_noprof+0x5f/0x800 [ 199.921868][ T8280] should_failslab+0xc2/0x120 [ 199.921909][ T8280] __kmalloc_cache_noprof+0x80/0x800 [ 199.921941][ T8280] ? vhost_net_open+0x73/0x8a0 [ 199.921975][ T8280] ? __pfx_vhost_net_open+0x10/0x10 [ 199.922004][ T8280] ? vhost_net_open+0x73/0x8a0 [ 199.922031][ T8280] ? __pfx_vhost_net_open+0x10/0x10 [ 199.922058][ T8280] vhost_net_open+0x73/0x8a0 [ 199.922085][ T8280] ? __pfx_vhost_net_open+0x10/0x10 [ 199.922116][ T8280] misc_open+0x26d/0x450 [ 199.922156][ T8280] ? __pfx_misc_open+0x10/0x10 [ 199.922186][ T8280] chrdev_open+0x234/0x6a0 [ 199.922226][ T8280] ? __pfx_apparmor_file_open+0x10/0x10 [ 199.922255][ T8280] ? __pfx_chrdev_open+0x10/0x10 [ 199.922297][ T8280] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 199.922346][ T8280] do_dentry_open+0x748/0x1590 [ 199.922384][ T8280] ? __pfx_chrdev_open+0x10/0x10 [ 199.922434][ T8280] vfs_open+0x82/0x3f0 [ 199.922469][ T8280] path_openat+0x2078/0x3140 [ 199.922518][ T8280] ? __pfx_path_openat+0x10/0x10 [ 199.922572][ T8280] do_filp_open+0x20b/0x470 [ 199.922613][ T8280] ? __pfx_do_filp_open+0x10/0x10 [ 199.922680][ T8280] ? alloc_fd+0x471/0x7d0 [ 199.922728][ T8280] do_sys_openat2+0x121/0x290 [ 199.922759][ T8280] ? __pfx_do_sys_openat2+0x10/0x10 [ 199.922805][ T8280] __x64_sys_openat+0x174/0x210 [ 199.922836][ T8280] ? __pfx___x64_sys_openat+0x10/0x10 [ 199.922881][ T8280] do_syscall_64+0xcd/0xf80 [ 199.922924][ T8280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.922953][ T8280] RIP: 0033:0x7fd945b8f7c9 [ 199.922975][ T8280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.923001][ T8280] RSP: 002b:00007fd94694d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 199.923028][ T8280] RAX: ffffffffffffffda RBX: 00007fd945de5fa0 RCX: 00007fd945b8f7c9 [ 199.923047][ T8280] RDX: 0000000000101600 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 199.923064][ T8280] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 199.923081][ T8280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 199.923096][ T8280] R13: 00007fd945de6038 R14: 00007fd945de5fa0 R15: 00007ffff042d2a8 [ 199.923141][ T8280] [ 200.254329][ T8280] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4:662f:6f6f:6d5f:6164, load rds_tcp or rds_rdma? [ 200.277964][ T8280] FAULT_INJECTION: forcing a failure. [ 200.277964][ T8280] name failslab, interval 1, probability 0, space 0, times 0 [ 200.309452][ T8280] CPU: 0 UID: 0 PID: 8280 Comm: syz.1.515 Not tainted syzkaller #0 PREEMPT(full) [ 200.309487][ T8280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 200.309503][ T8280] Call Trace: [ 200.309512][ T8280] [ 200.309522][ T8280] dump_stack_lvl+0x16c/0x1f0 [ 200.309570][ T8280] should_fail_ex+0x512/0x640 [ 200.309601][ T8280] ? __kmalloc_noprof+0xca/0x910 [ 200.309631][ T8280] should_failslab+0xc2/0x120 [ 200.309670][ T8280] __kmalloc_noprof+0xeb/0x910 [ 200.309699][ T8280] ? snd_pcm_plugin_build+0x64/0x650 [ 200.309733][ T8280] ? snd_pcm_plugin_build+0x64/0x650 [ 200.309757][ T8280] snd_pcm_plugin_build+0x64/0x650 [ 200.309785][ T8280] snd_pcm_plugin_build_linear+0x29d/0x850 [ 200.309816][ T8280] ? wake_up_all_idle_cpus+0x165/0x1e0 [ 200.309862][ T8280] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 200.309902][ T8280] ? snd_pcm_hw_params+0xcd/0x1ba0 [ 200.309942][ T8280] snd_pcm_plug_format_plugins+0x7f2/0x1430 [ 200.309975][ T8280] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 200.310012][ T8280] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 200.310082][ T8280] snd_pcm_oss_change_params_locked+0x2e1e/0x3ab0 [ 200.310132][ T8280] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 200.310184][ T8280] ? __pfx___mutex_lock+0x10/0x10 [ 200.310230][ T8280] ? snd_pcm_oss_ioctl+0x110e/0x37f0 [ 200.310281][ T8280] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 200.310314][ T8280] snd_pcm_oss_ioctl+0x2212/0x37f0 [ 200.310341][ T8280] ? hook_file_ioctl_common+0x144/0x410 [ 200.310376][ T8280] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 200.310406][ T8280] ? __fget_files+0x20e/0x3c0 [ 200.310432][ T8280] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 200.310448][ T8280] __x64_sys_ioctl+0x18e/0x210 [ 200.310467][ T8280] do_syscall_64+0xcd/0xf80 [ 200.310489][ T8280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.310504][ T8280] RIP: 0033:0x7fd945b8f7c9 [ 200.310516][ T8280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.310530][ T8280] RSP: 002b:00007fd94694d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 200.310544][ T8280] RAX: ffffffffffffffda RBX: 00007fd945de5fa0 RCX: 00007fd945b8f7c9 [ 200.310553][ T8280] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000008 [ 200.310561][ T8280] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 200.310570][ T8280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.310578][ T8280] R13: 00007fd945de6038 R14: 00007fd945de5fa0 R15: 00007ffff042d2a8 [ 200.310597][ T8280] [ 201.259239][ T8303] futex_wake_op: syz.0.522 tries to shift op by -2048; fix this program [ 201.274993][ T8303] futex_wake_op: syz.0.522 tries to shift op by -2048; fix this program [ 201.284842][ T8302] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 201.576502][ T8312] netlink: 338 bytes leftover after parsing attributes in process `syz.0.525'. [ 201.622531][ T8312] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 201.741698][ T8313] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 202.371220][ T8315] netlink: 24 bytes leftover after parsing attributes in process `syz.2.524'. [ 203.841804][ T8351] netlink: 4 bytes leftover after parsing attributes in process `syz.1.533'. [ 204.193183][ T8359] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 206.093601][ T8407] futex_wake_op: syz.2.546 tries to shift op by -2048; fix this program [ 206.179987][ T8407] futex_wake_op: syz.2.546 tries to shift op by -2048; fix this program [ 207.145413][ T8425] netlink: 'syz.1.549': attribute type 1 has an invalid length. [ 207.946341][ T8443] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 209.083449][ T8459] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 214.094715][ T8564] futex_wake_op: syz.3.581 tries to shift op by -2048; fix this program [ 214.120202][ T8564] futex_wake_op: syz.3.581 tries to shift op by -2048; fix this program [ 214.714264][ T8571] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 215.377984][ T8580] can: request_module (can-proto-3) failed. [ 216.174006][ T8585] netlink: 12 bytes leftover after parsing attributes in process `syz.1.586'. [ 216.502249][ T5831] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 216.705733][ T5831] CPU: 1 UID: 0 PID: 5831 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 216.705765][ T5831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 216.705778][ T5831] Call Trace: [ 216.705786][ T5831] [ 216.705795][ T5831] dump_stack_lvl+0x16c/0x1f0 [ 216.705835][ T5831] dump_header+0x101/0x960 [ 216.705866][ T5831] oom_kill_process+0x176/0x910 [ 216.705895][ T5831] out_of_memory+0x350/0x1700 [ 216.705922][ T5831] ? __lock_acquire+0x436/0x2890 [ 216.705950][ T5831] ? __pfx_out_of_memory+0x10/0x10 [ 216.705985][ T5831] mem_cgroup_out_of_memory+0x118/0x130 [ 216.706016][ T5831] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 216.706056][ T5831] ? do_raw_spin_unlock+0x172/0x230 [ 216.706092][ T5831] try_charge_memcg+0x695/0xd30 [ 216.706145][ T5831] ? __pfx_try_charge_memcg+0x10/0x10 [ 216.706191][ T5831] ? find_held_lock+0x2b/0x80 [ 216.706231][ T5831] charge_memcg+0x8a/0x230 [ 216.706269][ T5831] mem_cgroup_swapin_charge_folio+0xeb/0x470 [ 216.706301][ T5831] __read_swap_cache_async+0x397/0x500 [ 216.706339][ T5831] ? __pfx___read_swap_cache_async+0x10/0x10 [ 216.706373][ T5831] ? __lock_acquire+0x436/0x2890 [ 216.706407][ T5831] swap_cluster_readahead+0x432/0x770 [ 216.706453][ T5831] ? __pfx_swap_cluster_readahead+0x10/0x10 [ 216.706488][ T5831] ? __lock_acquire+0x436/0x2890 [ 216.706513][ T5831] ? _raw_spin_unlock+0x28/0x50 [ 216.706560][ T5831] ? get_vma_policy+0x242/0x3c0 [ 216.706588][ T5831] swapin_readahead+0x160/0x1220 [ 216.706633][ T5831] ? __pfx_swapin_readahead+0x10/0x10 [ 216.706667][ T5831] ? find_held_lock+0x2b/0x80 [ 216.706698][ T5831] ? swap_cache_get_folio+0x267/0x8e0 [ 216.706726][ T5831] ? swap_cache_get_folio+0x267/0x8e0 [ 216.706757][ T5831] ? swap_cache_get_folio+0x267/0x8e0 [ 216.706790][ T5831] ? swap_cache_get_folio+0x267/0x8e0 [ 216.706819][ T5831] ? swap_cache_get_folio+0x293/0x8e0 [ 216.706851][ T5831] ? __pfx_swap_cache_get_folio+0x10/0x10 [ 216.706880][ T5831] ? __pfx_get_swap_device+0x10/0x10 [ 216.706916][ T5831] ? rcu_read_unlock+0x2d/0xb0 [ 216.706950][ T5831] ? do_swap_page+0x962/0x64a0 [ 216.706972][ T5831] do_swap_page+0x962/0x64a0 [ 216.707003][ T5831] ? __lock_acquire+0x436/0x2890 [ 216.707036][ T5831] ? __pfx_do_swap_page+0x10/0x10 [ 216.707066][ T5831] ? __pfx_default_wake_function+0x10/0x10 [ 216.707103][ T5831] ? rcu_is_watching+0x12/0xc0 [ 216.707143][ T5831] ? __free_object+0x286/0x410 [ 216.707183][ T5831] ? rcu_is_watching+0x12/0xc0 [ 216.707217][ T5831] ? ___pte_offset_map+0x175/0x380 [ 216.707255][ T5831] __handle_mm_fault+0x19cb/0x2bb0 [ 216.707290][ T5831] ? reacquire_held_locks+0xcd/0x1f0 [ 216.707315][ T5831] ? __pfx___handle_mm_fault+0x10/0x10 [ 216.707348][ T5831] ? lock_vma_under_rcu+0x176/0x580 [ 216.707387][ T5831] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 216.707432][ T5831] handle_mm_fault+0x3fe/0xad0 [ 216.707467][ T5831] do_user_addr_fault+0x60c/0x1370 [ 216.707503][ T5831] ? rcu_is_watching+0x12/0xc0 [ 216.707541][ T5831] exc_page_fault+0x64/0xc0 [ 216.707575][ T5831] asm_exc_page_fault+0x26/0x30 [ 216.707601][ T5831] RIP: 0033:0x7fbe2a3b75e5 [ 216.707621][ T5831] Code: 00 00 f0 83 88 08 03 00 00 10 64 48 8b 3c 25 00 03 00 00 e8 1d 13 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 e7 02 74 0b 66 2e 0f 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 8b 90 [ 216.707644][ T5831] RSP: 002b:00007fff91cbd418 EFLAGS: 00010297 [ 216.707666][ T5831] RAX: 0000000000000002 RBX: 00000000000001db RCX: 0000000000000000 [ 216.707680][ T5831] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055555595b808 [ 216.707694][ T5831] RBP: 00007fff91cbd4cc R08: 0000000000000000 R09: 0000000000000000 [ 216.707709][ T5831] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388 [ 216.707723][ T5831] R13: 00000000000927c0 R14: 0000000000034972 R15: 00007fff91cbd520 [ 216.707755][ T5831] [ 216.707972][ T5831] memory: usage 3072kB, limit 3072kB, failcnt 57641 [ 217.107620][ T5831] memory+swap: usage 100872kB, limit 9007199254740988kB, failcnt 0 [ 217.115641][ T5831] kmem: usage 2788kB, limit 9007199254740988kB, failcnt 0 [ 217.122795][ T5831] Memory cgroup stats for /syz2: [ 217.123286][ T5831] cache 0 [ 217.141431][ T5831] rss 0 [ 217.144230][ T5831] rss_huge 0 [ 217.147430][ T5831] shmem 0 [ 217.150367][ T5831] mapped_file 0 [ 217.155141][ T5831] dirty 0 [ 217.158096][ T5831] writeback 0 [ 217.171501][ T5831] workingset_refault_anon 9035 [ 217.176312][ T5831] workingset_refault_file 12877 [ 217.201225][ T5831] swap 100147200 [ 217.204813][ T5831] swapcached 290816 [ 217.208622][ T5831] pgpgin 115055 [ 217.221112][ T5831] pgpgout 119072 [ 217.224752][ T5831] pgfault 120741 [ 217.228316][ T5831] pgmajfault 3411 [ 217.240901][ T5831] inactive_anon 290816 [ 217.245061][ T5831] active_anon 0 [ 217.248528][ T5831] inactive_file 0 [ 217.252695][ T5831] active_file 0 [ 217.256166][ T5831] unevictable 0 [ 217.259624][ T5831] hierarchical_memory_limit 3145728 [ 217.281108][ T5831] hierarchical_memsw_limit 9223372036854771712 [ 217.287319][ T5831] total_cache 0 [ 217.293418][ T5831] total_rss 0 [ 217.296731][ T5831] total_rss_huge 0 [ 217.300449][ T5831] total_shmem 0 [ 217.304496][ T5831] total_mapped_file 0 [ 217.308488][ T5831] total_dirty 0 [ 217.312402][ T5831] total_writeback 0 [ 217.317787][ T5831] total_workingset_refault_anon 9035 [ 217.324552][ T5831] total_workingset_refault_file 12877 [ 217.330012][ T5831] total_swap 100147200 [ 217.334522][ T5831] total_swapcached 290816 [ 217.338856][ T5831] total_pgpgin 115055 [ 217.343959][ T5831] total_pgpgout 119072 [ 217.348040][ T5831] total_pgfault 120741 [ 217.352517][ T5831] total_pgmajfault 3411 [ 217.356750][ T5831] total_inactive_anon 290816 [ 217.361776][ T5831] total_active_anon 0 [ 217.365761][ T5831] total_inactive_file 0 [ 217.369996][ T5831] total_active_file 0 [ 217.374663][ T5831] total_unevictable 0 [ 217.378650][ T5831] anon_cost 0 [ 217.382415][ T5831] file_cost 0 [ 217.386137][ T5831] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.433,pid=7898,uid=0 [ 217.403630][ T5831] Memory cgroup out of memory: Killed process 7898 (syz.2.433) total-vm:134860kB, anon-rss:1268kB, file-rss:55704kB, shmem-rss:128kB, UID:0 pgtables:276kB oom_score_adj:1000 [ 217.922089][ T8586] openvswitch: HfR: Dropping previously announced user features [ 218.293357][ T8598] netlink: 'syz.3.589': attribute type 14 has an invalid length. [ 218.301630][ T8598] netlink: 330 bytes leftover after parsing attributes in process `syz.3.589'. [ 219.395449][ T7898] syz.2.433 (7898) used greatest stack depth: 18008 bytes left [ 219.500696][ T8626] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'. [ 220.118023][ T30] audit: type=1800 audit(4294967304.729:9): pid=8634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.599" name="features" dev="configfs" ino=21880 res=0 errno=0 [ 220.795037][ T8652] netlink: 12 bytes leftover after parsing attributes in process `syz.0.603'. [ 220.925705][ T8654] HfR: entered promiscuous mode [ 221.066286][ T8658] netlink: 'syz.1.605': attribute type 1 has an invalid length. [ 221.311860][ T8667] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 222.133330][ T8673] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 222.691217][ T8680] ======================================================= [ 222.691217][ T8680] WARNING: The mand mount option has been deprecated and [ 222.691217][ T8680] and is ignored by this kernel. Remove the mand [ 222.691217][ T8680] option from the mount to silence this warning. [ 222.691217][ T8680] ======================================================= [ 223.486910][ T8697] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=332002866 (5312045856 ns) > initial count (4416 ns). Using initial count to start timer. [ 223.513886][ T8701] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 224.155386][ T8719] futex_wake_op: syz.1.617 tries to shift op by -2048; fix this program [ 224.164561][ T8719] futex_wake_op: syz.1.617 tries to shift op by -2048; fix this program [ 224.182357][ T8719] 0x000000000001-0x000000020000 : "" [ 224.196623][ T8719] ftl_cs: FTL header corrupt! [ 224.688918][ T8726] netlink: 28 bytes leftover after parsing attributes in process `syz.1.618'. [ 224.724969][ T8726] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 224.734341][ T8726] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 224.807143][ T8726] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 224.839192][ T8726] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 228.374523][ T8837] netlink: 12 bytes leftover after parsing attributes in process `syz.2.632'. [ 228.457438][ T8837] openvswitch: HfR: Dropping previously announced user features [ 228.645679][ T8850] mmap: syz.2.636 (8850): VmData 54169600 exceed data ulimit 3. Update limits or use boot option ignore_rlimit_data. [ 229.173834][ T8861] netlink: 28 bytes leftover after parsing attributes in process `syz.2.638'. [ 229.224255][ T8861] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 229.234438][ T8861] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 229.253503][ T8855] nfs4: Unknown parameter '$' [ 229.263029][ T8861] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 229.282963][ T8861] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 229.622705][ T8882] netlink: 252 bytes leftover after parsing attributes in process `syz.1.641'. [ 229.658582][ T8882] netlink: 252 bytes leftover after parsing attributes in process `syz.1.641'. [ 229.747005][ T8890] netlink: 252 bytes leftover after parsing attributes in process `syz.1.641'. [ 230.002343][ T8903] netlink: 4 bytes leftover after parsing attributes in process `syz.1.644'. [ 230.068916][ T8908] FAULT_INJECTION: forcing a failure. [ 230.068916][ T8908] name failslab, interval 1, probability 0, space 0, times 0 [ 230.083719][ T8908] CPU: 0 UID: 0 PID: 8908 Comm: syz.2.645 Not tainted syzkaller #0 PREEMPT(full) [ 230.083758][ T8908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 230.083774][ T8908] Call Trace: [ 230.083783][ T8908] [ 230.083793][ T8908] dump_stack_lvl+0x16c/0x1f0 [ 230.083840][ T8908] should_fail_ex+0x512/0x640 [ 230.083876][ T8908] should_failslab+0xc2/0x120 [ 230.083919][ T8908] __kmalloc_cache_noprof+0x80/0x800 [ 230.083954][ T8908] ? report_access+0x100/0x550 [ 230.083996][ T8908] ? report_access+0x100/0x550 [ 230.084031][ T8908] report_access+0x100/0x550 [ 230.084072][ T8908] yama_ptrace_access_check+0x589/0xd10 [ 230.084123][ T8908] security_ptrace_access_check+0xb2/0x210 [ 230.084168][ T8908] __ptrace_may_access+0x498/0x940 [ 230.084213][ T8908] ptrace_attach+0x24f/0x6c0 [ 230.084255][ T8908] __x64_sys_ptrace+0x25c/0x2a0 [ 230.084296][ T8908] do_syscall_64+0xcd/0xf80 [ 230.084339][ T8908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.084368][ T8908] RIP: 0033:0x7fbe2a38f7c9 [ 230.084391][ T8908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.084416][ T8908] RSP: 002b:00007fbe2b21e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 230.084443][ T8908] RAX: ffffffffffffffda RBX: 00007fbe2a5e5fa0 RCX: 00007fbe2a38f7c9 [ 230.084462][ T8908] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000004206 [ 230.084478][ T8908] RBP: 00007fbe2a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 230.084495][ T8908] R10: 0000000000200005 R11: 0000000000000246 R12: 0000000000000000 [ 230.084512][ T8908] R13: 00007fbe2a5e6038 R14: 00007fbe2a5e5fa0 R15: 00007fff91cbd108 [ 230.084551][ T8908] [ 230.303036][ T8911] netlink: 12 bytes leftover after parsing attributes in process `syz.0.646'. [ 230.345174][ T8911] openvswitch: HfR: Dropping previously announced user features [ 230.513629][ T8923] futex_wake_op: syz.2.650 tries to shift op by -2048; fix this program [ 230.800262][ T8931] cgroup: fork rejected by pids controller in /syz1 [ 233.164604][ T9143] netlink: 12 bytes leftover after parsing attributes in process `syz.0.656'. [ 233.193131][ T9143] openvswitch: HfR: Dropping previously announced user features [ 237.899645][ T9216] futex_wake_op: syz.3.673 tries to shift op by -2048; fix this program [ 237.909536][ T9216] futex_wake_op: syz.3.673 tries to shift op by -2048; fix this program [ 238.019885][ T9219] netlink: 12 bytes leftover after parsing attributes in process `syz.0.674'. [ 238.032845][ T9219] openvswitch: HfR: Dropping previously announced user features [ 239.508187][ T9239] input: jJǸ-9%vJ86 as /devices/virtual/input/input10 [ 240.861889][ T9267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.688'. [ 241.740275][ T8942] syz.1.649 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 242.185174][ T8942] CPU: 1 UID: 0 PID: 8942 Comm: syz.1.649 Not tainted syzkaller #0 PREEMPT(full) [ 242.185195][ T8942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 242.185207][ T8942] Call Trace: [ 242.185213][ T8942] [ 242.185218][ T8942] dump_stack_lvl+0x16c/0x1f0 [ 242.185245][ T8942] dump_header+0x101/0x960 [ 242.185264][ T8942] oom_kill_process+0x176/0x910 [ 242.185282][ T8942] out_of_memory+0x350/0x1700 [ 242.185297][ T8942] ? __lock_acquire+0x436/0x2890 [ 242.185314][ T8942] ? __pfx_out_of_memory+0x10/0x10 [ 242.185334][ T8942] mem_cgroup_out_of_memory+0x118/0x130 [ 242.185352][ T8942] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 242.185373][ T8942] ? do_raw_spin_unlock+0x172/0x230 [ 242.185392][ T8942] try_charge_memcg+0x695/0xd30 [ 242.185417][ T8942] ? __pfx_try_charge_memcg+0x10/0x10 [ 242.185438][ T8942] ? find_held_lock+0x11/0x80 [ 242.185457][ T8942] ? rcu_read_unlock+0x17/0x60 [ 242.185474][ T8942] charge_memcg+0x8a/0x230 [ 242.185495][ T8942] __mem_cgroup_charge+0x2b/0x1e0 [ 242.185510][ T8942] shmem_alloc_and_add_folio+0x50c/0xc20 [ 242.185532][ T8942] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 242.185556][ T8942] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 242.185577][ T8942] shmem_get_folio_gfp+0x67f/0x1610 [ 242.185597][ T8942] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 242.185618][ T8942] shmem_write_begin+0x1a4/0x3b0 [ 242.185640][ T8942] ? __pfx_shmem_write_begin+0x10/0x10 [ 242.185657][ T8942] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 242.185678][ T8942] ? lockdep_hardirqs_on+0x7c/0x110 [ 242.185701][ T8942] generic_perform_write+0x3c4/0x900 [ 242.185722][ T8942] ? __pfx_generic_perform_write+0x10/0x10 [ 242.185748][ T8942] ? file_update_time_flags+0x35c/0x520 [ 242.185765][ T8942] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 242.185783][ T8942] shmem_file_write_iter+0x10e/0x140 [ 242.185803][ T8942] __kernel_write_iter+0x31a/0xb10 [ 242.185825][ T8942] ? __pfx___kernel_write_iter+0x10/0x10 [ 242.185844][ T8942] ? __up_read+0x2d1/0x700 [ 242.185861][ T8942] ? dump_user_range+0x756/0xb70 [ 242.185886][ T8942] dump_user_range+0x413/0xb70 [ 242.185911][ T8942] ? __pfx_dump_user_range+0x10/0x10 [ 242.185932][ T8942] ? elf_coredump_extra_notes_write+0xbd/0x500 [ 242.185951][ T8942] ? __pfx_writenote+0x10/0x10 [ 242.185978][ T8942] elf_core_dump+0x29c3/0x3c10 [ 242.186001][ T8942] ? __pfx_elf_core_dump+0x10/0x10 [ 242.186013][ T8942] ? finish_task_switch.isra.0+0x202/0xbd0 [ 242.186034][ T8942] ? rcu_is_watching+0x12/0xc0 [ 242.186055][ T8942] ? finish_task_switch.isra.0+0x207/0xbd0 [ 242.186074][ T8942] ? 0xffffffffff600000 [ 242.186087][ T8942] ? __schedule+0x114c/0x6150 [ 242.186105][ T8942] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 242.186153][ T8942] ? vfs_coredump+0x2b85/0x55e0 [ 242.186172][ T8942] vfs_coredump+0x2b85/0x55e0 [ 242.186199][ T8942] ? __pfx_vfs_coredump+0x10/0x10 [ 242.186218][ T8942] ? __lock_acquire+0x436/0x2890 [ 242.186235][ T8942] ? __lock_acquire+0x436/0x2890 [ 242.186250][ T8942] ? lock_acquire+0x179/0x330 [ 242.186267][ T8942] ? lock_acquire+0x179/0x330 [ 242.186292][ T8942] ? arch_stack_walk+0xa6/0x100 [ 242.186316][ T8942] ? stack_trace_save+0x8e/0xc0 [ 242.186337][ T8942] ? __pfx_stack_trace_save+0x10/0x10 [ 242.186358][ T8942] ? stack_depot_save_flags+0x29/0x9b0 [ 242.186375][ T8942] ? __lock_acquire+0x436/0x2890 [ 242.186389][ T8942] ? kasan_save_stack+0x42/0x60 [ 242.186442][ T8942] ? proc_coredump_connector+0x2d1/0x4f0 [ 242.186464][ T8942] ? __pfx_proc_coredump_connector+0x10/0x10 [ 242.186489][ T8942] ? rcu_is_watching+0x12/0xc0 [ 242.186511][ T8942] get_signal+0x22e1/0x26d0 [ 242.186555][ T8942] ? __pfx_get_signal+0x10/0x10 [ 242.186579][ T8942] arch_do_signal_or_restart+0x8f/0x7a0 [ 242.186600][ T8942] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 242.186626][ T8942] ? do_user_addr_fault+0x926/0x1370 [ 242.186651][ T8942] irqentry_exit+0x38a/0x8c0 [ 242.186674][ T8942] asm_exc_page_fault+0x26/0x30 [ 242.186691][ T8942] RIP: 0033:0x7fd945b8f7d1 [ 242.186706][ T8942] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f [ 242.186719][ T8942] RSP: 002b:0000080000000002 EFLAGS: 00010217 [ 242.186731][ T8942] RAX: 0000000000000000 RBX: 00007fd945de6090 RCX: 00007fd945b8f7c9 [ 242.186740][ T8942] RDX: 0000000000000000 RSI: 0000080000000002 RDI: 0100000020003b49 [ 242.186748][ T8942] RBP: 00007fd945c13f91 R08: 0000000000000004 R09: 0000000000000000 [ 242.186757][ T8942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.186764][ T8942] R13: 00007fd945de6128 R14: 00007fd945de6090 R15: 00007ffff042d2a8 [ 242.186784][ T8942] [ 242.186789][ T8942] memory: usage 307200kB, limit 307200kB, failcnt 25316 [ 242.690960][ T8942] memory+swap: usage 426924kB, limit 9007199254740988kB, failcnt 0 [ 242.700378][ T8942] kmem: usage 3712kB, limit 9007199254740988kB, failcnt 0 [ 242.730955][ T8942] Memory cgroup stats for /syz1: [ 242.731191][ T8942] cache 310292480 [ 242.739736][ T8942] rss 401408 [ 242.760890][ T8942] rss_huge 0 [ 242.764496][ T8942] shmem 310292480 [ 242.768140][ T8942] mapped_file 14499840 [ 242.784015][ T8942] dirty 0 [ 242.792538][ T8942] writeback 0 [ 242.795832][ T8942] workingset_refault_anon 1101 [ 242.811036][ T8942] workingset_refault_file 466 [ 242.815748][ T8942] swap 122597376 [ 242.819273][ T8942] swapcached 12288 [ 242.831010][ T8942] pgpgin 301190 [ 242.841820][ T8942] pgpgout 225969 [ 242.845379][ T8942] pgfault 180213 [ 242.915372][ T8942] pgmajfault 268 [ 242.919231][ T8942] inactive_anon 168824832 [ 242.953618][ T8942] active_anon 141881344 [ 242.966903][ T8942] inactive_file 0 [ 242.970584][ T8942] active_file 0 [ 242.995575][ T8942] unevictable 0 [ 243.020980][ T8942] hierarchical_memory_limit 314572800 [ 243.026398][ T8942] hierarchical_memsw_limit 9223372036854771712 [ 243.046155][ T8942] total_cache 310292480 [ 243.085115][ T8942] total_rss 401408 [ 243.089285][ T8942] total_rss_huge 0 [ 243.114728][ T8942] total_shmem 310292480 [ 243.118977][ T8942] total_mapped_file 14499840 [ 243.151244][ T8942] total_dirty 0 [ 243.154761][ T8942] total_writeback 0 [ 243.174671][ T8942] total_workingset_refault_anon 1101 [ 243.197367][ T8942] total_workingset_refault_file 466 [ 243.227265][ T8942] total_swap 122597376 [ 243.245076][ T8942] total_swapcached 12288 [ 243.249361][ T8942] total_pgpgin 301190 [ 243.253410][ T8942] total_pgpgout 225969 [ 243.257506][ T8942] total_pgfault 180213 [ 243.261706][ T8942] total_pgmajfault 268 [ 243.265877][ T8942] total_inactive_anon 168824832 [ 243.270730][ T8942] total_active_anon 141881344 [ 243.292498][ T8942] total_inactive_file 0 [ 243.315878][ T8942] total_active_file 0 [ 243.331517][ T8942] total_unevictable 0 [ 243.335544][ T8942] anon_cost 0 [ 243.344233][ T9288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.691'. [ 243.354837][ T8942] file_cost 0 [ 243.358168][ T8942] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.649,pid=8963,uid=0 [ 243.410291][ T8942] Memory cgroup out of memory: Killed process 8963 (syz.1.649) total-vm:131488kB, anon-rss:1144kB, file-rss:21540kB, shmem-rss:14336kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 245.284307][ T9319] futex_wake_op: syz.3.697 tries to shift op by -2048; fix this program [ 245.296527][ T9319] futex_wake_op: syz.3.697 tries to shift op by -2048; fix this program [ 245.727347][ T32] oom_reaper: reaped process 8963 (syz.1.649), now anon-rss:0kB, file-rss:20488kB, shmem-rss:12416kB [ 248.258557][ T9357] binder: 9353:9357 ioctl c018620c 0 returned -22 [ 250.179540][ T9396] FAULT_INJECTION: forcing a failure. [ 250.179540][ T9396] name failslab, interval 1, probability 0, space 0, times 0 [ 250.220953][ T9396] CPU: 0 UID: 0 PID: 9396 Comm: syz.0.716 