last executing test programs: 4m15.369674017s ago: executing program 2 (id=2770): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) r1 = timerfd_create$auto(0x9, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r0, 0x1, 0x820, 0x7fff) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000180)="fc5ea5f1401a03cd7d362456adda0cf384c0e2d7bd3d31e409957ab6bd240c4af9373f9691253b947acf0861") mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) prctl$auto(0x3f, 0x1, 0x4, 0x8000000000000000, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x5054c2, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x0, 0x8, 0x1000000016, 0x13, 0x3, 0x400180000000) ftruncate$auto(0x3, 0x0) bpf$auto(0x5, 0x0, 0x1) unshare$auto(0x40000080) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) chdir$auto(&(0x7f0000000200)='./file0\x00') sendfile$auto(r1, 0x3, 0x0, 0x400000000006) 4m13.701647655s ago: executing program 2 (id=2777): close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0009, 0x3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup.net/blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/9, 0x9) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dsp1\x00', 0x80c42, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/fib/nexthop_bucket_activity\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ppoll$auto(&(0x7f0000003600)={0x8, 0x800, 0x1}, 0xd6, 0x0, 0x0, 0x8) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r4, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f00000015c0)={0x2c, r5, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NETDEV_A_QUEUE_TYPE={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_ID={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) sendmsg$auto_TIPC_NL_KEY_FLUSH(r0, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01002abd7000ffdbdf251800000030d443ef0033a31ddf9c8194b33dd0deea9585330033b7d6b8d95eb29aaad2746224722c3c99d603952b02ab1a11"], 0x14}, 0x1, 0x0, 0x0, 0x40004}, 0x800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2, 0x0) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) write$auto(r6, &(0x7f0000000340)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x0e\xfa{\x15\x1d\x11\x85o\xf1g\xb7\xb3\xdd\\\xfdG\xa9\x16R\xa4\xe9\xd1\xf4S\x94\xe1\x9c\x88\x1b\xe6.\x11\xa3\xe1\xddi\xb66\xaa\xa3\xc7iB\xc84\x11\xac\xfd\x1a*\xd4a\xfe\x05\x96\x0ec\x12\xea\xd5K\xea\xda\xa3\xfa\xc3\xedr\x17\xa5\x1c\x88{v\xb8\bj\x84\xd8g\x05r\xe7n\x7f^\x9d\xc7V\x92\xb9Z.Uc*K', 0x81) ioctl$auto_UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0) socket(0x11, 0x3, 0x9) socketcall$auto_SYS_GETSOCKOPT(0xf, &(0x7f0000000080)=0xe) 4m12.203972353s ago: executing program 2 (id=2784): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0) (fail_nth: 1) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0xc00, 0x0) ioctl$auto(0x3, 0x40a04580, 0x10000000000402) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x0, 0xc, 0x6, 0xeb1, 0x3ff, 0x8000) r0 = prctl$auto(0xc, 0x1, 0x0, 0x8000000001, 0x0) mmap$auto(0x0, 0x2, 0x9, 0x13, r0, 0x7) ioctl$auto_EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) mincore$auto(0x0, 0x1, 0x0) r1 = gettid() sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000380)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020025bd7000fbdbdf253800000005009552f31e85edeeac0f00ded7ed070946468460944da9000004008b0004008c0005001d00070000001e0094001f890b76efb5cbe77394b306cd95bf1a8ea67e37ba8e8668c955000008000d00804d0b9b73a6916161f5fa607d12c6a2c666f3c941f840d6bab9e2831ecec01826380e12ccf183cfe58f998fada0f63fceaa4c0975149ba1ff429048e669ddc177185953c188bdf4a05a317a311422a145c10008b477465b8f164765b43c374035658a5dfb76a040a69d13b24e02d50fefabb305ca0b9c44c3c403aa453145d33813a245e011e4d3583e63daeb2cc5a19b2e8d7acb88c07e8c58e92f233b3c6e771ef3b581d0cf3075f4c7da13135e3e5f286ef1e6c243c03ba08666fe81dd5e5434003a901360d8ea54068ac234b9820a5e06c34e12d60911317e6472b0a4ce4305863f5d0195d5ecf7d67bc4a3911d"], 0x64}, 0x1, 0x0, 0x0, 0x80}, 0x4008480) move_pages$auto(r1, 0x5, &(0x7f0000000000)=&(0x7f0000000180)="b9d348311ab1c0340f0785c74da1d97eec20645d3e3e48573d7e4f29f47f1a8fd7a9ca4940252d2bbc1698107ee5215ec51d54bcf030413c5b9f3e8b413817fc4ff1394f631ddbbd38e261c99dea0a1b26f1c0b4391e43a542728b1fc772d3095c", &(0x7f0000000280)=0x9, &(0x7f0000000300)=0x60d, 0x3) setsockopt$auto(0x3, 0x10000000084, 0x19, 0x0, 0x8) r2 = socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r3 = io_uring_setup$auto(0xe, &(0x7f0000000100)={0xffffffff, 0x1, 0x0, 0xa4c, 0x7, 0x10, r2, [0x0, 0x1, 0xa], {0x4, 0x6f4, 0x0, 0xff, 0xa, 0x5, 0x130, 0x1ff, 0x3}, {0xd5, 0x0, 0xff, 0x4, 0x4f54, 0x80002, 0x4, 0x6, 0x99a}}) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x6, &(0x7f00000002c0)={0x0, 0xc2}, 0x4, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) 4m11.780374386s ago: executing program 2 (id=2786): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wg1\x00', 0x0}) sendmsg$auto_NL80211_CMD_ADD_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x28, r0, 0x20, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r1}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4c080) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x121000, 0x0) ioctl$auto(0x3, 0x89ed, 0x74) r2 = waitid$auto_P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000240)={@_si_pad}, 0x874, &(0x7f00000002c0)={{0x3, 0x5}, {0x9, 0xffffffffffffffff}, 0xefe, 0x5, 0x7, 0x3, 0x100000001, 0xffff, 0x1, 0xffffffffffffff97, 0x4, 0x4b, 0x1, 0x2, 0xb, 0x3}) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r3, 0x4, 0x7ff) ptrace$auto_PTRACE_SETSIGINFO(0x4203, r3, 0x4, 0x3ff) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000100)="58e7a2329fbdfb4986a26faf4182257497e4856e4a66e5177fa5d4eb558a61b740", 0xffffffff}, 0x6, 0x0) r5 = setfsuid$auto(0xee00) r6 = setfsuid$auto(0xee01) setresuid$auto(r5, r6, r5) rt_tgsigqueueinfo$auto(r2, r3, 0x2, &(0x7f0000000380)={@siginfo_0_0={0x6, 0x10, 0xffffffff, @_kill={r4, r5}}}) r7 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ttyu5\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r7, &(0x7f0000000000)="c80d1b5d399b71", 0x7) 4m11.594355062s ago: executing program 2 (id=2787): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x5607, 0x1) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x2}, 0xffffffffffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/queues/tx-5/xps_rxqs\x00', 0xc2481, 0x0) write$auto(r3, &(0x7f0000000040)='7\x0e\xff\xff\x04|R[\x12;\x02\xe8 k', 0x2) syz_open_procfs$namespace(0x0, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, r4, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x804002, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x40200, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r5 = socket(0xa, 0x5, 0x84) sendto$auto(r5, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 4m11.31986177s ago: executing program 2 (id=2789): r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r0, &(0x7f0000008d40)=' \v\xb0]E\x00', 0x3) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x100000001) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) socket(0x2, 0x2, 0x6) setsockopt$auto(r1, 0x40, 0x80, 0x0, 0x101) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0xfffffffffffffffd, 0xffffffffffff0001, 0x15) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x10007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioperm$auto(0x1, 0x37f, 0x2) sendmsg$auto_NBD_CMD_CONNECT(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="01002dbd7000fcdbdf25010000000c000200000000000000000004000780cd1cb408000a006e"], 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x8, 0x402, 0x5) lseek$auto(0x3, 0x0, 0x1) r3 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) setsockopt$auto(r3, 0x4, 0xc, 0x0, 0x1) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/fib_multipath_hash_policy\x00', 0x20202, 0x0) sendfile$auto(r4, r4, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x10082, 0x0) tee$auto(r2, r5, 0xfffffffffffffff9, 0x5) lsm_list_modules$auto(0x0, 0x0, 0x0) munmap$auto(0x8000, 0x100000002) 3m56.02867646s ago: executing program 32 (id=2789): r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r0, &(0x7f0000008d40)=' \v\xb0]E\x00', 0x3) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x100000001) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) socket(0x2, 0x2, 0x6) setsockopt$auto(r1, 0x40, 0x80, 0x0, 0x101) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0xfffffffffffffffd, 0xffffffffffff0001, 0x15) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x10007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioperm$auto(0x1, 0x37f, 0x2) sendmsg$auto_NBD_CMD_CONNECT(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="01002dbd7000fcdbdf25010000000c000200000000000000000004000780cd1cb408000a006e"], 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x8, 0x402, 0x5) lseek$auto(0x3, 0x0, 0x1) r3 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) setsockopt$auto(r3, 0x4, 0xc, 0x0, 0x1) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/fib_multipath_hash_policy\x00', 0x20202, 0x0) sendfile$auto(r4, r4, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x10082, 0x0) tee$auto(r2, r5, 0xfffffffffffffff9, 0x5) lsm_list_modules$auto(0x0, 0x0, 0x0) munmap$auto(0x8000, 0x100000002) 3m30.346285481s ago: executing program 4 (id=2928): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r0 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000002c0), 0x480, 0x0) mmap$auto(0x6, 0xffffffffffff0000, 0x4, 0x40009b7f, r0, 0x4) io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x462f41, 0x0) write$auto(0x3, 0x0, 0x7fffffff) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r1, 0x0, 0x20000000001, 0x7fff) ioctl$auto(0xffffffffffffffff, 0x540a, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40146f2c, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80180, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x6, 0xe27c, 0x8) r3 = socket(0x6, 0x1, 0x1) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x2, 0x20009, 0xffffffffffff7f1a, 0x4d982c9e, r3, 0x108000) 3m27.748847638s ago: executing program 4 (id=2938): sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0xc800) r0 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, 0x0, 0x40482, 0x0) writev$auto(r0, &(0x7f0000000000)={&(0x7f0000000000), 0x4}, 0x2) 3m27.642245937s ago: executing program 4 (id=2939): mmap$auto(0x0, 0x400006, 0x100000df, 0x9b70, 0x2, 0x8000) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f0000000100)="1100"/17, 0x11) close_range$auto(0x2, r0, 0x3) socketpair$auto(0x80000001, 0x8, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptywb\x00', 0x80600, 0x0) mmap$auto(0x0, 0x2, 0xe0, 0xeb0, 0x401, 0x3b6c) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x4000, 0x0) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000029, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) setsockopt$auto(0xffffffffffffffff, 0x1, 0xc, 0x0, 0x7fffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x16240, 0x0) truncate$auto(&(0x7f0000000000)='./file0\x00', 0x0) execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000100)=0x0) mmap$auto(0x0, 0x2020009, 0x0, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000001140)='/proc/self/numa_maps\x00', 0x20000, 0x0) socket(0x2, 0x3, 0xa) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) socket(0x6, 0x5, 0x9) read$auto(0xffffffffffffffff, 0x0, 0xd) setitimer$auto(0x2, 0x0, 0x0) setitimer$auto_ITIMER_PROF(0x2, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 3m26.424298106s ago: executing program 4 (id=2945): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) r1 = timerfd_create$auto(0x9, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r0, 0x1, 0x820, 0x7fff) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000180)="fc5ea5f1401a03cd7d362456adda0cf384c0e2d7bd3d31e409957ab6bd240c4af9373f9691253b947acf08619b") mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) prctl$auto(0x3f, 0x1, 0x4, 0x8000000000000000, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x5054c2, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x1e, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(&(0x7f0000000000)='\xc4--:\xdd:,./-${\x00', 0x4) mmap$auto(0x0, 0x8, 0x1000000016, 0x13, 0x3, 0x400180000000) ftruncate$auto(0x3, 0x0) bpf$auto(0x5, 0x0, 0x1) unshare$auto(0x40000080) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) chdir$auto(0x0) sendfile$auto(r1, 0x3, 0x0, 0x400000000006) 3m25.356314983s ago: executing program 4 (id=2949): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r0 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000002c0), 0x480, 0x0) mmap$auto(0x6, 0xffffffffffff0000, 0x4, 0x40009b7f, r0, 0x4) io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x462f41, 0x0) write$auto(0x3, 0x0, 0x7fffffff) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r1, 0x0, 0x20000000001, 0x7fff) ioctl$auto(0xffffffffffffffff, 0x540a, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40146f2c, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80180, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x6, 0xe27c, 0x8) r3 = socket(0x6, 0x1, 0x1) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x2, 0x20009, 0xffffffffffff7f1a, 0x4d982c9e, r3, 0x108000) 3m23.033083242s ago: executing program 4 (id=2960): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r3 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x80000, 0x0) r4 = ioctl$auto_TUNSETVNETBE2(r1, 0x400454de, &(0x7f00000000c0)) ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(r3, 0xc038586b, &(0x7f0000000380)={r4, &(0x7f0000000100)="16a55e28d6f921dad825ab2e63a035a084f2d3f326ae7c", 0x3, &(0x7f0000000140)="835c38295d22600df0f708d4e126d2b495cf14d00e1bc7b19010ff5a7a3a00419fabd3fb25a0ac81d781c1d7106e847ca2885914919d7c2dcb930dacd072f61e70b6cdbb9ac228933502ec66447284ff01f32b4b17a8e4fe74105ba1709bb3164f4b414ee6b3949ffb518d757bd6d6c89d5b94545de929fd5e0722b60eed72080700eb59cde55c695f1c305947931a7ba15c0f438d5ebcfcca7fc0153e4f216a53904ffce0dc548d219fa0ec76192a96aad5d078eef345a0eb56a58b8bc5bfa337c028488785afd48fd0be9fa14a3216fe34464e23", 0x0, &(0x7f0000000240)="b9e36f15de285cc8c3a39c64a330d8bf7a4bd927e35fdb41c69ab7f2de9d74ee203126e6a12a5f541008c2dfc4adb9e4069794c40cf47564216ddeca6d642e07110314b5ecfc95cf94f2d86f524bb33a2abed9e1615dce61ac1700b3b84d89e9807d767d5fcdc2693b8a176954486fcca0cdb17811d338edd71fa5c5d8a70df1c15eabdeedb487c3f30dfd23f5bd7eb8c6ded0d94dcde7058b17499e60281657c96ec5e9097eef27bdfd94e16f57fef9bab0ff32bbc29fe495bf015e48de54cc7714818e8efc343ca7d6428e92bfadc0991b444ea8", &(0x7f0000000340)=0x2}) write$auto(r2, &(0x7f0000005900)='\x00', 0x6) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r1, 0x4004550d, &(0x7f0000000040)=0x4) ioctl$auto(r2, 0x40, 0x10000000000402) 3m7.681620799s ago: executing program 33 (id=2960): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r3 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x80000, 0x0) r4 = ioctl$auto_TUNSETVNETBE2(r1, 0x400454de, &(0x7f00000000c0)) ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(r3, 0xc038586b, &(0x7f0000000380)={r4, &(0x7f0000000100)="16a55e28d6f921dad825ab2e63a035a084f2d3f326ae7c", 0x3, &(0x7f0000000140)="835c38295d22600df0f708d4e126d2b495cf14d00e1bc7b19010ff5a7a3a00419fabd3fb25a0ac81d781c1d7106e847ca2885914919d7c2dcb930dacd072f61e70b6cdbb9ac228933502ec66447284ff01f32b4b17a8e4fe74105ba1709bb3164f4b414ee6b3949ffb518d757bd6d6c89d5b94545de929fd5e0722b60eed72080700eb59cde55c695f1c305947931a7ba15c0f438d5ebcfcca7fc0153e4f216a53904ffce0dc548d219fa0ec76192a96aad5d078eef345a0eb56a58b8bc5bfa337c028488785afd48fd0be9fa14a3216fe34464e23", 0x0, &(0x7f0000000240)="b9e36f15de285cc8c3a39c64a330d8bf7a4bd927e35fdb41c69ab7f2de9d74ee203126e6a12a5f541008c2dfc4adb9e4069794c40cf47564216ddeca6d642e07110314b5ecfc95cf94f2d86f524bb33a2abed9e1615dce61ac1700b3b84d89e9807d767d5fcdc2693b8a176954486fcca0cdb17811d338edd71fa5c5d8a70df1c15eabdeedb487c3f30dfd23f5bd7eb8c6ded0d94dcde7058b17499e60281657c96ec5e9097eef27bdfd94e16f57fef9bab0ff32bbc29fe495bf015e48de54cc7714818e8efc343ca7d6428e92bfadc0991b444ea8", &(0x7f0000000340)=0x2}) write$auto(r2, &(0x7f0000005900)='\x00', 0x6) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r1, 0x4004550d, &(0x7f0000000040)=0x4) ioctl$auto(r2, 0x40, 0x10000000000402) 2m5.872533874s ago: executing program 0 (id=3339): openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc) (async) r0 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/dri/vkms/vkms_config\x00', 0x40002, 0x0) read$auto_drm_debugfs_entry_fops_drm_debugfs(r0, &(0x7f0000000100)=""/127, 0x7f) (async) open(&(0x7f0000000180)='./file0\x00', 0x62640, 0x166) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_gtp(&(0x7f00000001c0), r1) sendmsg$auto_GTP_CMD_NEWPDP(r1, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000000)=ANY=[@ANYBLOB="4fc69337", @ANYRES16=r2, @ANYBLOB="05002bbd7000fddbdf2500000000080001000500000008000200010000000800080006000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4c000}, 0x80) (async) socket(0x10, 0x2, 0x0) userfaultfd$auto(0x1) socket(0xa, 0x801, 0x84) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x1, 0x1, 0x1) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x801, 0x84) (async) socket(0x2, 0x801, 0x106) (async) socket(0xa, 0x2, 0x0) (async) socket(0xf, 0x80000, 0x7ff) (async) r3 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) bpf$auto(0x8, &(0x7f0000000200)=@link_update={r3, @new_prog_fd=0x4, 0x0, @old_prog_fd=r3}, 0xa3) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x11, 0x80003, 0x300) (async) io_uring_setup$auto(0x6, 0x0) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r4) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='t\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="00032abd7000fbdbdf25040000002d0011002f50136a450cf972f5a3d28479f92a9b221ca46c2d19fda4f47902c296fa844c12cd83f712d3c41e5d00000030001a8008000100870300002400048020000180050007008900000004000a0004000400040002000800050002000000"], 0x74}, 0x1, 0x0, 0x0, 0x4008040}, 0x40800) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/hid_cougar/parameters/g6_is_space\x00', 0x129102, 0x0) 2m5.74434787s ago: executing program 0 (id=3340): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x202, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x60800, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000840)={{@raw=0x8, 0x7, 0xba28, 0x0, "708c58271a7985a7704331f78af8d149fc53d81fd4a7553c2ff48b48a8a57689adcc1ca6d2cbfa93b50590c9", @raw=0x6}, 0x0, @integer64=@value=[0x4f04, 0xfffffffffffffff7, 0x0, 0x9a, 0xa, 0x0, 0x4, 0x37d2, 0x4, 0x80, 0x3, 0x6, 0x8, 0x6, 0x8000000000000001, 0x5, 0x2, 0x1, 0xfe, 0x2, 0xfff, 0x8, 0xefff, 0xfff, 0x7fffffff, 0x2, 0x9, 0x8, 0xfffffffffffffffc, 0x1ff, 0x7, 0xfffffffffffffffe, 0x3, 0x3205b8d4, 0x4, 0xfffffffffffff800, 0x2000003, 0x7, 0xad, 0x2, 0x4, 0xfffffffffffffffc, 0x80, 0x2, 0x7fffffff, 0x1000, 0x1, 0x7fffffff, 0x7, 0x100000001, 0x8000000000000000, 0x8000000006, 0x4, 0x3, 0xb6, 0x9, 0x31ba, 0x7ff, 0x7, 0x7fff, 0x8001, 0x8000000000000000, 0x2, 0x2], "fa491e08108961dd5708680f1134935851612a52d629535f54f3832490fc4e7f79daef312b3df3307044713a4801d409aefe3f932f78fc311771094e769c0095f94ee6d74f2517f34a0bbbf502bf3392ac4d93bde5f733ba936c0890312cf035bc44117db9b683eedc5e02a703fc82750d8d6ebac0c3019ef8e6c1eecea33a59"}) 2m5.301460186s ago: executing program 0 (id=3344): mmap$auto(0x0, 0x9fa5, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x14302, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/58, 0x3a) openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) ioctl$auto(0xffffffffffffffff, 0x5, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_COALESCE(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.0/usb1/bDeviceProtocol\x00', 0x12bc00, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) semctl$auto(0x4, 0x9, 0x13, 0x40000007) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xc6c43, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/kvm/halt_poll_fail_hist\x00', 0xa2500, 0x0) read$auto_stat_fops_per_vm_kvm_main(r3, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1400", @ANYBLOB="01002dbd0900fedbdf257e"], 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_SERVICE(r5, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004000d}, 0x24048004) mmap$auto(0x0, 0x400008, 0x6, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r2) socket(0xa, 0x2, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto(r6, 0x541c, 0xffffffffffffffff) 2m4.139803189s ago: executing program 0 (id=3349): sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0xc800) r0 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x40482, 0x0) writev$auto(r0, &(0x7f0000000000)={&(0x7f0000000000), 0x4}, 0x2) (fail_nth: 1) 2m4.012426731s ago: executing program 0 (id=3350): close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) clock_getres$auto(0x5, 0x0) mmap$auto(0x0, 0x7, 0x77, 0xeb1, 0x401, 0x8000) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cpu/0/cpuid\x00', 0xad80, 0x0) readv$auto(r2, &(0x7f0000000680)={0x0, 0x40200}, 0x3) r3 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) read$auto_mISDN_fops_timerdev(r3, &(0x7f0000001a00)=""/4097, 0x1001) ioctl$auto_IMADDTIMER(r3, 0x80044940, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae90, &(0x7f0000000440)={0x3, 0x0, [{0x1, 0x7ff, 0x8}, {0x10002, 0x30, 0x5}, {0x0, 0x0, 0x7}, {0x487f, 0xffffffff}, {0xfffffffe, 0x3, 0x3}]}) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) getrandom$auto(&(0x7f0000000040)='}\x00', 0x6, 0x9) 2m0.696179204s ago: executing program 0 (id=3365): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x511200, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x581d40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) ioctl$auto_I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size\x00', 0x102, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) setsockopt$auto(0xffffffffffffffff, 0x110, 0x4, 0x0, 0xfff) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x4) ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x8000) setsockopt$auto_SO_RCVLOWAT(r1, 0xc5, 0x12, &(0x7f00000002c0)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6) r5 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/rose9/power/runtime_suspended_time\x00', 0x2a41, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="130026ea95f173d8973e6a00000008000300", @ANYRES32=r8], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x20040894) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x1, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r9, r5, 0x4, 0x1ff, r7, @relative_id=0x13, 0xe600}, 0xf) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'veth0_to_team\x00'}) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="100c7160a956ffdbdf252700c1bc04000180"], 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x0) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC0D0p\x00', 0x2, 0x0) prlimit64$auto(0x0, 0x7, 0x0, &(0x7f00000001c0)={0x6, 0x4}) r11 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6a0002, 0x0) write$auto(r11, &(0x7f0000005900)='\x00', 0x6) 1m45.634562988s ago: executing program 34 (id=3365): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x511200, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x581d40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) ioctl$auto_I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/hugepages/hugepages-1048576kB/demote_size\x00', 0x102, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) setsockopt$auto(0xffffffffffffffff, 0x110, 0x4, 0x0, 0xfff) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x4) ioctl$auto_FIDEDUPERANGE(r3, 0xc0189436, 0x8000) setsockopt$auto_SO_RCVLOWAT(r1, 0xc5, 0x12, &(0x7f00000002c0)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6) r5 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/rose9/power/runtime_suspended_time\x00', 0x2a41, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="130026ea95f173d8973e6a00000008000300", @ANYRES32=r8], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x20040894) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x1, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r9, r5, 0x4, 0x1ff, r7, @relative_id=0x13, 0xe600}, 0xf) ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000340)={'veth0_to_team\x00'}) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="100c7160a956ffdbdf252700c1bc04000180"], 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x0) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000004ec0)='/dev/snd/pcmC0D0p\x00', 0x2, 0x0) prlimit64$auto(0x0, 0x7, 0x0, &(0x7f00000001c0)={0x6, 0x4}) r11 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/conf/sit0/arp_evict_nocarrier\x00', 0x6a0002, 0x0) write$auto(r11, &(0x7f0000005900)='\x00', 0x6) 5.398016059s ago: executing program 1 (id=3926): mmap$auto(0x0, 0x202000d, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) pwrite64$auto(0xc8, &(0x7f00000002c0)='\vX\xb5n\x91p\xe6\x1e\n\x00\x00\x00\x86\xdde\x1cJ\x99\x00\x03\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xff\xff\x00\x00\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xd2`\x1be2\xd5\x9f[\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\x01\x00\x00\x00\x00\x00\x00\x00\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x01\x00\x00\x00E\xd8?