last executing test programs: 14m44.292672775s ago: executing program 1 (id=429): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = memfd_create$auto(0x0, 0x16) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/error_log\x00', 0xb01, 0x0) r1 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000040), 0x600000, 0x0) ioctl$auto_I2C_RETRIES(r0, 0x701, &(0x7f0000000140)="30d5f4ee1085cbfca4f86709c8c19c30248a27fdc1ca4d260ef1655a6462a1439dd10e28fa1f11fd8d97a9664c5a91097194cf041a7158c086ab01ff9216ff4b50a30ddf8b3765c706ce88071941054b07da9851f8022edb849a11") io_uring_register$auto_IORING_REGISTER_FILE_ALLOC_RANGE(r1, 0x19, &(0x7f0000000080)="bd3de792f435b4d9516579a79142410d757431bec2632eb67948afe0b30b2d400f8b3bf1507f0d7fd6efd4f3b37ce0699e2667712e855bfb7148d03c5e9c585e999443093d43a8c3b5424af944c41413f504325a3c653778fa69426f211dff82364058f80dd4e9a95eceff6b764fec02ab05e9232fea3f6be35323eac9729fab4726d86be9f3df446d1c750dfe27b32081355868ebe3ed7fa1fe7672a2bacbaeb4ffc4e05f5f71b1193d40269922c2cd95e90803ee446fd82e273c", 0x4) 14m44.032500562s ago: executing program 1 (id=432): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.15/usb39/speed\x00', 0x10502, 0x0) r0 = open(0x0, 0x5c5082, 0x18d) open_by_handle_at$auto(r0, &(0x7f0000000140)={0x8, 0x30001, "b190a905237d4b53"}, 0x42) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000100)={0x20041, 0x9, 0x2}, 0xfdb1) socket(0x1d, 0xa, 0xff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000001c0)='/dev/a\x87dio1\x00;\xf3\x86\xa9/\xd1\xd1A', 0x100000a3dd) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x540, 0x0) pread64$auto(r2, &(0x7f0000004380)='^{\x00', 0x3ff, 0x4c0) mmap$auto(0x0, 0x9437, 0x4d95, 0x16, 0x2, 0x8003) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="28010000", @ANYRES16=r3, @ANYBLOB="01002cbd7000fbdbdf2503000000040008000c01018008011080ed0008801a32852f45a376942dc7d4431eff63ccfade561f18b459670da0b50d7f97d4ce66e60773cad6c927f3ae77d0385a34db07e9d35fb98c4e613fcd7293f6c644cd5bb14f384cc354c70538d1f0ccc8bd5d43674122405c1c98ff588debece4e0f99d3073a43079596a443c05dc5877028c4f89c89bbab118d3713a2ab5a57ea1d564306d7517ab12b1bf7b779399a9560c7143f5b93dc2ca8f0c0f6afaaea5667ffe1546f7364b0cb17f6f2544678fafcea6722f98f50edc22869279e2a6a26707c22f734d7ea7700aa561cb398658c61f3b189983ea4332fe38631e380d8a0484ac60fe5601b8f02dbf1f280fe78d3edbf114ef4a9cac77073c3008f56ce7aaf204000800"], 0x128}, 0x1, 0x0, 0x0, 0x24040071}, 0x800) set_mempolicy$auto(0x4006, &(0x7f0000000080)=0x5, 0x21) unshare$auto(0x40000080) socket(0x25, 0xb, 0x0) r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r5, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0xffffffffffffff95}) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, 0x0) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) socket$nl_generic(0x10, 0x3, 0x10) ioperm$auto(0x2, 0xfffffffffffffffe, 0x3348b8a6) mmap$auto(0x0, 0x128009, 0x7, 0xeb1, r1, 0x20000008000) 14m42.481491527s ago: executing program 1 (id=438): syz_open_procfs$namespace(0x0, 0x0) (async) r0 = syz_open_procfs$namespace(0x0, 0x0) fcntl$auto(r0, 0x402, 0xffffffffffffffff) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0) (async) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x2, 0x0) getpid() openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x8c80, 0x0) (async) r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x8c80, 0x0) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000100)=""/237, 0xed) (async) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000100)=""/237, 0xed) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0x40df, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0xfffffffffffffe01, 0x6, 0x4000000000de, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sysfs$auto(0x2, 0xf, 0x0) r4 = fsopen$auto(0x0, 0x7) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) getsockopt$auto_SO_DEBUG(0xffffffffffffffff, 0x4, 0x1, 0x0, 0x0) (async) getsockopt$auto_SO_DEBUG(0xffffffffffffffff, 0x4, 0x1, 0x0, 0x0) r5 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x2140, 0x0) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f00000002c0), 0x8040, 0x0) (async) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f00000002c0), 0x8040, 0x0) r6 = epoll_create$auto(0x8) epoll_ctl$auto(r6, 0x1, 0x8000000000000000, 0x0) epoll_ctl$auto_EPOLL_CTL_DEL(r3, 0x2, r3, &(0x7f0000000080)={0x80000000, 0x4465}) bpf$auto(0x0, &(0x7f00000003c0)=@task_fd_query={0x5, r5, 0x454f, 0x5f, 0x0, 0x0, r5, 0x80000001}, 0x6d4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) 14m41.446691565s ago: executing program 1 (id=443): mremap$auto(0x110c230000, 0x7, 0x101, 0x3, 0x862) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000038, 0x0) r1 = fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/lru_gen/enabled\x00', 0x80b02, 0x0) sendfile$auto(r4, r4, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) add_key$auto(&(0x7f0000000740)='thermal\x00', &(0x7f0000000780)=']{^#.*[:-\x00', &(0x7f0000001200)="2255092788c0628691b816a6a85df6dc3c6cc100fedf414016d4350b4e9f409b76b513ae6f252ac443e9441497ab9a841ef93c0040fac7f05a271bf33710483257931899c53d71f22b9addba159dab7f92b14a389c88878d0d9dbc169d4cde26662700249c5c8a6db58d1d47d895f3575976acffb33b5fff92b61b3ac7fa2eb80d7bd010e6fd06a2f293237e9d69181aca36b24fe31bca2085cb4bd54202d5a6ed580ba60bc29ce552c850142476fef8a2c2b5abdfc15453e16781e56f9376693cfa46ed64527a9c432a724eadbb9efad51fbf1ecfb91090ed47f792c7d187d8842c5c81bcb1a78ba36b5266b3fc6de9952f6ca1e004a1a2b9d554d93198a8803094c93b0772835964ec7f55124d5061d26f3a7cadf4be2220d260476194fcf0ef08eecdd9b8ce45cc5ef3cec0095182d2def48652e389ba436890a0ef2eaea33071679915f6ef5c02dfbbf991e0d8c86b813d13fae66ad1e9072879011cce8342a40eb3a5870b1669d024e348eb522fa18c18a414e8d32420664eb28212e55ce4faff8db75f4a9fb4af4cbc144951e4cbf3cac5e8e705e500937eff8700a00a2345ed849b1bc16c073231e20ddcb97a775945b0934a9dc7781a6eb32000b98e188a5d7b07bad47fa19965fc882936ad3ae77286ce86d80375634e0d80dc890b25e16e235faddfef3c73ccf74dd7bffbaa6c283ca65e6d6b42bd794eb97a65c1a9d373a47021bb5fbea4c59f349050f5757dacfaec2b601f12d2d85f3d12c1e1d633531be633a12c558a4e2cd39f2c323b684c5286758872e188dc70e4c0667eedefcec49d03ab484b5e5fdc2a635f3dfa