Not tainted syzkaller #0 PREEMPT(full) [ 250.220990][ T9396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 250.221005][ T9396] Call Trace: [ 250.221013][ T9396] [ 250.221023][ T9396] dump_stack_lvl+0x16c/0x1f0 [ 250.221077][ T9396] should_fail_ex+0x512/0x640 [ 250.221107][ T9396] ? kmem_cache_alloc_noprof+0x62/0x770 [ 250.221146][ T9396] should_failslab+0xc2/0x120 [ 250.221188][ T9396] kmem_cache_alloc_noprof+0x83/0x770 [ 250.221223][ T9396] ? __pmd_alloc+0xbf/0x9c0 [ 250.221270][ T9396] ? __pmd_alloc+0xbf/0x9c0 [ 250.221309][ T9396] __pmd_alloc+0xbf/0x9c0 [ 250.221348][ T9396] ? __pud_alloc+0x57a/0x760 [ 250.221392][ T9396] walk_to_pmd+0x3a6/0x4c0 [ 250.221436][ T9396] __get_locked_pte+0x25/0xc0 [ 250.221480][ T9396] map_ldt_struct+0x3b0/0xa60 [ 250.221522][ T9396] ? __pfx_map_ldt_struct+0x10/0x10 [ 250.221556][ T9396] ? kasan_save_track+0x14/0x30 [ 250.221599][ T9396] write_ldt+0x8fa/0xd20 [ 250.221638][ T9396] ? __pfx_write_ldt+0x10/0x10 [ 250.221669][ T9396] ? fput+0x70/0xf0 [ 250.221699][ T9396] ? __pfx_do_writev+0x10/0x10 [ 250.221742][ T9396] __x64_sys_modify_ldt+0xb1/0x170 [ 250.221777][ T9396] do_syscall_64+0xcd/0xf80 [ 250.221828][ T9396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.221856][ T9396] RIP: 0033:0x7fa6ceb8f7c9 [ 250.221879][ T9396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.221904][ T9396] RSP: 002b:00007fa6cfa4a038 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 250.221928][ T9396] RAX: ffffffffffffffda RBX: 00007fa6cede5fa0 RCX: 00007fa6ceb8f7c9 [ 250.221947][ T9396] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 250.221964][ T9396] RBP: 00007fa6cec13f91 R08: 0000000000000000 R09: 0000000000000000 [ 250.221981][ T9396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.221997][ T9396] R13: 00007fa6cede6038 R14: 00007fa6cede5fa0 R15: 00007ffd9b5d8bf8 [ 250.222042][ T9396] [ 251.749000][ T9429] netlink: 12 bytes leftover after parsing attributes in process `syz.3.724'. [ 251.953082][ T9430] openvswitch: HfR: Dropping previously announced user features [ 253.132401][ T9460] FAULT_INJECTION: forcing a failure. [ 253.132401][ T9460] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 253.190953][ T9460] CPU: 0 UID: 0 PID: 9460 Comm: syz.2.730 Not tainted syzkaller #0 PREEMPT(full) [ 253.190993][ T9460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 253.191009][ T9460] Call Trace: [ 253.191018][ T9460] [ 253.191029][ T9460] dump_stack_lvl+0x16c/0x1f0 [ 253.191077][ T9460] should_fail_ex+0x512/0x640 [ 253.191113][ T9460] _copy_from_user+0x2e/0xd0 [ 253.191144][ T9460] kstrtouint_from_user+0xd6/0x1d0 [ 253.191183][ T9460] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 253.191228][ T9460] ? get_pid_task+0xfc/0x250 [ 253.191261][ T9460] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 253.191287][ T9460] proc_fail_nth_write+0x83/0x220 [ 253.191314][ T9460] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 253.191340][ T9460] ? iov_iter_advance+0x1e3/0x6c0 [ 253.191372][ T9460] vfs_writev+0x5df/0xde0 [ 253.191418][ T9460] ? __pfx_vfs_writev+0x10/0x10 [ 253.191452][ T9460] ? fdget_pos+0x2a2/0x370 [ 253.191527][ T9460] ? __fget_files+0x20e/0x3c0 [ 253.191576][ T9460] ? do_writev+0x132/0x340 [ 253.191609][ T9460] do_writev+0x132/0x340 [ 253.191644][ T9460] ? __pfx_do_writev+0x10/0x10 [ 253.191691][ T9460] do_syscall_64+0xcd/0xf80 [ 253.191734][ T9460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.191762][ T9460] RIP: 0033:0x7fbe2a38f7c9 [ 253.191784][ T9460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 253.191810][ T9460] RSP: 002b:00007fbe2b21e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 253.191836][ T9460] RAX: ffffffffffffffda RBX: 00007fbe2a5e5fa0 RCX: 00007fbe2a38f7c9 [ 253.191855][ T9460] RDX: 0000000000000003 RSI: 0000200000000200 RDI: 0000000000000006 [ 253.191872][ T9460] RBP: 00007fbe2a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 253.191889][ T9460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 253.191906][ T9460] R13: 00007fbe2a5e6038 R14: 00007fbe2a5e5fa0 R15: 00007fff91cbd108 [ 253.191945][ T9460] [ 255.004446][ T9487] zswap: compressor not available [ 257.914053][ T9546] input: f as /devices/virtual/input/input11 [ 258.500322][ T9552] Invalid ELF header magic: != ELF [ 258.714303][ T9552] Invalid ELF header magic: != ELF [ 258.860803][ T9552] Invalid ELF header magic: != ELF [ 258.935430][ T9563] nvme_fabrics: unknown parameter or missing value '@' in ctrl creation request [ 259.117630][ T9552] Invalid ELF header magic: != ELF [ 259.228031][ T9552] Invalid ELF header magic: != ELF [ 259.318857][ T9552] Invalid ELF header magic: != ELF [ 260.844499][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.862129][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.223955][ T9613] zswap: compressor not available [ 263.453367][ T9625] FAULT_INJECTION: forcing a failure. [ 263.453367][ T9625] name failslab, interval 1, probability 0, space 0, times 0 [ 263.477206][ T9625] CPU: 1 UID: 0 PID: 9625 Comm: syz.2.762 Not tainted syzkaller #0 PREEMPT(full) [ 263.477245][ T9625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 263.477262][ T9625] Call Trace: [ 263.477271][ T9625] [ 263.477282][ T9625] dump_stack_lvl+0x16c/0x1f0 [ 263.477329][ T9625] should_fail_ex+0x512/0x640 [ 263.477360][ T9625] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 263.477398][ T9625] should_failslab+0xc2/0x120 [ 263.477440][ T9625] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 263.477476][ T9625] ? stack_trace_save+0x8e/0xc0 [ 263.477517][ T9625] ? __d_alloc+0x35/0xa80 [ 263.477549][ T9625] ? __d_alloc+0x35/0xa80 [ 263.477571][ T9625] __d_alloc+0x35/0xa80 [ 263.477601][ T9625] d_alloc_parallel+0x111/0x1510 [ 263.477646][ T9625] ? find_held_lock+0x2b/0x80 [ 263.477684][ T9625] ? __pfx_d_alloc_parallel+0x10/0x10 [ 263.477732][ T9625] ? __d_lookup+0x266/0x4a0 [ 263.477775][ T9625] lookup_open.isra.0+0x66c/0x1780 [ 263.477822][ T9625] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 263.477873][ T9625] ? mnt_get_write_access+0x1e9/0x2f0 [ 263.477909][ T9625] path_openat+0x12bb/0x3140 [ 263.477961][ T9625] ? __pfx_path_openat+0x10/0x10 [ 263.478014][ T9625] do_filp_open+0x20b/0x470 [ 263.478057][ T9625] ? __pfx_do_filp_open+0x10/0x10 [ 263.478126][ T9625] ? alloc_fd+0x471/0x7d0 [ 263.478176][ T9625] do_sys_openat2+0x121/0x290 [ 263.478208][ T9625] ? __pfx_do_sys_openat2+0x10/0x10 [ 263.478255][ T9625] __x64_sys_openat+0x174/0x210 [ 263.478287][ T9625] ? __pfx___x64_sys_openat+0x10/0x10 [ 263.478334][ T9625] do_syscall_64+0xcd/0xf80 [ 263.478379][ T9625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.478407][ T9625] RIP: 0033:0x7fbe2a38f7c9 [ 263.478430][ T9625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.478455][ T9625] RSP: 002b:00007fbe2b1fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 263.478484][ T9625] RAX: ffffffffffffffda RBX: 00007fbe2a5e6090 RCX: 00007fbe2a38f7c9 [ 263.478503][ T9625] RDX: 0000000000000202 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 263.478521][ T9625] RBP: 00007fbe2a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 263.478539][ T9625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 263.478555][ T9625] R13: 00007fbe2a5e6128 R14: 00007fbe2a5e6090 R15: 00007fff91cbd108 [ 263.478596][ T9625] [ 264.453246][ T9639] FAULT_INJECTION: forcing a failure. [ 264.453246][ T9639] name failslab, interval 1, probability 0, space 0, times 0 [ 264.499893][ T9639] CPU: 1 UID: 0 PID: 9639 Comm: syz.1.763 Not tainted syzkaller #0 PREEMPT(full) [ 264.499933][ T9639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 264.499949][ T9639] Call Trace: [ 264.499958][ T9639] [ 264.499969][ T9639] dump_stack_lvl+0x16c/0x1f0 [ 264.500017][ T9639] should_fail_ex+0x512/0x640 [ 264.500048][ T9639] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 264.500089][ T9639] should_failslab+0xc2/0x120 [ 264.500130][ T9639] kmem_cache_alloc_node_noprof+0x86/0x800 [ 264.500164][ T9639] ? alloc_unbound_pwq+0x3ff/0xe10 [ 264.500208][ T9639] ? alloc_unbound_pwq+0x3ff/0xe10 [ 264.500242][ T9639] alloc_unbound_pwq+0x3ff/0xe10 [ 264.500288][ T9639] apply_wqattrs_prepare+0x3af/0xbd0 [ 264.500340][ T9639] apply_workqueue_attrs_locked+0x64/0xe0 [ 264.500378][ T9639] apply_workqueue_attrs+0x2a/0x50 [ 264.500418][ T9639] padata_set_cpumask+0x237/0x510 [ 264.500464][ T9639] store_cpumask+0x120/0x1a0 [ 264.500500][ T9639] ? __pfx_store_cpumask+0x10/0x10 [ 264.500546][ T9639] ? find_held_lock+0x2b/0x80 [ 264.500589][ T9639] ? __pfx_store_cpumask+0x10/0x10 [ 264.500625][ T9639] padata_sysfs_store+0x5c/0x90 [ 264.500662][ T9639] ? __pfx_padata_sysfs_store+0x10/0x10 [ 264.500699][ T9639] sysfs_kf_write+0xf2/0x150 [ 264.500731][ T9639] kernfs_fop_write_iter+0x3af/0x570 [ 264.500770][ T9639] ? __pfx_sysfs_kf_write+0x10/0x10 [ 264.500803][ T9639] vfs_write+0x7d3/0x11d0 [ 264.500843][ T9639] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 264.500885][ T9639] ? __pfx_vfs_write+0x10/0x10 [ 