\'\x8dg\x01\x00\x01\x00\x00\xaf\x94\x90\xd7\xa6+,j\xf1\x14gJZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x06\x00\x00\x00\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]BR\xb4J}\xa8\xa1\xe1\x18F\xe0\x83/\xc0\xd8\x05x_\xfa\x19\a\x00\xf1\x12lw\xed&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x7f\xfd\x82\xa1r\xc0\xc1\x9eG=g\xa7\xe3\x06\xcd\xb9]\xdd\xdcK\x97\x8a\x0e\x94\xd4{\b\xe9\x81<\n\xe9pb\xf7\x9b\xe7\x87\xa0<`\n{P\xafz\xc0\xa4Z\xb1\xbd;\x1d\xc7\xd4g\xe981F\x18j\xc0&0\x7fF\x18Pg\x99L\xdb{\x8a\avR\xfb\x02\xe6\xfe\xb9\xbbCp\xf3K\xff\x8a\x9b\xf1\xbc\xb5\xc64l\x8c\r\xdb\xda|&,\a@\xed[\x1a#m\x01%$\x9b)\xcb\xdf\x13O\xa9\xc0(\xcb,\x0eO~\x80B\'. \xae\xe8\xdf\xb9t\x1f\x8a\xb4\xfb\t\x8eV\xdf\xe9\x17\x8d3\x12\xb6%\x9c!x\xc44uL\xc6\xd5\xc5\xd5\xda\x99\vyg%v\x81<6\x90\xdf\xed\x1f_,\xa2\t\x86\xd7\xdc1\x9f\x17:F\xba\x1c\x17\x13_|\xdc\x1e\xd0\xc2\xec\n\x05\xf9:\x95\x9c\x19V\x95&\xcf\x16\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x97\xfb \xdda\x8c\x9e\xc4\xe4\xe6\xba\xf5/HI`\xb5\x1f\xdc\xc2\xb8\x14\x93(\xde9.UJ\xd6\xba\xfeZ\x02\xb2\xd5\xef\xd4\"!\x9f\xd3\x89\xe3Q\x17,e\xb8\xaf\x1b\x89\xe9\xb5\'\xfa\xb3?K\xbb/\xb1\x86m\xf6v]\xa3\xfc\x01\xf5c~5\x90\x1e\x94R\x95r\xce\xfe\x8c\xe5+Sg\x8dVv\x85\x03\x00\x00\x00\x00\x00\x00]\x97\x90/o7\x9d\x8b\xaf\xed\a2w?\xf9\xde1\xcaa\x99\x7f\xb2\xba\aj\x93\xcb\xe5o\x8cm\xeb\x89\n\xc3\x87%\xf7\xaa\xa5\x90avI=\x02\xb7\x9a&]:e\x99\xb2\x14E\xa5$\x1cO\x02l\xb4\x83\x12\xb1\xf9\xc4\x87\xda\x84/\xd0\x1cd02\x04v\xb8\xd2\xbd\x1fs\xa1#\xa0\\H\xa0\xe9\xdf+\xbf\x028a\xffr\x8e\x19\xe8\xa6\xf86\xe1\xbe{\xf0O\xcd\xaa^\x1d@\xaa\xca\xbaSAZ\x80\'\xa8\xa3\xe7i\xed\xd6\xe7\xa6H\xf9h', 0x7fff, 0x3) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x2) socket(0x1e, 0x4, 0x0) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0x3, 0x0, 0x4) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket(0x15, 0x3, 0x7) socket(0x2, 0xa, 0x73) socket(0x2c, 0x1, 0x7) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) setsockopt$auto(0x3, 0x10000000084, 0x15, 0x0, 0x8) madvise$auto(0xfffffffffffffffc, 0x8, 0x2) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00') ioctl$auto(r1, 0x9004b70b, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x35) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000080), r0) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x8, 0x5, 0x8) keyctl$auto(0x11, 0xdfffffffffffffff, 0x69c9, 0x0, 0xbcd) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/smaps_rollup\x00', 0x840, 0x0) read$auto_proc_pid_maps_operations_internal(r2, &(0x7f00000030c0)=""/4087, 0x106a) openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) mmap$auto(0x0, 0xc59, 0xdf, 0x18, 0xffffffffffffffff, 0x8000) socket(0x2b, 0x1, 0x0) 5.180197034s ago: executing program 1 (id=3927): socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x34b) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xb, 0x1, 0x948b, 0x3, 0x4, 0x10060000000, 0x6, 0x62, 0x8000001d, 0x8, 0x6d3b, 0x9, 0x8, 0x4]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10007) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88282, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x0, 0x14, 0x0, 0x6) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8}, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000600)='/sys/kernel/mm/lru_gen/enabled\x00', 0x2062, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) write$auto(r2, &(0x7f00000001c0)='y\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000180), r0) sendmsg$auto_TCP_METRICS_CMD_DEL(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48010}, 0x4000011) eventfd$auto(0x5d5d) socket$nl_generic(0x10, 0x3, 0x10) 4.463225054s ago: executing program 1 (id=3928): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r0 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000002c0), 0x480, 0x0) mmap$auto(0x6, 0xffffffffffff0000, 0x4, 0x40009b7f, r0, 0x4) io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x462f41, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r1, 0x0, 0x20000000001, 0x7fff) ioctl$auto(0xffffffffffffffff, 0x540a, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40146f2c, 0x0) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80180, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x6, 0xe27c, 0x8) r4 = socket(0x6, 0x1, 0x1) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x2, 0x20009, 0xffffffffffff7f1a, 0x4d982c9e, r4, 0x108000) 4.13146025s ago: executing program 5 (id=3930): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60040440}, 0x800) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/vm/dirty_background_bytes\x00', 0x6000c0, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, 0x0, 0xd0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x10b402, 0x0) r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/cuse\x00', 0x1c1041, 0x0) sendfile$auto(r2, 0x3, 0x0, 0x7ffff000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) mmap$auto(0x0, 0x400008, 0x39, 0x1009b72, 0x2, 0x8003) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) 3.126341771s ago: executing program 5 (id=3937): bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={0x0, 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto_KVM_GET_SUPPORTED_HV_CPUID(r4, 0xc008aec1, &(0x7f0000000040)={0x7ff}) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f0000000080)={0x40, 0x0, [{0x10, 0xe3, 0xb8}]}) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000804) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) read$auto_proc_setgroups_operations_base(r0, &(0x7f0000000280)=""/4096, 0x1000) read$auto(0x4, 0x0, 0xfdef) 2.871062132s ago: executing program 3 (id=3939): mmap$auto(0x0, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya9\x00', 0xc7f16bff2a10ba01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lowpan0/queues/tx-0/tx_maxrate\x00', 0x101000, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) socket(0xb, 0x8000a, 0x1ffffffe) io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) socket(0xf, 0x3, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x8500, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) ioctl$auto(r1, 0x4008af24, r0) 2.70866715s ago: executing program 5 (id=3940): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) timer_create$auto(0x2, 0x0, 0x0) read$auto_ftrace_set_event_pid_fops_trace_events(r0, &(0x7f00000001c0)=""/185, 0xb9) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x1000000, 0x83}}, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0xaa040, 0x0) 2.653115638s ago: executing program 6 (id=3941): mmap$auto(0x0, 0x200, 0x10000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) (async) r0 = signalfd$auto(0xffffffffffffffff, &(0x7f0000000040)={0xffff}, 0x3) mmap$auto(0x20, 0xffffffffffffffff, 0x3, 0xfffffffffffffff8, r0, 0x7ffe) (async) lsm_list_modules$auto(0x0, 0x0, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0xa, 0x801, 0x106) (async) socket(0xa, 0x5, 0x0) (async) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8) ustat$auto(0x801, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$auto(0x3, 0x4038ae7a, r1) 2.633650116s ago: executing program 3 (id=3942): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/bridge_slave_0/proxy_arp\x00', 0xa2202, 0x0) r2 = pipe$auto(&(0x7f0000000040)=r0) sendmsg$auto_NL80211_CMD_ADD_LINK_STA(r2, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000d40)={0xa28, 0x0, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_IE_ASSOC_RESP={0x84b, 0x80, "6c8af74ebddba772205753669db1cbc3ca5a2051f6a8d6c5f2636d197900fe7c9ea3ba29c933a3455eb0c1e9f616105232a2490a94109b214a4442c48ce8871a1f41c48c922f5bda0a0b54272185ea8ff5f66d60a7a2281c36648b3e338c1c1e858935aba5c3a24093c5586b89cb2560e25628b2e2b365b591e78be173f498c44ef862a034a7c30faa9d11ebaaba434eb2ddd18062f1096569c70c722936877d3ed6b385fa95952383b0d0a9a2d13dec969646c6d6face2b6ae00945ce37a8af04247c802c03e4b9714c0a122ac7aeac83a726c6d6e5041356b0662ae071b8d21b2e95320d3f4f5fce4e647aa43745b3f71e7820f7de21e557d90a13b8a5e6eabe7dcd117ddfffa2da0c608e1c0f28d399a16b1aeee8b60e9dd00791826c6c478bcdf9f9c1d48ac06822db1b42cc4f7fdff81259e3378bdc89f75c8aa2e73d2152771d0f86b456fdf12550ea6234f698b5aa4486156b18fdf637e783bf6b4e069e8f2df25c1485dd649d48f8b87c1c86e61d632a61a9949bcbfe7675d12eff4aa6e7f56dec597a24a5bb2bc84bae94890c6364d179a7218bec345fc8b724d508b3033e7d6f4d50fe3aa63d63763cdebe1ab232f004a77505e36b10e5f592d1353329a8e72b6495b9439f2152833c7c5d417ff727ae9484f6da4fb24694b6cbdd08f31a052990956823bbfb94c54a296d4f8ff139dcee9b84709f3d760c713b703fc4b7bd44cec199145cdc85fc0d0cacac82a1d1458f476f31799cf831b960f5a9502be5e3f014acbfbc3036dff69423acbdcb2f9a7a754c4f212fa784653197d2a07e64b6c95cf259e4e66b3c396d17ac809dfb4d3be0c3ee738c7486c3fa6222acf90161bdde39554a9e84348b2f1861bee0239a33da7741d2b7c1f8b7f8ba29a1462c5d05eef34c8ce86c8be28031edf0f1897d877bc469e87fb8b1d2c8b4cad0f0f601d5812b97415c804da2b4caff2063e61f97698662c6e571ef935b6347505dd7b4a7e708ca3bd699b11bf3b48c5bdc8a9b901927a0ce8194461c00cb55a41f2ccf71a32f93eb3b5d00d7047dbada737df732f6fe30302d25cb4cc868430314ebce71111f344148e047495ed107868a8eb813fa2b791ea1abbda4bd10d12803cdd42a48b8bc3c8cc7bfdf65e49dd01702cbe8046b5c26e610a898c9af5242f0d96ee9d9439ab49cd4dec91929b54ac17543d8aeb4cb63f89e1123232b9579921adb4cddbad04f01a983ae9794048ec7e7ea18cc7c095cdc21f1a1d2bae65bb7a2f824f3439a1cedfa8e4836d8b23cfb2a64e9e178eaa8178b54c904d2a80aff773ed4856de9bad2e1eca76b7d5f0f57066219d378637ec41cec9ca952592c12c0fba575ce24aabf9eee0c194281aa7abf804842b20740b1a8c8b0659a9b82c9c8e415b5bfe2cc97cc43dba50d2fba7599d3f0fd9064f2b3f382d6e0b780f957e2cb473131a56e93a462aa0be31a75f419934476f48a45263e73197f91fbb06eb5f24ecd3dca9b7025e73901fe90c850b161592023086f82207d8bbc6ed7b8d540926051272658baac5bd105193f437bcdc70a6e4ae2d82aa945193a59ed6d0806430471c311a8e9f4ac1dd0d0ad364bd7aa23bb0f346d473262e3a441e53073abd8ffc48b383a93bb1885c57f78b28b511c6d714264c9c37260c0df087931a0b1f3c0db3b5dd01453c4c1e1b15346064cb21e9874e0762e58a5e70a8e2a5810b9c4405228c20103f8a81cb50b103a4facf3d51db6a0db6cb855e6c642e3c8d7d8c56f3b8f3ef0ad3c8b48e1538a8c0b475060da1fa76184489f0c8f70de1fb1766e551c94d1c173019537a0dfd7e4df777a34cd94f88adf8237bd0e5233784da8c07a4d413061dfd75966cd0bedd73a09460b756d0b4b2fb741e80557a3aff420230588b40e43cc83f8810877494b36cc73895e8158537d86f82339491c532f4a3ed82aa38b2bb872f2a3eb41df77fbc11a3e2febe1b253a699692ea1f9b0042002f3db784cc0340711c8c84211fc323f93dc6a20b21f4b3b53e13517c1698bf93bf6b10cf7019ea23c79e995533ba6e489a275a79e556f2576e8ed762be561e19990d868c3e11fb1073c7c0e1cf240fbd190bc5c859f22f49a7ad69c66c8dc47d1e718b7d38ed6fb008bbf797fdef23bc1a7e72638557b01068f1b8a5d8a03491bd6cdc3d97a4271ef0a8aee7f3526139041ce7f1395dd609e3e89f90be9a5da1cf002f13fb728cd8f50ff8ffdae38cdf1032c5481e109a788bf01688db79f1f1ffccb583aa2187392e7f534121849c8102095eca7c2364e59d8398970a12d0114a4ba03efebf7e030030654bf106dc28eb5ccb4e8b2692b8b7135e6f14d2ded0fe77bfa8651d83be09b68be6a4a6265792316e4e7cfe0b192ce379ffae63cc59fe40490796ccba60d59fa745b3d365204a94094e521aae3bb77d2d6025b41eae8fb658650874a1b4247b89bac76bd0b04549f0dd50a148295ac7d613e909d19fa951cf597185a3a7a5ffa4f4ef119f9b5432a7d81960136bbdf9439aa1f90e6fc9de245f74ca940c3e7416ed063d7b668b44aad3a07d3e759f999b44790eeea54e36a9181168e857c53499a335b9699af3aa6a3cdac6f7db45593e357d586fd3c2d936b452e1e95f069128bf499fef080f91b73b9bfeab87f2257d354c38fb71e2db566ae1ac4cb85fab8106d5019a735e139b28dcf6e2e9d3f563acd0cb92d3ddbf6fd16c789c392597d22bd2c5774f985558646b6091923e5f20b6e5f6a856b02d72427b353d9339b4681ea30b3af4efd665de4f6f3c4ca47a217c88b87742b2e4cccc09d939d87a7b9b24efe1d5b2818e64639a42ee38571e8b14cb097bfffe0cdeccd0912264b5dee8f5e70cf31f564b6ce14e253ae1cb077bbb8d9eb55ef674f217f1f383dafa475e774510319887244809a67711f28b15d6c5431447046401c0d8f5ab9da24d607b5a7878bc07b113ff030a30b290052efb06310a26880c8f1"}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "cf12c24a1147a42453cbc0c03024240bf36f15f8e31ac64dbdf5"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0xffffffec}, @NL80211_ATTR_VENDOR_DATA={0x18c, 0xc5, "8b7a620a0ff3c3fa132a369738d37869b69dfd7f9dce54e805d9aa31693078de1f6f118293c20ad95d4c7671c5de8f295f2a9c01181a0524b7287ba600ef7ee75e02acb26c24b7221831c75408015648dcd624c8d19b6127354e162af8e3357e29c91e0ebc8daa007bec2d43a4136d9811df0e7eed2f53fbae1610e315c4b4bbaebba4f583fde8769a356e16faf52f3be08861071624d2f8ee2cf0fe30fc34422903f4b5827b7843b53bec14edf89508e582b466e14c0ae3123d49c5e64ef218a3dd4e86a238464545a185569706d6098bde8688faa23da27d0958abaa46731034da62509dad793252300ee586694b176900f40c667ac4d3edae4b99ab2a88a66a7c92073cc067a98dbb8f26b60b74631f0b696ee0638bf221f5f9fd08ed5c788bdf4bd757f0e6b2982a5924a12b02f471f89db266338113bb3aec670e87ee3f3b04e819294a836c7c57d9262ea553a8aa2eed5e8063581f4bfcbcd2d5c68a9b6e35c97660116404fb34313936c807254f9298ba7ad23c2992d21bfc2aca29ab743196b7157797ea"}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x6}, @NL80211_ATTR_HW_TIMESTAMP_ENABLED={0x4}, @NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS={0x6, 0x151, 0x8aa6}]}, 0xa28}, 0x1, 0x0, 0x0, 0x8080}, 0x200000d5) sendfile$auto(r1, r1, 0x0, 0xd) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r0) socket(0x25, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r3 = io_uring_setup$auto(0x6, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) r5 = ioctl$auto_NS_GET_TGID_IN_PIDNS(r3, 0x8004b709, 0x0) rt_tgsigqueueinfo$auto_SIGCONT(r5, 0x0, 0x12, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f0000000200)={[0x80000000008, 0xffffffffffffff4b, 0x100000001, 0x15, 0x8000f000, 0x1, 0x5, 0x5, 0x8, 0x40000000000000, 0x2dde, 0x8, 0xfffffffffffffffa, 0xab, 0x8000000000000, 0x4]}, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex_requeue$auto(&(0x7f0000000040)={0xb, 0x6, 0x2, 0x2000000}, 0x0, 0xf, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(r4, 0x8, 0x0) 2.431751352s ago: executing program 6 (id=3943): openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x20d00, 0x0) lseek$auto(0x3, 0x8, 0x1) r0 = open(&(0x7f0000000080)='./file0\x00', 0x22ac2, 0x5d745cb200ae4d7b) msgctl$auto_IPC_INFO(0x9, 0x3, &(0x7f0000000100)={{0x8c, 0x0, 0xee00, 0x1, 0x10, 0xa}, &(0x7f0000000040)=0x7, &(0x7f00000000c0)=0xa, 0x94, 0x8000000000000001, 0x5a7, 0x1, 0x5, 0x8df6, 0x0, 0x79b4, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff}) mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) kill$auto(0x0, 0x15) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto(0x1, 0x5421, 0xa) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000002f80), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r2, &(0x7f0000003080)={0x0, 0x0, &(0x7f0000003040)={&(0x7f0000000040)={0x1c, r3, 0x5, 0x70bd2b, 0x25dfdbfd, {}, [@GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4c000}, 0x80) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r5 = io_uring_setup$auto(0xa, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x3fd, 0x7f, 0x0, 0x10001, 0x809, r5, [], {0x6, 0x4, 0x88cb, 0x4, 0x100, 0x7f, 0x100, 0x6, 0x2}, {0x8, 0x10000008, 0x56, 0x1, 0x1, 0x0, 0x76c2, 0x8000b, 0x2}}) r6 = socket(0x15, 0x5, 0x0) r7 = getsockopt$auto(r6, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) r8 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000040), r7) r9 = getpid() r10 = gettid() rt_tgsigqueueinfo$auto(r9, r10, 0x21, 0x0) socket(0x1e, 0x4, 0xa) sendmsg$auto_OVS_FLOW_CMD_GET(r7, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={&(0x7f0000000080)={0x1d0, r8, 0x100, 0x70bd27, 0x25dfdbff, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_MASK={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x17, 0x0, 0x0, @pid=r9}]}, @OVS_FLOW_ATTR_ACTIONS={0x19c, 0x2, 0x0, 0x1, [@generic="c147ddf87ef472c11162f52381a55d60d40538408003dc8c471d40b4fb79dbeeeb43d26c84fa41a90cb211d0ba3726", @generic="3479247d40898500d78c61eea1bcdcc3f5caa7dbb6a7331e8c6457b437ed25d8a8fdc2973437e35e82b32e4bf91a4b7d66b4789e3eb403fceb66d03d8700f45bac6b00ed1c6e9530c792b33a11c252a73488abd557e8154f5c5e748aca", @nested={0x10b, 0x27, 0x0, 0x1, [@nested={0x4, 0x2e}, @typed={0xc, 0x124, 0x0, 0x0, @u64=0x95e6}, @generic="c82f9f7754f6573ec2f4736af38480720a0334cabc7856ed2f016ac11ab52f7e282a8c70c1f86c9ec56a961d0d8344a20e85141a0d5b7d709fdac55ec6a74aef9a9e6d62e012ca44d6d2d179d17bf8d37f87439442333523e1e75e5240af0bcc845360e1beb5308f6e1e885b12af740f06e1d4ffbf9551fc80c3caac7bcbbd483af3479cae9b0180af9d439234e8515ec87ea72d223d3d93bf9e2880b338b457dad7584b2b2001832f2f531c2cce5a155dbd36647032995cbf7860a75c8301dcb5fe3528e605c58dc8b21a9e720b1d6087c37eabbd1e12c485efef5b94bae711ddca773010123e9b1c5596cc2b6c05b85ec78c", @nested={0x4, 0x2}]}]}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x43}, @OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x1d0}}, 0x1) prctl$auto_PR_SET_MM_ENV_END(0x300, 0xb, r9, 0x1, 0x6) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, r4, 0x425, 0x70bd27, 0x25dfdbfc, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_HASH={0xc, 0xb, 0x6}, @OVS_PACKET_ATTR_HASH={0xc}, @OVS_PACKET_ATTR_HASH={0xc, 0xb, 0xffffffff}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "e5a3f764a4a27a95b3a4a9c88a27"}, @OVS_PACKET_ATTR_HASH={0xc, 0xb, 0xb}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) ioctl$auto_KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000000200)={0x877, r1, 0x9, 0xfffffffffffffff7}) mount$auto(&(0x7f0000000000)='lo\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='afs\x00', 0x5, 0x0) 2.192475712s ago: executing program 1 (id=3944): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) select$auto(0x1c0d, &(0x7f00000000c0)={[0x40, 0xffff, 0x8167, 0x3, 0x0, 0x6019, 0x1000, 0x7fffffff, 0x2aa, 0x6, 0x7, 0x2, 0x7546, 0xe, 0x124, 0xc4]}, &(0x7f0000000140)={[0x5, 0x5, 0xffe3, 0xfffffffffffffffc, 0x9, 0x6, 0x69, 0xe1, 0x2, 0x1, 0x7, 0x18, 0x4ba0, 0x3, 0x8001, 0x5]}, &(0x7f00000001c0)={[0x9, 0x7fffffffffffffff, 0x5, 0x7, 0x9, 0x8, 0xe, 0xe, 0x5, 0x400, 0x8, 0x4, 0x8, 0x2, 0x40, 0x93]}, &(0x7f0000000040)={0x24d, 0x800}) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x310, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) io_uring_register$auto(0x2, 0x1, 0x0, 0x0) 2.180450571s ago: executing program 6 (id=3945): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/ath10k_core/uevent\x00', 0x18d441, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x8006, 0x0) epoll_create1$auto(0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2c, 0x3, 0x0) socket(0x10, 0x2, 0x4) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x1}, 0xe) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000000)='./file0\x00', 0x22240, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000380)={{&(0x7f00000001c0)="a36d3fa58cc14c483eaeefbda25ed11e6584b0e06b6f7d2a0920bb3dac705aa384572b6a4be4e5", 0x7fff, 0x0, 0x9, 0x0, 0x2, 0x9}, 0x2}, 0xfffffffd, 0x3, 0x0) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0)) 2.120109078s ago: executing program 1 (id=3946): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000002c0), 0x480, 0x0) mmap$auto(0x6, 0xffffffffffff0000, 0x4, 0x40009b7f, r0, 0x4) io_uring_setup$auto(0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x462f41, 0x0) write$auto(0x3, 0x0, 0x7fffffff) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r1, 0x0, 0x20000000001, 0x7fff) ioctl$auto(0xffffffffffffffff, 0x540a, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40146f2c, 0x0) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80180, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x6, 0xe27c, 0x8) r4 = socket(0x6, 0x1, 0x1) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x2, 0x20009, 0xffffffffffff7f1a, 0x4d982c9e, r4, 0x108000) 2.097067585s ago: executing program 6 (id=3947): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r0) mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, r0, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0xe8) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) sendfile$auto(r3, r3, 0x0, 0x1) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/swradio12\x00', 0x476280, 0x0) poll$auto(&(0x7f0000000480)={r4, 0xffff, 0x29}, 0x3, 0x8) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r5, &(0x7f0000003900)='\t', 0x1) read$auto(0xffffffffffffffff, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x8, 0xeb1, 0xfffffffffffffffa, 0xc000000008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) setsockopt$auto(0xffffffffffffffff, 0x1, 0xc, 0x0, 0x7fffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) keyctl$auto(0xe, 0x1, 0x0, 0x5eaf, 0x8) pipe$auto(&(0x7f0000001480)=0xffffffffffffffff) read$auto_console_fops_tty_io(r6, &(0x7f00000001c0)=""/142, 0x8e) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) writev$auto(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x3}, 0x8) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) 1.742571372s ago: executing program 5 (id=3948): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002340)='/dev/tty8\x00', 0x20342, 0x0) sendfile$auto(r0, r0, &(0x7f0000000240)=0xff, 0x1) (async) write$auto_tty_fops_tty_io(r0, &(0x7f0000000000)="3048307fe7cfae5771557100d8bad69fd3976cfac3e61a03fabad77665e9855382af4d3ad7effc1a0268500b20593480f4fcf1f9e78737dae2a19189b3eaa28927afe4fcf63e2c5a707579b4b3aee52068791f10bf91f2828e9bba0d832c5d9d535c6c6301fd5efab7f91db5088a62c0f4a5a091095d43bb119c834598e71617851c3246ffffe9da98d9ac1c505a6c21d764d48b10d5403a41819e7516e05329e230c80d9521ca5c93b8cc2383927b772707ed4e034a7f5feeacc17f6e5f29749b3dcbb7f03e8b6ebc1f1e3fb27b00b690d9b8b92cfbc932d9771a148700de464a7d89270f7e0819f3800b760a96f396dd70e4daffce4b76ebc6e16b3fd2af8f4761d76de5612ca38fd244de64bd91b1a38f5fdd", 0x114) (async) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) (async) r1 = socket(0x10, 0x2, 0x14) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) (async) ioctl$auto_SG_EMULATED_HOST2(0xffffffffffffffff, 0x2203, &(0x7f0000000140)="86db47025092a4e66c409e8ee148bb9607f7ec364661b51824045cb03120eb822dc2d0ce7eb5181e0feb3279f59c9a21c4f829bf0ad7e00bd48f44554c9d81f8e37624b1c53a9755169a8c72e231f115cae4f4e23ed30a6004cf1caf90842db7bee8fcaad3952a6b260b632b1ca8b0608bf4876a25d755b0b5235e03635ea08f6623b5847bb0a025bbc95c810cd00e31a251bbb4bc407ec522e16474713d38924547df5303757771ab993f631a9c063c9da849ed0483e34ac318737f41565ddc456243ff52c65b545d3e6e5a0caeb6e46d7efae97d6d") (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose11/tx_queue_len\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) write$auto(r2, 0x0, 0x8) (async) write$auto(0x3, 0x0, 0x3) (async) sendmmsg$auto(r1, 0x0, 0x3d55, 0x0) (async) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) (async) mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 1.644380925s ago: executing program 3 (id=3949): bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={0x0, 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r1, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto_KVM_GET_SUPPORTED_HV_CPUID(r4, 0xc008aec1, &(0x7f0000000040)={0x7ff}) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f0000000080)={0x40, 0x0, [{0x10, 0xe3, 0xb8}]}) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000804) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) read$auto_proc_setgroups_operations_base(r0, &(0x7f0000000280)=""/4096, 0x1000) read$auto(0x4, 0x0, 0xfdef) 1.452356797s ago: executing program 5 (id=3950): openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001a40), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001a80)={'wg2\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000002f40)={0x0, 0x0, &(0x7f0000002f00)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf251b0000000c00018008000100", @ANYRES32=r2, @ANYBLOB='\x00'/10, @ANYRES32, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x24040000}, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4, @old_map_fd=r5}, 0xa3) bpf$auto(0x9, &(0x7f00000001c0)=@raw_tracepoint={0x5, r6, 0x0, 0x3}, 0xc) ioctl$auto(0x3, 0x40a0ae49, 0x38) 1.300520852s ago: executing program 3 (id=3951): mmap$auto(0x0, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya9\x00', 0xc7f16bff2a10ba01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lowpan0/queues/tx-0/tx_maxrate\x00', 0x101000, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) socket(0xb, 0x8000a, 0x1ffffffe) io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x200, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x8500, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) ioctl$auto(r1, 0x4008af24, r0) 1.18495371s ago: executing program 6 (id=3952): bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x10001, 0x80000000, 0xffffffffffffffff, 0x7, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3}, 0x10) (fail_nth: 19) 1.098937901s ago: executing program 3 (id=3953): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000140), r1) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, 0x0, 0x0) socket(0x2, 0x80002, 0x73) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendto$auto(0x3, 0x0, 0x8, 0x101, &(0x7f0000000000)=@in={0x2, 0x4e20, @loopback}, 0x1c) io_uring_register$auto_IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000180)="6b0a5dfb1b5d0eb3168c6b6287d2f58683d8cfd7110445b2a56ae5f84499a4313bc55f4f7beb294022e72cd5875ee17d966938ae3f207f97a72c1964a46057b86de790a11a2dfab0b04272db79f3706e3e14615cd08c99fa90648a652c4d01134604715a0f2130cd4a4b85fd5ec1615195a894dfe2aa0d8f0093868402499ca3cda91a0b8560d079ae1b08041064c44265873e9cd4e7bd5afd5054820e99d7ac6094707bb01ea8ded4a708ed1a2ce28cc4ff947e58bb55c00dd35cff8eb911613128723738ed2df8883306e672ac7fccfda6e99c511b1c109b2cc2667993f5c493b3c51745e6db6a6b6065e7ca", 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/rotate\x00', 0xb02, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r3, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r4, &(0x7f0000000000)='-\x00', 0xfdef) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) io_uring_enter$auto(r2, 0x80000009, 0x10001, 0x7, 0x0, 0x2c) 1.080490394s ago: executing program 5 (id=3954): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open$dir(&(0x7f00000001c0)='./file0\x00', 0x201, 0x14) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000400)={0x38, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0x18, 0x4, 0x0, 0x1, [@nested={0x14, 0x29, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@generic="85f65a9a"]}, @typed={0x8, 0x2, 0x0, 0x0, @uid}]}]}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x48000}, 0x4000) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000500), 0xffffffffffffffff) open(&(0x7f0000000680)='./file0\x00', 0x9aa02, 0x1c7) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) ioctl$auto(r6, 0x5646, r6) read$auto_v4l2_fops_v4l2_dev(r6, &(0x7f0000000280)=""/40, 0x28) ioctl$auto(r6, 0x2400000, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r5, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f00000009c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080) shmctl$auto_IPC_RMID(0xa, 0x0, &(0x7f0000000200)={{0x9, 0xffffffffffffffff, 0xee01, 0x4, 0x100, 0xb1fffffd}, 0x400, 0x400000006, 0x8, 0x0, @inferred, @raw=0x7, 0x2, 0x0, &(0x7f0000000540)="19c3b829e71f4b4088493f392082a22870971f0a6107a7a2bac7aa4a2307871211d729673290d92d4dc6cb4e8f3dc05610b1d7f8ecb09146bded6242685bbb2208133f1eee407cc1caedcbf9d3b9cf073be2e4adffd1e720d238f387fa431c6c5866af5935e869857d0c18be984d97fc5b5b135cc5a4e79e979488e956bcabe41981d0f39c42633024fd53f8a4cb8a5b15e19e4b6896ddbca6bf6a85bf75807268765275f93625635db6e13918c908b925f34d77fc8b2cf3411b5eb531fb2a6d267153e90168076f90a22ca54a13f47add32bd1d6c996483f5a941d7ba98ab5c", &(0x7f0000000740)="2e55e9ee5f293332e76b54634eea61dc2187145174aefcc713bfe59fa80a1971082349a14a5764ebef929a0070d08b7fc4764d868c484d3b33cf35999dddba58bc3c912d44653ee2a07d6fb5fce6cf876f8c881161ee593715c3446b2754c9472c0d80ae944cf2cb1cdbfbe3e96a113bb70487a1ffc871b90a5f449cb57223f4567195f4908eaeae629e8565823508cc0ef60f13baf5feddc5c36dec32c6dff8616368b87c38e2a6cdb93c7bb9a02f07b8d0e7f910f690c00c74996b44f3aebdb75315bf48bb924dbf2f"}) syz_clone3(&(0x7f0000000940)={0x80000, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0), {0x20000004}, &(0x7f0000000840)=""/229, 0xe5, &(0x7f0000000440)=""/181, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x8, {r3}}, 0x58) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x280, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(r4, &(0x7f0000000080)='ila\x00', 0x7) write$auto(0x1, 0x0, 0x80000000) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) 1.012360736s ago: executing program 6 (id=3955): setregid$auto(0x5, 0x6) ioctl$auto_KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000001c0)={0x3, 0xffffffffffffffff, 0x1, 0x8}) quotactl$auto(0x7fff, &(0x7f0000000180)='nl802154\x00', r0, &(0x7f0000000340)="7fcbadcfe585381a9f09f0a5b84d91871bc2ec0c281e6f1ab6ad561bc7039f2bc8de5bddd95f10e8c0406c6a9ab2a785d2a1f8a4e1284b1416484efc02be5bdef60b51d0d03f4c4845efc3f1ad391ecb44cded840485ea54dd75e993ca1816c5ff582c5090c38f64b3e7a2d34725659e72f44615ea9b4ceb3c897652c0f0feacafc184ba8b3185f99edae78bfe5cd7f64155c8f7d80bb64b2018cf659553c51644ef") r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = prctl$auto_PR_SCHED_CORE_GET(0x8000, 0x0, r1, 0x3ff, 0x2) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) inotify_init1$auto(0x2) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r3) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r3) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="1b0026bd7000fddbdf250b0000002c00038028000180240006801d0074804cfe4d8088a8d00088a80000040003002a9d272f66040033800000000400038004000280"], 0x48}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000140), r2) sendmsg$auto_NL802154_CMD_SEND_BEACONS(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xff10, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="57d33ad8", @ANYRES16=r6, @ANYBLOB="000126bd7000fddbdf2526000000"], 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x40010) ptrace$auto(0x10, r1, 0x4, 0x7ff) ptrace$auto_PTRACE_SETSIGINFO(0x4203, r1, 0x4, 0x3ff) 287.774465ms ago: executing program 1 (id=3956): socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x34b) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xb, 0x1, 0x948b, 0x3, 0x4, 0x10060000000, 0x6, 0x62, 0x8000001d, 0x8, 0x6d3b, 0x9, 0x8, 0x4]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10007) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88282, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x0, 0x14, 0x0, 0x6) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8}, 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000600)='/sys/kernel/mm/lru_gen/enabled\x00', 0x2062, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) write$auto(r1, &(0x7f00000001c0)='y\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000180), r0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x389803, 0x0) eventfd$auto(0x5d5d) socket$nl_generic(0x10, 0x3, 0x10) 0s ago: executing program 3 (id=3957): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/bridge_slave_0/proxy_arp\x00', 0xa2202, 0x0) r2 = pipe$auto(&(0x7f0000000040)=r0) sendmsg$auto_NL80211_CMD_ADD_LINK_STA(r2, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000d40)={0xa28, 0x0, 0x8, 0x70bd2a, 0x25dfdbff, {}, [@NL80211_ATTR_IE_ASSOC_RESP={0x84b, 0x80, "6c8af74ebddba772205753669db1cbc3ca5a2051f6a8d6c5f2636d197900fe7c9ea3ba29c933a3455eb0c1e9f616105232a2490a94109b214a4442c48ce8871a1f41c48c922f5bda0a0b54272185ea8ff5f66d60a7a2281c36648b3e338c1c1e858935aba5c3a24093c5586b89cb2560e25628b2e2b365b591e78be173f498c44ef862a034a7c30faa9d11ebaaba434eb2ddd18062f1096569c70c722936877d3ed6b385fa95952383b0d0a9a2d13dec969646c6d6face2b6ae00945ce37a8af04247c802c03e4b9714c0a122ac7aeac83a726c6d6e5041356b0662ae071b8d21b2e95320d3f4f5fce4e647aa43745b3f71e7820f7de21e557d90a13b8a5e6eabe7dcd117ddfffa2da0c608e1c0f28d399a16b1aeee8b60e9dd00791826c6c478bcdf9f9c1d48ac06822db1b42cc4f7fdff81259e3378bdc89f75c8aa2e73d2152771d0f86b456fdf12550ea6234f698b5aa4486156b18fdf637e783bf6b4e069e8f2df25c1485dd649d48f8b87c1c86e61d632a61a9949bcbfe7675d12eff4aa6e7f56dec597a24a5bb2bc84bae94890c6364d179a7218bec345fc8b724d508b3033e7d6f4d50fe3aa63d63763cdebe1ab232f004a77505e36b10e5f592d1353329a8e72b6495b9439f2152833c7c5d417ff727ae9484f6da4fb24694b6cbdd08f31a052990956823bbfb94c54a296d4f8ff139dcee9b84709f3d760c713b703fc4b7bd44cec199145cdc85fc0d0cacac82a1d1458f476f31799cf831b960f5a9502be5e3f014acbfbc3036dff69423acbdcb2f9a7a754c4f212fa784653197d2a07e64b6c95cf259e4e66b3c396d17ac809dfb4d3be0c3ee738c7486c3fa6222acf90161bdde39554a9e84348b2f1861bee0239a33da7741d2b7c1f8b7f8ba29a1462c5d05eef34c8ce86c8be28031edf0f1897d877bc469e87fb8b1d2c8b4cad0f0f601d5812b97415c804da2b4caff2063e61f97698662c6e571ef935b6347505dd7b4a7e708ca3bd699b11bf3b48c5bdc8a9b901927a0ce8194461c00cb55a41f2ccf71a32f93eb3b5d00d7047dbada737df732f6fe30302d25cb4cc868430314ebce71111f344148e047495ed107868a8eb813fa2b791ea1abbda4bd10d12803cdd42a48b8bc3c8cc7bfdf65e49dd01702cbe8046b5c26e610a898c9af5242f0d96ee9d9439ab49cd4dec91929b54ac17543d8aeb4cb63f89e1123232b9579921adb4cddbad04f01a983ae9794048ec7e7ea18cc7c095cdc21f1a1d2bae65bb7a2f824f3439a1cedfa8e4836d8b23cfb2a64e9e178eaa8178b54c904d2a80aff773ed4856de9bad2e1eca76b7d5f0f57066219d378637ec41cec9ca952592c12c0fba575ce24aabf9eee0c194281aa7abf804842b20740b1a8c8b0659a9b82c9c8e415b5bfe2cc97cc43dba50d2fba7599d3f0fd9064f2b3f382d6e0b780f957e2cb473131a56e93a462aa0be31a75f419934476f48a45263e73197f91fbb06eb5f24ecd3dca9b7025e73901fe90c850b161592023086f82207d8bbc6ed7b8d540926051272658baac5bd105193f437bcdc70a6e4ae2d82aa945193a59ed6d0806430471c311a8e9f4ac1dd0d0ad364bd7aa23bb0f346d473262e3a441e53073abd8ffc48b383a93bb1885c57f78b28b511c6d714264c9c37260c0df087931a0b1f3c0db3b5dd01453c4c1e1b15346064cb21e9874e0762e58a5e70a8e2a5810b9c4405228c20103f8a81cb50b103a4facf3d51db6a0db6cb855e6c642e3c8d7d8c56f3b8f3ef0ad3c8b48e1538a8c0b475060da1fa76184489f0c8f70de1fb1766e551c94d1c173019537a0dfd7e4df777a34cd94f88adf8237bd0e5233784da8c07a4d413061dfd75966cd0bedd73a09460b756d0b4b2fb741e80557a3aff420230588b40e43cc83f8810877494b36cc73895e8158537d86f82339491c532f4a3ed82aa38b2bb872f2a3eb41df77fbc11a3e2febe1b253a699692ea1f9b0042002f3db784cc0340711c8c84211fc323f93dc6a20b21f4b3b53e13517c1698bf93bf6b10cf7019ea23c79e995533ba6e489a275a79e556f2576e8ed762be561e19990d868c3e11fb1073c7c0e1cf240fbd190bc5c859f22f49a7ad69c66c8dc47d1e718b7d38ed6fb008bbf797fdef23bc1a7e72638557b01068f1b8a5d8a03491bd6cdc3d97a4271ef0a8aee7f3526139041ce7f1395dd609e3e89f90be9a5da1cf002f13fb728cd8f50ff8ffdae38cdf1032c5481e109a788bf01688db79f1f1ffccb583aa2187392e7f534121849c8102095eca7c2364e59d8398970a12d0114a4ba03efebf7e030030654bf106dc28eb5ccb4e8b2692b8b7135e6f14d2ded0fe77bfa8651d83be09b68be6a4a6265792316e4e7cfe0b192ce379ffae63cc59fe40490796ccba60d59fa745b3d365204a94094e521aae3bb77d2d6025b41eae8fb658650874a1b4247b89bac76bd0b04549f0dd50a148295ac7d613e909d19fa951cf597185a3a7a5ffa4f4ef119f9b5432a7d81960136bbdf9439aa1f90e6fc9de245f74ca940c3e7416ed063d7b668b44aad3a07d3e759f999b44790eeea54e36a9181168e857c53499a335b9699af3aa6a3cdac6f7db45593e357d586fd3c2d936b452e1e95f069128bf499fef080f91b73b9bfeab87f2257d354c38fb71e2db566ae1ac4cb85fab8106d5019a735e139b28dcf6e2e9d3f563acd0cb92d3ddbf6fd16c789c392597d22bd2c5774f985558646b6091923e5f20b6e5f6a856b02d72427b353d9339b4681ea30b3af4efd665de4f6f3c4ca47a217c88b87742b2e4cccc09d939d87a7b9b24efe1d5b2818e64639a42ee38571e8b14cb097bfffe0cdeccd0912264b5dee8f5e70cf31f564b6ce14e253ae1cb077bbb8d9eb55ef674f217f1f383dafa475e774510319887244809a67711f28b15d6c5431447046401c0d8f5ab9da24d607b5a7878bc07b113ff030a30b290052efb06310a26880c8f1"}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "cf12c24a1147a42453cbc0c03024240bf36f15f8e31ac64dbdf5"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0xffffffec}, @NL80211_ATTR_VENDOR_DATA={0x18c, 0xc5, "8b7a620a0ff3c3fa132a369738d37869b69dfd7f9dce54e805d9aa31693078de1f6f118293c20ad95d4c7671c5de8f295f2a9c01181a0524b7287ba600ef7ee75e02acb26c24b7221831c75408015648dcd624c8d19b6127354e162af8e3357e29c91e0ebc8daa007bec2d43a4136d9811df0e7eed2f53fbae1610e315c4b4bbaebba4f583fde8769a356e16faf52f3be08861071624d2f8ee2cf0fe30fc34422903f4b5827b7843b53bec14edf89508e582b466e14c0ae3123d49c5e64ef218a3dd4e86a238464545a185569706d6098bde8688faa23da27d0958abaa46731034da62509dad793252300ee586694b176900f40c667ac4d3edae4b99ab2a88a66a7c92073cc067a98dbb8f26b60b74631f0b696ee0638bf221f5f9fd08ed5c788bdf4bd757f0e6b2982a5924a12b02f471f89db266338113bb3aec670e87ee3f3b04e819294a836c7c57d9262ea553a8aa2eed5e8063581f4bfcbcd2d5c68a9b6e35c97660116404fb34313936c807254f9298ba7ad23c2992d21bfc2aca29ab743196b7157797ea"}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x6}, @NL80211_ATTR_HW_TIMESTAMP_ENABLED={0x4}, @NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS={0x6, 0x151, 0x8aa6}]}, 0xa28}, 0x1, 0x0, 0x0, 0x8080}, 0x200000d5) sendfile$auto(r1, r1, 0x0, 0xd) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r0) socket(0x25, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r3 = io_uring_setup$auto(0x6, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) r5 = ioctl$auto_NS_GET_TGID_IN_PIDNS(r3, 0x8004b709, 0x0) rt_tgsigqueueinfo$auto_SIGCONT(r5, 0x0, 0x12, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f0000000200)={[0x80000000008, 0xffffffffffffff4b, 0x100000001, 0x15, 0x8000f000, 0x1, 0x5, 0x5, 0x8, 0x40000000000000, 0x2dde, 0x8, 0xfffffffffffffffa, 0xab, 0x8000000000000, 0x4]}, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) futex_requeue$auto(&(0x7f0000000040)={0xb, 0x6, 0x2, 0x2000000}, 0x0, 0xf, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(r4, 0x8, 0x0) kernel console output (not intermixed with test programs): =0 errno=0 [ 776.067691][T19124] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 776.897509][T19140] FAULT_INJECTION: forcing a failure. [ 776.897509][T19140] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 776.946194][T19140] CPU: 1 UID: 0 PID: 19140 Comm: syz.5.3355 Tainted: G U L syzkaller #0 PREEMPT(full) [ 776.946223][T19140] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 776.946229][T19140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 776.946238][T19140] Call Trace: [ 776.946245][T19140] [ 776.946254][T19140] dump_stack_lvl+0x16c/0x1f0 [ 776.946281][T19140] should_fail_ex+0x512/0x640 [ 776.946301][T19140] _copy_from_iter+0x2a4/0x16c0 [ 776.946320][T19140] ? __alloc_skb+0x220/0x410 [ 776.946336][T19140] ? __alloc_skb+0x35d/0x410 [ 776.946351][T19140] ? __pfx__copy_from_iter+0x10/0x10 [ 776.946367][T19140] ? netlink_autobind.isra.0+0x158/0x370 [ 776.946395][T19140] netlink_sendmsg+0x820/0xdd0 [ 776.946418][T19140] ? __pfx_netlink_sendmsg+0x10/0x10 [ 776.946441][T19140] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 776.946475][T19140] ____sys_sendmsg+0xa5d/0xc30 [ 776.946498][T19140] ? copy_msghdr_from_user+0x10a/0x160 [ 776.946517][T19140] ? __pfx_____sys_sendmsg+0x10/0x10 [ 776.946547][T19140] ___sys_sendmsg+0x134/0x1d0 [ 776.946566][T19140] ? __pfx____sys_sendmsg+0x10/0x10 [ 776.946607][T19140] __sys_sendmsg+0x16d/0x220 [ 776.946633][T19140] ? __pfx___sys_sendmsg+0x10/0x10 [ 776.946663][T19140] do_syscall_64+0xcd/0xf80 [ 776.946686][T19140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 776.946703][T19140] RIP: 0033:0x7fa016d8f7c9 [ 776.946715][T19140] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 776.946731][T19140] RSP: 002b:00007fa017cbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 776.946746][T19140] RAX: ffffffffffffffda RBX: 00007fa016fe6090 RCX: 00007fa016d8f7c9 [ 776.946756][T19140] RDX: 0000000000008000 RSI: 0000200000002740 RDI: 0000000000000003 [ 776.946765][T19140] RBP: 00007fa017cbf090 R08: 0000000000000000 R09: 0000000000000000 [ 776.946774][T19140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 776.946782][T19140] R13: 00007fa016fe6128 R14: 00007fa016fe6090 R15: 00007ffc39f7a6b8 [ 776.946802][T19140] [ 778.480039][T19162] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 779.107463][T19177] raw_sendmsg: syz.5.3366 forgot to set AF_INET. Fix it! [ 779.645242][T19185] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3365'. [ 779.688806][T19182] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 779.718328][T19185] FAULT_INJECTION: forcing a failure. [ 779.718328][T19185] name failslab, interval 1, probability 0, space 0, times 0 [ 779.745120][T19185] CPU: 0 UID: 0 PID: 19185 Comm: syz.0.3365 Tainted: G U L syzkaller #0 PREEMPT(full) [ 779.745171][T19185] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 779.745183][T19185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 779.745201][T19185] Call Trace: [ 779.745211][T19185] [ 779.745223][T19185] dump_stack_lvl+0x16c/0x1f0 [ 779.745270][T19185] should_fail_ex+0x512/0x640 [ 779.745301][T19185] ? kmem_cache_alloc_noprof+0x62/0x770 [ 779.745340][T19185] should_failslab+0xc2/0x120 [ 779.745382][T19185] kmem_cache_alloc_noprof+0x83/0x770 [ 779.745417][T19185] ? getname_flags.part.0+0x4c/0x550 [ 779.745456][T19185] ? getname_flags.part.0+0x4c/0x550 [ 779.745485][T19185] getname_flags.part.0+0x4c/0x550 [ 779.745522][T19185] getname_flags+0x93/0xf0 [ 779.745559][T19185] do_sys_openat2+0xb9/0x290 [ 779.745591][T19185] ? __pfx_do_sys_openat2+0x10/0x10 [ 779.745626][T19185] ? find_held_lock+0x2b/0x80 [ 779.745670][T19185] __x64_sys_openat+0x174/0x210 [ 779.745708][T19185] ? __pfx___x64_sys_openat+0x10/0x10 [ 779.745753][T19185] do_syscall_64+0xcd/0xf80 [ 779.745792][T19185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.745821][T19185] RIP: 0033:0x7fa1bdf8f7c9 [ 779.745845][T19185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 779.745873][T19185] RSP: 002b:00007fa1bed8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 779.745901][T19185] RAX: ffffffffffffffda RBX: 00007fa1be1e5fa0 RCX: 00007fa1bdf8f7c9 [ 779.745922][T19185] RDX: 0000000000000002 RSI: 0000200000004ec0 RDI: ffffffffffffff9c [ 779.745942][T19185] RBP: 00007fa1be013f91 R08: 0000000000000000 R09: 0000000000000000 [ 779.745960][T19185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 779.745978][T19185] R13: 00007fa1be1e6038 R14: 00007fa1be1e5fa0 R15: 00007fff466f7ee8 [ 779.746017][T19185] [ 780.478582][T19199] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 780.576120][T19203] netlink: 186 bytes leftover after parsing attributes in process `syz.5.3374'. [ 780.592435][T19203] netlink: 186 bytes leftover after parsing attributes in process `syz.5.3374'. [ 780.652903][T19206] ubi2: attaching mtd1 [ 780.676907][T19206] ubi2: scanning is finished [ 780.693277][T19206] ubi2: empty MTD device detected [ 780.703605][T19206] ubi2 error: ubi_early_get_peb: no free eraseblocks [ 780.761649][T19206] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28 [ 780.782787][T19208] ubi2: attaching mtd1 [ 780.794257][T19208] ubi2: scanning is finished [ 780.802317][T19208] ubi2: empty MTD device detected [ 780.808256][T19208] ubi2 error: ubi_early_get_peb: no free eraseblocks [ 780.848434][T19208] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28 [ 782.649782][T19246] FAULT_INJECTION: forcing a failure. [ 782.649782][T19246] name fail_futex, interval 1, probability 0, space 0, times 0 [ 782.663199][T19246] CPU: 1 UID: 0 PID: 19246 Comm: syz.5.3386 Tainted: G U L syzkaller #0 PREEMPT(full) [ 782.663226][T19246] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 782.663232][T19246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 782.663241][T19246] Call Trace: [ 782.663247][T19246] [ 782.663253][T19246] dump_stack_lvl+0x16c/0x1f0 [ 782.663280][T19246] should_fail_ex+0x512/0x640 [ 782.663299][T19246] get_futex_key+0x1d0/0x15f0 [ 782.663318][T19246] ? __pfx_get_futex_key+0x10/0x10 [ 782.663334][T19246] ? find_held_lock+0x2b/0x80 [ 782.663359][T19246] futex_wake+0xea/0x530 [ 782.663380][T19246] ? __pfx_futex_wake+0x10/0x10 [ 782.663408][T19246] ? __pfx_vfs_writev+0x10/0x10 [ 782.663432][T19246] ? do_writev+0x218/0x340 [ 782.663454][T19246] do_futex+0x1e3/0x350 [ 782.663471][T19246] ? __pfx_do_futex+0x10/0x10 [ 782.663493][T19246] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 782.663544][T19246] __x64_sys_futex+0x1e0/0x4c0 [ 782.663577][T19246] ? native_tss_update_io_bitmap+0x3e1/0x740 [ 782.663604][T19246] ? __pfx___x64_sys_futex+0x10/0x10 [ 782.663622][T19246] ? __pfx_do_writev+0x10/0x10 [ 782.663646][T19246] do_syscall_64+0xcd/0xf80 [ 782.663669][T19246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.663684][T19246] RIP: 0033:0x7fa016d8f7c9 [ 782.663699][T19246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 782.663714][T19246] RSP: 002b:00007fa017ce00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 782.663729][T19246] RAX: ffffffffffffffda RBX: 00007fa016fe5fa8 RCX: 00007fa016d8f7c9 [ 782.663739][T19246] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa016fe5fac [ 782.663749][T19246] RBP: 00007fa016fe5fa0 R08: 00007fa017ce1000 R09: 0000000000000000 [ 782.663759][T19246] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 782.663769][T19246] R13: 00007fa016fe6038 R14: 00007ffc39f7a5d0 R15: 00007ffc39f7a6b8 [ 782.663801][T19246] [ 784.838669][T19288] netlink: 342 bytes leftover after parsing attributes in process `syz.5.3395'. [ 785.372738][T19294] FAULT_INJECTION: forcing a failure. [ 785.372738][T19294] name fail_futex, interval 1, probability 0, space 0, times 0 [ 785.387032][T19294] CPU: 1 UID: 0 PID: 19294 Comm: syz.1.3397 Tainted: G U L syzkaller #0 PREEMPT(full) [ 785.387113][T19294] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 785.387123][T19294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 785.387139][T19294] Call Trace: [ 785.387149][T19294] [ 785.387160][T19294] dump_stack_lvl+0x16c/0x1f0 [ 785.387204][T19294] should_fail_ex+0x512/0x640 [ 785.387237][T19294] get_futex_key+0x1d0/0x15f0 [ 785.387271][T19294] ? __pfx_get_futex_key+0x10/0x10 [ 785.387297][T19294] ? find_held_lock+0x2b/0x80 [ 785.387341][T19294] futex_wake+0xea/0x530 [ 785.387379][T19294] ? __pfx_futex_wake+0x10/0x10 [ 785.387414][T19294] ? __pfx_vfs_writev+0x10/0x10 [ 785.387452][T19294] ? do_writev+0x218/0x340 [ 785.387491][T19294] do_futex+0x1e3/0x350 [ 785.387521][T19294] ? __pfx_do_futex+0x10/0x10 [ 785.387548][T19294] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 785.387599][T19294] __x64_sys_futex+0x1e0/0x4c0 [ 785.387630][T19294] ? native_tss_update_io_bitmap+0x3e1/0x740 [ 785.387660][T19294] ? __pfx___x64_sys_futex+0x10/0x10 [ 785.387691][T19294] ? __pfx_do_writev+0x10/0x10 [ 785.387734][T19294] do_syscall_64+0xcd/0xf80 [ 785.387774][T19294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 785.387800][T19294] RIP: 0033:0x7f5c4418f7c9 [ 785.387824][T19294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 785.387852][T19294] RSP: 002b:00007f5c450070e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 785.387877][T19294] RAX: ffffffffffffffda RBX: 00007f5c443e5fa8 RCX: 00007f5c4418f7c9 [ 785.387896][T19294] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5c443e5fac [ 785.387913][T19294] RBP: 00007f5c443e5fa0 R08: 00007f5c45008000 R09: 0000000000000000 [ 785.387929][T19294] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 785.387946][T19294] R13: 00007f5c443e6038 R14: 00007ffd95a3bf00 R15: 00007ffd95a3bfe8 [ 785.387982][T19294] [ 785.658200][T19297] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3398'. [ 786.649501][T19314] Invalid ELF header magic: != ELF [ 787.271596][T19333] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3406'. [ 787.518174][T19338] usb usb36: usbfs: process 19338 (syz.5.3409) did not claim interface 0 before use [ 787.537199][T19318] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 