3dc5031e4f9292c38ac3fbb51881fb1d74a8c5d45d6dfc8affaed1d6f7f80af003a50d93e7c821ea9edc72828886c8e4b43b87ca3fac170d657ae55d1c96035620fa40887e4fa4c6cfa284cc5c7ca978e38c8f0259da3180de4d939c337f33bb6d7d8a0d22a9cf0ac448ce2feb021fa1777de20c1eb852559661464814571204c58a10b667ba6735bdd42df7b7e143280af85984d528cb9799e1eb7798f75342d831523e2ace65bb87480ef9237ead54b51233fe4243bf3492d19ec5b77308845e7e5266c4759cc6408a3432abfa8df0bc6b104d66c7a4498520851adc0d9600965222d5f7c48f744d1d16fe5b78b05e98e909042e012cde33ee8f6c52aafcad5a91afc83fa6641da0389175d3e38fd1c379cd75a1a9f67e43e0d549057a536a57f156b9937f8dceea460f65d3e7e713ded17ec5622c9480de6d9d7cd30a58a7d93b8e6b53f9ef7f9e066a140cc0c774bdba103677da528482c93464a424e72ab5f787766d2bc339a9574eaf6ab7c2d7ca212311183812a02ea790b9811ba4acb91c92cbe042d8b9a448e3592d713c0d0353416f00066e168279e876499bad36f2d0e0418abb285f159869ec17a31a99305ccc6d0096d597ec6a55ebb39df5079965a67e9c0abcdaa246f29e7e468c92e1da860d3a4417352c3d125d6858357563433996266a3d079792a162a3e832786fb9b2d0b5e6000241456beebe56221d86d59067719a43e95782a70ad11353cf20fe02d1849f6409e23f6d22c6c9590d7dbd65f8d6c0bcc857a21de80ae65086be73d78a5bbfd5181c171aaf9105234f603058f34ed40d1c5c4e525de252f848769dd992169c444edf7a30cd7349ba043ac1d85fc8099edc477e7e4ce5a0425cd37bcbe4e469b5c2e77a2e46a875a7c67cd8b40ad93a23b17da12a19404aff59e741e7d177f7503e348aa600ef31c75c0744dbbfbfa5cc3eb8074545f3f21490c382d33a1bbb3c06ada8349d6c4a5f8716ba6aef17d0a099e0ba9941eed23e6d857c72c436ee60523be98e06f6904a521cf190edc7a179d4095934c93fac81406dbcc80fbff101d6e9830a3a59f72a0ba9c1f8dc9f1aa2874b4f3e8e6c6cabd82fb9d3d2ab31ced6bbf6475f7dd998b24e7364c7472066a4931771181d53b915788d0bccc07a0941e9ddbdfaf5a1e6e7d9e148cf4eea342236331575274263bc39693586f47ab2410becbba407deff52da266618387bbae58770f004b0031b7d7d08367a09be88e2bc1dc784c6390a994d29355e6472379f09f7df012e8f888697fa9d17376eba021e1a1dfe2499f1d99475ad3bcb6776ee449e9eb3c0b7a68517177a529a11294f07ed6bea6ada1cca874af94065dff4e55efb589f542f2229a83acc82282970cf4171741b5c927ef88a174752070fa8049b1f42bc78329d4ea55e6191f435b8fc4ef2d07d65ece274104dfe52cae750166f537021dd73905b68762ff97374b28ef1a13bf22b6273453dd5386fdd670c701cad95c5a50a6c798cd5809f0b5e5692e1a674da7153c81c59b2243136fd82a1d48a3f61e2281956a08bb1fdb64eec7567a121d3cc4a5fe992c9d0a62038640ac3b2f68db85aae2051dcf8eab79c849d24f493b6cd0a10983be2000d3bc587df84da05d26a17bfc80c24b3901e398a54b624a7710652dfe8b7efeeecec458a1750707700501ce267766d07c3d70fb65569756b12fd7abbe146f077435c39ee71cd8639518bac36ef45532eddaa1aa2dc608c420014fcf59e015d45a6bc4bdaed716b8ab4655ceb663a71e9bf4a574edc8f421f32ed3f8fa592801e2036c17471039337c46f7a7ca6f7e3881a0e06eefdbfa4f0dd6c3cfba716d26546c9140e92488ae229c46acff9c1b09a6f5e3eba485aabb48b56f05c896b1cc34741853360ec1670b386f39335d922c1e32337d46b25dec599590d34c3179968511858d537c4a6308e4077228ea3659c7cd8ef0f1f010a127467500dfd94b6a33f0b1d4018b4960db0098620892646afc087450770bd42d4fb7351fe99aa54f4027b535cc187cc9acfb3690f1952ec76e3679f8695040c157fdf506fbc8edd853f3f92f43dc6597a1c1519f739e97d6a8001e41baa8e940a008a954583197ab2924fe1baacd4408d71909d838d999f747c14774df9078e69ae4d57357fdce7adb427c146937b2df6e0e993c4a6bc0cd2b93260107b5e6f7ea29e8c4404f0f124edf903ec4cf91844440d8e66a4e2e2548d6f39e34f03bda63ebb43635a110902a17e074356679c682cbef33e01e8ccaeb77df9818153bd93d6a06967a383d8758ccb734e44be95ffa20de9689c394792dbc5cae6c7d900985cf0b3bc6064dbd57ae3e45f2ccd96cfb87fd4c999d21456af9e61b022bf29707e03d2a3793b4b77e5be0ae7dbfbfda3b7248da79f245b52aa5068c8c462a9a066191353a1e32293961bcbaa4948fb99cdda8e70c19886c73ddcc42f19315910472726b1321ce98aa64689c4a085946675184a5e52a8cd0bd1ccda3671d07bb194c370863a7c878b61c19e8f9e697f8fb9cb2fbfacede4ab84c4dd16b009e740f45aa5740b9734502ff220d1dd0298c0094ed57b8a571fcece089be04cd93c195841022d6701278811d94a2754ba8e710b9ba7aa9dcbfac84df9cde3d29987ce566b4d99d08106ede478f26a84158a8102501c0f5f870bf28392ba710de8af736cde08917e6e9e8d5bf0d45d2f51bb295dc6c0ad7e10fe4a34b99e2dbad7812225a8db5d34b6955c9734d1c29c3830dcf67197087d9bfd2f9a1d92750cb9c096fcc45950bf388cad6a0226a08d6b9237e0de3ca1f607809e6c852bebab545b6f001de78b04783cc6d35b1ddce4af3e0a1ace47afd879cbaa12eb4df981e35a8fdac616e308a79ccf8724289bbe3d6a4a64fdd38ad827f26bf300483493aa7fff6e0a3bec4d897224ea17b91add098304550d52df5e8802b551130ecb60710c984b9f9459950509b21eb0c247b48c66adaaf6c48fc70776a49c8927442ee3233dbf62d027878578afef0e3f605e009067b8ea30f456dd54bf2045896ec9f4942c208e9520ff50abf9ec877e066b262cf480fb44ac7361c32cfd95d32361ecf8fae5a12a1abe8713a0c93bfcf5945640aee019e6dc4501644dda91b653155acc067c5fd93b8c55108afa0e6bd634a1b962a3e62df58906cb677235e9ed798d03ee27949b9c06d2ddfa8251e557b8412313efd4e6815e19ceec64340c3f9c0d1fbd0eec71c1eb23f1b1691cd229f57e8711b4676eb60864f94720efecedfe67ddd1647750746dfbbb8986beaa927c8e444cdafd7bfd85d351b000ae46d24c371aca2b7cbf85fb4813a8fbdbd7af51f4d881b196fee6026210da7ef9e63318303dfa711a7cff0c4f93d7663b18c5aeae73dd08ef217d146b31fd74cd25ef69464084c25d5f3c8b8a2d83b24017667061b49e7bf50a1f781f1f7a028767cbdfa83f85358328acae9aead50548bc28ddef5e03958c4cc8e5b94f6099961fce8e1c25971a2eb2b75e4cee49c6ccfb3a68a0dbcf56996f38c39847941cb48079bfe3152541ac77ac64289426574692183f34b661b5e74119ad051d12b3217ea02f3a6449bbca321b37f375652036f6a978cce9162fa6f5ee5de9528ccefc92dfe2b51584d60db72eef9411644946907958919ebdafa019477bed9a270fb2aa55e6d7fe4569c1887f75c29a240c1d8b2b828b423498722b97fec7f2259449d45993ab84b248c879078e9e3198fea795a471837ba2f845a45526ffba86d8ae70ac702dade2e744dc6f07868f1c152de702f9ec4a9592143cbdc58d3f7f97c10c77d87cfa003e0f4f9f2481d13d2ac4cf1c574656e97bf912efb4243e875f2c8cea0c012c1e6665b3d34d5e693f6fd8f67ece1f84dd814a220895b30c0e8e4f3ac42ffcccfb5eebba6f896e91331b9bbbec9fecd795218659eb0e285491bb2b6af305372e9c03e00100a0c1a5e64db01613f66fe84463a1a7781c9b4150f6d6890c0344d2667609e181436e734d9b39d3c6819c17b96a04034134bafc8499323409065b80c6514a3d201959e81c78f50962970aeaed1a5042e69943aefe59185d2838a24950210a3317bbef785c416772c9d81abd3819b67e826c88e55287eb94940c4e54df1a49b91250e18841458240ec3ab47987df6241614358378fca5c00343a13b7751151993805d8363b5a6f715e6bb0feab963cf65102355c503710f8e84c9541c804f8f91f3e47fca5c377f23a997fdf350e88e2c73e7f5cdd0c94c860c40ea3473be087ae93c237bf4fa6b5aa26e39b48f1680b328ea8e993bb82669a94df710d1849330785f8fd59d9775448e2643bc3284fa8e7b9f0223f7d6d7ea52f1c060273165806c40be4071cf211f2acde132900e542a4198b0290021bb392aa96c25966e2b16769c8e054cb2c4b733ebdbd36ae9363ea26366b9b3ef795389dfc53a5b74c6c7ada0fa9ce3550c1d6f422b978f616f990010e7c4658d346557fed9e9446d1e46d167eec2f981764ec25ab0b037f349035ffea0998f3efd827c439fae24967e2b723dd7d44ad568783bf7c474fe73de998fff8fdca852fc80409ef624673104484f034cd5bf7cdb5696bc737390da84d1f1ef9ced453332462674761c779eaf7ea4ecd9b710bf497c24c0ea4365b789e4c3bd342ce805c1d8e2720e4d957400830b45fe613588b9fbee1ebc8ed072b39e72bc47f5c86666261490f82a129dc22f646222f911874eb4dc4b4fa884d951fedb9d11a735657b740ef79da7115ba54cb13abbf1e2cbd08527e822be3dfbfcdbf8fbd5a9c80361f50ab6c59c016af9304accc1db94b540a8ca88541b7475fc588151b5f9fa5be5cc51ac7892f82d8973dfe745c17802b9ac7f197a709984912192712038662cd216b48a5715d4dbd55aa8fe707828efc527031af2614338c4e7c", 