264.500947][ T9639] ksys_write+0x12a/0x250 [ 264.500984][ T9639] ? __pfx_ksys_write+0x10/0x10 [ 264.501029][ T9639] do_syscall_64+0xcd/0xf80 [ 264.501072][ T9639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.501101][ T9639] RIP: 0033:0x7fd945b8f7c9 [ 264.501125][ T9639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 264.501151][ T9639] RSP: 002b:00007fd943dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 264.501176][ T9639] RAX: ffffffffffffffda RBX: 00007fd945de6180 RCX: 00007fd945b8f7c9 [ 264.501193][ T9639] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 264.501209][ T9639] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 264.501226][ T9639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.501242][ T9639] R13: 00007fd945de6218 R14: 00007fd945de6180 R15: 00007ffff042d2a8 [ 264.501281][ T9639] [ 265.234440][ T9654] openvswitch: HfR: Dropping previously announced user features [ 266.320703][ T5921] Process accounting resumed [ 267.861849][ T9678] netlink: 28 bytes leftover after parsing attributes in process `syz.0.776'. [ 268.704741][ T9696] FAULT_INJECTION: forcing a failure. [ 268.704741][ T9696] name failslab, interval 1, probability 0, space 0, times 0 [ 268.780591][ T9696] CPU: 1 UID: 0 PID: 9696 Comm: syz.1.779 Not tainted syzkaller #0 PREEMPT(full) [ 268.780631][ T9696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 268.780648][ T9696] Call Trace: [ 268.780658][ T9696] [ 268.780669][ T9696] dump_stack_lvl+0x16c/0x1f0 [ 268.780717][ T9696] should_fail_ex+0x512/0x640 [ 268.780747][ T9696] ? fs_reclaim_acquire+0xae/0x150 [ 268.780793][ T9696] should_failslab+0xc2/0x120 [ 268.780835][ T9696] __kmalloc_noprof+0xeb/0x910 [ 268.780872][ T9696] ? ima_alloc_init_template+0x19d/0x720 [ 268.780911][ T9696] ? ima_alloc_init_template+0x19d/0x720 [ 268.780939][ T9696] ima_alloc_init_template+0x19d/0x720 [ 268.780973][ T9696] ? take_dentry_name_snapshot+0x319/0x7d0 [ 268.781010][ T9696] ima_store_measurement+0x1eb/0x5c0 [ 268.781044][ T9696] ? __pfx_ima_store_measurement+0x10/0x10 [ 268.781072][ T9696] ? release_dentry_name_snapshot+0x10/0x90 [ 268.781114][ T9696] ? ima_d_path+0x12b/0x2a0 [ 268.781151][ T9696] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 268.781198][ T9696] process_measurement+0x17fa/0x22d0 [ 268.781252][ T9696] ? __pfx_process_measurement+0x10/0x10 [ 268.781292][ T9696] ? kasan_save_stack+0x42/0x60 [ 268.781326][ T9696] ? kasan_save_track+0x14/0x30 [ 268.781359][ T9696] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 268.781398][ T9696] ? find_held_lock+0x2b/0x80 [ 268.781434][ T9696] ? aa_file_perm+0x29e/0x1560 [ 268.781513][ T9696] ima_file_mmap+0x1b6/0x1e0 [ 268.781553][ T9696] ? __pfx_ima_file_mmap+0x10/0x10 [ 268.781603][ T9696] security_mmap_file+0x88c/0x990 [ 268.781636][ T9696] vm_mmap_pgoff+0xec/0x470 [ 268.781674][ T9696] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 268.781709][ T9696] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 268.781742][ T9696] ? hugetlbfs_get_inode+0x31f/0x700 [ 268.781777][ T9696] ksys_mmap_pgoff+0x1c8/0x5c0 [ 268.781818][ T9696] __x64_sys_mmap+0x125/0x190 [ 268.781849][ T9696] do_syscall_64+0xcd/0xf80 [ 268.781901][ T9696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.781927][ T9696] RIP: 0033:0x7fd945b8f7c9 [ 268.781949][ T9696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.781972][ T9696] RSP: 002b:00007fd94694d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 268.781998][ T9696] RAX: ffffffffffffffda RBX: 00007fd945de5fa0 RCX: 00007fd945b8f7c9 [ 268.782017][ T9696] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 268.782034][ T9696] RBP: 00007fd945c13f91 R08: 0000000000000401 R09: 0000300000000000 [ 268.782051][ T9696] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 268.782067][ T9696] R13: 00007fd945de6038 R14: 00007fd945de5fa0 R15: 00007ffff042d2a8 [ 268.782104][ T9696] [ 269.130602][ T30] audit: type=1804 audit(4294967353.769:10): pid=9696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.779" name="anon_hugepage" dev="hugetlbfs" ino=27244 res=0 errno=0 [ 269.354781][ T9709] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[9709] [ 272.087395][ T9741] netlink: 8 bytes leftover after parsing attributes in process `syz.1.789'. [ 272.427667][ T9758] random: crng reseeded on system resumption [ 273.348561][ T9786] FAULT_INJECTION: forcing a failure. [ 273.348561][ T9786] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 273.458937][ T9786] CPU: 1 UID: 0 PID: 9786 Comm: syz.1.796 Not tainted syzkaller #0 PREEMPT(full) [ 273.458978][ T9786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 273.458994][ T9786] Call Trace: [ 273.459003][ T9786] [ 273.459014][ T9786] dump_stack_lvl+0x16c/0x1f0 [ 273.459060][ T9786] should_fail_ex+0x512/0x640 [ 273.459097][ T9786] _copy_from_user+0x2e/0xd0 [ 273.459129][ T9786] do_sys_name_to_handle+0x205/0x830 [ 273.459178][ T9786] ? __pfx_do_sys_name_to_handle+0x10/0x10 [ 273.459225][ T9786] ? putname+0xf5/0x1a0 [ 273.459248][ T9786] ? putname+0xf5/0x1a0 [ 273.459277][ T9786] __x64_sys_name_to_handle_at+0x2af/0x310 [ 273.459322][ T9786] ? __pfx___x64_sys_name_to_handle_at+0x10/0x10 [ 273.459377][ T9786] do_syscall_64+0xcd/0xf80 [ 273.459426][ T9786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.459454][ T9786] RIP: 0033:0x7fd945b8f7c9 [ 273.459476][ T9786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.459502][ T9786] RSP: 002b:00007fd943dd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f [ 273.459529][ T9786] RAX: ffffffffffffffda RBX: 00007fd945de6180 RCX: 00007fd945b8f7c9 [ 273.459548][ T9786] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 273.459566][ T9786] RBP: 00007fd945c13f91 R08: 0000000000000002 R09: 0000000000000000 [ 273.459583][ T9786] R10: 0000200000001180 R11: 0000000000000246 R12: 0000000000000000 [ 273.459600][ T9786] R13: 00007fd945de6218 R14: 00007fd945de6180 R15: 00007ffff042d2a8 [ 273.459637][ T9786] [ 274.079747][ T9783] ima: policy update failed [ 274.162688][ T30] audit: type=1802 audit(4294967358.809:11): pid=9783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.799" res=0 errno=0 getty: ttyS0: read error: Resour[ 274.307961][ T9793] mkiss: ax0: crc mode is auto. [ 274.436081][ T9793] ptrace attach of "./syz-executor exec"[5843] was attempted by ""[9793] [ 274.648860][ T9800] openvswitch: HfR: Dropping previously announced user features [ 274.700731][ T9795] mkiss: ax0: crc mode is auto. [ 275.083034][ T9806] openvswitch: HfR: Dropping previously announced user features [ 275.729143][ T9834] openvswitch: HfR: Dropping previously announced user features [ 276.039425][ T9846] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1937339183.1685024047.795176053), cmd(13) [ 276.104826][ T9850] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 276.739440][ T9864] netlink: 342 bytes leftover after parsing attributes in process `syz.3.815'. [ 278.287002][ T9925] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 280.009254][ T9967] openvswitch: HfR: Dropping previously announced user features [ 280.519684][ T9974] zswap: compressor not available [ 283.645277][T10035] usb usb3: usbfs: process 10035 (syz.2.847) did not claim interface 2 before use [ 284.151201][T10047] ovs_: entered promiscuous mode [ 284.273720][T10060] netlink: 4324 bytes leftover after parsing attributes in process `syz.3.850'. [ 285.062599][T10073] netlink: 322 bytes leftover after parsing attributes in process `syz.2.854'. [ 286.133633][ T9841] mkiss: ax0: crc mode is auto. [ 289.315963][T10176] vivid-007: ================= START STATUS ================= [ 289.323920][T10176] vivid-007: Generate PTS: true [ 289.328929][T10176] vivid-007: Generate SCR: true [ 289.334628][T10176] tpg source WxH: 320x240 (Y'CbCr) [ 289.339764][T10176] tpg field: 1 [ 289.343192][T10176] tpg crop: (0,0)/320x240 [ 289.347611][T10176] tpg compose: (0,0)/320x240 [ 289.353125][T10176] tpg colorspace: 8 [ 289.356991][T10176] tpg transfer function: 0/0 [ 289.440492][T10176] tpg Y'CbCr encoding: 0/0 [ 289.469932][T10176] tpg quantization: 0/0 [ 289.481694][T10176] tpg RGB range: 0/2 [ 289.496764][T10176] vivid-007: ================== END STATUS ================== [ 289.554940][T10182] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 290.140075][T10191] Invalid ELF header magic: != ELF [ 291.652535][T10224] Invalid ELF header magic: != ELF [ 291.882708][T10235] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 293.432078][T10267] netlink: 342 bytes leftover after parsing attributes in process `syz.3.900'. [ 295.305596][T10310] ptp ptp0: only physical clock in use now [ 296.942765][T10343] netlink: 8 bytes leftover after parsing attributes in process `syz.0.916'. [ 297.496708][T10137] mkiss: ax0: crc mode is auto. [ 298.223178][T10367] Invalid ELF header magic: != ELF [ 299.401211][T10387] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 301.792243][T10433] FAULT_INJECTION: forcing a failure. [ 301.792243][T10433] name