789.224503][T19363] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 789.313310][T19355] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 791.139860][T19386] ubi2: attaching mtd1 [ 791.160181][T19386] ubi2: scanning is finished [ 791.181577][T19386] ubi2: empty MTD device detected [ 791.239950][T19386] ubi2 error: ubi_early_get_peb: no free eraseblocks [ 791.301531][T19386] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28 [ 791.407727][T19388] FAULT_INJECTION: forcing a failure. [ 791.407727][T19388] name fail_futex, interval 1, probability 0, space 0, times 0 [ 791.431590][T19388] CPU: 0 UID: 0 PID: 19388 Comm: syz.3.3421 Tainted: G U L syzkaller #0 PREEMPT(full) [ 791.431635][T19388] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 791.431645][T19388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 791.431660][T19388] Call Trace: [ 791.431668][T19388] [ 791.431678][T19388] dump_stack_lvl+0x16c/0x1f0 [ 791.431718][T19388] should_fail_ex+0x512/0x640 [ 791.431751][T19388] get_futex_key+0x1d0/0x15f0 [ 791.431782][T19388] ? __pfx_get_futex_key+0x10/0x10 [ 791.431820][T19388] futex_wake+0xea/0x530 [ 791.431855][T19388] ? __pfx_futex_wake+0x10/0x10 [ 791.431900][T19388] do_futex+0x1e3/0x350 [ 791.431928][T19388] ? __pfx_do_futex+0x10/0x10 [ 791.431953][T19388] ? __might_fault+0xe3/0x190 [ 791.431990][T19388] mm_release+0x24e/0x300 [ 791.432023][T19388] do_exit+0x69e/0x2bd0 [ 791.432052][T19388] ? __pfx_do_exit+0x10/0x10 [ 791.432075][T19388] ? do_raw_spin_lock+0x12c/0x2b0 [ 791.432102][T19388] ? find_held_lock+0x2b/0x80 [ 791.432138][T19388] do_group_exit+0xd3/0x2a0 [ 791.432165][T19388] get_signal+0x2671/0x26d0 [ 791.432209][T19388] ? __pfx_get_signal+0x10/0x10 [ 791.432244][T19388] ? do_futex+0x122/0x350 [ 791.432273][T19388] arch_do_signal_or_restart+0x8f/0x7a0 [ 791.432315][T19388] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 791.432356][T19388] ? native_tss_update_io_bitmap+0x3e1/0x740 [ 791.432385][T19388] ? __pfx___x64_sys_futex+0x10/0x10 [ 791.432418][T19388] exit_to_user_mode_loop+0x8c/0x540 [ 791.432453][T19388] do_syscall_64+0x4ee/0xf80 [ 791.432491][T19388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 791.432516][T19388] RIP: 0033:0x7f917898f7c9 [ 791.432536][T19388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 791.432559][T19388] RSP: 002b:00007f917985a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 791.432582][T19388] RAX: fffffffffffffe00 RBX: 00007f9178be5fa8 RCX: 00007f917898f7c9 [ 791.432599][T19388] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9178be5fa8 [ 791.432614][T19388] RBP: 00007f9178be5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 791.432630][T19388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 791.432645][T19388] R13: 00007f9178be6038 R14: 00007ffcff9ed190 R15: 00007ffcff9ed278 [ 791.432678][T19388] [ 792.076968][T19401] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 792.090417][T19401] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 792.097016][T19401] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 792.106724][T19401] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 792.112911][T19401] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 793.136725][T19421] FAULT_INJECTION: forcing a failure. [ 793.136725][T19421] name failslab, interval 1, probability 0, space 0, times 0 [ 793.173234][T19421] CPU: 1 UID: 0 PID: 19421 Comm: syz.5.3428 Tainted: G U L syzkaller #0 PREEMPT(full) [ 793.173286][T19421] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 793.173297][T19421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 793.173323][T19421] Call Trace: [ 793.173333][T19421] [ 793.173345][T19421] dump_stack_lvl+0x16c/0x1f0 [ 793.173393][T19421] should_fail_ex+0x512/0x640 [ 793.173424][T19421] ? __kmalloc_cache_noprof+0x5f/0x800 [ 793.173463][T19421] should_failslab+0xc2/0x120 [ 793.173507][T19421] __kmalloc_cache_noprof+0x80/0x800 [ 793.173541][T19421] ? trace_parse_run_command+0x58/0x400 [ 793.173591][T19421] ? trace_parse_run_command+0x58/0x400 [ 793.173633][T19421] trace_parse_run_command+0x58/0x400 [ 793.173672][T19421] ? __pfx_create_dyn_event+0x10/0x10 [ 793.173707][T19421] ? __pfx_dyn_event_write+0x10/0x10 [ 793.173734][T19421] vfs_write+0x2a0/0x11d0 [ 793.173775][T19421] ? __pfx___mutex_lock+0x10/0x10 [ 793.173822][T19421] ? __pfx_vfs_write+0x10/0x10 [ 793.173871][T19421] ? __fget_files+0x20e/0x3c0 [ 793.173921][T19421] ksys_write+0x12a/0x250 [ 793.173965][T19421] ? __pfx_ksys_write+0x10/0x10 [ 793.174015][T19421] do_syscall_64+0xcd/0xf80 [ 793.174060][T19421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 793.174090][T19421] RIP: 0033:0x7fa016d8f7c9 [ 793.174114][T19421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 793.174142][T19421] RSP: 002b:00007fa017c9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 793.174170][T19421] RAX: ffffffffffffffda RBX: 00007fa016fe6180 RCX: 00007fa016d8f7c9 [ 793.174189][T19421] RDX: 0000000000000002 RSI: 0000200000000040 RDI: 0000000000000007 [ 793.174208][T19421] RBP: 00007fa016e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 793.174226][T19421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 793.174244][T19421] R13: 00007fa016fe6218 R14: 00007fa016fe6180 R15: 00007ffc39f7a6b8 [ 793.174285][T19421] [ 793.755446][T19438] ubi2: attaching mtd1 [ 793.761242][T19438] ubi2: scanning is finished [ 793.775889][T19438] ubi2: empty MTD device detected [ 793.781416][T19438] ubi2 error: ubi_early_get_peb: no free eraseblocks [ 793.947837][T19438] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28 [ 794.124213][T19447] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 794.165872][T15138] Bluetooth: hci4: command 0x0c1a tx timeout [ 794.166286][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 794.171916][T15138] Bluetooth: hci3: command 0x0c1a tx timeout [ 794.178026][T18030] Bluetooth: hci0: command 0x0c1a tx timeout [ 794.183902][T15138] Bluetooth: hci1: command 0x0c1a tx timeout [ 794.212001][T19450] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 794.362432][ T52] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 794.372922][ T52] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 794.382387][ T52] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 794.390544][ T52] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 794.398346][ T52] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 794.768787][T19452] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 795.181598][T19480] FAULT_INJECTION: forcing a failure. [ 795.181598][T19480] name failslab, interval 1, probability 0, space 0, times 0 [ 795.261303][T19480] CPU: 1 UID: 0 PID: 19480 Comm: syz.1.3436 Tainted: G U L syzkaller #0 PREEMPT(full) [ 795.261350][T19480] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 795.261360][T19480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 795.261376][T19480] Call Trace: [ 795.261386][T19480] [ 795.261398][T19480] dump_stack_lvl+0x16c/0x1f0 [ 795.261441][T19480] should_fail_ex+0x512/0x640 [ 795.261469][T19480] ? __kmalloc_noprof+0xca/0x910 [ 795.261497][T19480] should_failslab+0xc2/0x120 [ 795.261533][T19480] __kmalloc_noprof+0xeb/0x910 [ 795.261556][T19480] ? stack_trace_save+0x8e/0xc0 [ 795.261591][T19480] ? __d_alloc+0x35/0xa80 [ 795.261611][T19480] ? __d_alloc+0x676/0xa80 [ 795.261637][T19480] ? __d_alloc+0x676/0xa80 [ 795.261659][T19480] __d_alloc+0x676/0xa80 [ 795.261688][T19480] d_alloc_parallel+0x111/0x1510 [ 795.261732][T19480] ? find_held_lock+0x2b/0x80 [ 795.261769][T19480] ? __pfx_d_alloc_parallel+0x10/0x10 [ 795.261806][T19480] ? __d_lookup+0x266/0x4a0 [ 795.261847][T19480] lookup_open.isra.0+0x66c/0x1780 [ 795.261891][T19480] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 795.261945][T19480] ? find_held_lock+0x2b/0x80 [ 795.261986][T19480] ? __pfx_down_write+0x10/0x10 [ 795.262020][T19480] path_openat+0xa95/0x3140 [ 795.262069][T19480] ? __pfx_path_openat+0x10/0x10 [ 795.262114][T19480] ? __lock_acquire+0x436/0x2890 [ 795.262145][T19480] do_filp_open+0x20b/0x470 [ 795.262227][T19480] ? __pfx_do_filp_open+0x10/0x10 [ 795.262295][T19480] ? _raw_spin_unlock+0x28/0x50 [ 795.262326][T19480] ? alloc_fd+0x471/0x7d0 [ 795.262370][T19480] do_sys_openat2+0x121/0x290 [ 795.262399][T19480] ? __pfx_do_sys_openat2+0x10/0x10 [ 795.262432][T19480] ? __fget_files+0x20e/0x3c0 [ 795.262477][T19480] __x64_sys_open+0x153/0x1e0 [ 795.262506][T19480] ? __pfx___x64_sys_open+0x10/0x10 [ 795.262544][T19480] ? rcu_is_watching+0x12/0xc0 [ 795.262582][T19480] do_syscall_64+0xcd/0xf80 [ 795.262623][T19480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 795.262652][T19480] RIP: 0033:0x7f5c4418f7c9 [ 795.262674][T19480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 795.262701][T19480] RSP: 002b:00007f5c45007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 795.262726][T19480] RAX: ffffffffffffffda RBX: 00007f5c443e5fa0 RCX: 00007f5c4418f7c9 [ 795.262744][T19480] RDX: 00000000000000d1 RSI: 0000000000103040 RDI: 0000200000000380 [ 795.262762][T19480] RBP: 00007f5c45007090 R08: 0000000000000000 R09: 0000000000000000 [ 795.262778][T19480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 795.262794][T19480] R13: 00007f5c443e6038 R14: 00007f5c443e5fa0 R15: 00007ffd95a3bfe8 [ 795.262831][T19480] [ 795.704498][T19484] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 795.831762][T19454] chnl_net:caif_netlink_parms(): no params data found [ 795.976589][T19454] bridge0: port 1(bridge_slave_0) entered blocking state [ 795.983830][T19454] bridge0: port 1(bridge_slave_0) entered disabled state [ 795.996165][T19454] bridge_slave_0: entered allmulticast mode [ 796.004534][T19454] bridge_slave_0: entered promiscuous mode [ 796.014518][T19454] bridge0: port 2(bridge_slave_1) entered blocking state [ 796.022254][T19454] bridge0: port 2(bridge_slave_1) entered disabled state [ 796.030788][T19454] bridge_slave_1: entered allmulticast mode [ 796.039130][T19454] bridge_slave_1: entered promiscuous mode [ 796.081664][T19454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 796.096600][T19454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 796.154178][T19490] FAULT_INJECTION: forcing a failure. [ 796.154178][T19490] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 796.177446][T19454] team0: Port device team_slave_0 added [ 796.188987][T19490] CPU: 0 UID: 0 PID: 19490 Comm: syz.3.3440 Tainted: G U L syzkaller #0 PREEMPT(full) [ 796.189035][T19490] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 796.189046][T19490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 796.189063][T19490] Call Trace: [ 796.189079][T19490] [ 796.189090][T19490] dump_stack_lvl+0x16c/0x1f0 [ 796.189136][T19490] should_fail_ex+0x512/0x640 [ 796.189172][T19490] should_fail_alloc_page+0xe7/0x130 [ 796.189215][T19490] prepare_alloc_pages+0x401/0x670 [ 796.189257][T19490] ? stack_trace_save+0x8e/0xc0 [ 796.189302][T19490] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 796.189345][T19490] ? kasan_save_stack+0x42/0x60 [ 796.189386][T19490] ? __lock_acquire+0x436/0x2890 [ 796.189417][T19490] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 796.189466][T19490] ? __lock_acquire+0x436/0x2890 [ 796.189498][T19490] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 796.189540][T19490] ? policy_nodemask+0xea/0x4e0 [ 796.189582][T19490] alloc_pages_mpol+0x1fb/0x550 [ 796.189623][T19490] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 796.189666][T19490] ? __anon_vma_prepare+0x2db/0x5e0 [ 796.189701][T19490] folio_alloc_mpol_noprof+0x36/0x2f0 [ 796.189732][T19490] vma_alloc_folio_noprof+0xed/0x1e0 [ 796.189760][T19490] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 796.189787][T19490] ? __anon_vma_prepare+0x2e2/0x5e0 [ 796.189825][T19490] do_anonymous_page+0xc81/0x2190 [ 796.189855][T19490] ? mtree_range_walk+0x718/0xc00 [ 796.189900][T19490] __handle_mm_fault+0x1ecf/0x2bb0 [ 796.189940][T19490] ? __pfx___handle_mm_fault+0x10/0x10 [ 796.190003][T19490] handle_mm_fault+0x3fe/0xad0 [ 796.190040][T19490] __get_user_pages+0x54e/0x3590 [ 796.190107][T19490] ? __pfx___get_user_pages+0x10/0x10 [ 796.190160][T19490] populate_vma_page_range+0x267/0x3f0 [ 796.190207][T19490] ? __pfx_populate_vma_page_range+0x10/0x10 [ 796.190251][T19490] ? __pfx_find_vma_intersection+0x10/0x10 [ 796.190303][T19490] __mm_populate+0x1d8/0x380 [ 796.190349][T19490] ? __pfx___mm_populate+0x10/0x10 [ 796.190395][T19490] ? up_write+0x2cf/0x4e0 [ 796.190431][T19490] vm_mmap_pgoff+0x37f/0x470 [ 796.190476][T19490] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 796.190526][T19490] ? __x64_sys_futex+0x1e0/0x4c0 [ 796.190557][T19490] ? __x64_sys_futex+0x1e9/0x4c0 [ 796.190595][T19490] ksys_mmap_pgoff+0x7d/0x5c0 [ 796.190635][T19490] ? xfd_validate_state+0x61/0x180 [ 796.190669][T19490] __x64_sys_mmap+0x125/0x190 [ 796.190704][T19490] do_syscall_64+0xcd/0xf80 [ 796.190749][T19490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 796.190780][T19490] RIP: 0033:0x7f917898f7c9 [ 796.190804][T19490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 796.190831][T19490] RSP: 002b:00007f917985a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 796.190860][T19490] RAX: ffffffffffffffda RBX: 00007f9178be5fa0 RCX: 00007f917898f7c9 [ 796.190881][T19490] RDX: 00000000000000df RSI: 0000000000400009 RDI: 0000000000000000 [ 796.190899][T19490] RBP: 00007f9178a13f91 R08: 0000000000000002 R09: 0000000000008000 [ 796.190918][T19490] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 796.190936][T19490] R13: 00007f9178be6038 R14: 00007f9178be5fa0 R15: 00007ffcff9ed278 [ 796.190976][T19490] [ 796.213929][T19454] team0: Port device team_slave_1 added [ 796.495849][T15138] Bluetooth: hci5: command tx timeout [ 796.561925][T19454] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 796.572457][T19454] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 796.600457][T19454] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 796.613784][T19454] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 796.621261][T19454] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 796.647834][T19454] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 796.747623][T19505] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 796.827666][T19454] hsr_slave_0: entered promiscuous mode [ 796.834737][T19454] hsr_slave_1: entered promiscuous mode [ 796.846757][T19454] debugfs: 'hsr0' already exists in 'hsr' [ 796.852521][T19454] Cannot create hsr debugfs directory [ 796.892053][T19508] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 797.628837][T19454] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 797.645238][T19454] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 797.660812][T19454] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 797.681398][T19454] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 797.845340][T19492] Process accounting paused [ 797.960279][T19454] 8021q: adding VLAN 0 to HW filter on device bond0 [ 797.968339][T19540] FAULT_INJECTION: forcing a failure. [ 797.968339][T19540] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 797.986171][T19538] bond0: no command found in slaves file - use +ifname or -ifname [ 797.996175][T19540] CPU: 0 UID: 0 PID: 19540 Comm: syz.3.3448 Tainted: G U L syzkaller #0 PREEMPT(full) [ 797.996219][T19540] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 797.996229][T19540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 797.996245][T19540] Call Trace: [ 797.996254][T19540] [ 797.996263][T19540] dump_stack_lvl+0x16c/0x1f0 [ 797.996304][T19540] should_fail_ex+0x512/0x640 [ 797.996339][T19540] should_fail_alloc_page+0xe7/0x130 [ 797.996379][T19540] prepare_alloc_pages+0x401/0x670 [ 797.996417][T19540] ? find_held_lock+0x2b/0x80 [ 797.996449][T19540] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 797.996485][T19540] ? __lock_acquire+0x436/0x2890 [ 797.996514][T19540] ? __lock_acquire+0x436/0x2890 [ 797.996542][T19540] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 797.996577][T19540] ? __lock_acquire+0x436/0x2890 [ 797.996616][T19540] ? __lock_acquire+0x436/0x2890 [ 797.996645][T19540] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 797.996685][T19540] ? policy_nodemask+0xea/0x4e0 [ 797.996723][T19540] alloc_pages_mpol+0x1fb/0x550 [ 797.996763][T19540] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 797.996810][T19540] alloc_pages_noprof+0x131/0x390 [ 797.996849][T19540] __pmd_alloc+0x3b/0x9c0 [ 797.996891][T19540] __handle_mm_fault+0xbeb/0x2bb0 [ 797.996928][T19540] ? __pfx___handle_mm_fault+0x10/0x10 [ 797.996971][T19540] ? find_vma+0xbf/0x140 [ 797.997002][T19540] ? __pfx_find_vma+0x10/0x10 [ 797.997038][T19540] handle_mm_fault+0x3fe/0xad0 [ 797.997074][T19540] do_user_addr_fault+0x7a6/0x1370 [ 797.997111][T19540] ? rcu_is_watching+0x12/0xc0 [ 797.997152][T19540] exc_page_fault+0x64/0xc0 [ 797.997191][T19540] asm_exc_page_fault+0x26/0x30 [ 797.997214][T19540] RIP: 0010:__get_user_4+0x14/0x20 [ 797.997244][T19540] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 90 79 04 00 90 90 90 90 90 90 90 90 90 90 [ 797.997269][T19540] RSP: 0018:ffffc900033e7bc0 EFLAGS: 00050287 [ 797.997291][T19540] RAX: 0000000000000003 RBX: ffff88809aca0000 RCX: ffffc900033e7b64 [ 797.997309][T19540] RDX: 00007ffffffff000 RSI: ffffffff88ce88de RDI: ffffffff8bf2b580 [ 797.997327][T19540] RBP: 1ffff9200067cf7f R08: 00000000d3987e04 R09: 000000004d3987e0 [ 797.997345][T19540] R10: 0000000000000001 R11: ffff888022baa9b0 R12: dffffc0000000000 [ 797.997360][T19540] R13: ffff88809aca0000 R14: 000000004008af14 R15: 0000000000000003 [ 797.997388][T19540] ? vhost_vring_ioctl+0xbe/0x1520 [ 797.997430][T19540] vhost_vring_ioctl+0xc6/0x1520 [ 797.997469][T19540] ? tomoyo_path_number_perm+0x295/0x580 [ 797.997502][T19540] ? __pfx_vhost_vring_ioctl+0x10/0x10 [ 797.997541][T19540] ? vhost_dev_ioctl+0x16c/0xe20 [ 797.997584][T19540] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 797.997642][T19540] vhost_net_ioctl+0xe9d/0x1850 [ 797.997678][T19540] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 797.997711][T19540] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 797.997752][T19540] ? find_held_lock+0x2b/0x80 [ 797.997786][T19540] ? hook_file_ioctl_common+0x144/0x410 [ 797.997826][T19540] ? __fget_files+0x20e/0x3c0 [ 797.997869][T19540] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 797.997903][T19540] __x64_sys_ioctl+0x18e/0x210 [ 797.997939][T19540] do_syscall_64+0xcd/0xf80 [ 797.997980][T19540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 797.998007][T19540] RIP: 0033:0x7f917898f7c9 [ 797.998029][T19540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 797.998054][T19540] RSP: 002b:00007f917985a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 797.998079][T19540] RAX: ffffffffffffffda RBX: 00007f9178be5fa0 RCX: 00007f917898f7c9 [ 797.998098][T19540] RDX: 0000000000000003 RSI: 000000004008af14 RDI: 0000000000000004 [ 797.998115][T19540] RBP: 00007f917985a090 R08: 0000000000000000 R09: 0000000000000000 [ 797.998132][T19540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 797.998149][T19540] R13: 00007f9178be6038 R14: 00007f9178be5fa0 R15: 00007ffcff9ed278 [ 797.998187][T19540] [ 798.452411][T19454] 8021q: adding VLAN 0 to HW filter on device team0 [ 798.512760][ T1113] bridge0: port 1(bridge_slave_0) entered blocking state [ 798.519966][ T1113] bridge0: port 1(bridge_slave_0) entered forwarding state [ 798.569059][T15138] Bluetooth: hci5: command tx timeout [ 798.569255][ T6454] bridge0: port 2(bridge_slave_1) entered blocking state [ 798.581638][ T6454] bridge0: port 2(bridge_slave_1) entered forwarding state [ 798.702244][T19454] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 799.019425][T19557] FAULT_INJECTION: forcing a failure. [ 799.019425][T19557] name fail_futex, interval 1, probability 0, space 0, times 0 [ 799.035160][T19557] CPU: 0 UID: 0 PID: 19557 Comm: syz.1.3451 Tainted: G U L syzkaller #0 PREEMPT(full) [ 799.035189][T19557] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 799.035195][T19557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 799.035204][T19557] Call Trace: [ 799.035210][T19557] [ 799.035217][T19557] dump_stack_lvl+0x16c/0x1f0 [ 799.035244][T19557] should_fail_ex+0x512/0x640 [ 799.035264][T19557] get_futex_key+0x1d0/0x15f0 [ 799.035284][T19557] ? __pfx_get_futex_key+0x10/0x10 [ 799.035306][T19557] futex_wake+0xea/0x530 [ 799.035326][T19557] ? kasan_quarantine_put+0x10a/0x240 [ 799.035347][T19557] ? __pfx_futex_wake+0x10/0x10 [ 799.035369][T19557] ? putname+0xf5/0x1a0 [ 799.035387][T19557] do_futex+0x1e3/0x350 [ 799.035403][T19557] ? __pfx_do_futex+0x10/0x10 [ 799.035425][T19557] __x64_sys_futex+0x1e0/0x4c0 [ 799.035443][T19557] ? __x64_sys_openat+0x174/0x210 [ 799.035460][T19557] ? __pfx___x64_sys_futex+0x10/0x10 [ 799.035484][T19557] do_syscall_64+0xcd/0xf80 [ 799.035507][T19557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 799.035522][T19557] RIP: 0033:0x7f5c4418f7c9 [ 799.035535][T19557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 799.035549][T19557] RSP: 002b:00007f5c450070e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 799.035564][T19557] RAX: ffffffffffffffda RBX: 00007f5c443e5fa8 RCX: 00007f5c4418f7c9 [ 799.035574][T19557] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5c443e5fac [ 799.035584][T19557] RBP: 00007f5c443e5fa0 R08: 00007f5c45008000 R09: 0000000000000000 [ 799.035593][T19557] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000000 [ 799.035602][T19557] R13: 00007f5c443e6038 R14: 00007ffd95a3bf00 R15: 00007ffd95a3bfe8 [ 799.035623][T19557] [ 799.351076][T19454] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 799.525020][T19550] GUP no longer grows the stack in syz.3.3450 (19550): 14000-18000 (4000) [ 799.536275][T19550] CPU: 1 UID: 0 PID: 19550 Comm: syz.3.3450 Tainted: G U L syzkaller #0 PREEMPT(full) [ 799.536323][T19550] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 799.536334][T19550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 799.536352][T19550] Call Trace: [ 799.536362][T19550] [ 799.536373][T19550] dump_stack_lvl+0x16c/0x1f0 [ 799.536421][T19550] gup_vma_lookup+0x1d2/0x220 [ 799.536464][T19550] __get_user_pages+0x241/0x3590 [ 799.536519][T19550] ? find_held_lock+0x2b/0x80 [ 799.536558][T19550] ? __pfx___get_user_pages+0x10/0x10 [ 799.536612][T19550] get_user_pages_remote+0x243/0xab0 [ 799.536662][T19550] ? __pfx_get_user_pages_remote+0x10/0x10 [ 799.536717][T19550] ? __pfx___might_resched+0x10/0x10 [ 799.536761][T19550] ? noop_dirty_folio+0x5e/0xb0 [ 799.536799][T19550] __access_remote_vm+0x24d/0x850 [ 799.536825][T19550] ? __pfx___access_remote_vm+0x10/0x10 [ 799.536850][T19550] mem_rw+0x20e/0x640 [ 799.536874][T19550] ? __pfx_mem_write+0x10/0x10 [ 799.536894][T19550] vfs_write+0x2a0/0x11d0 [ 799.536915][T19550] ? __pfx___mutex_lock+0x10/0x10 [ 799.536940][T19550] ? __pfx_vfs_write+0x10/0x10 [ 799.536965][T19550] ? __fget_files+0x20e/0x3c0 [ 799.536992][T19550] ksys_write+0x12a/0x250 [ 799.537011][T19550] ? __pfx_ksys_write+0x10/0x10 [ 799.537037][T19550] do_syscall_64+0xcd/0xf80 [ 799.537060][T19550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 799.537076][T19550] RIP: 0033:0x7f917898f7c9 [ 799.537089][T19550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 799.537104][T19550] RSP: 002b:00007f9179839038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 799.537120][T19550] RAX: ffffffffffffffda RBX: 00007f9178be6090 RCX: 00007f917898f7c9 [ 799.537130][T19550] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 799.537139][T19550] RBP: 00007f9178a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 799.537148][T19550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 799.537157][T19550] R13: 00007f9178be6128 R14: 00007f9178be6090 R15: 00007ffcff9ed278 [ 799.537178][T19550] [ 800.448897][T19454] veth0_vlan: entered promiscuous mode [ 800.474100][T19454] veth1_vlan: entered promiscuous mode [ 800.582765][T19580] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3455'. [ 800.612200][T19454] veth0_macvtap: entered promiscuous mode [ 800.645927][T15138] Bluetooth: hci5: command tx timeout [ 800.678438][T19454] veth1_macvtap: entered promiscuous mode [ 