0x8000000000000000, 0x6) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, &(0x7f0000000040)={0x80, 0x0, [{0x1, 0x0, 0x100}]}) ioctl$auto(0x3, 0xae41, r0) remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop12\x00', 0x6600, 0x0) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ADD_LINK(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)={0x354, r7, 0x20, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_IE_RIC={0x2ce, 0xb2, "0b520c89790ca344b1109cd514c76eb0b0abd73a969b17f828b2f2376d53265fda01a1e34b2ff530f3b3243ff96c34b078e5311cbfbcbfaefbf6f54ba54c6ffee0af3a4d9167d6b54e029c69eca713e3f8e592f4746ae2c40f293a3fa4cfe4a9074ce791e3ed927c0c145598d29f064f11b4fd0911c686d0166a02c409135c1a282fd0b4d134039f50712268585239c2a8743a00a5c27fe5187f6852396347073cf221391e159c28f991b28e54dcaf0afe6951580edfa017405ebea3006b422bbc141e7a0122da9f9686d79c68a4e4e39ebac22266a6f173667a25ccb2a8d8fbe19b4657d162b4f438f20fa2898d38bd35dc4f11f0d1dc493dc0ec0fe917792f35b4d9406bf33934e8f6dcd91af6e254065957ca78c0ecaa6085ddaeb6fdd986ce3aac75c8065910872accf6acaae4c705b7d21b2edb6f36a8b59c28b004cb52875b8a50c81550aaef766f74389cc0fd85d85d0abb061d801289a353a093993c909b0bd357b8d72a137b09f5729249bade34df92acea670c1c7eec4a07a4ee17a44d78f8e7ddb48b3a6c096b2e2ff9b35032a1ca11c5c8e4efae2bceef4088a63b8d5515a83a5a1ac526caee41d664be61cc95e1536ef0b531abc01882f24d38a146ab3b92c5e97937fa05ce1b296ed5c8464545a891e9fdd40542374b5081342bf9d9869c256b2de94d12be8270189c98a6a2c61ad167fd982f96fbf6ff417073cf3b255b83ac97526577e2acc316b49830355d7c4aa17b29e78890a50d535b019cd3a52d98998b4c61002d2624e6aed1765dabdfe7f85ad5d0fddec5026564581fca1ac2afd50b94fdeea275d45694455848c7780e4e716398887e813a78cb4f9162d7175f4ace90ae5fb71a0e444ae767d6a16f6eb000dd05b3764899f124bb7f182bc1a11b5bbf41bde5b63b5467fcd66938b4a68baf8230b8afb79d2ed9628a7f3232e77b16e68c1718750324808bcd82c97f8bfe6944ff656ebd25806c0b495d78cee5ebfdca87"}, @NL80211_ATTR_S1G_CAPABILITY_MASK={0x63, 0x129, "ec9f4fbd021996ffe339bf0fe27743960498fa167aab30396ef66d9a8984122aa965fa7f481b0a84ad51a04b21ca78548eb9dfc0dcb6f9608e4bbdebd8a60a3fd9c4284a04fb9aecf61108784deeefd3c8b6aa367f57ea38010083f03489f0"}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_MESH_PEER_AID={0x6}]}, 0x354}, 0x1, 0x0, 0x0, 0x40000}, 0x80) r8 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000580), r1) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(r2, &(0x7f0000000700)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xd0, r8, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@THERMAL_GENL_ATTR_CDEV_NAME={0x14, 0x12, 'veth0_vlan\x00'}, @THERMAL_GENL_ATTR_TZ_TEMP={0x8, 0x3, 0x6}, @THERMAL_GENL_ATTR_TZ_TEMP={0x8, 0x3, 0x3}, @THERMAL_GENL_ATTR_TZ_GOV={0x73, 0xc, 0x0, 0x1, [@typed={0x8, 0x59, 0x0, 0x0, @uid=0xee01}, @typed={0x4, 0x145}, @generic="b612e54ef4d80007df5ea1eadb096336f1087bb6d14b38a6a1e6ac6597379ab6a5d06beda4ed3fdb2b93c8a5630cdb428f20e89ac55cdb122b4eb8fe7aa2b9a336d0aa7840e1228688d920249a322fcd6c2b0c4f6340de", @typed={0xc, 0x28, 0x0, 0x0, @u64=0x7}]}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_ID={0x8, 0x15, 0x80010}, @THERMAL_GENL_ATTR_TZ_NAME={0x10, 0xa, '/dev/loop12\x00'}, @THERMAL_GENL_ATTR_CDEV={0xc, 0xe, 0x0, 0x1, [@typed={0x8, 0x124, 0x0, 0x0, @fd=r5}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x40000}, 0x20040000) ioctl$auto_BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000100)={"8d658a4ef528c664a1187f8adf635965a646688ae8b9010754859680b1723f82", 0x61f5, 0x1, 0xffffffff, 0x10000, 0x51b, 0xffffffffffffffff}) 14m40.394941583s ago: executing program 1 (id=445): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ptyqf/dev\x00', 0x780242, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x1a1b42, 0x130) r3 = open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) mmap$auto(0x0, 0x1, 0xfd5, 0x12, r3, 0x0) mmap$auto(0x9, 0x1ff, 0x4, 0x14, 0x3, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) set_mempolicy$auto(0x5, &(0x7f0000000400)=0xfffffffffffffffd, 0x3b) pipe$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) write$auto(r2, 0x0, 0x800085) r4 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0) ioctl$auto_RNDADDENTROPY(r4, 0x40085203, 0x0) r5 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x402, 0x0) read$auto_dai_list_fops_(r5, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x8080, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/fail-nth\x00', 0x282082, 0x0) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x7) socket(0xa, 0x5, 0x84) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r1, 0x7cb, 0x0) 14m39.803552163s ago: executing program 1 (id=451): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x40802, 0x0) read$auto(r0, 0x0, 0x4) mmap$auto(0x20000, 0x7, 0x3, 0xeb0, 0xffffffffffffffff, 0xfffffffd) madvise$auto(0x2f1, 0xc, 0x10000017) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) r2 = socket(0xf, 0x1, 0x8) write$auto_proc_mem_operations_base(r1, &(0x7f0000000080)="0a7635ed9cdf21aeed778d7d337bc4cd6792522feb0752ed4745cd8d5f7625", 0x1f) mmap$auto(0x0, 0x80000001, 0x803ff, 0x40eb1, r0, 0x300000000000) socket(0xa, 0x4, 0x3b) mmap$auto(0x4, 0x40000b, 0x7, 0x9b72, 0x2, 0x108000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x800, 0x8, 0x0, 0x0, 0x80000001) futex$auto(0x0, 0x1, 0x40000006, 0x0, 0x0, 0x80000001) r3 = prctl$auto(0x10000007, 0x100, 0x0, 0x2, 0x0) recvmmsg$auto(r2, 0x0, 0x10000, 0x9, 0x0) mmap$auto(0x2, 0x202000a, 0x5, 0x2000000eb1, 0xfffffffffffffffa, 0x10001) sysfs$auto(0x2, 0x4c, 0x0) r4 = fsopen$auto(0x0, 0x1) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = getegid() read$auto_transactions_fops_(0xffffffffffffffff, &(0x7f0000000180), 0x0) setfsgid$auto(r6) fsconfig$auto(r5, 0xfffffff8, 0x0, 0x0, r6) sendmmsg$auto(r3, 0x0, 0x2009a6, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/downdelay\x00', 0x10b142, 0x0) sendfile$auto(r4, r7, 0x0, 0x800008) 14m24.291048983s ago: executing program 32 (id=451): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x40802, 0x0) read$auto(r0, 0x0, 0x4) mmap$auto(0x20000, 0x7, 0x3, 0xeb0, 0xffffffffffffffff, 0xfffffffd) madvise$auto(0x2f1, 0xc, 0x10000017) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) r2 = socket(0xf, 0x1, 0x8) write$auto_proc_mem_operations_base(r1, &(0x7f0000000080)="0a7635ed9cdf21aeed778d7d337bc4cd6792522feb0752ed4745cd8d5f7625", 0x1f) mmap$auto(0x0, 0x80000001, 0x803ff, 0x40eb1, r0, 0x300000000000) socket(0xa, 0x4, 0x3b) mmap$auto(0x4, 0x40000b, 0x7, 0x9b72, 0x2, 0x108000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x800, 0x8, 0x0, 0x0, 0x80000001) futex$auto(0x0, 0x1, 0x40000006, 0x0, 0x0, 0x80000001) r3 = prctl$auto(0x10000007, 0x100, 0x0, 0x2, 0x0) recvmmsg$auto(r2, 0x0, 0x10000, 0x9, 0x0) mmap$auto(0x2, 0x202000a, 0x5, 0x2000000eb1, 0xfffffffffffffffa, 0x10001) sysfs$auto(0x2, 0x4c, 0x0) r4 = fsopen$auto(0x0, 0x1) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = getegid() read$auto_transactions_fops_(0xffffffffffffffff, &(0x7f0000000180), 0x0) setfsgid$auto(r6) fsconfig$auto(r5, 0xfffffff8, 0x0, 0x0, r6) sendmmsg$auto(r3, 0x0, 0x2009a6, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/downdelay\x00', 0x10b142, 0x0) sendfile$auto(r4, r7, 0x0, 0x800008) 7m22.59175s ago: executing program 3 (id=2205): kexec_load$auto(0x8, 0x8, &(0x7f0000000300)={@buf=&(0x7f00000002c0)="3edf2cd778f3dfb939dff16550ffb45a1188a856d4b6d5ef260c6af7a59cb0114551f312cf16a3ae6e09b99b4f6fccc7c0", 0x4, 0x4, 0x9}, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0x101d00, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/netdevsim/unlink_device\x00', 0x10b081, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x89) shmctl$auto_SHM_UNLOCK(0x8, 0xc, 0x0) sysfs$auto(0x5, 0x10000000000002f, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x88502, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/neigh/wlan1/mcast_solicit\x00', 0xe6140, 0x0) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp1\x00', 0x84800, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(r5, &(0x7f0000000240)="71045fe4393806f43ee3d3c99fce77e61cd10263b88dafc12adbd02ac010d4a85521ed6bbd494e6e693f6924ddbb3c5c5ec5f593b9186a44a8c7090acb9e5e9b1ffe5dc6fcdbc3fa8130c34192601750e6a52a312334461d2226e4ebc96b1a57c6e90d29c29f04", 0x67) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r6, 0x40603d07, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) io_uring_register$auto_IORING_REGISTER_PERSONALITY(r0, 0x9, &(0x7f00000001c0)="7e9d22a2fb5b424c2be7a8bf6ac94877342774", 0x68) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000340)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002abd7000fcdbdf44000000050000000c0001800800010000000000000db09dd954530bc2bcc32f0e07fb68fad84e6bec73f01ac45dae848ac13bc4f207aeffd711f605400c12cfbd7d5d44f50400f6d497a318f520fd7caa61c4afdb31573cd5216793354b763750829b03a6f26e6c", @ANYRES32=r7, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) read$auto(r2, 0x0, 0x1ff) write$auto(r1, 0x0, 0x2) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/fs/jfs/TxAnchor\x00', 0x80000, 0x0) 7m22.381703186s ago: executing program 3 (id=2207): sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x810, r0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';') openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd14\x00', 0xe0040, 0x0) pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x91e4) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x20000001, 0x2, 0x3, 0x0) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r2, 0x7a0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r3, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x18ac1, 0x0) 7m20.126470629s ago: executing program 3 (id=2219): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vhci_hcd.14/usb37/bDeviceClass\x00', 0x80102, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) (async) fcntl$auto_F_GETOWN(r0, 0x9, 0xfffffffffffffffe) 7m19.918154987s ago: executing program 3 (id=2222): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000fcdbdf252100000008000300", @ANYRES32=r2], 0x28}}, 0x400c080) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r7 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000140), r5) sendmsg$auto_NET_SHAPER_CMD_GROUP(r5, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=r7, @ANYBLOB="040029bd7000fedbdf2524000000"], 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x20000010) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYRES16=r4, @ANYBLOB="01002dbd7100f97bf53b7200000408000300", @ANYRES32=r6], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) 7m19.275194757s ago: executing program 3 (id=2224): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) clone3$auto(&(0x7f0000000040)={0x43, 0x9, 0xa5e7, 0x10000, 0x1, 0x8000000000000002, 0x10, 0x8005, 0xfffffffffffffff8, 0x1ff, 0x5185}, 0x1) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VF\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xa2\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x7fffffffffffffff) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0) ioctl$auto_SNDCTL_DSP_GETBLKSIZE(r1, 0xc0045004, &(0x7f00000002c0)="49e521cbb02ff8b42fabc71ed383c99fec0800000000000000a7bc4ea922415bd2c09903c301a6d4e2b6c159a22d0223bf0249cdeeb438df6716857483a2dca058cc6093acbdc2a94d7c15692c19bb5ff8b03e143e20b669e462d0863b770aa0258071f28e15e447d0d54499bb320c6c2fb6978e49ac9330479fc703e2a535be4e2b223e247023d762844ee0548ebd2fecc2372c988981f6222c572d085eceba84d3c5ce30064ec72bf1360f239edd926dcf4812694023a977cd4f2a77cb8316a93feb9b3e66bc0cc1") mmap$auto(0x0, 