failslab, interval 1, probability 0, space 0, times 0 [ 301.806426][T10433] CPU: 0 UID: 0 PID: 10433 Comm: syz.1.938 Not tainted syzkaller #0 PREEMPT(full) [ 301.806465][T10433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 301.806481][T10433] Call Trace: [ 301.806490][T10433] [ 301.806501][T10433] dump_stack_lvl+0x16c/0x1f0 [ 301.806547][T10433] should_fail_ex+0x512/0x640 [ 301.806578][T10433] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 301.806622][T10433] should_failslab+0xc2/0x120 [ 301.806663][T10433] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 301.806696][T10433] ? alloc_inode+0x64/0x240 [ 301.806731][T10433] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 301.806768][T10433] ? alloc_inode+0x64/0x240 [ 301.806800][T10433] alloc_inode+0x64/0x240 [ 301.806826][T10433] new_inode+0x22/0x1c0 [ 301.806857][T10433] debugfs_create_dir+0xc4/0x470 [ 301.806887][T10433] drm_debugfs_clients_add+0x6f/0x200 [ 301.806918][T10433] drm_file_alloc+0x5c6/0xb40 [ 301.806954][T10433] drm_open_helper+0x204/0x550 [ 301.806989][T10433] drm_open+0x1a0/0x3e0 [ 301.807021][T10433] ? __pfx_drm_open+0x10/0x10 [ 301.807053][T10433] drm_stub_open+0x20f/0x380 [ 301.807085][T10433] ? __pfx_drm_stub_open+0x10/0x10 [ 301.807116][T10433] chrdev_open+0x234/0x6a0 [ 301.807157][T10433] ? __pfx_apparmor_file_open+0x10/0x10 [ 301.807185][T10433] ? __pfx_chrdev_open+0x10/0x10 [ 301.807229][T10433] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 301.807278][T10433] do_dentry_open+0x748/0x1590 [ 301.807317][T10433] ? __pfx_chrdev_open+0x10/0x10 [ 301.807368][T10433] vfs_open+0x82/0x3f0 [ 301.807402][T10433] path_openat+0x2078/0x3140 [ 301.807454][T10433] ? __pfx_path_openat+0x10/0x10 [ 301.807509][T10433] do_filp_open+0x20b/0x470 [ 301.807550][T10433] ? __pfx_do_filp_open+0x10/0x10 [ 301.807618][T10433] ? alloc_fd+0x471/0x7d0 [ 301.807667][T10433] do_sys_openat2+0x121/0x290 [ 301.807698][T10433] ? __pfx_do_sys_openat2+0x10/0x10 [ 301.807743][T10433] __x64_sys_openat+0x174/0x210 [ 301.807776][T10433] ? __pfx___x64_sys_openat+0x10/0x10 [ 301.807830][T10433] do_syscall_64+0xcd/0xf80 [ 301.807876][T10433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.807904][T10433] RIP: 0033:0x7fd945b8f7c9 [ 301.807926][T10433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.807953][T10433] RSP: 002b:00007fd94694d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 301.807980][T10433] RAX: ffffffffffffffda RBX: 00007fd945de5fa0 RCX: 00007fd945b8f7c9 [ 301.808000][T10433] RDX: 0000000000020100 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 301.808018][T10433] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 301.808035][T10433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.808051][T10433] R13: 00007fd945de6038 R14: 00007fd945de5fa0 R15: 00007ffff042d2a8 [ 301.808090][T10433] [ 301.808101][T10433] debugfs: out of free dentries, can not create directory 'client-37' [ 303.581665][T10473] ptrace attach of "./syz-executor exec"[5843] was attempted by "./syz-executor exec"[10473] [ 304.441529][ T5934] smpboot: CPU 1 is now offline [ 304.547748][T10497] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 305.135325][T10516] bond0: no command found in slaves file - use +ifname or -ifname [ 305.172565][T10516] FAULT_INJECTION: forcing a failure. [ 305.172565][T10516] name failslab, interval 1, probability 0, space 0, times 0 [ 305.222508][T10516] CPU: 0 UID: 0 PID: 10516 Comm: syz.1.957 Not tainted syzkaller #0 PREEMPT(full) [ 305.222545][T10516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 305.222558][T10516] Call Trace: [ 305.222566][T10516] [ 305.222576][T10516] dump_stack_lvl+0x16c/0x1f0 [ 305.222619][T10516] should_fail_ex+0x512/0x640 [ 305.222647][T10516] ? __kmalloc_noprof+0xca/0x910 [ 305.222682][T10516] should_failslab+0xc2/0x120 [ 305.222723][T10516] __kmalloc_noprof+0xeb/0x910 [ 305.222749][T10516] ? __kernel_text_address+0xd/0x40 [ 305.222782][T10516] ? constrain_params_by_rules+0x175/0xca0 [ 305.222833][T10516] ? constrain_params_by_rules+0x175/0xca0 [ 305.222874][T10516] constrain_params_by_rules+0x175/0xca0 [ 305.222923][T10516] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 305.222961][T10516] ? lockdep_hardirqs_on+0x7c/0x110 [ 305.223004][T10516] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 305.223055][T10516] ? __kasan_kmalloc+0xaa/0xb0 [ 305.223089][T10516] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0 [ 305.223133][T10516] ? snd_pcm_oss_change_params_locked+0x1511/0x3ab0 [ 305.223160][T10516] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 305.223208][T10516] snd_pcm_hw_refine+0x7de/0xad0 [ 305.223256][T10516] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 305.223315][T10516] ? _snd_pcm_hw_param_min+0x259/0x630 [ 305.223364][T10516] snd_pcm_hw_param_near.constprop.0+0x58a/0x8e0 [ 305.223415][T10516] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 305.223458][T10516] ? __asan_memset+0x23/0x50 [ 305.223498][T10516] ? calc_src_frames.isra.0+0x187/0x1d0 [ 305.223537][T10516] snd_pcm_oss_change_params_locked+0x1511/0x3ab0 [ 305.223584][T10516] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 305.223631][T10516] ? __pfx___mutex_lock+0x10/0x10 [ 305.223703][T10516] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 305.223734][T10516] snd_pcm_oss_set_trigger.isra.0+0x211/0x6b0 [ 305.223763][T10516] ? lockdep_hardirqs_on+0x7c/0x110 [ 305.223807][T10516] snd_pcm_oss_poll+0x5a5/0xb90 [ 305.223837][T10516] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 305.223858][T10516] ? __fget_files+0x20e/0x3c0 [ 305.223903][T10516] ? __pfx_snd_pcm_oss_poll+0x10/0x10 [ 305.223930][T10516] do_sys_poll+0x55c/0xdf0 [ 305.223980][T10516] ? __pfx_do_sys_poll+0x10/0x10 [ 305.224051][T10516] ? __futex_wait+0x24b/0x2f0 [ 305.224097][T10516] ? __pfx_pollwake+0x10/0x10 [ 305.224189][T10516] ? __pfx_timespec64_add_safe+0x10/0x10 [ 305.224222][T10516] ? ktime_get_ts64+0x2d2/0x400 [ 305.224250][T10516] ? read_tsc+0x9/0x20 [ 305.224285][T10516] ? ktime_get_ts64+0x256/0x400 [ 305.224322][T10516] __x64_sys_poll+0x1a6/0x450 [ 305.224359][T10516] ? __pfx___x64_sys_poll+0x10/0x10 [ 305.224408][T10516] do_syscall_64+0xcd/0xf80 [ 305.224451][T10516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.224486][T10516] RIP: 0033:0x7fd945b8f7c9 [ 305.224509][T10516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.224537][T10516] RSP: 002b:00007fd94694d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 305.224565][T10516] RAX: ffffffffffffffda RBX: 00007fd945de5fa0 RCX: 00007fd945b8f7c9 [ 305.224584][T10516] RDX: 00000000000ffffc RSI: 0000000000000040 RDI: 00002000000002c0 [ 305.224602][T10516] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 305.224620][T10516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 305.224637][T10516] R13: 00007fd945de6038 R14: 00007fd945de5fa0 R15: 00007ffff042d2a8 [ 305.224676][T10516] [ 305.629966][T10484] syz.2.949 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 305.640223][T10484] CPU: 0 UID: 0 PID: 10484 Comm: syz.2.949 Not tainted syzkaller #0 PREEMPT(full) [ 305.640255][T10484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 305.640266][T10484] Call Trace: [ 305.640273][T10484] [ 305.640279][T10484] dump_stack_lvl+0x16c/0x1f0 [ 305.640305][T10484] dump_header+0x101/0x960 [ 305.640323][T10484] oom_kill_process+0x176/0x910 [ 305.640341][T10484] out_of_memory+0x350/0x1700 [ 305.640360][T10484] ? __pfx_out_of_memory+0x10/0x10 [ 305.640381][T10484] mem_cgroup_out_of_memory+0x118/0x130 [ 305.640398][T10484] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 305.640420][T10484] ? do_raw_spin_unlock+0x172/0x230 [ 305.640441][T10484] try_charge_memcg+0x695/0xd30 [ 305.640467][T10484] ? __pfx_try_charge_memcg+0x10/0x10 [ 305.640488][T10484] ? peak_open+0x31/0x50 [ 305.640503][T10484] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 305.640523][T10484] __memcg_kmem_charge_page+0xda/0x420 [ 305.640548][T10484] memcg_charge_kernel_stack+0xc3/0x1f0 [ 305.640571][T10484] copy_process+0x64b/0x7430 [ 305.640592][T10484] ? do_swap_page+0x16a0/0x64a0 [ 305.640613][T10484] ? __pfx_copy_process+0x10/0x10 [ 305.640639][T10484] ? _copy_from_user+0x59/0xd0 [ 305.640657][T10484] kernel_clone+0xfc/0x910 [ 305.640677][T10484] ? rcu_is_watching+0x12/0xc0 [ 305.640697][T10484] ? __pfx_kernel_clone+0x10/0x10 [ 305.640722][T10484] ? __lock_acquire+0x436/0x2890 [ 305.640739][T10484] __do_sys_clone3+0x212/0x290 [ 305.640760][T10484] ? __pfx___do_sys_clone3+0x10/0x10 [ 305.640805][T10484] do_syscall_64+0xcd/0xf80 [ 305.640838][T10484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.640863][T10484] RIP: 0033:0x7fbe2a3c3f09 [ 305.640883][T10484] Code: ee 08 00 48 8d 3d dc ee 08 00 e8 f2 28 f6 ff 66 90 b8 ea ff ff ff 48 85 ff 74 2c 48 85 d2 74 27 49 89 c8 b8 b3 01 00 00 0f 05 <48> 85 c0 7c 18 74 01 c3 31 ed 48 83 e4 f0 4c 89 c7 ff d2 48 89 c7 [ 305.640899][T10484] RSP: 002b:00007fff91cbcfd8 EFLAGS: 00000206 ORIG_RAX: 00000000000001b3 [ 305.640913][T10484] RAX: ffffffffffffffda RBX: 00007fbe2a346300 RCX: 00007fbe2a3c3f09 [ 305.640922][T10484] RDX: 00007fbe2a346300 RSI: 0000000000000058 RDI: 00007fff91cbd020 [ 305.640931][T10484] RBP: 00007fbe2b1dc6c0 R08: 00007fbe2b1dc6c0 R09: 00007fff91cbd107 [ 305.640940][T10484] R10: 0000000000000008 R11: 0000000000000206 R12: ffffffffffffffa8 [ 305.640949][T10484] R13: 000000000000006e R14: 00007fff91cbd020 R15: 00007fff91cbd108 [ 305.640969][T10484] [ 305.880561][T10484] memory: usage 3072kB, limit 3072kB, failcnt 80967 [ 305.887347][T10484] memory+swap: usage 10688kB, limit 9007199254740988kB, failcnt 0 [ 305.895209][T10484] kmem: usage 1164kB, limit 9007199254740988kB, failcnt 0 [ 305.902362][T10484] Memory cgroup stats for /syz2: [ 305.902539][T10484] cache 0 [ 305.910373][T10484] rss 1757184 [ 305.913696][T10484] rss_huge 0 [ 305.916910][T10484] shmem 0 [ 305.919830][T10484] mapped_file 0 [ 305.923331][T10484] dirty 0 [ 305.926272][T10484] writeback 0 [ 305.929531][T10484] workingset_refault_anon 15604 [ 305.934886][T10484] workingset_refault_file 14319 [ 305.939730][T10484] swap 7798784 [ 305.943129][T10484] swapcached 212992 [ 305.946931][T10484] pgpgin 162837 [ 305.950389][T10484] pgpgout 166448 [ 305.953990][T10484] pgfault 199534 [ 305.957515][T10484] pgmajfault 5543 [ 305.961688][T10484] inactive_anon 98304 [ 305.965667][T10484] active_anon 98304 [ 305.970087][T10484] inactive_file 0 [ 305.973771][T10484] active_file 0 [ 305.977209][T10484] unevictable 1757184 [ 305.981326][T10484] hierarchical_memory_limit 3145728 [ 305.986520][T10484] hierarchical_memsw_limit 9223372036854771712 [ 305.992731][T10484] total_cache 0 [ 305.996183][T10484] total_rss 1757184 [ 305.999984][T10484] total_rss_huge 0 [ 306.003719][T10484] total_shmem 0 [ 306.007154][T10484] total_mapped_file 0 [ 306.011148][T10484] total_dirty 0 [ 306.014583][T10484] total_writeback 0 [ 306.018382][T10484] total_workingset_refault_anon 15604 [ 306.023757][T10484] total_workingset_refault_file 14319 [ 306.029104][T10484] total_swap 7798784 [ 306.033017][T10484] total_swapcached 212992 [ 306.037318][T10484] total_pgpgin 162837 [ 306.044088][T10484] total_pgpgout 166448 [ 306.048140][T10484] total_pgfault 199534 [ 306.052327][T10484] total_pgmajfault 5543 [ 306.056527][T10484] total_inactive_anon 98304 [ 306.061050][T10484] total_active_anon 98304 [ 306.065886][T10484] total_inactive_file 0 [ 306.070663][T10484] total_active_file 0 [ 306.074691][T10484] total_unevictable 1757184 [ 306.079173][T10484] anon_cost 0 [ 306.082735][T10484] file_cost 0 [ 306.086018][T10484] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz.2.207,pid=6887,uid=0 [ 306.103341][T10484] Memory cgroup out of memory: Killed process 6887 (syz.2.207) total-vm:139360kB, anon-rss:1196kB, file-rss:24832kB, shmem-rss:4kB, UID:0 pgtables:132kB oom_score_adj:1000 [ 306.948331][T10535] random: crng reseeded on system resumption [ 307.613938][T10532] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 308.085684][T10537] tipc: Started in network mode [ 308.111671][T10537] tipc: Node identity ffffffff, cluster identity 4711 [ 308.132197][T10537] tipc: Node number set to 4294967295 [ 308.966737][T10380] mkiss: ax0: crc mode is auto. [ 309.471344][ T5150] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 309.471380][ T5150] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 309.492465][ T5150] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 309.492534][ T5150] Bluetooth: hci2: adv larger than maximum supported [ 309.501608][ T5150] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 309.508327][ T5150] Bluetooth: hci2: adv larger than maximum supported [ 309.515488][ T5150] Bluetooth: hci2: adv larger than maximum supported [ 309.522223][ T5150] Bluetooth: hci2: adv larger than maximum supported [ 309.528922][ T5150] Bluetooth: hci2: Malformed LE Event: 0x0d [ 310.538743][T10611] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 310.965692][T10618] syz.1.979 (10618): /proc/10617/oom_adj is deprecated, please use /proc/10617/oom_score_adj instead. [ 310.999452][T10622] zswap: compressor not available [ 313.251430][T10665] [U] [ 313.254745][T10665] [U] [ 313.257468][T10665] [U] [ 313.260184][T10665] [U] [ 313.349677][T10665] [U] [ 313.352441][T10665] [U] [ 313.355153][T10665] [U] [ 313.357870][T10665] [U] [ 313.374748][T10665] [U] [ 313.377502][T10665] [U] [ 313.380220][T10665] [U] [ 313.382932][T10665] [U] [ 313.388244][T10665] [U] [ 313.390981][T10665] [U] [ 313.393693][T10665] [U] [ 313.396407][T10665] [U] [ 313.399621][T10665] [U] [ 313.402355][T10665] [U] [ 313.405071][T10665] [U] [ 313.407786][T10665] [U] [ 313.536408][T10665] [U] [ 313.539171][T10665] [U] [ 313.541868][T10665] [U] [ 313.544566][T10665] [U] [ 313.741928][T10665] [U] [ 313.744696][T10665] [U] [ 313.747413][T10665] [U] [ 313.750117][T10665] [U] [ 313.793023][T10665] [U] [ 313.795780][T10665] [U] [ 313.798501][T10665] [U] [ 313.801212][T10665] [U] [ 313.853735][T10665] [U] [ 313.856492][T10665] [U] [ 313.859209][T10665] [U] [ 313.861900][T10665] [U] [ 313.882342][T10665] [U] [ 313.885098][T10665] [U] [ 313.887816][T10665] [U] [ 313.890534][T10665] [U] [ 313.908841][T10665] [U] [ 313.911663][T10665] [U] [ 313.914384][T10665] [U] [ 313.917102][T10665] [U] [ 313.948103][T10665] [U] [ 313.950858][T10665] [U] [ 313.953556][T10665] [U] [ 313.956234][T10665] [U] [ 313.965920][T10665] [U] [ 313.968653][T10665] [U] [ 313.971331][T10665] [U] [ 313.974004][T10665] [U] [ 313.981549][T10665] [U] [ 313.984292][T10665] [U] [ 313.987004][T10665] [U] [ 313.989715][T10665] [U] [ 314.005894][T10665] [U] [ 314.008652][T10665] [U] [ 314.011364][T10665] [U] [ 314.014078][T10665] [U] [ 314.032352][T10665] [U] [ 314.035101][T10665] [U] [ 314.037817][T10665] [U] [ 314.040531][T10665] [U] [ 314.050571][T10665] [U] [ 314.053322][T10665] [U] [ 314.056028][T10665] [U] [ 314.058728][T10665] [U] [ 314.065420][T10665] [U] [ 314.068160][T10665] [U] [ 314.070865][T10665] [U] [ 314.073583][T10665] [U] [ 314.093160][T10665] [U] [ 314.095913][T10665] [U] [ 314.098634][T10665] [U] [ 314.101365][T10665] [U] [ 314.141456][T10665] [U] [ 314.144221][T10665] [U] [ 314.146938][T10665] [U] [ 314.149649][T10665] [U] [ 314.182303][T10665] [U] [ 314.185067][T10665] [U] [ 314.187782][T10665] [U] [ 314.190504][T10665] [U] [ 314.209072][T10665] [U] [ 314.211829][T10665] [U] [ 314.214538][T10665] [U] [ 314.217249][T10665] [U] [ 314.231230][T10665] [U] [ 314.233993][T10665] [U] [ 314.236708][T10665] [U] [ 314.239426][T10665] [U] [ 314.281069][T10665] [U] [ 314.283805][T10665] [U] [ 314.286486][T10665] [U] [ 314.289160][T10665] [U] [ 314.321385][T10665] [U] [ 314.322698][T10681] futex_wake_op: syz.2.992 tries to shift op by -2048; fix this program [ 314.324125][T10665] [U] [ 314.335103][T10665] [U] [ 314.337817][T10665] [U] [ 314.382470][T10681] futex_wake_op: syz.2.992 tries to shift op by -2048; fix this program [ 314.411834][T10665] [U] [ 314.414591][T10665] [U] [ 314.417313][T10665] [U] [ 314.420027][T10665] [U] [ 314.971209][T10665] [U] [ 314.973967][T10665] [U] [ 314.976676][T10665] [U] [ 314.979380][T10665] [U] [ 315.014881][T10665] [U] [ 315.017662][T10665] [U] [ 315.020381][T10665] [U] [ 315.023073][T10665] [U] [ 315.041444][T10665] [U] [ 315.044200][T10665] [U] [ 315.046916][T10665] [U] [ 315.049626][T10665] [U] [ 315.067455][T10665] [U] [ 315.070168][T10665] [U] [ 315.072858][T10665] [U] [ 315.075572][T10665] [U] [ 315.090260][T10665] [U] [ 315.092970][T10665] [U] [ 315.095643][T10665] [U] [ 315.098315][T10665] [U] [ 315.111778][T10665] [U] [ 315.114486][T10665] [U] [ 315.117163][T10665] [U] [ 315.246970][T10665] [U] [ 316.222087][T10702] FAULT_INJECTION: forcing a failure. [ 316.222087][T10702] name failslab, interval 1, probability 0, space 0, times 0 [ 316.368481][T10702] CPU: 0 UID: 0 PID: 10702 Comm: syz.2.996 Not tainted syzkaller #0 PREEMPT(full) [ 316.368503][T10702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 316.368512][T10702] Call Trace: [ 316.368517][T10702] [ 316.368523][T10702] dump_stack_lvl+0x16c/0x1f0 [ 316.368549][T10702] should_fail_ex+0x512/0x640 [ 316.368565][T10702] ? __kmalloc_noprof+0xca/0x910 [ 316.368582][T10702] should_failslab+0xc2/0x120 [ 316.368603][T10702] __kmalloc_noprof+0xeb/0x910 [ 316.368618][T10702] ? copy_splice_read+0x1a8/0xc20 [ 316.368641][T10702] ? copy_splice_read+0x1a8/0xc20 [ 316.368659][T10702] copy_splice_read+0x1a8/0xc20 [ 316.368682][T10702] ? __pfx_copy_splice_read+0x10/0x10 [ 316.368703][T10702] ? __mark_inode_dirty+0x943/0x1670 [ 316.368724][T10702] ? find_held_lock+0x2b/0x80 [ 316.368746][T10702] ? __pfx_copy_splice_read+0x10/0x10 [ 316.368764][T10702] do_splice_read+0x285/0x370 [ 316.368786][T10702] splice_direct_to_actor+0x2a1/0xa30 [ 316.368807][T10702] ? __pfx_direct_splice_actor+0x10/0x10 [ 316.368831][T10702] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 316.368850][T10702] ? do_raw_spin_lock+0x12c/0x2b0 [ 316.368870][T10702] do_splice_direct+0x174/0x240 [ 