800.697416][T19582] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3456'. [ 800.706165][T19454] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 800.731922][T19454] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 800.758749][ T6452] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.768516][ T6452] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.797144][ T6452] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.850779][ T6452] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 801.122465][T19588] FAULT_INJECTION: forcing a failure. [ 801.122465][T19588] name failslab, interval 1, probability 0, space 0, times 0 [ 801.189076][T19588] CPU: 1 UID: 0 PID: 19588 Comm: syz.5.3458 Tainted: G U L syzkaller #0 PREEMPT(full) [ 801.189117][T19588] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 801.189128][T19588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 801.189144][T19588] Call Trace: [ 801.189154][T19588] [ 801.189165][T19588] dump_stack_lvl+0x16c/0x1f0 [ 801.189208][T19588] should_fail_ex+0x512/0x640 [ 801.189236][T19588] ? kmem_cache_alloc_noprof+0x62/0x770 [ 801.189271][T19588] should_failslab+0xc2/0x120 [ 801.189318][T19588] kmem_cache_alloc_noprof+0x83/0x770 [ 801.189348][T19588] ? __anon_vma_prepare+0x344/0x5e0 [ 801.189381][T19588] ? __anon_vma_prepare+0x344/0x5e0 [ 801.189405][T19588] __anon_vma_prepare+0x344/0x5e0 [ 801.189436][T19588] __vmf_anon_prepare+0x11c/0x240 [ 801.189475][T19588] do_wp_page+0x10a7/0x5010 [ 801.189520][T19588] ? __pfx_do_wp_page+0x10/0x10 [ 801.189562][T19588] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 801.189603][T19588] __handle_mm_fault+0x1bd2/0x2bb0 [ 801.189643][T19588] ? __pfx___handle_mm_fault+0x10/0x10 [ 801.189672][T19588] ? __pte_offset_map_lock+0x174/0x310 [ 801.189706][T19588] ? vm_normal_page+0x1c4/0x320 [ 801.189743][T19588] ? find_held_lock+0x2b/0x80 [ 801.189788][T19588] ? follow_page_pte+0x5cf/0x1390 [ 801.189836][T19588] handle_mm_fault+0x3fe/0xad0 [ 801.189871][T19588] __get_user_pages+0x54e/0x3590 [ 801.189922][T19588] ? find_held_lock+0x2b/0x80 [ 801.189957][T19588] ? __pfx___get_user_pages+0x10/0x10 [ 801.190007][T19588] get_user_pages_remote+0x243/0xab0 [ 801.190046][T19588] ? mas_new_root+0x660/0x6e0 [ 801.190088][T19588] ? __pfx_get_user_pages_remote+0x10/0x10 [ 801.190140][T19588] __access_remote_vm+0x24d/0x850 [ 801.190184][T19588] ? __pfx___access_remote_vm+0x10/0x10 [ 801.190221][T19588] ? rep_movs_alternative+0x4a/0x90 [ 801.190259][T19588] mem_rw+0x20e/0x640 [ 801.190311][T19588] ? __pfx_mem_write+0x10/0x10 [ 801.190347][T19588] vfs_write+0x2a0/0x11d0 [ 801.190387][T19588] ? __pfx___mutex_lock+0x10/0x10 [ 801.190430][T19588] ? __pfx_vfs_write+0x10/0x10 [ 801.190477][T19588] ? __fget_files+0x20e/0x3c0 [ 801.190524][T19588] ksys_write+0x12a/0x250 [ 801.190561][T19588] ? __pfx_ksys_write+0x10/0x10 [ 801.190609][T19588] do_syscall_64+0xcd/0xf80 [ 801.190649][T19588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.190677][T19588] RIP: 0033:0x7fa016d8f7c9 [ 801.190700][T19588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 801.190727][T19588] RSP: 002b:00007fa017ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 801.190754][T19588] RAX: ffffffffffffffda RBX: 00007fa016fe5fa0 RCX: 00007fa016d8f7c9 [ 801.190773][T19588] RDX: 00000000fffffc96 RSI: 0000200000001680 RDI: 0000000000000003 [ 801.190789][T19588] RBP: 00007fa017ce0090 R08: 0000000000000000 R09: 0000000000000000 [ 801.190804][T19588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 801.190821][T19588] R13: 00007fa016fe6038 R14: 00007fa016fe5fa0 R15: 00007ffc39f7a6b8 [ 801.190860][T19588] [ 801.625176][ T1835] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 801.634607][ T1835] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 801.733867][ T1835] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 801.746416][ T1835] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 802.069267][T19602] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 802.108291][T19602] FAULT_INJECTION: forcing a failure. [ 802.108291][T19602] name fail_futex, interval 1, probability 0, space 0, times 0 [ 802.121356][T19602] CPU: 0 UID: 0 PID: 19602 Comm: syz.6.3431 Tainted: G U L syzkaller #0 PREEMPT(full) [ 802.121402][T19602] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 802.121413][T19602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 802.121429][T19602] Call Trace: [ 802.121439][T19602] [ 802.121450][T19602] dump_stack_lvl+0x16c/0x1f0 [ 802.121493][T19602] should_fail_ex+0x512/0x640 [ 802.121528][T19602] get_futex_key+0x1d0/0x15f0 [ 802.121559][T19602] ? __pfx_get_futex_key+0x10/0x10 [ 802.121600][T19602] futex_wake+0xea/0x530 [ 802.121638][T19602] ? __pfx_futex_wake+0x10/0x10 [ 802.121697][T19602] do_futex+0x1e3/0x350 [ 802.121726][T19602] ? __pfx_do_futex+0x10/0x10 [ 802.121752][T19602] ? __might_fault+0xe3/0x190 [ 802.121791][T19602] mm_release+0x24e/0x300 [ 802.121827][T19602] do_exit+0x69e/0x2bd0 [ 802.121855][T19602] ? __pfx_do_exit+0x10/0x10 [ 802.121880][T19602] ? do_raw_spin_lock+0x12c/0x2b0 [ 802.121915][T19602] ? find_held_lock+0x2b/0x80 [ 802.121955][T19602] do_group_exit+0xd3/0x2a0 [ 802.121984][T19602] get_signal+0x2671/0x26d0 [ 802.122029][T19602] ? __pfx_get_signal+0x10/0x10 [ 802.122067][T19602] ? do_futex+0x122/0x350 [ 802.122098][T19602] arch_do_signal_or_restart+0x8f/0x7a0 [ 802.122137][T19602] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 802.122183][T19602] ? native_tss_update_io_bitmap+0x3e1/0x740 [ 802.122221][T19602] ? __pfx___x64_sys_futex+0x10/0x10 [ 802.122258][T19602] exit_to_user_mode_loop+0x8c/0x540 [ 802.122295][T19602] do_syscall_64+0x4ee/0xf80 [ 802.122334][T19602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.122362][T19602] RIP: 0033:0x7f88d0f8f7c9 [ 802.122385][T19602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 802.122409][T19602] RSP: 002b:00007f88d1ea70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 802.122434][T19602] RAX: fffffffffffffe00 RBX: 00007f88d11e5fa8 RCX: 00007f88d0f8f7c9 [ 802.122453][T19602] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f88d11e5fa8 [ 802.122469][T19602] RBP: 00007f88d11e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 802.122485][T19602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 802.122501][T19602] R13: 00007f88d11e6038 R14: 00007ffcbd1d2ff0 R15: 00007ffcbd1d30d8 [ 802.122538][T19602] [ 802.128041][T19604] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 802.662389][T19612] FAULT_INJECTION: forcing a failure. [ 802.662389][T19612] name failslab, interval 1, probability 0, space 0, times 0 [ 802.726572][T15138] Bluetooth: hci5: command tx timeout [ 802.738266][T19607] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 802.758359][T19612] CPU: 0 UID: 0 PID: 19612 Comm: syz.6.3462 Tainted: G U L syzkaller #0 PREEMPT(full) [ 802.758408][T19612] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 802.758420][T19612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 802.758437][T19612] Call Trace: [ 802.758447][T19612] [ 802.758456][T19612] dump_stack_lvl+0x16c/0x1f0 [ 802.758501][T19612] should_fail_ex+0x512/0x640 [ 802.758531][T19612] ? __kmalloc_noprof+0xca/0x910 [ 802.758564][T19612] should_failslab+0xc2/0x120 [ 802.758606][T19612] __kmalloc_noprof+0xeb/0x910 [ 802.758634][T19612] ? sk_prot_alloc+0x1a8/0x2a0 [ 802.758686][T19612] ? sk_prot_alloc+0x1a8/0x2a0 [ 802.758725][T19612] sk_prot_alloc+0x1a8/0x2a0 [ 802.758762][T19612] sk_alloc+0x36/0xe30 [ 802.758794][T19612] __netlink_create+0x5e/0x2c0 [ 802.758825][T19612] ? __wake_up+0x3f/0x60 [ 802.758867][T19612] netlink_create+0x39e/0x620 [ 802.758901][T19612] ? __pfx_genl_bind+0x10/0x10 [ 802.758941][T19612] ? __pfx_genl_unbind+0x10/0x10 [ 802.758979][T19612] ? __pfx_genl_release+0x10/0x10 [ 802.759024][T19612] __sock_create+0x339/0x8a0 [ 802.759070][T19612] __sys_socket+0x14d/0x260 [ 802.759095][T19612] ? __fget_files+0x20e/0x3c0 [ 802.759140][T19612] ? __pfx___sys_socket+0x10/0x10 [ 802.759166][T19612] ? xfd_validate_state+0x61/0x180 [ 802.759199][T19612] __x64_sys_socket+0x72/0xb0 [ 802.759223][T19612] ? lockdep_hardirqs_on+0x7c/0x110 [ 802.759262][T19612] do_syscall_64+0xcd/0xf80 [ 802.759305][T19612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.759330][T19612] RIP: 0033:0x7f88d0f8f7c9 [ 802.759353][T19612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 802.759381][T19612] RSP: 002b:00007f88d1ea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 802.759409][T19612] RAX: ffffffffffffffda RBX: 00007f88d11e5fa0 RCX: 00007f88d0f8f7c9 [ 802.759429][T19612] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 802.759448][T19612] RBP: 00007f88d1013f91 R08: 0000000000000000 R09: 0000000000000000 [ 802.759466][T19612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 802.759484][T19612] R13: 00007f88d11e6038 R14: 00007f88d11e5fa0 R15: 00007ffcbd1d30d8 [ 802.759520][T19612] [ 804.375554][T19639] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3468'. [ 804.700453][T19646] zswap: compressor not available [ 804.720800][T19644] FAULT_INJECTION: forcing a failure. [ 804.720800][T19644] name fail_futex, interval 1, probability 0, space 0, times 0 [ 804.743591][T19644] CPU: 0 UID: 0 PID: 19644 Comm: syz.1.3469 Tainted: G U L syzkaller #0 PREEMPT(full) [ 804.743641][T19644] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 804.743651][T19644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 804.743668][T19644] Call Trace: [ 804.743677][T19644] [ 804.743689][T19644] dump_stack_lvl+0x16c/0x1f0 [ 804.743733][T19644] should_fail_ex+0x512/0x640 [ 804.743769][T19644] get_futex_key+0x293/0x15f0 [ 804.743804][T19644] ? __pfx_get_futex_key+0x10/0x10 [ 804.743845][T19644] futex_wake+0xea/0x530 [ 804.743884][T19644] ? __pfx_futex_wake+0x10/0x10 [ 804.743935][T19644] do_futex+0x1e3/0x350 [ 804.743974][T19644] ? __pfx_do_futex+0x10/0x10 [ 804.744003][T19644] ? __might_fault+0xe3/0x190 [ 804.744043][T19644] mm_release+0x24e/0x300 [ 804.744081][T19644] do_exit+0x69e/0x2bd0 [ 804.744114][T19644] ? __pfx_do_exit+0x10/0x10 [ 804.744137][T19644] ? do_raw_spin_lock+0x12c/0x2b0 [ 804.744165][T19644] ? find_held_lock+0x2b/0x80 [ 804.744204][T19644] do_group_exit+0xd3/0x2a0 [ 804.744233][T19644] get_signal+0x2671/0x26d0 [ 804.744282][T19644] ? __pfx_get_signal+0x10/0x10 [ 804.744322][T19644] ? do_futex+0x122/0x350 [ 804.744355][T19644] arch_do_signal_or_restart+0x8f/0x7a0 [ 804.744395][T19644] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 804.744440][T19644] ? native_tss_update_io_bitmap+0x3e1/0x740 [ 804.744469][T19644] ? fput+0x70/0xf0 [ 804.744495][T19644] ? __pfx___x64_sys_futex+0x10/0x10 [ 804.744532][T19644] exit_to_user_mode_loop+0x8c/0x540 [ 804.744570][T19644] do_syscall_64+0x4ee/0xf80 [ 804.744612][T19644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 804.744640][T19644] RIP: 0033:0x7f5c4418f7c9 [ 804.744662][T19644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 804.744687][T19644] RSP: 002b:00007f5c450070e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 804.744713][T19644] RAX: fffffffffffffe00 RBX: 00007f5c443e5fa8 RCX: 00007f5c4418f7c9 [ 804.744732][T19644] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5c443e5fa8 [ 804.744749][T19644] RBP: 00007f5c443e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 804.744766][T19644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 804.744782][T19644] R13: 00007f5c443e6038 R14: 00007ffd95a3bf00 R15: 00007ffd95a3bfe8 [ 804.744820][T19644] [ 805.072773][T19649] MTRR 0 not used [ 805.282888][T19661] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 805.594826][T19670] random: crng reseeded on system resumption [ 806.425466][T19679] binder: BINDER_SET_CONTEXT_MGR bad uid 60928 != 0 [ 806.437979][T19679] binder: 19678:19679 ioctl 4018620d 9 returned -1 [ 806.772702][T19691] binder: 19690:19691 ioctl c018620c 0 returned -22 [ 807.324755][T19702] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 807.784858][T19713] ubi2: attaching mtd1 [ 807.790611][T19713] ubi2: scanning is finished [ 807.804486][T19713] ubi2: empty MTD device detected [ 807.811179][T19713] ubi2 error: ubi_early_get_peb: no free eraseblocks [ 807.864897][T19713] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28 [ 807.874246][T19686] Setting dangerous option i915.mitigations - tainting kernel [ 807.947052][T19686] Bad "i915.mitigations=Ìšá‚ß", 'Ìšá‚ß' is unknown [ 808.065228][T19720] netlink: 338 bytes leftover after parsing attributes in process `syz.5.3488'. [ 809.414702][T19751] FAULT_INJECTION: forcing a failure. [ 809.414702][T19751] name failslab, interval 1, probability 0, space 0, times 0 [ 809.440922][T19751] CPU: 1 UID: 0 PID: 19751 Comm: syz.6.3499 Tainted: G U L syzkaller #0 PREEMPT(full) [ 809.440974][T19751] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 809.440985][T19751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 809.441003][T19751] Call Trace: [ 809.441013][T19751] [ 809.441025][T19751] dump_stack_lvl+0x16c/0x1f0 [ 809.441066][T19751] should_fail_ex+0x512/0x640 [ 809.441084][T19751] ? __kmalloc_noprof+0xca/0x910 [ 809.441104][T19751] should_failslab+0xc2/0x120 [ 809.441127][T19751] __kmalloc_noprof+0xeb/0x910 [ 809.441144][T19751] ? process_preds+0x41a/0x1c50 [ 809.441167][T19751] ? process_preds+0x41a/0x1c50 [ 809.441184][T19751] process_preds+0x41a/0x1c50 [ 809.441206][T19751] ? create_filter_start.constprop.0+0x56/0x300 [ 809.441228][T19751] create_filter+0x140/0x210 [ 809.441256][T19751] ? __pfx_create_filter+0x10/0x10 [ 809.441294][T19751] ? find_held_lock+0x2b/0x80 [ 809.441321][T19751] apply_event_filter+0x220/0x500 [ 809.441341][T19751] ? __pfx_apply_event_filter+0x10/0x10 [ 809.441366][T19751] ? __pfx_event_filter_write+0x10/0x10 [ 809.441380][T19751] event_filter_write+0x16d/0x290 [ 809.441396][T19751] vfs_writev+0x5df/0xde0 [ 809.441421][T19751] ? __pfx_vfs_writev+0x10/0x10 [ 809.441440][T19751] ? fdget_pos+0x2a2/0x370 [ 809.441477][T19751] ? __fget_files+0x20e/0x3c0 [ 809.441503][T19751] ? do_writev+0x132/0x340 [ 809.441522][T19751] do_writev+0x132/0x340 [ 809.441541][T19751] ? __pfx_do_writev+0x10/0x10 [ 809.441566][T19751] do_syscall_64+0xcd/0xf80 [ 809.441589][T19751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 809.441604][T19751] RIP: 0033:0x7f88d0f8f7c9 [ 809.441618][T19751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 809.441641][T19751] RSP: 002b:00007f88d1ea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 809.441657][T19751] RAX: ffffffffffffffda RBX: 00007f88d11e5fa0 RCX: 00007f88d0f8f7c9 [ 809.441667][T19751] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 809.441677][T19751] RBP: 00007f88d1013f91 R08: 0000000000000000 R09: 0000000000000000 [ 809.441687][T19751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 809.441697][T19751] R13: 00007f88d11e6038 R14: 00007f88d11e5fa0 R15: 00007ffcbd1d30d8 [ 809.441718][T19751] [ 811.238084][T19781] netlink: 504 bytes leftover after parsing attributes in process `syz.3.3505'. [ 811.260893][T19781] netlink: 350 bytes leftover after parsing attributes in process `syz.3.3505'. [ 811.717662][T19797] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3509'. [ 811.737080][T19797] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3509'. [ 811.766456][T19797] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3509'. [ 811.786211][T19797] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3509'. [ 811.799095][T19797] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3509'. [ 811.831510][T19797] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3509'. [ 811.855954][T19797] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3509'. [ 813.849473][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.858471][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 813.986778][T19823] zswap: compressor not available [ 815.386778][T19838] Device name cannot be null; rc = [-22] [ 817.235245][T19890] FAULT_INJECTION: forcing a failure. [ 817.235245][T19890] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 817.281372][T19890] CPU: 1 UID: 0 PID: 19890 Comm: syz.6.3533 Tainted: G U L syzkaller #0 PREEMPT(full) [ 817.281421][T19890] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 817.281432][T19890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 817.281447][T19890] Call Trace: [ 817.281457][T19890] [ 817.281468][T19890] dump_stack_lvl+0x16c/0x1f0 [ 817.281513][T19890] should_fail_ex+0x512/0x640 [ 817.281549][T19890] _copy_from_iter+0x2a4/0x16c0 [ 817.281589][T19890] ? __pfx__copy_from_iter+0x10/0x10 [ 817.281626][T19890] ? __pfx___might_resched+0x10/0x10 [ 817.281672][T19890] file_tty_write.constprop.0+0x487/0x9b0 [ 817.281722][T19890] redirected_tty_write+0xd4/0x120 [ 817.281761][T19890] vfs_write+0x7d3/0x11d0 [ 817.281801][T19890] ? __pfx_redirected_tty_write+0x10/0x10 [ 817.281840][T19890] ? __pfx_vfs_write+0x10/0x10 [ 817.281875][T19890] ? find_held_lock+0x2b/0x80 [ 817.281932][T19890] ksys_write+0x12a/0x250 [ 817.281970][T19890] ? __pfx_ksys_write+0x10/0x10 [ 817.282026][T19890] do_syscall_64+0xcd/0xf80 [ 817.282075][T19890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.282104][T19890] RIP: 0033:0x7f88d0f8f7c9 [ 817.282126][T19890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 817.282151][T19890] RSP: 002b:00007f88d1e86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 817.282178][T19890] RAX: ffffffffffffffda RBX: 00007f88d11e6090 RCX: 00007f88d0f8f7c9 [ 817.282197][T19890] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000005 [ 817.282215][T19890] RBP: 00007f88d1e86090 R08: 0000000000000000 R09: 0000000000000000 [ 817.282232][T19890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 817.282249][T19890] R13: 00007f88d11e6128 R14: 00007f88d11e6090 R15: 00007ffcbd1d30d8 [ 817.282288][T19890] [ 817.690959][T19856] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 818.066409][T19900] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 818.085842][T19900] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 818.487091][T19874] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 818.622264][T19870] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 818.924923][T19913] FAULT_INJECTION: forcing a failure. [ 818.924923][T19913] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 818.938433][T19913] CPU: 1 UID: 0 PID: 19913 Comm: syz.5.3537 Tainted: G U L syzkaller #0 PREEMPT(full) [ 818.938466][T19913] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 818.938472][T19913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 818.938482][T19913] Call Trace: [ 818.938488][T19913] [ 818.938495][T19913] dump_stack_lvl+0x16c/0x1f0 [ 818.938523][T19913] should_fail_ex+0x512/0x640 [ 818.938549][T19913] _copy_from_user+0x2e/0xd0 [ 818.938567][T19913] copy_msghdr_from_user+0x98/0x160 [ 818.938588][T19913] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 818.938616][T19913] ? __pfx___schedule+0x10/0x10 [ 818.938640][T19913] ___sys_sendmsg+0xfe/0x1d0 [ 818.938659][T19913] ? __pfx____sys_sendmsg+0x10/0x10 [ 818.938695][T19913] ? __pfx___might_resched+0x10/0x10 [ 818.938722][T19913] __sys_sendmmsg+0x200/0x420 [ 818.938742][T19913] ? __pfx___sys_sendmmsg+0x10/0x10 [ 818.938766][T19913] ? __pfx_do_futex+0x10/0x10 [ 818.938796][T19913] ? xfd_validate_state+0x61/0x180 [ 818.938810][T19913] ? __pfx___do_sys_prctl+0x10/0x10 [ 818.938830][T19913] __x64_sys_sendmmsg+0x9c/0x100 [ 818.938848][T19913] ? lockdep_hardirqs_on+0x7c/0x110 [ 818.938869][T19913] do_syscall_64+0xcd/0xf80 [ 818.938892][T19913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 818.938907][T19913] RIP: 0033:0x7fa016d8f7c9 [ 818.938920][T19913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 818.938934][T19913] RSP: 002b:00007fa017ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 818.938949][T19913] RAX: ffffffffffffffda RBX: 00007fa016fe5fa0 RCX: 00007fa016d8f7c9 [ 818.938959][T19913] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 818.938968][T19913] RBP: 00007fa016e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 818.938977][T19913] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 818.938987][T19913] R13: 00007fa016fe6038 R14: 00007fa016fe5fa0 R15: 00007ffc39f7a6b8 [ 818.939007][T19913] [ 821.638221][T19957] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 821.681193][T19936] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 822.908420][T19978] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 823.439010][T19994] sysfs_service_op_store: Client not running :-5: [ 825.183470][T20031] FAULT_INJECTION: forcing a failure. [ 825.183470][T20031] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 825.267479][T20031] CPU: 1 UID: 0 PID: 20031 Comm: syz.5.3567 Tainted: G U L syzkaller #0 PREEMPT(full) [ 825.267509][T20031] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 825.267515][T20031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 825.267525][T20031] Call Trace: [ 825.267532][T20031] [ 825.267539][T20031] dump_stack_lvl+0x16c/0x1f0 [ 825.267567][T20031] should_fail_ex+0x512/0x640 [ 825.267587][T20031] _copy_from_user+0x2e/0xd0 [ 825.267604][T20031] copy_msghdr_from_user+0x98/0x160 [ 825.267625][T20031] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 825.267646][T20031] ? find_held_lock+0x2b/0x80 [ 825.267671][T20031] ___sys_sendmsg+0xfe/0x1d0 [ 825.267691][T20031] ? __pfx____sys_sendmsg+0x10/0x10 [ 825.267727][T20031] ? __pfx___might_resched+0x10/0x10 [ 825.267751][T20031] __sys_sendmmsg+0x200/0x420 [ 825.267772][T20031] ? __pfx___sys_sendmmsg+0x10/0x10 [ 825.267796][T20031] ? __pfx_do_futex+0x10/0x10 [ 825.267823][T20031] ? xfd_validate_state+0x61/0x180 [ 825.267837][T20031] ? __pfx___do_sys_prctl+0x10/0x10 [ 825.267857][T20031] __x64_sys_sendmmsg+0x9c/0x100 [ 825.267875][T20031] ? lockdep_hardirqs_on+0x7c/0x110 [ 825.267896][T20031] do_syscall_64+0xcd/0xf80 [ 825.267919][T20031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 825.267934][T20031] RIP: 0033:0x7fa016d8f7c9 [ 825.267947][T20031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 825.267970][T20031] RSP: 002b:00007fa017ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 825.267986][T20031] RAX: ffffffffffffffda RBX: 00007fa016fe5fa0 RCX: 00007fa016d8f7c9 [ 825.267996][T20031] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 825.268011][T20031] RBP: 00007fa016e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 825.268021][T20031] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000000 [ 825.268030][T20031] R13: 00007fa016fe6038 R14: 00007fa016fe5fa0 R15: 00007ffc39f7a6b8 [ 825.268052][T20031] [ 825.513231][T20024] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 828.678128][T20070] __nla_validate_parse: 13 callbacks suppressed [ 828.678193][T20070] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3576'. [ 828.822651][T20043] Process accounting resumed [ 829.382180][T20089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 830.150463][T20097] FAULT_INJECTION: forcing a failure. [ 830.150463][T20097] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 830.183666][T20097] CPU: 0 UID: 0 PID: 20097 Comm: syz.1.3584 Tainted: G U L syzkaller #0 PREEMPT(full) [ 830.183710][T20097] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 830.183719][T20097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 830.183734][T20097] Call Trace: [ 830.183742][T20097] [ 830.183752][T20097] dump_stack_lvl+0x16c/0x1f0 [ 830.183795][T20097] should_fail_ex+0x512/0x640 [ 830.183829][T20097] _copy_from_iter+0x2a4/0x16c0 [ 830.183863][T20097] ? __alloc_skb+0x220/0x410 [ 830.183887][T20097] ? __alloc_skb+0x35d/0x410 [ 830.183912][T20097] ? __pfx__copy_from_iter+0x10/0x10 [ 830.183938][T20097] ? netlink_autobind.isra.0+0x158/0x370 [ 830.183983][T20097] netlink_sendmsg+0x820/0xdd0 [ 830.184024][T20097] ? __pfx_netlink_sendmsg+0x10/0x10 [ 830.184062][T20097] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 830.184108][T20097] ____sys_sendmsg+0xa5d/0xc30 [ 830.184148][T20097] ? copy_msghdr_from_user+0x10a/0x160 [ 830.184181][T20097] ? __pfx_____sys_sendmsg+0x10/0x10 [ 830.184227][T20097] ? __pfx__kstrtoull+0x10/0x10 [ 830.184267][T20097] ___sys_sendmsg+0x134/0x1d0 [ 830.184299][T20097] ? __pfx____sys_sendmsg+0x10/0x10 [ 