0x2020009, 0x3, 0xebf, 0xfffffffffffffffa, 0x80000001) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0xfffffffffffffffe, 0x240007, 0x17) prctl$auto(0x800003b, 0x1, 0x0, 0x5, 0x100000000008007) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0000, 0x0) openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) mprotect$auto(0x200000000000, 0x806121, 0x4) r2 = socket(0x2, 0x1, 0x106) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r4) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\f\x00\x00', @ANYRES16=r5, @ANYBLOB="01002cbd7000fcdbdf25190000000c00018008000100", @ANYRES32=0x0, @ANYBLOB="0c00078008000100aa000000"], 0x2c}, 0x1, 0x0, 0x0, 0x802}, 0x4000000) mmap$auto(0x9ae, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) keyctl$auto(0xb, 0xffffffffffffffff, 0x6, 0x4, 0x7a) unshare$auto(0x40000080) 7m17.7333271s ago: executing program 3 (id=2233): sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='V'], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfffffffe, &(0x7f0000000100)={0x0, 0xfbe}, 0x8, 0x0, 0x80, 0x1}, 0x3}, 0x7fffffff, 0x6008) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) unshare$auto(0x40000080) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, 0x0, 0x24000080) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) setrlimit$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/geneve0/disable_policy\x00', 0x40180, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) write$auto(r1, 0x0, 0x5) bind$auto(0xffffffffffffffff, &(0x7f0000000140)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x38}}, 0x9) mmap$auto(0x0, 0x20014, 0x7, 0xeb1, 0x404, 0x472) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) socket(0x2, 0x80000, 0x0) 7m2.50757613s ago: executing program 33 (id=2233): sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='V'], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xfffffffe, &(0x7f0000000100)={0x0, 0xfbe}, 0x8, 0x0, 0x80, 0x1}, 0x3}, 0x7fffffff, 0x6008) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) unshare$auto(0x40000080) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, 0x0, 0x24000080) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) setrlimit$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/geneve0/disable_policy\x00', 0x40180, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) write$auto(r1, 0x0, 0x5) bind$auto(0xffffffffffffffff, &(0x7f0000000140)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x38}}, 0x9) mmap$auto(0x0, 0x20014, 0x7, 0xeb1, 0x404, 0x472) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) socket(0x2, 0x80000, 0x0) 4m24.375159686s ago: executing program 2 (id=2932): mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b48, 0x9) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000028c0), 0xa0001, 0x0) r2 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/inject\x00', 0x2, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) ioctl$auto_USB_RAW_IOCTL_EP_READ(r1, 0xc0085508, 0x0) io_uring_setup$auto(0x20000000, &(0x7f0000000180)={0x58000000, 0x6, 0x200, 0x9, 0x5b662f24, 0x9, r2, [0x5, 0xb26b, 0x2], {0x3, 0x6, 0xe00000, 0xfffffff9, 0x401, 0x8, 0x7, 0x8, 0x6}, {0x6, 0x9, 0xea2, 0x9, 0x6, 0x8, 0x80000000, 0xff, 0x5}}) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r3, 0x8, 0x0) r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r6, 0x0, 0x800003, 0x270) mlockall$auto(0x7) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x202, 0x0) ioctl$auto_SNAPSHOT_CREATE_IMAGE(0xffffffffffffffff, 0x40043311, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x800, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) pipe$auto(0x0) 4m23.047226071s ago: executing program 2 (id=2935): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x572, 0x400, 0x718c1257}]}) 4m21.896433877s ago: executing program 2 (id=2941): mmap$auto(0x0, 0x20009, 0x4000000000cf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x7c380, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) setsockopt$auto(0x4, 0x84, 0x6, 0xfffffffffffffffe, 0x0) r1 = open$auto(&(0x7f0000000100)='./file0\x00', 0x2, 0xd) open_by_handle_at$auto(r1, &(0x7f0000000080)={0x78, 0x1, "bb24ff4fd9437fd17633f777887858f2b74acfbe0bca0c8799a1271a91bb4da59a460c4c96e5ec82f95c935ea6c8fee8123836d16746ad3ec93eb7a3ab19b21ed8dd6ad0868ea4fcff4fbdfe86ecb0d28787646d2a022142dda7657d7b9cc33063958664cb7f48ecef70a0713e435242dcfc931bca4ab87c"}, 0x9) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, 0x0) 4m21.700359616s ago: executing program 2 (id=2943): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r1, &(0x7f0000000e80)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010029bd700002dcdf251f0000000500060009000000080003000b00000005000400e900000008000200f7000000180001801401020076657468305f7c6972745f7769666900"], 0x4c}, 0x1, 0x0, 0x0, 0x4004084}, 0x82) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x11, 0xa, 0x0, 0x8) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/msr/events/tsc\x00', 0x129000, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) (async, rerun: 32) r3 = fanotify_init$auto(0x65, 0x2) (rerun: 32) ioctl$auto_SG_NEXT_CMD_LEN(r3, 0x2283, &(0x7f0000000280)="aa7ee81f284fbcaf73d183de804861db5869b1e6eec26f5e0245658a9413eeb29d6cafa54d41cd4eeec46c1212084a723b9309d51cb92fa4a28fcdca4a3fea2608f1b4f668eeb6f3f83bfd9e297288eab870ffdd020688cf8afb85d9d0cd3d2f9f203886493399ca12abbcfce3863cfa21b10478feec2b180eea6c41f3d44de854275f587d8dace786c759b4b29718bd90346043b8c0da9988da4af22105069c345ccf643d08fdded260eeaf2bc9841009d4282549f32dc391278d277b61e46c06d8") (async, rerun: 64) pipe$auto(0x0) (rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0xa, 0x3, 0x100) (async) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x4) r6 = open(0x0, 0x261c2, 0x84) ioctl$auto_USBDEVFS_REAPURBNDELAY(r6, 0x4008550d, &(0x7f0000000000)=&(0x7f0000000400)="c2e77d5f411de57ceeff9915168ff90e5bf148f5fc69618ee9d1d2e178753c063cd71814bce7c7cfba72f2d59c276db8a4ed9a79517dbe9f038931e3afa8a7373437f8") (async) close_range$auto(0x2, 0x8000, 0x0) r7 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32) bpf$auto(0x0, &(0x7f00000000c0)=@link_update={r4, @new_map_fd=r5, 