316.368891][T10702] ? __pfx_do_splice_direct+0x10/0x10 [ 316.368911][T10702] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 316.368933][T10702] ? rw_verify_area+0xcf/0x6c0 [ 316.368953][T10702] do_sendfile+0xb06/0xe50 [ 316.368974][T10702] ? __pfx_do_sendfile+0x10/0x10 [ 316.368992][T10702] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 316.369019][T10702] __x64_sys_sendfile64+0x1d8/0x220 [ 316.369033][T10702] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 316.369046][T10702] ? rcu_is_watching+0x12/0xc0 [ 316.369073][T10702] do_syscall_64+0xcd/0xf80 [ 316.369096][T10702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.369111][T10702] RIP: 0033:0x7fbe2a38f7c9 [ 316.369123][T10702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.369137][T10702] RSP: 002b:00007fbe2b21e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 316.369151][T10702] RAX: ffffffffffffffda RBX: 00007fbe2a5e5fa0 RCX: 00007fbe2a38f7c9 [ 316.369160][T10702] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 316.369168][T10702] RBP: 00007fbe2a413f91 R08: 0000000000000000 R09: 0000000000000000 [ 316.369177][T10702] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000000 [ 316.369185][T10702] R13: 00007fbe2a5e6038 R14: 00007fbe2a5e5fa0 R15: 00007fff91cbd108 [ 316.369204][T10702] [ 317.278225][T10713] netlink: 28 bytes leftover after parsing attributes in process `syz.1.997'. [ 320.332816][T10591] mkiss: ax0: crc mode is auto. [ 322.301643][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.308059][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 324.210568][T10847] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 325.194952][T10881] FAULT_INJECTION: forcing a failure. [ 325.194952][T10881] name failslab, interval 1, probability 0, space 0, times 0 [ 325.207630][T10881] CPU: 1 UID: 0 PID: 10881 Comm: syz.1.1029 Not tainted syzkaller #0 PREEMPT(full) [ 325.207652][T10881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 325.207662][T10881] Call Trace: [ 325.207668][T10881] [ 325.207674][T10881] dump_stack_lvl+0x16c/0x1f0 [ 325.207701][T10881] should_fail_ex+0x512/0x640 [ 325.207718][T10881] ? __kmalloc_noprof+0xca/0x910 [ 325.207749][T10881] should_failslab+0xc2/0x120 [ 325.207789][T10881] __kmalloc_noprof+0xeb/0x910 [ 325.207816][T10881] ? lsm_blob_alloc+0x68/0x90 [ 325.207851][T10881] ? lsm_blob_alloc+0x68/0x90 [ 325.207870][T10881] lsm_blob_alloc+0x68/0x90 [ 325.207890][T10881] security_sk_alloc+0x2f/0x270 [ 325.207907][T10881] sk_prot_alloc+0xfb/0x2a0 [ 325.207929][T10881] sk_alloc+0x36/0xe30 [ 325.207946][T10881] unix_create1+0xa6/0x700 [ 325.207962][T10881] unix_create+0x110/0x270 [ 325.207976][T10881] __sock_create+0x339/0x8a0 [ 325.207993][T10881] __sys_socketpair+0x25c/0x5a0 [ 325.208008][T10881] ? __pfx___sys_socketpair+0x10/0x10 [ 325.208021][T10881] ? fput+0x70/0xf0 [ 325.208036][T10881] ? xfd_validate_state+0x61/0x180 [ 325.208049][T10881] ? __pfx_do_writev+0x10/0x10 [ 325.208070][T10881] __x64_sys_socketpair+0x96/0x100 [ 325.208084][T10881] ? lockdep_hardirqs_on+0x7c/0x110 [ 325.208105][T10881] do_syscall_64+0xcd/0xf80 [ 325.208128][T10881] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.208143][T10881] RIP: 0033:0x7fd945b8f7c9 [ 325.208169][T10881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 325.208183][T10881] RSP: 002b:00007fd94694d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 325.208198][T10881] RAX: ffffffffffffffda RBX: 00007fd945de5fa0 RCX: 00007fd945b8f7c9 [ 325.208208][T10881] RDX: 8000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 325.208217][T10881] RBP: 00007fd945c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 325.208226][T10881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.208235][T10881] R13: 00007fd945de6038 R14: 00007fd945de5fa0 R15: 00007ffff042d2a8 [ 325.208254][T10881] [ 325.645400][T10883] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 326.732754][T10890] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 326.753145][T10890] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 326.785033][T10890] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 326.971068][ T794] ================================================================== [ 326.971085][ T794] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 326.971132][ T794] Write of size 8 at addr ffffc90003c09100 by task kworker/1:2/794 [ 326.971155][ T794] [ 326.971167][ T794] CPU: 1 UID: 0 PID: 794 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full) [ 326.971200][ T794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 326.971218][ T794] Workqueue: events_power_efficient fb_flashcursor [ 326.971249][ T794] Call Trace: [ 326.971258][ T794] [ 326.971267][ T794] dump_stack_lvl+0x116/0x1f0 [ 326.971306][ T794] print_report+0xcd/0x630 [ 326.971343][ T794] ? __virt_addr_valid+0x81/0x610 [ 326.971382][ T794] ? sys_imageblit+0x1a6f/0x1e60 [ 326.971413][ T794] kasan_report+0xe0/0x110 [ 326.971443][ T794] ? sys_imageblit+0x1a6f/0x1e60 [ 326.971482][ T794] sys_imageblit+0x1a6f/0x1e60 [ 326.971523][ T794] ? __pfx_sys_imageblit+0x10/0x10 [ 326.971572][ T794] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 326.971613][ T794] soft_cursor+0x524/0xa10 [ 326.971649][ T794] bit_cursor+0xe8c/0x17e0 [ 326.971682][ T794] ? __pfx_bit_cursor+0x10/0x10 [ 326.971716][ T794] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 326.971756][ T794] ? get_color+0x1da/0x450 [ 326.971780][ T794] ? __pfx_bit_cursor+0x10/0x10 [ 326.971808][ T794] fb_flashcursor+0x333/0x420 [ 326.971834][ T794] process_one_work+0x9ba/0x1b20 [ 326.971868][ T794] ? __pfx_process_one_work+0x10/0x10 [ 326.971901][ T794] ? assign_work+0x1a0/0x250 [ 326.971927][ T794] worker_thread+0x6c8/0xf10 [ 326.971961][ T794] ? __pfx_worker_thread+0x10/0x10 [ 326.971989][ T794] kthread+0x3c5/0x780 [ 326.972011][ T794] ? __pfx_kthread+0x10/0x10 [ 326.972034][ T794] ? rcu_is_watching+0x12/0xc0 [ 326.972064][ T794] ? __pfx_kthread+0x10/0x10 [ 326.972084][ T794] ret_from_fork+0x983/0xb10 [ 326.972109][ T794] ? __pfx_ret_from_fork+0x10/0x10 [ 326.972135][ T794] ? __switch_to+0x7af/0x10d0 [ 326.972166][ T794] ? __pfx_kthread+0x10/0x10 [ 326.972189][ T794] ret_from_fork_asm+0x1a/0x30 [ 326.972237][ T794] [ 326.972246][ T794] [ 326.972252][ T794] The buggy address belongs to a vmalloc virtual mapping [ 326.972275][ T794] Memory state around the buggy address: [ 326.972288][ T794] ffffc90003c09000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 326.972305][ T794] ffffc90003c09080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 326.972323][ T794] >ffffc90003c09100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 326.972337][ T794] ^ [ 326.972350][ T794] ffffc90003c09180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 326.972367][ T794] ffffc90003c09200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 326.972381][ T794] ================================================================== [ 326.972394][ T794] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 326.972409][ T794] CPU: 1 UID: 0 PID: 794 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full) [ 326.972439][ T794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 326.972455][ T794] Workqueue: events_power_efficient fb_flashcursor [ 326.972478][ T794] Call Trace: [ 326.972487][ T794] [ 326.972496][ T794] dump_stack_lvl+0x3d/0x1f0 [ 326.972533][ T794] vpanic+0x640/0x6f0 [ 326.972558][ T794] panic+0xca/0xd0 [ 326.972583][ T794] ? __pfx_panic+0x10/0x10 [ 326.972611][ T794] ? check_panic_on_warn+0x1f/0xb0 [ 326.972638][ T794] check_panic_on_warn+0xab/0xb0 [ 326.972665][ T794] end_report+0x107/0x160 [ 326.972697][ T794] kasan_report+0xee/0x110 [ 326.972733][ T794] ? sys_imageblit+0x1a6f/0x1e60 [ 326.972771][ T794] sys_imageblit+0x1a6f/0x1e60 [ 326.972812][ T794] ? __pfx_sys_imageblit+0x10/0x10 [ 326.972862][ T794] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 326.972901][ T794] soft_cursor+0x524/0xa10 [ 326.972936][ T794] bit_cursor+0xe8c/0x17e0 [ 326.972969][ T794] ? __pfx_bit_cursor+0x10/0x10 [ 326.973003][ T794] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 326.973041][ T794] ? get_color+0x1da/0x450 [ 326.973066][ T794] ? __pfx_bit_cursor+0x10/0x10 [ 326.973093][ T794] fb_flashcursor+0x333/0x420 [ 326.973121][ T794] process_one_work+0x9ba/0x1b20 [ 326.973155][ T794] ? __pfx_process_one_work+0x10/0x10 [ 326.973184][ T794] ? assign_work+0x1a0/0x250 [ 326.973205][ T794] worker_thread+0x6c8/0xf10 [ 326.973241][ T794] ? __pfx_worker_thread+0x10/0x10 [ 326.973265][ T794] kthread+0x3c5/0x780 [ 326.973287][ T794] ? __pfx_kthread+0x10/0x10 [ 326.973308][ T794] ? rcu_is_watching+0x12/0xc0 [ 326.973337][ T794] ? __pfx_kthread+0x10/0x10 [ 326.973362][ T794] ret_from_fork+0x983/0xb10 [ 326.973382][ T794] ? __pfx_ret_from_fork+0x10/0x10 [ 326.973403][ T794] ? __switch_to+0x7af/0x10d0 [ 326.973426][ T794] ? __pfx_kthread+0x10/0x10 [ 326.973444][ T794] ret_from_fork_asm+0x1a/0x30 [ 326.973479][ T794] [ 326.973982][ T794] Kernel Offset: disabled