830.184348][T20097] ? find_held_lock+0x2b/0x80 [ 830.184405][T20097] __sys_sendmmsg+0x200/0x420 [ 830.184443][T20097] ? __pfx___sys_sendmmsg+0x10/0x10 [ 830.184486][T20097] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 830.184552][T20097] ? fput+0x70/0xf0 [ 830.184576][T20097] ? ksys_write+0x1ac/0x250 [ 830.184610][T20097] ? __pfx_ksys_write+0x10/0x10 [ 830.184652][T20097] __x64_sys_sendmmsg+0x9c/0x100 [ 830.184684][T20097] ? lockdep_hardirqs_on+0x7c/0x110 [ 830.184722][T20097] do_syscall_64+0xcd/0xf80 [ 830.184763][T20097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 830.184790][T20097] RIP: 0033:0x7f5c4418f7c9 [ 830.184813][T20097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 830.184837][T20097] RSP: 002b:00007f5c45007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 830.184863][T20097] RAX: ffffffffffffffda RBX: 00007f5c443e5fa0 RCX: 00007f5c4418f7c9 [ 830.184882][T20097] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 830.184899][T20097] RBP: 00007f5c45007090 R08: 0000000000000000 R09: 0000000000000000 [ 830.184916][T20097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 830.184932][T20097] R13: 00007f5c443e6038 R14: 00007f5c443e5fa0 R15: 00007ffd95a3bfe8 [ 830.184969][T20097] [ 830.457427][T20098] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 830.673072][T20100] zswap: compressor not available [ 831.293397][T20116] ubi2: attaching mtd1 [ 831.299162][T20116] ubi2: scanning is finished [ 831.303801][T20116] ubi2: empty MTD device detected [ 831.311115][T20116] ubi2 error: ubi_early_get_peb: no free eraseblocks [ 831.364483][T20119] input: f¬ as /devices/virtual/input/input28 [ 831.394386][T20116] ubi2 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28 [ 831.408560][ T5188] ERROR: Out of memory at tomoyo_memory_ok. [ 832.471578][T20151] FAULT_INJECTION: forcing a failure. [ 832.471578][T20151] name failslab, interval 1, probability 0, space 0, times 0 [ 832.484378][T20151] CPU: 1 UID: 0 PID: 20151 Comm: syz.1.3596 Tainted: G U L syzkaller #0 PREEMPT(full) [ 832.484406][T20151] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 832.484413][T20151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 832.484423][T20151] Call Trace: [ 832.484429][T20151] [ 832.484435][T20151] dump_stack_lvl+0x16c/0x1f0 [ 832.484462][T20151] should_fail_ex+0x512/0x640 [ 832.484479][T20151] ? __kmalloc_noprof+0xca/0x910 [ 832.484497][T20151] should_failslab+0xc2/0x120 [ 832.484521][T20151] __kmalloc_noprof+0xeb/0x910 [ 832.484537][T20151] ? lsm_blob_alloc+0x68/0x90 [ 832.484561][T20151] ? lsm_blob_alloc+0x68/0x90 [ 832.484580][T20151] lsm_blob_alloc+0x68/0x90 [ 832.484600][T20151] security_prepare_creds+0x2f/0x270 [ 832.484621][T20151] prepare_creds+0x5d6/0x940 [ 832.484640][T20151] copy_creds+0xa7/0xa50 [ 832.484659][T20151] copy_process+0x130f/0x7430 [ 832.484681][T20151] ? __pfx___futex_wait+0x10/0x10 [ 832.484707][T20151] ? __pfx_copy_process+0x10/0x10 [ 832.484732][T20151] ? futex_private_hash_put+0x160/0x1b0 [ 832.484751][T20151] kernel_clone+0xfc/0x910 [ 832.484773][T20151] ? __pfx_kernel_clone+0x10/0x10 [ 832.484804][T20151] __do_sys_clone+0xce/0x120 [ 832.484825][T20151] ? __pfx___do_sys_clone+0x10/0x10 [ 832.484855][T20151] ? xfd_validate_state+0x61/0x180 [ 832.484868][T20151] ? __pfx_do_writev+0x10/0x10 [ 832.484893][T20151] do_syscall_64+0xcd/0xf80 [ 832.484915][T20151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 832.484931][T20151] RIP: 0033:0x7f5c4418f7c9 [ 832.484944][T20151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 832.484958][T20151] RSP: 002b:00007f5c45007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 832.484973][T20151] RAX: ffffffffffffffda RBX: 00007f5c443e5fa0 RCX: 00007f5c4418f7c9 [ 832.484984][T20151] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 832.484993][T20151] RBP: 00007f5c44213f91 R08: 0000000000000000 R09: 0000000000000000 [ 832.485002][T20151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 832.485011][T20151] R13: 00007f5c443e6038 R14: 00007f5c443e5fa0 R15: 00007ffd95a3bfe8 [ 832.485031][T20151] [ 833.048766][T20155] FAULT_INJECTION: forcing a failure. [ 833.048766][T20155] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 833.137747][T20155] CPU: 0 UID: 0 PID: 20155 Comm: syz.3.3595 Tainted: G U L syzkaller #0 PREEMPT(full) [ 833.137796][T20155] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 833.137807][T20155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 833.137824][T20155] Call Trace: [ 833.137833][T20155] [ 833.137844][T20155] dump_stack_lvl+0x16c/0x1f0 [ 833.137889][T20155] should_fail_ex+0x512/0x640 [ 833.137924][T20155] _copy_from_iter+0x2a4/0x16c0 [ 833.137958][T20155] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 833.138003][T20155] ? __pfx__copy_from_iter+0x10/0x10 [ 833.138035][T20155] ? alloc_pages_mpol+0x25a/0x550 [ 833.138077][T20155] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 833.138124][T20155] copy_page_from_iter+0xde/0x180 [ 833.138159][T20155] anon_pipe_write+0xed5/0x1bd0 [ 833.138202][T20155] ? find_held_lock+0x10/0x80 [ 833.138245][T20155] ? __pfx_anon_pipe_write+0x10/0x10 [ 833.138283][T20155] ? common_file_perm+0x1b1/0x500 [ 833.138320][T20155] ? bpf_lsm_file_permission+0x9/0x10 [ 833.138350][T20155] ? security_file_permission+0x71/0x210 [ 833.138386][T20155] ? rw_verify_area+0xcf/0x6c0 [ 833.138423][T20155] vfs_write+0x7d3/0x11d0 [ 833.138461][T20155] ? __pfx_anon_pipe_write+0x10/0x10 [ 833.138504][T20155] ? __pfx_vfs_write+0x10/0x10 [ 833.138545][T20155] ? find_held_lock+0x2b/0x80 [ 833.138602][T20155] ksys_write+0x1f8/0x250 [ 833.138640][T20155] ? __pfx_ksys_write+0x10/0x10 [ 833.138687][T20155] do_syscall_64+0xcd/0xf80 [ 833.138729][T20155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 833.138757][T20155] RIP: 0033:0x7f917898f7c9 [ 833.138779][T20155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 833.138804][T20155] RSP: 002b:00007f91797f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 833.138830][T20155] RAX: ffffffffffffffda RBX: 00007f9178be6270 RCX: 00007f917898f7c9 [ 833.138849][T20155] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 833.138866][T20155] RBP: 00007f91797f7090 R08: 0000000000000000 R09: 0000000000000000 [ 833.138883][T20155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 833.138898][T20155] R13: 00007f9178be6308 R14: 00007f9178be6270 R15: 00007ffcff9ed278 [ 833.138937][T20155] [ 834.329654][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 834.687836][T20172] overlayfs: missing 'lowerdir' [ 834.869500][T20168] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 836.138634][T20193] netlink: 338 bytes leftover after parsing attributes in process `syz.6.3606'. [ 836.439631][T20199] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 837.892554][T20234] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3613'. [ 837.914896][T20234] netlink: 'syz.3.3613': attribute type 1 has an invalid length. [ 837.945389][T20234] netlink: 'syz.3.3613': attribute type 6 has an invalid length. [ 838.672204][T20258] random: crng reseeded on system resumption [ 839.204810][T20262] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 839.693844][T20286] random: crng reseeded on system resumption [ 839.724816][T20286] FAULT_INJECTION: forcing a failure. [ 839.724816][T20286] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 839.731374][T20288] serio: Serial port ttyS2 [ 839.748387][T20286] CPU: 1 UID: 0 PID: 20286 Comm: syz.5.3625 Tainted: G U L syzkaller #0 PREEMPT(full) [ 839.748438][T20286] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 839.748450][T20286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 839.748468][T20286] Call Trace: [ 839.748478][T20286] [ 839.748489][T20286] dump_stack_lvl+0x16c/0x1f0 [ 839.748537][T20286] should_fail_ex+0x512/0x640 [ 839.748574][T20286] should_fail_alloc_page+0xe7/0x130 [ 839.748620][T20286] prepare_alloc_pages+0x401/0x670 [ 839.748660][T20286] ? rcu_is_watching+0x12/0xc0 [ 839.748700][T20286] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 839.748742][T20286] ? stack_trace_save+0x8e/0xc0 [ 839.748787][T20286] ? __pfx_stack_trace_save+0x10/0x10 [ 839.748829][T20286] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 839.748863][T20286] ? kasan_save_stack+0x42/0x60 [ 839.748898][T20286] ? kasan_save_stack+0x33/0x60 [ 839.748939][T20286] ? do_dentry_open+0x748/0x1590 [ 839.748977][T20286] ? vfs_open+0x82/0x3f0 [ 839.749002][T20286] ? path_openat+0x2078/0x3140 [ 839.749039][T20286] ? do_filp_open+0x20b/0x470 [ 839.749074][T20286] ? do_sys_openat2+0x121/0x290 [ 839.749101][T20286] ? __x64_sys_openat+0x174/0x210 [ 839.749128][T20286] ? do_syscall_64+0xcd/0xf80 [ 839.749162][T20286] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 839.749191][T20286] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 839.749232][T20286] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 839.749274][T20286] ? policy_nodemask+0xea/0x4e0 [ 839.749315][T20286] alloc_pages_mpol+0x1fb/0x550 [ 839.749356][T20286] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 839.749406][T20286] alloc_pages_noprof+0x131/0x390 [ 839.749450][T20286] get_zeroed_page_noprof+0x18/0xb0 [ 839.749490][T20286] get_image_page+0x18/0x190 [ 839.749527][T20286] alloc_rtree_node+0x3c/0xb0 [ 839.749564][T20286] memory_bm_create+0x419/0x810 [ 839.749614][T20286] create_basic_memory_bitmaps+0x10b/0x370 [ 839.749659][T20286] snapshot_open+0x235/0x2b0 [ 839.749700][T20286] ? __pfx_snapshot_open+0x10/0x10 [ 839.749741][T20286] misc_open+0x26d/0x450 [ 839.749782][T20286] ? __pfx_misc_open+0x10/0x10 [ 839.749813][T20286] chrdev_open+0x234/0x6a0 [ 839.749852][T20286] ? __pfx_apparmor_file_open+0x10/0x10 [ 839.749878][T20286] ? __pfx_chrdev_open+0x10/0x10 [ 839.749918][T20286] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 839.749963][T20286] do_dentry_open+0x748/0x1590 [ 839.749996][T20286] ? __pfx_chrdev_open+0x10/0x10 [ 839.750033][T20286] vfs_open+0x82/0x3f0 [ 839.750059][T20286] path_openat+0x2078/0x3140 [ 839.750111][T20286] ? __pfx_path_openat+0x10/0x10 [ 839.750169][T20286] do_filp_open+0x20b/0x470 [ 839.750210][T20286] ? __pfx_do_filp_open+0x10/0x10 [ 839.750280][T20286] ? alloc_fd+0x471/0x7d0 [ 839.750335][T20286] do_sys_openat2+0x121/0x290 [ 839.750368][T20286] ? __pfx_do_sys_openat2+0x10/0x10 [ 839.750402][T20286] ? find_held_lock+0x2b/0x80 [ 839.750446][T20286] __x64_sys_openat+0x174/0x210 [ 839.750479][T20286] ? __pfx___x64_sys_openat+0x10/0x10 [ 839.750526][T20286] do_syscall_64+0xcd/0xf80 [ 839.750570][T20286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 839.750600][T20286] RIP: 0033:0x7fa016d8f7c9 [ 839.750624][T20286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 839.750652][T20286] RSP: 002b:00007fa017cbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 839.750681][T20286] RAX: ffffffffffffffda RBX: 00007fa016fe6090 RCX: 00007fa016d8f7c9 [ 839.750701][T20286] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 839.750721][T20286] RBP: 00007fa016e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 839.750740][T20286] R10: 0000000000003f00 R11: 0000000000000246 R12: 0000000000000000 [ 839.750759][T20286] R13: 00007fa016fe6128 R14: 00007fa016fe6090 R15: 00007ffc39f7a6b8 [ 839.750807][T20286] [ 840.323774][T20295] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 840.466658][T20301] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3631'. [ 840.555432][T20300] hub 8-0:1.0: USB hub found [ 840.560868][T20300] hub 8-0:1.0: 1 port detected [ 841.009354][T20293] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 841.996111][T20297] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 843.424564][T20378] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 843.461345][T20381] FAULT_INJECTION: forcing a failure. [ 843.461345][T20381] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 843.481232][T20381] CPU: 1 UID: 0 PID: 20381 Comm: syz.5.3648 Tainted: G U L syzkaller #0 PREEMPT(full) [ 843.481279][T20381] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 843.481290][T20381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 843.481306][T20381] Call Trace: [ 843.481315][T20381] [ 843.481326][T20381] dump_stack_lvl+0x16c/0x1f0 [ 843.481370][T20381] should_fail_ex+0x512/0x640 [ 843.481405][T20381] ? __pfx_event_inject_write+0x10/0x10 [ 843.481434][T20381] _copy_from_user+0x2e/0xd0 [ 843.481465][T20381] memdup_user_nul+0x6c/0x120 [ 843.481501][T20381] event_inject_write+0xc6/0x2030 [ 843.481531][T20381] ? look_up_lock_class+0x6b/0x130 [ 843.481567][T20381] ? find_held_lock+0x2b/0x80 [ 843.481604][T20381] ? __lock_acquire+0x436/0x2890 [ 843.481631][T20381] ? __pfx_event_inject_write+0x10/0x10 [ 843.481663][T20381] ? iovec_from_user+0xbb/0x140 [ 843.481716][T20381] ? __pfx_event_inject_write+0x10/0x10 [ 843.481744][T20381] vfs_writev+0x5df/0xde0 [ 843.481789][T20381] ? __pfx_vfs_writev+0x10/0x10 [ 843.481823][T20381] ? fdget_pos+0x2a2/0x370 [ 843.481886][T20381] ? __fget_files+0x20e/0x3c0 [ 843.481919][T20381] ? __fget_files+0x160/0x3c0 [ 843.481963][T20381] ? do_writev+0x132/0x340 [ 843.481993][T20381] do_writev+0x132/0x340 [ 843.482027][T20381] ? __pfx_do_writev+0x10/0x10 [ 843.482073][T20381] do_syscall_64+0xcd/0xf80 [ 843.482113][T20381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 843.482140][T20381] RIP: 0033:0x7fa016d8f7c9 [ 843.482162][T20381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 843.482193][T20381] RSP: 002b:00007fa017ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 843.482216][T20381] RAX: ffffffffffffffda RBX: 00007fa016fe5fa0 RCX: 00007fa016d8f7c9 [ 843.482235][T20381] RDX: 0000000000000002 RSI: 0000200000000000 RDI: 0000000000000003 [ 843.482251][T20381] RBP: 00007fa017ce0090 R08: 0000000000000000 R09: 0000000000000000 [ 843.482267][T20381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 843.482283][T20381] R13: 00007fa016fe6038 R14: 00007fa016fe5fa0 R15: 00007ffc39f7a6b8 [ 843.482322][T20381] [ 843.931284][ T30] audit: type=1800 audit(1767276542.731:16): pid=20388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3650" name="lu_gp_id" dev="configfs" ino=98675 res=0 errno=0 [ 843.935155][T20388] ALUA LU Group already has a valid ID, ignoring request [ 844.230060][T20392] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 844.321621][T20394] FAULT_INJECTION: forcing a failure. [ 844.321621][T20394] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 844.395910][T20394] CPU: 1 UID: 0 PID: 20394 Comm: syz.6.3652 Tainted: G U L syzkaller #0 PREEMPT(full) [ 844.395957][T20394] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 844.395968][T20394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 844.395984][T20394] Call Trace: [ 844.395994][T20394] [ 844.396005][T20394] dump_stack_lvl+0x16c/0x1f0 [ 844.396048][T20394] should_fail_ex+0x512/0x640 [ 844.396085][T20394] _copy_to_user+0x32/0xd0 [ 844.396117][T20394] simple_read_from_buffer+0xcb/0x170 [ 844.396158][T20394] tracing_entries_read+0x464/0x630 [ 844.396195][T20394] ? __pfx_tracing_entries_read+0x10/0x10 [ 844.396236][T20394] ? rw_verify_area+0xcf/0x6c0 [ 844.396272][T20394] ? __pfx_tracing_entries_read+0x10/0x10 [ 844.396301][T20394] vfs_readv+0x5c1/0x8b0 [ 844.396344][T20394] ? __pfx_vfs_readv+0x10/0x10 [ 844.396383][T20394] ? fdget_pos+0x2a2/0x370 [ 844.396448][T20394] ? __fget_files+0x20e/0x3c0 [ 844.396481][T20394] ? __fget_files+0x160/0x3c0 [ 844.396525][T20394] ? do_readv+0x132/0x340 [ 844.396554][T20394] do_readv+0x132/0x340 [ 844.396588][T20394] ? __pfx_do_readv+0x10/0x10 [ 844.396620][T20394] ? rcu_is_watching+0x12/0xc0 [ 844.396672][T20394] do_syscall_64+0xcd/0xf80 [ 844.396715][T20394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 844.396743][T20394] RIP: 0033:0x7f88d0f8f7c9 [ 844.396764][T20394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 844.396789][T20394] RSP: 002b:00007f88d1ea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 844.396816][T20394] RAX: ffffffffffffffda RBX: 00007f88d11e5fa0 RCX: 00007f88d0f8f7c9 [ 844.396835][T20394] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000002 [ 844.396853][T20394] RBP: 00007f88d1ea7090 R08: 0000000000000000 R09: 0000000000000000 [ 844.396870][T20394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 844.396885][T20394] R13: 00007f88d11e6038 R14: 00007f88d11e5fa0 R15: 00007ffcbd1d30d8 [ 844.396924][T20394] [ 844.798094][T20399] ERROR: Out of memory at tomoyo_memory_ok. [ 844.804510][T20399] ERROR: Domain ' /sbin/init /etc/init.d/rcS /etc/init.d/S50sshd /sbin/start-stop-daemon /usr/sbin/sshd /usr/libexec/sshd-session /bin/sh /root/syz-executor /root/syz-executor /newroot/302/:,' not defined. [ 844.961904][T20389] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 845.392895][T20421] FAULT_INJECTION: forcing a failure. [ 845.392895][T20421] name failslab, interval 1, probability 0, space 0, times 0 [ 845.435794][T20421] CPU: 0 UID: 0 PID: 20421 Comm: syz.6.3657 Tainted: G U L syzkaller #0 PREEMPT(full) [ 845.435841][T20421] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 845.435851][T20421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 845.435866][T20421] Call Trace: [ 845.435875][T20421] [ 845.435885][T20421] dump_stack_lvl+0x16c/0x1f0 [ 845.435929][T20421] should_fail_ex+0x512/0x640 [ 845.435959][T20421] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 845.436001][T20421] should_failslab+0xc2/0x120 [ 845.436042][T20421] kmem_cache_alloc_noprof+0x83/0x770 [ 845.436074][T20421] ? skb_clone+0x190/0x3f0 [ 845.436114][T20421] ? skb_clone+0x190/0x3f0 [ 845.436145][T20421] skb_clone+0x190/0x3f0 [ 845.436178][T20421] netlink_deliver_tap+0xabd/0xd30 [ 845.436222][T20421] netlink_unicast+0x64c/0x870 [ 845.436260][T20421] ? __pfx_netlink_unicast+0x10/0x10 [ 845.436311][T20421] netlink_sendmsg+0x8c8/0xdd0 [ 845.436355][T20421] ? __pfx_netlink_sendmsg+0x10/0x10 [ 845.436396][T20421] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 845.436446][T20421] ____sys_sendmsg+0xa5d/0xc30 [ 845.436488][T20421] ? copy_msghdr_from_user+0x10a/0x160 [ 845.436522][T20421] ? __pfx_____sys_sendmsg+0x10/0x10 [ 845.436579][T20421] ___sys_sendmsg+0x134/0x1d0 [ 845.436615][T20421] ? __pfx____sys_sendmsg+0x10/0x10 [ 845.436737][T20421] __sys_sendmsg+0x16d/0x220 [ 845.436768][T20421] ? __pfx___sys_sendmsg+0x10/0x10 [ 845.436816][T20421] do_syscall_64+0xcd/0xf80 [ 845.436841][T20421] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 845.436856][T20421] RIP: 0033:0x7f88d0f8f7c9 [ 845.436869][T20421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 845.436883][T20421] RSP: 002b:00007f88d1e86038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 845.436898][T20421] RAX: ffffffffffffffda RBX: 00007f88d11e6090 RCX: 00007f88d0f8f7c9 [ 845.436911][T20421] RDX: 0000000000008000 RSI: 0000200000002740 RDI: 0000000000000003 [ 845.436921][T20421] RBP: 00007f88d1e86090 R08: 0000000000000000 R09: 0000000000000000 [ 845.436929][T20421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 845.436938][T20421] R13: 00007f88d11e6128 R14: 00007f88d11e6090 R15: 00007ffcbd1d30d8 [ 845.436957][T20421] [ 846.171540][T20431] ERROR: Out of memory at tomoyo_memory_ok. [ 846.311963][T20438] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 846.748729][T20446] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 847.606965][T20451] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 850.263142][T20527] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 852.312565][T20570] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 852.413451][T20553] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 852.572087][T20578] FAULT_INJECTION: forcing a failure. [ 852.572087][T20578] name failslab, interval 1, probability 0, space 0, times 0 [ 852.635690][T20578] CPU: 1 UID: 0 PID: 20578 Comm: syz.6.3697 Tainted: G U L syzkaller #0 PREEMPT(full) [ 852.635734][T20578] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 852.635745][T20578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 852.635760][T20578] Call Trace: [ 852.635768][T20578] [ 852.635778][T20578] dump_stack_lvl+0x16c/0x1f0 [ 852.635819][T20578] should_fail_ex+0x512/0x640 [ 852.635846][T20578] ? fs_reclaim_acquire+0xae/0x150 [ 852.635881][T20578] should_failslab+0xc2/0x120 [ 852.635903][T20578] __kmalloc_noprof+0xeb/0x910 [ 852.635919][T20578] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 852.635943][T20578] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 852.635962][T20578] tomoyo_realpath_from_path+0xc2/0x6e0 [ 852.635983][T20578] ? tomoyo_profile+0x47/0x60 [ 852.636006][T20578] tomoyo_path_number_perm+0x245/0x580 [ 852.636022][T20578] ? tomoyo_path_number_perm+0x237/0x580 [ 852.636040][T20578] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 852.636058][T20578] ? find_held_lock+0x2b/0x80 [ 852.636093][T20578] ? find_held_lock+0x2b/0x80 [ 852.636110][T20578] ? hook_file_ioctl_common+0x144/0x410 [ 852.636132][T20578] ? __fget_files+0x20e/0x3c0 [ 852.636155][T20578] security_file_ioctl+0x9b/0x240 [ 852.636174][T20578] __x64_sys_ioctl+0xb7/0x210 [ 852.636193][T20578] do_syscall_64+0xcd/0xf80 [ 852.636216][T20578] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 852.636232][T20578] RIP: 0033:0x7f88d0f8f7c9 [ 852.636245][T20578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 852.636259][T20578] RSP: 002b:00007f88d1e86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 852.636275][T20578] RAX: ffffffffffffffda RBX: 00007f88d11e6090 RCX: 00007f88d0f8f7c9 [ 852.636287][T20578] RDX: 0000000000000000 RSI: 00000000403c6f2b RDI: 0000000000000004 [ 852.636296][T20578] RBP: 00007f88d1e86090 R08: 0000000000000000 R09: 0000000000000000 [ 852.636305][T20578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 852.636313][T20578] R13: 00007f88d11e6128 R14: 00007f88d11e6090 R15: 00007ffcbd1d30d8 [ 852.636333][T20578] [ 852.636340][T20578] ERROR: Out of memory at tomoyo_realpath_from_path. [ 853.025271][T20578] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 853.057817][T20578] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 853.586473][T20586] ERROR: Out of memory at tomoyo_memory_ok. [ 853.643549][T20586] FAULT_INJECTION: forcing a failure. [ 853.643549][T20586] name failslab, interval 1, probability 0, space 0, times 0 [ 853.657596][T20586] CPU: 1 UID: 0 PID: 20586 Comm: syz.3.3699 Tainted: G U L syzkaller #0 PREEMPT(full) [ 853.657646][T20586] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 853.657658][T20586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 853.657676][T20586] Call Trace: [ 853.657687][T20586] [ 853.657698][T20586] dump_stack_lvl+0x16c/0x1f0 [ 853.657746][T20586] should_fail_ex+0x512/0x640 [ 853.657777][T20586] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 853.657818][T20586] should_failslab+0xc2/0x120 [ 853.657861][T20586] kmem_cache_alloc_node_noprof+0x86/0x800 [ 853.657897][T20586] ? __alloc_skb+0x156/0x410 [ 853.657927][T20586] ? __alloc_skb+0x35d/0x410 [ 853.657964][T20586] ? __alloc_skb+0x156/0x410 [ 853.657992][T20586] __alloc_skb+0x156/0x410 [ 853.658021][T20586] ? __alloc_skb+0x35d/0x410 [ 853.658051][T20586] ? __pfx___alloc_skb+0x10/0x10 [ 853.658083][T20586] ? netlink_autobind.isra.0+0x158/0x370 [ 853.658133][T20586] netlink_alloc_large_skb+0x69/0x140 [ 853.658175][T20586] netlink_sendmsg+0x698/0xdd0 [ 853.658221][T20586] ? __pfx_netlink_sendmsg+0x10/0x10 [ 853.658266][T20586] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 853.658319][T20586] __sys_sendto+0x4a3/0x520 [ 853.658353][T20586] ? __pfx___sys_sendto+0x10/0x10 [ 853.658383][T20586] ? kasan_quarantine_put+0x10a/0x240 [ 853.658458][T20586] ? xfd_validate_state+0x61/0x180 [ 853.658494][T20586] __x64_sys_sendto+0xe0/0x1c0 [ 853.658527][T20586] ? do_syscall_64+0x91/0xf80 [ 853.658569][T20586] ? lockdep_hardirqs_on+0x7c/0x110 [ 853.658610][T20586] do_syscall_64+0xcd/0xf80 [ 853.658653][T20586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 853.658682][T20586] RIP: 0033:0x7f917899165c [ 853.658706][T20586] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 853.658734][T20586] RSP: 002b:00007f9179858ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 853.658762][T20586] RAX: ffffffffffffffda RBX: 00007f9179858fc0 RCX: 00007f917899165c [ 