0xa, @old_map_fd=r7}, 0x10) (async, rerun: 32) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r6, 0x0, 0x8}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r8, 0x0, 0x4}, 0x103) 4m21.278743946s ago: executing program 2 (id=2946): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x45, 0x0) r0 = fsopen$auto(0x0, 0x0) fsconfig$auto_JFFS2_COMPR_MODE_FORCELZO(r0, 0x4, &(0x7f0000000000)='bridge_slave_0\x00', &(0x7f0000000100), 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = io_uring_setup$auto(0x8, 0x0) ioctl$auto_BLKRASET(r1, 0x1262, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'dummy0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000200)={0x1d4, r2, 0x9281f4447ec8c537, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x1c}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4197}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_MLO_TTLM_DLINK={0x7b, 0x148, "828323f2b40d405d252f070b92f7478551a5d3a7186d67e18e191c8f45a8a7a2bc5a38782b9a93cf1dd357d992dbdded02d99ca242a67aa13c8eebf4cdcda3aeddde2be523eccd416ad06cd3f6ee6b31d1912abb0390afaf7ee4d39e825f7e04ca19266cc711a65ae6bd1fdc9127bd452b242bdfcba7eb"}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_FILS_ERP_REALM={0xf7, 0xfa, "6135ce80f5944a0df86ff415a654ca9aaca4458682979e123214cc4a74cc5d8102b421c1ea84af9085923954f4673fdf80768b670307e16111301dadeee70a3a31651f3dc94bd7e531557ae3dd0541946c61318a35b64614ebe507742e0cfe1f7676490f2236cbde09a3f9b36f300dd40b31f6ccea7c935d7f79d835c0caba4daa65e89ce9b65840001d9760b3b93fb7017f86ede6c3196a0a1cc5df829f36cd55c495acf61ef42d02433b62f6f97345cc36c98b4e584f1339c4b175ce1c92517a4a624568b0823149c3000a2db6fe3a3d234dbfb72320e2b32caf24ea6412f5e1c06d6047865cec274caee0e4a6ea2ac1b2dc"}, @NL80211_ATTR_WDEV={0xc, 0x99, 0x4}, @NL80211_ATTR_S1G_CAPABILITY={0x1a, 0x128, "669029f011bdb1cfadc31a44fc6c54affa387c07ea52"}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x40000}, 0x8800) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x260001, 0x0) ioctl$auto_BLKOPENZONE(r1, 0x40101286, &(0x7f0000000040)={0x5, 0x9}) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000000), r1) ioctl$auto_SNDCTL_TMR_CONTINUE(r0, 0x5404, &(0x7f0000000080)="b6e3bf6f7b4dfec053a822d22371a927eec45c909902ae87f4bd11f9271b38cd17ccbe3f58ffc3d90c70643abcb3540c4fd631fb72437804887a46c8f42dd7baa9fe3aa9a9e96f55b222219f48ad510c116a79f44870313af96c0078f5a564da1f10") openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x80000, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x460f, 0x0) read$auto(0x3, 0x0, 0x8080) 4m21.005930717s ago: executing program 2 (id=2947): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/hugepages-8kB/shmem_enabled\x00', 0x1a1842, 0x0) sendfile$auto(r0, r0, 0x0, 0x6) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) close_range$auto(0x2, 0x8, 0x2) (async) socket(0x5, 0x80002, 0x73) (async) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0xc) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) (async) pwrite64$auto(r1, &(0x7f0000000040)='/dev/net/tun\x00', 0x2, 0x1000000002) (async) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x0) (async) prctl$auto(0x34, 0x17, 0x0, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x42, 0x0) (async) sysfs$auto(0x1, 0x7, 0x5) (async) prctl$auto_PR_SYS_DISPATCH_ON(0x2, 0x1, 0x0, 0x400, 0x2) (async) write$auto(0x3, 0x0, 0xfdf3) sendmsg$auto_NL80211_CMD_REMOVE_LINK(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x40804) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0xffffffff, 0x3, 0x81, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d", @raw=0x9}, 0x400005, 0x25, 0x4, @raw=0x6, @integer={0xe7, 0x0, 0x81}, "7a9fc199a16a2311eacf2fc7ae1d8778dc610400000001000f00000000b6debe0eda71bdb5adb17884a16f7ce8c57c0eb327ac702b8d7c2d00"}) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003180), r2) (async) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x1f, 0x9, 0x62, 0x0, 0x0, 0x0, 0xffc, 0x2, 0x80000000400000a, 0xfffffffffffffffd, 0x9, 0x9, 0xffffffff80000000, 0x11, 0x20000000001, 0x7}) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) (async) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="0103290900000000000000000039"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x24000000) 4m5.868720781s ago: executing program 34 (id=2947): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/hugepages-8kB/shmem_enabled\x00', 0x1a1842, 0x0) sendfile$auto(r0, r0, 0x0, 0x6) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) close_range$auto(0x2, 0x8, 0x2) (async) socket(0x5, 0x80002, 0x73) (async) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0xc) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) (async) pwrite64$auto(r1, &(0x7f0000000040)='/dev/net/tun\x00', 0x2, 0x1000000002) (async) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x0) (async) prctl$auto(0x34, 0x17, 0x0, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x42, 0x0) (async) sysfs$auto(0x1, 0x7, 0x5) (async) prctl$auto_PR_SYS_DISPATCH_ON(0x2, 0x1, 0x0, 0x400, 0x2) (async) write$auto(0x3, 0x0, 0xfdf3) sendmsg$auto_NL80211_CMD_REMOVE_LINK(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x40804) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@inferred, 0xffffffff, 0x3, 0x81, "3112d585005a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe5e2f94bd90484b0755015e48d", @raw=0x9}, 0x400005, 0x25, 0x4, @raw=0x6, @integer={0xe7, 0x0, 0x81}, "7a9fc199a16a2311eacf2fc7ae1d8778dc610400000001000f00000000b6debe0eda71bdb5adb17884a16f7ce8c57c0eb327ac702b8d7c2d00"}) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003180), r2) (async) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x1f, 0x9, 0x62, 0x0, 0x0, 0x0, 0xffc, 0x2, 0x80000000400000a, 0xfffffffffffffffd, 0x9, 0x9, 0xffffffff80000000, 0x11, 0x20000000001, 0x7}) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) (async) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="0103290900000000000000000039"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x24000000) 10.833721735s ago: executing program 6 (id=3862): r0 = socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000340), 