853.658782][T20586] RDX: 0000000000000020 RSI: 00007f9179859010 RDI: 0000000000000003 [ 853.658801][T20586] RBP: 0000000000000000 R08: 00007f9179858f14 R09: 000000000000000c [ 853.658819][T20586] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 853.658838][T20586] R13: 00007f9179858f68 R14: 00007f9179859010 R15: 0000000000000000 [ 853.658876][T20586] [ 854.326536][T20600] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 854.333899][T20600] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 854.424464][T20602] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 854.736296][T20609] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 854.737073][T20610] FAULT_INJECTION: forcing a failure. [ 854.737073][T20610] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 854.793636][T20610] CPU: 0 UID: 0 PID: 20610 Comm: syz.6.3705 Tainted: G U L syzkaller #0 PREEMPT(full) [ 854.793684][T20610] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 854.793695][T20610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 854.793712][T20610] Call Trace: [ 854.793721][T20610] [ 854.793733][T20610] dump_stack_lvl+0x16c/0x1f0 [ 854.793777][T20610] should_fail_ex+0x512/0x640 [ 854.793813][T20610] should_fail_alloc_page+0xe7/0x130 [ 854.793856][T20610] prepare_alloc_pages+0x401/0x670 [ 854.793897][T20610] ? rcu_is_watching+0x12/0xc0 [ 854.793937][T20610] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 854.793979][T20610] ? kasan_save_stack+0x42/0x60 [ 854.794024][T20610] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 854.794056][T20610] ? __mod_zone_page_state+0xcc/0x1a0 [ 854.794098][T20610] ? lru_gen_add_folio+0x1a4/0xef0 [ 854.794132][T20610] ? __lock_acquire+0x436/0x2890 [ 854.794157][T20610] ? __lock_acquire+0x436/0x2890 [ 854.794178][T20610] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 854.794214][T20610] ? policy_nodemask+0xea/0x4e0 [ 854.794257][T20610] alloc_pages_mpol+0x1fb/0x550 [ 854.794297][T20610] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 854.794343][T20610] folio_alloc_mpol_noprof+0x36/0x2f0 [ 854.794374][T20610] vma_alloc_folio_noprof+0xed/0x1e0 [ 854.794402][T20610] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 854.794442][T20610] do_anonymous_page+0xc81/0x2190 [ 854.794485][T20610] __handle_mm_fault+0x1ecf/0x2bb0 [ 854.794524][T20610] ? __pfx___handle_mm_fault+0x10/0x10 [ 854.794556][T20610] ? __pte_offset_map_lock+0x174/0x310 [ 854.794594][T20610] ? find_held_lock+0x2b/0x80 [ 854.794636][T20610] ? follow_page_pte+0x5cf/0x1390 [ 854.794682][T20610] handle_mm_fault+0x3fe/0xad0 [ 854.794718][T20610] __get_user_pages+0x54e/0x3590 [ 854.794772][T20610] ? __pfx___get_user_pages+0x10/0x10 [ 854.794822][T20610] populate_vma_page_range+0x267/0x3f0 [ 854.794865][T20610] ? __pfx_populate_vma_page_range+0x10/0x10 [ 854.794904][T20610] ? __pfx_find_vma_intersection+0x10/0x10 [ 854.794951][T20610] __mm_populate+0x1d8/0x380 [ 854.794992][T20610] ? __pfx___mm_populate+0x10/0x10 [ 854.795035][T20610] ? up_write+0x282/0x4e0 [ 854.795068][T20610] vm_mmap_pgoff+0x37f/0x470 [ 854.795115][T20610] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 854.795162][T20610] ? __x64_sys_futex+0x1e0/0x4c0 [ 854.795192][T20610] ? __x64_sys_futex+0x1e9/0x4c0 [ 854.795228][T20610] ksys_mmap_pgoff+0x7d/0x5c0 [ 854.795263][T20610] ? xfd_validate_state+0x61/0x180 [ 854.795288][T20610] ? __pfx_do_writev+0x10/0x10 [ 854.795327][T20610] __x64_sys_mmap+0x125/0x190 [ 854.795358][T20610] do_syscall_64+0xcd/0xf80 [ 854.795399][T20610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 854.795427][T20610] RIP: 0033:0x7f88d0f8f7c9 [ 854.795449][T20610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 854.795475][T20610] RSP: 002b:00007f88d1e65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 854.795501][T20610] RAX: ffffffffffffffda RBX: 00007f88d11e6180 RCX: 00007f88d0f8f7c9 [ 854.795520][T20610] RDX: 0000000000000036 RSI: 0000000000040009 RDI: 0000000000000000 [ 854.795537][T20610] RBP: 00007f88d1013f91 R08: 0000000000000007 R09: 0000000000028000 [ 854.795554][T20610] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 854.795571][T20610] R13: 00007f88d11e6218 R14: 00007f88d11e6180 R15: 00007ffcbd1d30d8 [ 854.795611][T20610] [ 855.801846][T20634] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 855.959354][T20636] netlink: 330 bytes leftover after parsing attributes in process `syz.3.3711'. [ 855.972581][T20636] mac80211_hwsim hwsim16 ›in: renamed from wlan0 (while UP) [ 856.711638][T20657] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 856.729309][T20658] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3718'. [ 856.745881][T20658] mac80211_hwsim hwsim18 ›in: renamed from wlan0 (while UP) [ 857.255552][T20670] FAULT_INJECTION: forcing a failure. [ 857.255552][T20670] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 857.268946][T20670] CPU: 1 UID: 0 PID: 20670 Comm: syz.1.3722 Tainted: G U L syzkaller #0 PREEMPT(full) [ 857.268972][T20670] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 857.268978][T20670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 857.268988][T20670] Call Trace: [ 857.268993][T20670] [ 857.268999][T20670] dump_stack_lvl+0x16c/0x1f0 [ 857.269026][T20670] should_fail_ex+0x512/0x640 [ 857.269045][T20670] _copy_from_iter+0x2a4/0x16c0 [ 857.269064][T20670] ? __alloc_skb+0x220/0x410 [ 857.269079][T20670] ? __alloc_skb+0x35d/0x410 [ 857.269094][T20670] ? __pfx__copy_from_iter+0x10/0x10 [ 857.269116][T20670] ? netlink_autobind.isra.0+0x158/0x370 [ 857.269144][T20670] netlink_sendmsg+0x820/0xdd0 [ 857.269168][T20670] ? __pfx_netlink_sendmsg+0x10/0x10 [ 857.269190][T20670] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 857.269217][T20670] ____sys_sendmsg+0xa5d/0xc30 [ 857.269240][T20670] ? copy_msghdr_from_user+0x10a/0x160 [ 857.269258][T20670] ? __pfx_____sys_sendmsg+0x10/0x10 [ 857.269283][T20670] ? __pfx__kstrtoull+0x10/0x10 [ 857.269306][T20670] ___sys_sendmsg+0x134/0x1d0 [ 857.269325][T20670] ? __pfx____sys_sendmsg+0x10/0x10 [ 857.269352][T20670] ? find_held_lock+0x2b/0x80 [ 857.269383][T20670] __sys_sendmmsg+0x200/0x420 [ 857.269403][T20670] ? __pfx___sys_sendmmsg+0x10/0x10 [ 857.269427][T20670] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 857.269457][T20670] ? fput+0x70/0xf0 [ 857.269472][T20670] ? ksys_write+0x1ac/0x250 [ 857.269491][T20670] ? __pfx_ksys_write+0x10/0x10 [ 857.269514][T20670] __x64_sys_sendmmsg+0x9c/0x100 [ 857.269532][T20670] ? lockdep_hardirqs_on+0x7c/0x110 [ 857.269553][T20670] do_syscall_64+0xcd/0xf80 [ 857.269575][T20670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 857.269590][T20670] RIP: 0033:0x7f5c4418f7c9 [ 857.269605][T20670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 857.269619][T20670] RSP: 002b:00007f5c44fe6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 857.269633][T20670] RAX: ffffffffffffffda RBX: 00007f5c443e6090 RCX: 00007f5c4418f7c9 [ 857.269644][T20670] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 857.269653][T20670] RBP: 00007f5c44fe6090 R08: 0000000000000000 R09: 0000000000000000 [ 857.269662][T20670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 857.269670][T20670] R13: 00007f5c443e6128 R14: 00007f5c443e6090 R15: 00007ffd95a3bfe8 [ 857.269690][T20670] [ 857.730138][T20671] netlink: 146 bytes leftover after parsing attributes in process `syz.3.3723'. [ 858.070035][T20694] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 859.761258][T20703] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 860.053174][T20710] Process accounting paused [ 860.410841][ T30] audit: type=1804 audit(1767276559.201:17): pid=20736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.3739" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1053 res=1 errno=0 [ 861.742825][T20760] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 862.353537][T20765] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 862.830820][T20780] netlink: 'syz.3.3750': attribute type 16 has an invalid length. [ 862.839106][T20780] netlink: 194 bytes leftover after parsing attributes in process `syz.3.3750'. [ 863.502913][T20794] netlink: 350 bytes leftover after parsing attributes in process `syz.6.3754'. [ 864.180176][T20811] netlink: 350 bytes leftover after parsing attributes in process `syz.6.3758'. [ 864.250993][ T5841] Process accounting resumed [ 864.960280][T20829] netlink: 21 bytes leftover after parsing attributes in process `syz.1.3763'. [ 866.395511][T20841] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 868.300784][T20903] FAULT_INJECTION: forcing a failure. [ 868.300784][T20903] name failslab, interval 1, probability 0, space 0, times 0 [ 868.319378][T20903] CPU: 0 UID: 0 PID: 20903 Comm: syz.1.3784 Tainted: G U L syzkaller #0 PREEMPT(full) [ 868.319406][T20903] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 868.319412][T20903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 868.319421][T20903] Call Trace: [ 868.319426][T20903] [ 868.319432][T20903] dump_stack_lvl+0x16c/0x1f0 [ 868.319459][T20903] should_fail_ex+0x512/0x640 [ 868.319477][T20903] ? __kmalloc_noprof+0xca/0x910 [ 868.319495][T20903] should_failslab+0xc2/0x120 [ 868.319517][T20903] __kmalloc_noprof+0xeb/0x910 [ 868.319532][T20903] ? copy_splice_read+0x1a8/0xc20 [ 868.319557][T20903] ? copy_splice_read+0x1a8/0xc20 [ 868.319575][T20903] copy_splice_read+0x1a8/0xc20 [ 868.319600][T20903] ? __pfx_copy_splice_read+0x10/0x10 [ 868.319622][T20903] ? look_up_lock_class+0x59/0x130 [ 868.319647][T20903] ? lockdep_init_map_type+0x5c/0x270 [ 868.319663][T20903] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 868.319685][T20903] ? __pfx_copy_splice_read+0x10/0x10 [ 868.319705][T20903] do_splice_read+0x285/0x370 [ 868.319727][T20903] splice_direct_to_actor+0x2a1/0xa30 [ 868.319750][T20903] ? __pfx_direct_splice_actor+0x10/0x10 [ 868.319774][T20903] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 868.319794][T20903] ? get_pid_task+0xfc/0x250 [ 868.319817][T20903] do_splice_direct+0x174/0x240 [ 868.319838][T20903] ? __pfx_do_splice_direct+0x10/0x10 [ 868.319859][T20903] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 868.319882][T20903] ? rw_verify_area+0xcf/0x6c0 [ 868.319902][T20903] do_sendfile+0xb06/0xe50 [ 868.319924][T20903] ? __pfx_do_sendfile+0x10/0x10 [ 868.319943][T20903] ? fd_install+0x242/0x570 [ 868.319968][T20903] __x64_sys_sendfile64+0x1d8/0x220 [ 868.319982][T20903] ? ksys_write+0x1ac/0x250 [ 868.320001][T20903] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 868.320021][T20903] do_syscall_64+0xcd/0xf80 [ 868.320043][T20903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.320064][T20903] RIP: 0033:0x7f5c4418f7c9 [ 868.320077][T20903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 868.320091][T20903] RSP: 002b:00007f5c45007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 868.320106][T20903] RAX: ffffffffffffffda RBX: 00007f5c443e5fa0 RCX: 00007f5c4418f7c9 [ 868.320116][T20903] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 868.320125][T20903] RBP: 00007f5c45007090 R08: 0000000000000000 R09: 0000000000000000 [ 868.320134][T20903] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 868.320142][T20903] R13: 00007f5c443e6038 R14: 00007f5c443e5fa0 R15: 00007ffd95a3bfe8 [ 868.320162][T20903] [ 868.763023][T20904] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 868.861858][T20910] tipc: Trying to set illegal importance in message [ 869.574314][T20927] FAULT_INJECTION: forcing a failure. [ 869.574314][T20927] name failslab, interval 1, probability 0, space 0, times 0 [ 869.631736][T20927] CPU: 1 UID: 0 PID: 20927 Comm: syz.5.3791 Tainted: G U L syzkaller #0 PREEMPT(full) [ 869.631782][T20927] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 869.631790][T20927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 869.631806][T20927] Call Trace: [ 869.631815][T20927] [ 869.631824][T20927] dump_stack_lvl+0x16c/0x1f0 [ 869.631865][T20927] should_fail_ex+0x512/0x640 [ 869.631893][T20927] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 869.631928][T20927] should_failslab+0xc2/0x120 [ 869.631964][T20927] kmem_cache_alloc_node_noprof+0x86/0x800 [ 869.631996][T20927] ? __alloc_skb+0x156/0x410 [ 869.632032][T20927] ? __alloc_skb+0x156/0x410 [ 869.632057][T20927] __alloc_skb+0x156/0x410 [ 869.632082][T20927] ? __alloc_skb+0x35d/0x410 [ 869.632109][T20927] ? __pfx___alloc_skb+0x10/0x10 [ 869.632139][T20927] ? rtnl_prop_list_size+0x295/0x2d0 [ 869.632174][T20927] ? if_nlmsg_size+0x4a7/0xb30 [ 869.632214][T20927] rtmsg_ifinfo_build_skb+0x81/0x280 [ 869.632260][T20927] rtmsg_ifinfo+0x9f/0x1a0 [ 869.632306][T20927] netif_state_change+0x17f/0x380 [ 869.632347][T20927] ? __pfx_netif_state_change+0x10/0x10 [ 869.632391][T20927] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 869.632428][T20927] ? netif_set_alias+0x16c/0x250 [ 869.632466][T20927] netdev_state_change+0xaa/0x240 [ 869.632506][T20927] ifalias_store+0x17c/0x1c0 [ 869.632534][T20927] ? sysfs_file_kobj+0xc0/0x290 [ 869.632560][T20927] ? __pfx_ifalias_store+0x10/0x10 [ 869.632587][T20927] dev_attr_store+0x58/0x80 [ 869.632618][T20927] ? __pfx_dev_attr_store+0x10/0x10 [ 869.632649][T20927] sysfs_kf_write+0xf2/0x150 [ 869.632687][T20927] kernfs_fop_write_iter+0x3af/0x570 [ 869.632722][T20927] ? __pfx_sysfs_kf_write+0x10/0x10 [ 869.632753][T20927] vfs_write+0x7d3/0x11d0 [ 869.632783][T20927] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 869.632807][T20927] ? __pfx_vfs_write+0x10/0x10 [ 869.632840][T20927] ksys_write+0x12a/0x250 [ 869.632860][T20927] ? __pfx_ksys_write+0x10/0x10 [ 869.632886][T20927] do_syscall_64+0xcd/0xf80 [ 869.632910][T20927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.632925][T20927] RIP: 0033:0x7fa016d8f7c9 [ 869.632938][T20927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 869.632952][T20927] RSP: 002b:00007fa017ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 869.632967][T20927] RAX: ffffffffffffffda RBX: 00007fa016fe5fa0 RCX: 00007fa016d8f7c9 [ 869.632977][T20927] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 869.632986][T20927] RBP: 00007fa017ce0090 R08: 0000000000000000 R09: 0000000000000000 [ 869.632995][T20927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 869.633003][T20927] R13: 00007fa016fe6038 R14: 00007fa016fe5fa0 R15: 00007ffc39f7a6b8 [ 869.633024][T20927] [ 871.934368][T20975] blktrace: Concurrent blktraces are not allowed on loop2 [ 872.212473][T20978] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 872.905200][T20997] netlink: 186 bytes leftover after parsing attributes in process `syz.3.3809'. [ 872.946479][T20997] netlink: 186 bytes leftover after parsing attributes in process `syz.3.3809'. [ 873.398817][T21007] FAULT_INJECTION: forcing a failure. [ 873.398817][T21007] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 873.416099][T21007] CPU: 1 UID: 0 PID: 21007 Comm: syz.3.3811 Tainted: G U L syzkaller #0 PREEMPT(full) [ 873.416146][T21007] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 873.416157][T21007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 873.416173][T21007] Call Trace: [ 873.416183][T21007] [ 873.416194][T21007] dump_stack_lvl+0x16c/0x1f0 [ 873.416238][T21007] should_fail_ex+0x512/0x640 [ 873.416273][T21007] _copy_from_user+0x2e/0xd0 [ 873.416304][T21007] sk_setsockopt+0x64b/0x3d50 [ 873.416359][T21007] ? __pfx_sk_setsockopt+0x10/0x10 [ 873.416398][T21007] ? aa_sk_perm+0x2f2/0xae0 [ 873.416433][T21007] ? __pfx_aa_sk_perm+0x10/0x10 [ 873.416467][T21007] ? find_held_lock+0x2b/0x80 [ 873.416505][T21007] ? aa_sock_opt_perm+0xfd/0x1b0 [ 873.416552][T21007] do_sock_setsockopt+0x193/0x1d0 [ 873.416595][T21007] __sys_setsockopt+0x120/0x1a0 [ 873.416632][T21007] __x64_sys_setsockopt+0xbd/0x160 [ 873.416662][T21007] ? do_syscall_64+0x91/0xf80 [ 873.416697][T21007] ? lockdep_hardirqs_on+0x7c/0x110 [ 873.416733][T21007] do_syscall_64+0xcd/0xf80 [ 873.416772][T21007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 873.416796][T21007] RIP: 0033:0x7f917898f7c9 [ 873.416818][T21007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 873.416843][T21007] RSP: 002b:00007f917985a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 873.416870][T21007] RAX: ffffffffffffffda RBX: 00007f9178be5fa0 RCX: 00007f917898f7c9 [ 873.416888][T21007] RDX: 0000000000000049 RSI: 0000000000000001 RDI: 0000000000000003 [ 873.416904][T21007] RBP: 00007f917985a090 R08: 000000000200062b R09: 0000000000000000 [ 873.416921][T21007] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 873.416937][T21007] R13: 00007f9178be6038 R14: 00007f9178be5fa0 R15: 00007ffcff9ed278 [ 873.416975][T21007] [ 873.953802][T21019] FAULT_INJECTION: forcing a failure. [ 873.953802][T21019] name failslab, interval 1, probability 0, space 0, times 0 [ 873.999260][T21019] CPU: 0 UID: 0 PID: 21019 Comm: syz.6.3815 Tainted: G U L syzkaller #0 PREEMPT(full) [ 873.999305][T21019] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 873.999316][T21019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 873.999332][T21019] Call Trace: [ 873.999341][T21019] [ 873.999352][T21019] dump_stack_lvl+0x16c/0x1f0 [ 873.999394][T21019] should_fail_ex+0x512/0x640 [ 873.999423][T21019] ? fs_reclaim_acquire+0xae/0x150 [ 873.999466][T21019] should_failslab+0xc2/0x120 [ 873.999504][T21019] __kmalloc_noprof+0xeb/0x910 [ 873.999539][T21019] ? do_sys_openat2+0x121/0x290 [ 873.999566][T21019] ? __x64_sys_open+0x153/0x1e0 [ 873.999593][T21019] ? do_syscall_64+0xcd/0xf80 [ 873.999628][T21019] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 873.999670][T21019] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 873.999704][T21019] tomoyo_realpath_from_path+0xc2/0x6e0 [ 873.999743][T21019] ? tomoyo_profile+0x47/0x60 [ 873.999783][T21019] tomoyo_path_number_perm+0x245/0x580 [ 873.999810][T21019] ? tomoyo_path_number_perm+0x237/0x580 [ 873.999840][T21019] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 873.999898][T21019] ? d_alloc_parallel+0xb4e/0x1510 [ 873.999931][T21019] ? current_check_access_path+0x33b/0x460 [ 873.999967][T21019] ? __pfx_current_check_access_path+0x10/0x10 [ 874.000013][T21019] tomoyo_path_mknod+0x10c/0x190 [ 874.000055][T21019] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 874.000097][T21019] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 874.000144][T21019] security_path_mknod+0x161/0x310 [ 874.000178][T21019] lookup_open.isra.0+0xc10/0x1780 [ 874.000221][T21019] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 874.000263][T21019] ? find_held_lock+0x2b/0x80 [ 874.000308][T21019] ? __pfx_down_write+0x10/0x10 [ 874.000344][T21019] path_openat+0xa95/0x3140 [ 874.000395][T21019] ? __pfx_path_openat+0x10/0x10 [ 874.000441][T21019] ? __lock_acquire+0x436/0x2890 [ 874.000471][T21019] do_filp_open+0x20b/0x470 [ 874.000513][T21019] ? __pfx_do_filp_open+0x10/0x10 [ 874.000585][T21019] ? _raw_spin_unlock+0x28/0x50 [ 874.000620][T21019] ? alloc_fd+0x471/0x7d0 [ 874.000669][T21019] do_sys_openat2+0x121/0x290 [ 874.000700][T21019] ? __pfx_do_sys_openat2+0x10/0x10 [ 874.000734][T21019] ? __fget_files+0x20e/0x3c0 [ 874.000778][T21019] __x64_sys_open+0x153/0x1e0 [ 874.000809][T21019] ? __pfx___x64_sys_open+0x10/0x10 [ 874.000848][T21019] ? rcu_is_watching+0x12/0xc0 [ 874.000888][T21019] do_syscall_64+0xcd/0xf80 [ 874.000929][T21019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 874.000957][T21019] RIP: 0033:0x7f88d0f8f7c9 [ 874.000979][T21019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 874.001004][T21019] RSP: 002b:00007f88d1ea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 874.001030][T21019] RAX: ffffffffffffffda RBX: 00007f88d11e5fa0 RCX: 00007f88d0f8f7c9 [ 874.001049][T21019] RDX: 00000000000000d1 RSI: 0000000000103040 RDI: 0000200000000380 [ 874.001067][T21019] RBP: 00007f88d1ea7090 R08: 0000000000000000 R09: 0000000000000000 [ 874.001084][T21019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 874.001101][T21019] R13: 00007f88d11e6038 R14: 00007f88d11e5fa0 R15: 00007ffcbd1d30d8 [ 874.001141][T21019] [ 874.001152][T21019] ERROR: Out of memory at tomoyo_realpath_from_path. [ 874.868334][T20994] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 875.292343][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.299977][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 875.477544][T21048] blktrace: Concurrent blktraces are not allowed on loop2 [ 876.791197][T21040] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 878.317498][T21113] FAULT_INJECTION: forcing a failure. [ 878.317498][T21113] name failslab, interval 1, probability 0, space 0, times 0 [ 878.361139][T21085] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 878.380542][T21106] FAULT_INJECTION: forcing a failure. [ 878.380542][T21106] name failslab, interval 1, probability 0, space 0, times 0 [ 878.393729][T21113] CPU: 0 UID: 0 PID: 21113 Comm: syz.1.3839 Tainted: G U L syzkaller #0 PREEMPT(full) [ 878.393775][T21113] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 878.393786][T21113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 878.393802][T21113] Call Trace: [ 878.393811][T21113] [ 878.393821][T21113] dump_stack_lvl+0x16c/0x1f0 [ 878.393864][T21113] should_fail_ex+0x512/0x640 [ 878.393892][T21113] ? kmem_cache_alloc_noprof+0x62/0x770 [ 878.393928][T21113] should_failslab+0xc2/0x120 [ 878.393966][T21113] kmem_cache_alloc_noprof+0x83/0x770 [ 878.393997][T21113] ? __pmd_alloc+0xbf/0x9c0 [ 878.394041][T21113] ? __pmd_alloc+0xbf/0x9c0 [ 878.394084][T21113] __pmd_alloc+0xbf/0x9c0 [ 878.394126][T21113] __handle_mm_fault+0xbeb/0x2bb0 [ 878.394163][T21113] ? __pfx___handle_mm_fault+0x10/0x10 [ 878.394212][T21113] ? find_vma+0xbf/0x140 [ 878.394246][T21113] ? __pfx_find_vma+0x10/0x10 [ 878.394285][T21113] handle_mm_fault+0x3fe/0xad0 [ 878.394319][T21113] do_user_addr_fault+0x7a6/0x1370 [ 878.394356][T21113] ? rcu_is_watching+0x12/0xc0 [ 878.394395][T21113] exc_page_fault+0x64/0xc0 [ 878.394433][T21113] asm_exc_page_fault+0x26/0x30 [ 878.394459][T21113] RIP: 0010:__get_user_4+0x14/0x20 [ 878.394489][T21113] Code: 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <8b> 10 31 c0 0f 01 ca e9 90 79 04 00 90 90 90 90 90 90 90 90 90 90 [ 878.394514][T21113] RSP: 0018:ffffc900103e7bc0 EFLAGS: 00050287 [ 878.394536][T21113] RAX: 0000000000000003 RBX: ffff8880a0b20000 RCX: ffffc900103e7b64 [ 878.394554][T21113] RDX: 00007ffffffff000 RSI: ffffffff88ce88de RDI: ffffffff8bf2b580 [ 878.394573][T21113] RBP: 1ffff9200207cf7f R08: 00000000d3987e04 R09: 000000004d3987e0 [ 878.394592][T21113] R10: 0000000000000001 R11: ffff8880738866b0 R12: dffffc0000000000 [ 878.394609][T21113] R13: ffff8880a0b20000 R14: 000000004008af14 R15: 0000000000000003 [ 878.394639][T21113] ? vhost_vring_ioctl+0xbe/0x1520 [ 878.394683][T21113] vhost_vring_ioctl+0xc6/0x1520 [ 878.394721][T21113] ? tomoyo_path_number_perm+0x295/0x580 [ 878.394757][T21113] ? __pfx_vhost_vring_ioctl+0x10/0x10 [ 878.394795][T21113] ? vhost_dev_ioctl+0x16c/0xe20 [ 878.394835][T21113] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 878.394887][T21113] vhost_net_ioctl+0xe9d/0x1850 [ 878.394922][T21113] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 878.394955][T21113] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 878.394989][T21113] ? find_held_lock+0x2b/0x80 [ 878.395021][T21113] ? hook_file_ioctl_common+0x144/0x410 [ 878.395061][T21113] ? __fget_files+0x20e/0x3c0 [ 878.395110][T21113] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 878.395145][T21113] __x64_sys_ioctl+0x18e/0x210 [ 878.395181][T21113] do_syscall_64+0xcd/0xf80 [ 878.395224][T21113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 878.395247][T21113] RIP: 0033:0x7f5c4418f7c9 [ 878.395267][T21113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 878.395289][T21113] RSP: 002b:00007f5c45007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 878.395312][T21113] RAX: ffffffffffffffda RBX: 00007f5c443e5fa0 RCX: 00007f5c4418f7c9 [ 878.395329][T21113] RDX: 0000000000000003 RSI: 000000004008af14 RDI: 0000000000000004 [ 878.395344][T21113] RBP: 00007f5c45007090 R08: 0000000000000000 R09: 0000000000000000 [ 878.395362][T21113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 878.395376][T21113] R13: 00007f5c443e6038 R14: 00007f5c443e5fa0 R15: 00007ffd95a3bfe8 [ 878.395414][T21113] [ 878.749193][T21106] CPU: 1 UID: 0 PID: 21106 Comm: syz.6.3838 Tainted: G U L syzkaller #0 PREEMPT(full) [ 878.749243][T21106] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 878.749255][T21106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 878.749272][T21106] Call Trace: [ 878.749283][T21106] [ 878.749295][T21106] dump_stack_lvl+0x16c/0x1f0 [ 878.749343][T21106] should_fail_ex+0x512/0x640 [ 878.749376][T21106] ? kmem_cache_alloc_noprof+0x62/0x770 [ 878.749414][T21106] should_failslab+0xc2/0x120 [ 878.749454][T21106] kmem_cache_alloc_noprof+0x83/0x770 [ 878.749488][T21106] ? __proc_create+0x2c8/0x8d0 [ 878.749532][T21106] ? __proc_create+0x2c8/0x8d0 [ 878.749564][T21106] __proc_create+0x2c8/0x8d0 [ 878.749603][T21106] ? __pfx___proc_create+0x10/0x10 [ 878.749643][T21106] ? _raw_write_unlock+0x28/0x50 [ 878.749681][T21106] ? proc_register+0x559/0x8b0 [ 878.749722][T21106] proc_create_reg+0x7d/0x180 [ 878.749762][T21106] proc_create_data+0x86/0x110 [ 878.749809][T21106] ? __pfx_proc_create_data+0x10/0x10 [ 878.749849][T21106] ? cache_register_net+0x137/0x5e0 [ 878.749896][T21106] cache_register_net+0x25a/0x5e0 [ 878.749935][T21106] unix_gid_cache_create+0x8b/0x130 [ 878.749971][T21106] ? __pfx_sunrpc_init_net+0x10/0x10 [ 878.750006][T21106] sunrpc_init_net+0x71/0x190 [ 878.750038][T21106] ops_init+0x1e2/0x5f0 [ 878.750077][T21106] setup_net+0x11d/0x3a0 [ 878.750109][T21106] ? __pfx_setup_net+0x10/0x10 [ 878.750139][T21106] ? lockdep_init_map_type+0x5c/0x270 [ 878.750164][T21106] ? mutex_init_lockep+0x110/0x150 [ 878.750196][T21106] copy_net_ns+0x351/0x7c0 [ 878.750236][T21106] create_new_namespaces+0x3ea/0xab0 [ 878.750279][T21106] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 878.750316][T21106] ksys_unshare+0x45b/0xa40 [ 878.750355][T21106] ? __pfx_ksys_unshare+0x10/0x10 [ 878.750392][T21106] ? xfd_validate_state+0x61/0x180 [ 878.750429][T21106] __x64_sys_unshare+0x31/0x40 [ 878.750468][T21106] do_syscall_64+0xcd/0xf80 [ 878.750511][T21106] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 878.750540][T21106] RIP: 0033:0x7f88d0f8f7c9 [ 878.750563][T21106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 878.750590][T21106] RSP: 002b:00007f88d1ea7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 878.750618][T21106] RAX: ffffffffffffffda RBX: 00007f88d11e5fa0 RCX: 00007f88d0f8f7c9 [ 878.750638][T21106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 878.750654][T21106] RBP: 00007f88d1013f91 R08: 0000000000000000 R09: 0000000000000000 [ 878.750672][T21106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 878.750690][T21106] R13: 00007f88d11e6038 R14: 00007f88d11e5fa0 R15: 00007ffcbd1d30d8 [ 878.750727][T21106] [ 880.206211][T21147] FAULT_INJECTION: forcing a failure. [ 880.206211][T21147] name failslab, interval 1, probability 0, space 0, times 0 [ 880.246009][T21147] CPU: 0 UID: 0 PID: 21147 Comm: syz.5.3849 Tainted: G U L syzkaller #0 PREEMPT(full) [ 880.246058][T21147] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 880.246069][T21147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 880.246086][T21147] Call Trace: [ 880.246096][T21147] [ 880.246108][T21147] dump_stack_lvl+0x16c/0x1f0 [ 880.246152][T21147] should_fail_ex+0x512/0x640 [ 880.246182][T21147] ? kmem_cache_alloc_noprof+0x62/0x770 [ 880.246222][T21147] should_failslab+0xc2/0x120 [ 880.246273][T21147] kmem_cache_alloc_noprof+0x83/0x770 [ 880.246313][T21147] ? acpi_ut_create_generic_state+0x61/0xc0 [ 880.246355][T21147] ? acpi_ut_create_generic_state+0x61/0xc0 [ 880.246387][T21147] acpi_ut_create_generic_state+0x61/0xc0 [ 880.246420][T21147] acpi_ds_scope_stack_push+0x70/0x790 [ 880.246459][T21147] acpi_ds_init_aml_walk+0x2d8/0x680 [ 880.246500][T21147] acpi_ds_call_control_method+0x3a2/0xab0 [ 880.246551][T21147] acpi_ps_parse_aml+0xab3/0x1170 [ 880.246593][T21147] acpi_ps_execute_method+0x5c4/0xe90 [ 880.246639][T21147] acpi_ns_evaluate+0x98c/0x16d0 [ 880.246688][T21147] acpi_evaluate_object+0x4ca/0xdf0 [ 880.246727][T21147] ? ksys_read+0x12a/0x250 [ 880.246773][T21147] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 880.246810][T21147] ? __pfx___might_resched+0x10/0x10 [ 880.246853][T21147] acpi_evaluate_integer+0xdd/0x230 [ 880.246895][T21147] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 880.246951][T21147] ? __pfx_status_show+0x10/0x10 [ 880.246980][T21147] status_show+0xa0/0x120 [ 880.247009][T21147] ? __pfx_status_show+0x10/0x10 [ 880.247047][T21147] dev_attr_show+0x56/0xe0 [ 880.247085][T21147] ? __pfx_dev_attr_show+0x10/0x10 [ 880.247117][T21147] sysfs_kf_seq_show+0x216/0x3e0 [ 880.247154][T21147] seq_read_iter+0x50e/0x12d0 [ 880.247208][T21147] kernfs_fop_read_iter+0x46c/0x610 [ 880.247251][T21147] ? rw_verify_area+0xcf/0x6c0 [ 880.247289][T21147] vfs_read+0x8bf/0xcf0 [ 880.247336][T21147] ? __pfx_vfs_read+0x10/0x10 [ 880.247400][T21147] ksys_read+0x12a/0x250 [ 880.247438][T21147] ? __pfx_ksys_read+0x10/0x10 [ 880.247488][T21147] do_syscall_64+0xcd/0xf80 [ 880.247532][T21147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 880.247562][T21147] RIP: 0033:0x7fa016d8f7c9 [ 880.247586][T21147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 880.247614][T21147] RSP: 002b:00007fa017ce0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 880.247642][T21147] RAX: ffffffffffffffda RBX: 00007fa016fe5fa0 RCX: 00007fa016d8f7c9 [ 880.247662][T21147] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 880.247680][T21147] RBP: 00007fa016e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 880.247705][T21147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 880.247723][T21147] R13: 00007fa016fe6038 R14: 00007fa016fe5fa0 R15: 00007ffc39f7a6b8 [ 880.247764][T21147] [ 880.247931][T21147] ACPI Error: ffff88808fd80000 walk still has a scope list (20250807/dswstate-694) [ 880.690440][T21147] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529) [ 880.937231][T21138] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 882.469378][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.482751][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.514008][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.592384][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.644828][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.677975][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.705823][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.733254][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.766041][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.789007][T21193] netlink: 62 bytes leftover after parsing attributes in process `syz.3.3861'. [ 882.938945][T21183] netlink: 'syz.6.3858': attribute type 1 has an invalid length. [ 884.398454][T21225] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 885.618298][T21278] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko' [ 886.331147][T21292] sg_write: process 709 (syz.5.3880) changed security contexts after opening file descriptor, this is not allowed. [ 886.873159][T21300] program syz.5.3881 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 886.926189][ T30] audit: type=1800 audit(1767276585.731:18): pid=21303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3883" name="lu_gp_id" dev="configfs" ino=104527 res=0 errno=0 [ 889.038125][T21338] Console: switching to colour frame buffer device 128x48 [ 890.174574][T21363] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko' [ 890.286971][T21354] Process accounting resumed [ 890.832769][T21364] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 890.972050][T21379] random: crng reseeded on system resumption [ 891.682237][T21407] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 892.159535][T21369] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 892.915154][T21423] FAULT_INJECTION: forcing a failure. [ 892.915154][T21423] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 892.930801][T21423] CPU: 1 UID: 0 PID: 21423 Comm: syz.1.3913 Tainted: G U L syzkaller #0 PREEMPT(full) [ 892.930853][T21423] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 892.930865][T21423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 892.930882][T21423] Call Trace: [ 892.930893][T21423] [ 892.930905][T21423] dump_stack_lvl+0x16c/0x1f0 [ 892.930952][T21423] should_fail_ex+0x512/0x640 [ 892.930989][T21423] _copy_from_user+0x2e/0xd0 [ 892.931022][T21423] __sys_bpf+0x248/0x4980 [ 892.931055][T21423] ? __pfx___sys_bpf+0x10/0x10 [ 892.931082][T21423] ? __pfx_futex_wait+0x10/0x10 [ 892.931120][T21423] ? rcu_is_watching+0x12/0xc0 [ 892.931166][T21423] ? rcu_is_watching+0x12/0xc0 [ 892.931205][T21423] ? __schedule+0x10b9/0x6150 [ 892.931241][T21423] ? __schedule+0x114c/0x6150 [ 892.931283][T21423] ? do_futex+0x122/0x350 [ 892.931332][T21423] ? __fget_files+0x20e/0x3c0 [ 892.931374][T21423] ? xfd_validate_state+0x61/0x180 [ 892.931410][T21423] __x64_sys_bpf+0x78/0xc0 [ 892.931437][T21423] ? lockdep_hardirqs_on+0x7c/0x110 [ 892.931476][T21423] do_syscall_64+0xcd/0xf80 [ 892.931529][T21423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 892.931558][T21423] RIP: 0033:0x7f5c4418f7c9 [ 892.931582][T21423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 892.931611][T21423] RSP: 002b:00007f5c45007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 892.931639][T21423] RAX: ffffffffffffffda RBX: 00007f5c443e5fa0 RCX: 00007f5c4418f7c9 [ 892.931659][T21423] RDX: 0000000000000014 RSI: 0000200000000100 RDI: 0000000000000000 [ 892.931677][T21423] RBP: 00007f5c44213f91 R08: 0000000000000000 R09: 0000000000000000 [ 892.931695][T21423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 892.931720][T21423] R13: 00007f5c443e6038 R14: 00007f5c443e5fa0 R15: 00007ffd95a3bfe8 [ 892.931760][T21423] [ 893.786708][T21449] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 894.574618][T21437] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 895.037761][T21468] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 895.398657][T21476] Device name cannot be null; rc = [-22] [ 896.220014][T21493] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 896.657668][T21473] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 897.317445][T21519] kAFS: unparsable volume name [ 897.428349][T21524] nfs: Unknown parameter '£m?¥ŒÁLH>®ï½¢^Ñe„°àko}* »' [ 898.220907][T21544] __nla_validate_parse: 11 callbacks suppressed [ 898.220930][T21544] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3950'. [ 898.350120][T21539] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 898.743448][T21553] netlink: 25 bytes leftover after parsing attributes in process `syz.3.3953'. [ 899.610013][ T31] INFO: task kworker/u8:30:12789 blocked for more than 163 seconds. [ 899.618388][ T31] Tainted: G U L syzkaller #0 [ 899.624918][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 899.656246][ T31] task:kworker/u8:30 state:D stack:22888 pid:12789 tgid:12789 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 899.671266][ T31] Workqueue: netns cleanup_net [ 899.884905][ T31] Call Trace: [ 899.888497][ T31] [ 899.891573][ T31] ? __schedule+0x10b9/0x6150 [ 899.896740][ T31] __schedule+0x1139/0x6150 [ 899.905969][ T31] ? __pfx___schedule+0x10/0x10 [ 899.910871][ T31] ? find_held_lock+0x2b/0x80 [ 899.916026][ T31] ? schedule+0x2d7/0x3a0 [ 899.920414][ T31] schedule+0xe7/0x3a0 [ 899.924522][ T31] schedule_timeout+0x257/0x290 [ 899.932216][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 899.949098][ T31] ? mark_held_locks+0x49/0x80 [ 899.960229][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 899.965504][ T31] __wait_for_common+0x2fc/0x4e0 [ 900.042447][T21574] caif:caif_disconnect_client(): nothing to disconnect [ 900.072621][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 900.092696][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 900.113899][ T31] remove_one+0x312/0x420 [ 900.125126][ T31] ? find_next_child+0x18f/0x280 [ 900.137753][ T31] __simple_recursive_removal+0x15b/0x610 [ 900.143609][ T31] ? __pfx_remove_one+0x10/0x10 [ 900.152389][ T31] debugfs_remove+0x5d/0x80 [ 900.157233][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 900.170893][ T31] nsim_dev_reload_destroy+0x144/0x4d0 [ 900.180818][ T31] nsim_dev_reload_down+0x66/0xd0 [ 900.190356][ T31] devlink_reload+0x1a1/0x7c0 [ 900.196989][ T31] ? __pfx_devlink_reload+0x10/0x10 [ 900.204695][ T31] devlink_pernet_pre_exit+0x1a0/0x2b0 [ 900.212388][ T31] ? __pfx_fqdir_pre_exit+0x10/0x10 [ 900.219280][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 900.229304][ T31] ? kobject_put+0xaf/0x6f0 [ 900.233900][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 900.243510][ T31] ops_undo_list+0x187/0xab0 [ 900.252843][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 900.260587][ T31] ? cleanup_net+0x347/0x830 [ 900.268354][ T31] ? idr_destroy+0x62/0x2e0 [ 900.273887][ T31] cleanup_net+0x41b/0x830 [ 900.280545][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 900.289607][ T31] process_one_work+0x9ba/0x1b20 [ 900.296220][ T31] ? __pfx_process_one_work+0x10/0x10 [ 900.303961][ T31] ? assign_work+0x1a0/0x250 [ 900.310535][ T31] worker_thread+0x6c8/0xf10 [ 900.317177][ T31] ? __kthread_parkme+0x19e/0x250 [ 900.323798][ T31] ? __pfx_worker_thread+0x10/0x10 [ 900.332575][ T31] kthread+0x3c5/0x780 [ 900.338084][ T31] ? __pfx_kthread+0x10/0x10 [ 900.344716][ T31] ? rcu_is_watching+0x12/0xc0 [ 900.352536][ T31] ? __pfx_kthread+0x10/0x10 [ 900.360455][ T31] ret_from_fork+0x983/0xb10 [ 900.368127][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 900.374759][ T31] ? __switch_to+0x7af/0x10d0 [ 900.381417][ T31] ? __pfx_kthread+0x10/0x10 [ 900.389350][ T31] ret_from_fork_asm+0x1a/0x30 [ 900.395366][ T31] [ 900.401214][ T31] INFO: task syz.4.2960:17579 blocked for more than 164 seconds. [ 900.413483][ T31] Tainted: G U L syzkaller #0 [ 900.422347][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 900.465948][ T31] task:syz.4.2960 state:D stack:28792 pid:17579 tgid:17576 ppid:17071 task_flags:0x400040 flags:0x00080002 [ 900.478125][ T31] Call Trace: [ 900.482274][ T31] [ 900.486758][ T31] ? __schedule+0x10b9/0x6150 [ 900.495787][ T31] __schedule+0x1139/0x6150 [ 900.501963][ T31] ? __pfx___schedule+0x10/0x10 [ 900.507421][ T31] ? find_held_lock+0x2b/0x80 [ 900.513026][ T31] ? schedule+0x2d7/0x3a0 [ 900.518580][ T31] schedule+0xe7/0x3a0 [ 900.522690][ T31] schedule_preempt_disabled+0x13/0x30 [ 900.528219][ T31] __mutex_lock+0xc69/0x1ca0 [ 900.532859][ T31] ? devlink_health_report+0x6b4/0xaa0 [ 900.544375][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 900.553198][ T31] ? devlink_recover_notify.constprop.0+0x200/0x670 [ 900.559950][ T31] ? devlink_health_report+0x6b4/0xaa0 [ 900.565482][ T31] devlink_health_report+0x6b4/0xaa0 [ 900.570927][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 900.576879][ T31] ? _copy_from_user+0x59/0xd0 [ 900.582472][ T31] nsim_dev_health_break_write+0x166/0x210 [ 900.589462][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 900.597990][ T31] full_proxy_write+0x131/0x1a0 [ 900.604599][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 900.612408][ T31] vfs_write+0x2a0/0x11d0 [ 900.617159][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 900.622799][ T31] ? __pfx_vfs_write+0x10/0x10 [ 900.629294][ T31] ? __fget_files+0x20e/0x3c0 [ 900.634035][ T31] ksys_write+0x12a/0x250 [ 900.639208][ T31] ? __pfx_ksys_write+0x10/0x10 [ 900.644586][ T31] do_syscall_64+0xcd/0xf80 [ 900.655981][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.662181][ T31] RIP: 0033:0x7fe64858f7c9 [ 900.667175][ T31] RSP: 002b:00007fe6493fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 900.676509][ T31] RAX: ffffffffffffffda RBX: 00007fe6487e5fa0 RCX: 00007fe64858f7c9 [ 900.684713][ T31] RDX: 0000000000000006 RSI: 0000200000005900 RDI: 0000000000000004 [ 900.695439][ T31] RBP: 00007fe648613f91 R08: 0000000000000000 R09: 0000000000000000 [ 900.704860][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 900.712981][ T31] R13: 00007fe6487e6038 R14: 00007fe6487e5fa0 R15: 00007ffffb0ff328 [ 900.721598][ T31] [ 900.724993][ T31] [ 900.724993][ T31] Showing all locks held in the system: [ 900.734296][ T31] 1 lock held by ksoftirqd/1/23: [ 900.740226][ T31] #0: ffff8880b843add8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 900.750355][ T31] 1 lock held by khungtaskd/31: [ 900.755479][ T31] #0: ffffffff8e3c9520 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 900.765473][ T31] 1 lock held by klogd/5192: [ 900.785253][ T31] #0: ffff8880b843add8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 900.797843][ T31] 2 locks held by getty/5597: [ 900.802548][ T31] #0: ffff88803593a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 900.814041][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x1510 [ 900.824756][ T31] 2 locks held by kworker/u8:22/6454: [ 900.830782][ T31] #0: ffff888144eb0948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 [ 900.842255][ T31] #1: ffffc9000b827c90 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 [ 900.854575][ T31] 6 locks held by kworker/u8:30/12789: [ 900.860206][ T31] #0: ffff88801badf148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20 [ 900.870661][ T31] #1: ffffc90019137c90 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20 [ 900.880733][ T31] #2: ffffffff9012e9d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x830 [ 900.890806][ T31] #3: ffff888028c580e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0 [ 900.902041][ T31] #4: ffff888045203250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x136/0x2b0 [ 900.913967][ T31] #5: ffff88805a5f4b58 (&sb->s_type->i_mutex_key#9/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 [ 900.927176][ T31] 3 locks held by syz.4.2960/17579: [ 900.932386][ T31] #0: ffff888026b4f278 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 900.942210][ T31] #1: ffff8881416f0420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 900.952076][ T31] #2: ffff888045203250 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_health_report+0x6b4/0xaa0 [ 900.963695][ T31] 2 locks held by syz.0.3365/19185: [ 900.971847][ T31] #0: ffff8881416f0420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x183a/0x3140 [ 900.981381][ T31] #1: ffff88805a5f4b58 (&sb->s_type->i_mutex_key#17){++++}-{4:4}, at: path_openat+0x1248/0x3140 [ 900.992135][ T31] [ 900.994477][ T31] ============================================= [ 900.994477][ T31] [ 901.005252][ T31] NMI backtrace for cpu 0 [ 901.005269][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 901.005292][ T31] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 901.005297][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 901.005307][ T31] Call Trace: [ 901.005312][ T31] [ 901.005318][ T31] dump_stack_lvl+0x116/0x1f0 [ 901.005344][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 901.005361][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 901.005378][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 901.005396][ T31] sys_info+0x133/0x180 [ 901.005409][ T31] watchdog+0xe66/0x1180 [ 901.005434][ T31] ? rcu_is_watching+0x12/0xc0 [ 901.005454][ T31] ? __pfx_watchdog+0x10/0x10 [ 901.005479][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 901.005502][ T31] ? __kthread_parkme+0x19e/0x250 [ 901.005523][ T31] ? __pfx_watchdog+0x10/0x10 [ 901.005543][ T31] kthread+0x3c5/0x780 [ 901.005558][ T31] ? __pfx_kthread+0x10/0x10 [ 901.005573][ T31] ? rcu_is_watching+0x12/0xc0 [ 901.005603][ T31] ? __pfx_kthread+0x10/0x10 [ 901.005636][ T31] ret_from_fork+0x983/0xb10 [ 901.005662][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 901.005692][ T31] ? __switch_to+0x7af/0x10d0 [ 901.005724][ T31] ? __pfx_kthread+0x10/0x10 [ 901.005749][ T31] ret_from_fork_asm+0x1a/0x30 [ 901.005800][ T31] [ 901.142925][ T31] Sending NMI from CPU 0 to CPUs 1: [ 901.150303][ C1] NMI backtrace for cpu 1 [ 901.150328][ C1] CPU: 1 UID: 0 PID: 19141 Comm: kworker/u8:3 Tainted: G U L syzkaller #0 PREEMPT(full) [ 901.150368][ C1] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 901.150378][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 901.150395][ C1] Workqueue: krdsd rds_connect_worker [ 901.150426][ C1] RIP: 0010:ref_tracker_free+0x83/0x830 [ 901.150457][ C1] Code: f3 65 48 8b 05 d6 51 d3 0e 48 89 84 24 e8 00 00 00 31 c0 e8 af 7c df fc 31 c0 b9 10 00 00 00 4c 8d 6c 24 30 4c 89 ef f3 48 ab <48> 8d 7d 4c 48 89 f8 48 89 fa 48 c1 e8 03 83 e2 07 42 0f b6 04 30 [ 901.150481][ C1] RSP: 0018:ffffc900031278a0 EFLAGS: 00000246 [ 901.150501][ C1] RAX: 0000000000000000 RBX: ffff88807b4fb818 RCX: 0000000000000000 [ 901.150518][ C1] RDX: ffff8880930d1e80 RSI: ffffffff84deee41 RDI: ffffc90003127950 [ 901.150536][ C1] RBP: ffff88803209a850 R08: 0000000000000001 R09: 0000000000000000 [ 901.150552][ C1] R10: 0000000000000000 R11: ffff8880930d29b0 R12: 1ffff92000624f16 [ 901.150569][ C1] R13: ffffc900031278d0 R14: dffffc0000000000 R15: ffff88803209a738 [ 901.150587][ C1] FS: 0000000000000000(0000) GS:ffff8881249fc000(0000) knlGS:0000000000000000 [ 901.150611][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 901.150628][ C1] CR2: 00007f9178bb6ad8 CR3: 00000000761ac000 CR4: 00000000003526f0 [ 901.150645][ C1] Call Trace: [ 901.150653][ C1] [ 901.150665][ C1] ? __pfx_ref_tracker_free+0x10/0x10 [ 901.150706][ C1] sk_net_refcnt_upgrade+0x9c/0x350 [ 901.150736][ C1] rds_tcp_tune+0x2bb/0x910 [ 901.150768][ C1] ? __pfx_rds_tcp_tune+0x10/0x10 [ 901.150800][ C1] ? __sock_create+0xa3/0x8a0 [ 901.150846][ C1] rds_tcp_conn_path_connect+0x305/0x7f0 [ 901.150882][ C1] ? __pfx_rds_tcp_conn_path_connect+0x10/0x10 [ 901.150915][ C1] ? try_to_wake_up+0x160/0x1860 [ 901.150947][ C1] ? debug_object_deactivate+0x1ec/0x3a0 [ 901.150993][ C1] rds_connect_worker+0x1af/0x2c0 [ 901.151023][ C1] process_one_work+0x9ba/0x1b20 [ 901.151056][ C1] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 901.151082][ C1] ? __pfx_process_one_work+0x10/0x10 [ 901.151114][ C1] ? assign_work+0x1a0/0x250 [ 901.151140][ C1] worker_thread+0x6c8/0xf10 [ 901.151171][ C1] ? __kthread_parkme+0x19e/0x250 [ 901.151206][ C1] ? __pfx_worker_thread+0x10/0x10 [ 901.151232][ C1] kthread+0x3c5/0x780 [ 901.151256][ C1] ? __pfx_kthread+0x10/0x10 [ 901.151281][ C1] ? rcu_is_watching+0x12/0xc0 [ 901.151314][ C1] ? __pfx_kthread+0x10/0x10 [ 901.151338][ C1] ret_from_fork+0x983/0xb10 [ 901.151363][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 901.151390][ C1] ? __switch_to+0x7af/0x10d0 [ 901.151421][ C1] ? __pfx_kthread+0x10/0x10 [ 901.151445][ C1] ret_from_fork_asm+0x1a/0x30 [ 901.151489][ C1] [ 901.428139][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 901.435011][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 901.445776][ T31] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 901.450969][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 901.461020][ T31] Call Trace: [ 901.464295][ T31] [ 901.467224][ T31] dump_stack_lvl+0x3d/0x1f0 [ 901.471833][ T31] vpanic+0x640/0x6f0 [ 901.475811][ T31] panic+0xca/0xd0 [ 901.479610][ T31] ? __pfx_panic+0x10/0x10 [ 901.484028][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 901.490009][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 901.496194][ T31] ? nmi_trigger_cpumask_backtrace+0x2be/0x300 [ 901.502363][ T31] ? watchdog+0xe83/0x1180 [ 901.506796][ T31] ? watchdog+0xe76/0x1180 [ 901.511226][ T31] watchdog+0xe94/0x1180 [ 901.515489][ T31] ? rcu_is_watching+0x12/0xc0 [ 901.520283][ T31] ? __pfx_watchdog+0x10/0x10 [ 901.524974][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 901.530189][ T31] ? __kthread_parkme+0x19e/0x250 [ 901.535232][ T31] ? __pfx_watchdog+0x10/0x10 [ 901.539925][ T31] kthread+0x3c5/0x780 [ 901.544005][ T31] ? __pfx_kthread+0x10/0x10 [ 901.548603][ T31] ? rcu_is_watching+0x12/0xc0 [ 901.553386][ T31] ? __pfx_kthread+0x10/0x10 [ 901.557984][ T31] ret_from_fork+0x983/0xb10 [ 901.562583][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 901.567706][ T31] ? __switch_to+0x7af/0x10d0 [ 901.572396][ T31] ? __pfx_kthread+0x10/0x10 [ 901.577079][ T31] ret_from_fork_asm+0x1a/0x30 [ 901.581873][ T31] [ 901.585239][ T31] Kernel Offset: disabled [ 901.589552][ T31] Rebooting in 86400 seconds..