0xffffffffffffffff) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) sendmsg$auto_SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000440)={0x0, 0xf000, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r2, 0x323, 0x70bd25, 0x25dfdbff}, 0x14}}, 0x20008804) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, 0x0) sendto$auto(r1, &(0x7f0000000180)="b03188399fe6c630a0e6e9b47e7cdf95ed6db3740c77c6e4de1bba028e746f6e53b45fe99e1671935cd1bf714c986cf5e0b12652266aaeb0a487c221e7a3986a1335b52576ce78ed4aac413528c30f05de3e549aa4743b3599b036e373822e6f7d1bd0e621f1d1", 0x8000000000000000, 0x7, &(0x7f0000000300)=@nfc={0x27, 0x0, 0x0, 0x1}, 0x5) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x121802, 0x0) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x101080, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) read$auto(r4, &(0x7f0000000480)='N\xd5\f\xb9GC*(,\x80\xc4bAL\xa3`\xb1\xf2\xe7\xc0/\xff', 0x100000001) write$auto(r4, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/block/nbd13/hctx0/cpu1/default_rq_list\x00', 0x169100, 0x0) pread64$auto(r5, 0x0, 0x1000f42d, 0x100) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fbdbdf2502000100080003008000400008000200"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 8.777657632s ago: executing program 0 (id=3868): mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) (async) waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0x5, 0x98, 0x10, @_timer={0x0, 0x2, @sival_int=0x7, 0x2}}}, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x8, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) (async) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x40, 0x0) ioctl$auto_FBIOGET_FSCREENINFO(r2, 0x4602, &(0x7f0000000240)="3f61364dc3ca1b8bc68dc335f5771ed1080ab92b4e86cbb148b1f06fe68814d5307ba3333d8611fea46c131219b77450e1bb348841ca3206ef6551b680ac3bab8c4289e3e32062360c86a5bca87c3b0c47c9851e280469eee7bef238c8c31f75099bae1b9c65c4fa33ea26286c17f69727cca33c6817ff6ca9e064c377fe6473db5f56793c857258e62c9a544d0e9a65edef1d4b64e59a9e30b4c2213556958511fc8e052d4ba13daef0ff06ec41251596b650") r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) (async) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r3, 0x541c, r4) (async) read$auto_sc_seq_fops_netdebug(r4, &(0x7f0000000180)=""/180, 0xb4) (async) ioctl$auto_VHOST_SET_VRING_CALL2(r4, 0x4008af21, &(0x7f0000000300)={0x8, r1}) r5 = socket(0x1e, 0x5, 0x0) ioctl$auto(r5, 0x8941, 0x8) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@buf=&(0x7f0000000d80)="b623d2751b00fbfad2a6d1a6d09b5de74ab60bd7666cde9499615eb7a03982dfecd08c02032d0ff2dd", 0x2, 0x8000, 0x3000}, 0x4) 7.906789394s ago: executing program 5 (id=3869): r0 = socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000340), 0xffffffffffffffff) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) sendmsg$auto_SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000440)={0x0, 0xf000, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r2, 0x323, 0x70bd25, 0x25dfdbff}, 0x14}}, 0x20008804) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, 0x0) sendto$auto(r1, &(0x7f0000000180)="b03188399fe6c630a0e6e9b47e7cdf95ed6db3740c77c6e4de1bba028e746f6e53b45fe99e1671935cd1bf714c986cf5e0b12652266aaeb0a487c221e7a3986a1335b52576ce78ed4aac413528c30f05de3e549aa4743b3599b036e373822e6f7d1bd0e621f1d1", 0x8000000000000000, 0x7, &(0x7f0000000300)=@nfc={0x27, 0x0, 0x0, 0x1}, 0x5) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x121802, 0x0) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x101080, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) read$auto(r4, &(0x7f0000000480)='N\xd5\f\xb9GC*(,\x80\xc4bAL\xa3`\xb1\xf2\xe7\xc0/\xff', 0x100000001) write$auto(r4, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/block/nbd13/hctx0/cpu1/default_rq_list\x00', 0x169100, 0x0) pread64$auto(r5, 0x0, 0x1000f42d, 0x100) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fbdbdf2502000100080003008000400008000200"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 7.605804917s ago: executing program 4 (id=3870): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0xffffffffffffffff, 0x300000000000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80000, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x3, 0x1000000000001, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) write$auto(0xca, &(0x7f0000000040)='\x04>\x00\f\x00'/14, 0x7a) mmap$auto(0x0, 0x201fffe, 0x203, 0x10017, 0xffffffffffffffff, 0x89d) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x0, 0x0) ioctl$auto_SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f0000000880)="74b6e0d8aaf96d9369d5e9923372af949147d24e09b934057a31243a3ba9b2ec12d7b30317ddf27e06cb56a3258dcc0d8954caeb184098c3d7315984bf39f7c670905f20e11261b6a90d5e42951e80f5adf587645101fa6d6160e0109bf47667437ac4edb5c99b2633b4a85ab22485b79192b10ccb482f96c0b6e8a0ae93ec936a13024a40ee8232d06b0d62ae1b638d265f7fe3beabb7b7c26b8157f217fee7073e5f716c2c134a0a49d34a5c7a5ed19f9ce0bf61960b7a8187bb7a6b46841f7d1f984c527cb8a35e03e9a4b94f0dc9eb1c011fe89b05dee6b5652b02c205955b57c0b459ce3040da4742d46c181860a93fa130466d8b082f809091f0e53ac5f6559f238876b02782aa8d04f8a605e646a7cd72c799bc7ad9b35fcfd5f52dd38d422b02faae3b0d4ea4c3464175fda7f6e00de95653db708d2db64cb388709d1ebf7f6b995daa6a1db07139540afd7faddd2683a524ead6213bbcb9762379ad4f0ea48715dbba0397f29e2bde245da5f78691b5fae0032084e0cc3dc16c1ba50028e8b1d8c8e5300d87263d34069d89d1b3d3710b493509dc652a7e9ce527393d5d381ebcde732d6e8892e7294fbe5c1ca6607a865e8c0db117a2014872a37ed5fb7ac77714a128c6454ea7d942e57d505f6fa6f30688a0d6714f1a7c5506485635f1587397b39d910ca0a955f4ea077ffdb81bffc7e0d229281e97d125bad7eecb298dc886e431790683647376ad7edc23e8a636c2abcb9449d8b216d067240ef6ada34d540bd08d3bf3eb156a37114acdee6f43fcd15432da5024e54ab84f5a5961384abfbdd7ee4de4140c4528b320c5edb4719a7888aafd7912354e8072368db6d17c12b754ac0bceef2c26b70bf5215cae4049e03435bb2ddad49010707daa89a893ed5e09ebda83f1ca8d79a4f9cb1401f1718cbc61670ce6762ccd0e1a30d4b4836c00de173aa7c09c1ddbd42ec4c18a1fb74cd58d4f982ddc9fb702d7e19416442285bfc159715526cd2935108608450fa6aa62deafe5fd3bc6d54f9052aab0947639590be3d3fd36dfe22ca8d519af042b4e7508126492c154dbf246de6f25471311eb1bfd727a1130f65a73ce8b8b23d30165b93581eeaaf7962b9e756f3a22ef6509ce7eed9101249953401015953e5332f285f367f5ad1aff93680b81473e743dac9b75aebc3cfdab628ffb8aa7a6d6c8ec587eded5fa470b1e09c0e9762b21c2fa33370271b93b35c61904007e6a388d90070bdba3e559f9454d2124575c7b572fd9f8026e4fd23807508a93e0fc6e5deb37a12736793a2b98647936ae5e9cdba96dd3a060f074ab7bec40b479d86e422119d3f41ee316ca2be2d34cd665dabae3c72c7b76513a45ae8868978ff647420aa08d9633c141732a5df937e10ef4d7b8ea04ec1903d94fa60363c4b6faca7f16bf366170e35e192089e0f4d58e7858bdfe9af98de280b0f899a659f584d320c302befebaedb5aecb56ee95029fc5fbc7aa08dd5b308f74e68b0e1b6341aa8f3b7b1d996ae7076def883268892df2f0c3fe259cbde997227e912126810e1e4766d4ba0c80e1f7d5992db888522e8a0841f2dbe2524ba7c6e841f2661f38d6ed57430be91942215f43bcc7a74ed276091bccfaf6f00d1d6a43123b9167532dd08a09291ce7b908219260b1c3de9fb9464b391cb5347ca2ee4c5e512ea848d62586a7e6e6d6af70e6e209a311308c90c2ef2de7c320449b22c04d3e818c20460ff09ff506500761aac25912112a7c55512de5247e61c03be66cf571fa29539ab1391ff6eb6346d1e869d7d7184822faa8975066f6fe8dbf3247e54b6b148cdb4de60c96c7d62d998287da2dbc9e180a93e11d7413258816eabe525f34a4a94927da768f05182106df053936beb0d97a049a1f4f1bcf4ac93415c5a1e26db47b68f8d562b85d11c58a685d00466e94200a636346351eb0d7514967b844ac252fefc27774ca8d49e2d3645db12c880e9ee0bcd5319deb3ddb74a053d15ce6a104688f0e33efa30b0db0d34f9483cfdc90da6bffb8e559e5646ab18dea5969b468a59fc918f1af7c88c0f80c47c859ca0ad158bda958a012e436ffe609217b691921c9fa088aa87a3ee06fe27195dd087875e8e8a16356223f68fb4decf30d99d94188ce0d5bf89becd34ae62c1f59c52f441e0cbf56dbd7f24cd4a98b50f1b6651bc16a4585d91558ea151a3121d0ee47be1513870d191072480af071bcb3e55a14346fb4a7d567fb4148b88a414399800111df63a909f270ade269feecb87a5990c3d181bfff2e63eabef6b97670e50d396693cef09bddc2be230fb7f6ca42b4e40c21620122d35ea3a738fdbbe37121f799ca54cffb1dbdc95e7279156e339ed95bd96e9b84f3aacafdd2bc5a89d891c767b5abf0d93b2d8b42f4751692ee23f6ae260c38c750bafd9869163c88f4bdaa987aab6a3d57427002ea73670030b7611564a7c29ac17128f3c78e58f3f27335edc4f0f898c6e581f3ab73d9e90bd8027f1105891c5e44d2c9ad11ca93c7e0247aa58441d89a8938319c14d46830eab5eb04f396054bbdd45577bbbcdd81785448a92d66ca74371938549cbd4216fd375e0a19d7157bba35a11d019c38083787fa58ee1568104d6837bab3b394de4ab92007cac6efdadad985ba81460fb223f0e12ac77f4dbe60aacf0a61cd034c32f445fd5aa41d345f499851cc560ed5d696018035888a39bd1df6076da1642d99fb6e29d06df001fcc303953029eee93839f9aaf53ee54e28c0909fb42a0f05408a9cca6d08029fc696e9423ae4aab2f8875af55b2ae89fa2046550aec262b8e37f210d4539b4202ba7ceb417fb769e107337460193007536127cc52374f9f75a024421b49403a576b8d1872e43b579e6440137f75e6e80c8f560b3077b7ffb6d7fee939733be605b824579646e9e73014373955c93a9ea82bdbb5f983726f7a3424f5134d6e00854a6fba9ea7ac6ba8ce51fff6d70fa54e3b6828d100f36124ac05607b3e6b054e4984f63da0c79c32268c6e05ea59de227af83100b73fd75cee45a27b0a094a6a976c5002b32bb4a0b4707cd0a74b5907c6a3a090d7f3c69e90a05b6270aef867a06d68048b03be52eaadbd2d3da5f61afdf2c0181e9a4477afb0a7a6af46c4938e6b74916250f1c3fa61d6bba08e6c45ee9a5a13905265f9705a8bdf77dfe4742493c620c913384b07d4a75dc405671e9891947c9852f14786b4da5e28686aa4033e43820ad4c8bbfc2b7ef128ed03131b8ad469dc031d970946a0d70beaf297e615f76f08f6f3ca506fa9afed48b00d15e6cb8e0649e56d416a71b58f7551a12758449b78c29992c90074049cd9cc68a48516f82d3859ebc0bf725888ace3e27ad639458a4d71637c465da498b813a8d16346438423c64780e6db97764f05bb77d263ecde8f476ca178e888e7a15cbbfe1ca61be6e49b981695121a51fef6fc51e883ca6468873f0e462f3cb901b3defb2c08934dc8f859e4fb2a598c3b5393b3499ae48919bc7385c26d1fab7b2cdf308f019171971421185a37810d83d450ef63a72f748dafcf69985de4581b7bc653850a90470becc801ea71ae2cd425235ed1f4a70b86f674d711642e4c8d4ae6ad0d298632fb38c165c8c25f8142e96c71bfbe82a48732a61cb8ac538595d512de3b10d38534853bbc7133fd3b2f4b6a79f1283b45603afc90b5da9ae586c8b2c8e3aa8bdb183849b71b2bcd44c72137e5bcf7fb2384d6be3be43ef84f70a973487616a0fd79f44952558fc0e07ebddbcd28f99d2d6b53ea7eca4ca4d204e721872ddbf75f3df97b91968c25f6f826a72bb8bb4db8428d59fa168bf919f74d32548ab994cdc58d23346eb16da7ce400d63e159a95ad9fb2ee652f104a36a5dce8be45a421450669ac9383d6728e5d5c43b9091c4bd3637c8a1952aeedc568bab0480048f233b1c406fc4fade9350832c23bb9995a3f55ed775bf07af4422ef13261efa03314ffe96357eb803650110d95211ae8be724cf23334c8462eded98c7f6dbc34ee51a70a2f0a88814336a0a09b6a45be9e6cd7f8d1053cef802a24de40c1e6dc09e46a7b1b16b13f2f3402adbf11c75a560a3d43465360c44ba47ea4cc2ba26c40e412be004dccb4ae332188f893fe51fa7f14454a90c056d19907bd3b298b70fe712c8a554f07fcc1a23b60e89dbc954b9e8c0c28c05ab190fb350cb2c42a0d886123e5e197c6f14960de9c8089dc043d23f28f97992134a15cb671160ba24ddcd21218c15b1ea7743b915c5a0ffc128d16bbd1813a1b1250875a1d3d0d1bc78b948ce5e5dc3af8cedc352ed83884a78e7aa6a1a969f01a3d0473f8e482c4ed75eac4f43c2900893da97b6925cb103732cfdb38458a29e537e91e0515863a32022fb55d78d7add91e6b24e783badfb47cc84d9ea4b5e8ce03faf205d9ec14492f5d39571778201fbdc27c59cc600c5794794bb7ed3159950704e26d7d92aa2a8a0a97539fd37858d9793b45c0c714ccb5b30e73898a13040d0c854e6caaa037a542d2cf0c5ed09308c650af5c4ead3fc70120f695b2f9b5552e2e67ee23457a46cf23287ddb7d2ffe030fb3688144dc46d5cd07a325864ae954f71224e1f4ecdbdc6888b5ef952f3c8d397344a6a475249211b90465266cc7c2aeaace37ce72056dae74eae9fd7a81d3f1cdd8c8c2f74cb36a2b864e9ccc9843af5b7684d1d083e74ddae8947fca9622054937fa1c5a9b149cb3596c3a4bc0e28664286b70317d383888cbc9609b74954561be1ea2860565ac4076ca869a9f8726d42f8303d1e72d8d549af363d1040c2db54092856e88854bb0b308f21561ecb4afbbbb003f6c9462af0fd9b18fe61911788f987b689dd6fdca876819a637b205bab37dfc021e5dbe3e7d120c573badac21b9b1683fa37c3aa3d5494e50bd2ca49171432bb724317d3b0c47f128ea58dbed79b67d9b848412697bde9fc8d37ca7dbdf0aee84c15994ce556fd9347e0addf0a62233ee6bef22b318754667c9444a759dcf16a3e6511c66090c62e80e022396478bcc1a119279d635449b8d76b6e0a39103d64a5970994cc24d40e52c76df2fe453880ff37677e57309c921274d941b55da47f82cad2d5d0f7813af86523ee074257dfe47390ab9c2e6dcb123cfb3836fdae62d1b924a921db1c35476d4b5fe0db32b914c8ecf37be8a0ea1d6770411370580fb594d7987dab4912fbedd56da7acbf3330f48cca83a38bee979041e26fec9cb7d98523475a1344138125b998975933179ca6bfb62f366e10f522eb2860dcdfa979ddcd4511bf6690b133a8571f17d9bbf306fe96a6c66dcf92cccc5598023e008a51bd7b23cf43679410fc268a2f3d7a337cfcd1d596874e6410359499a4759d8313ebf2e11e8094e2d1af3a6c44a0fdda50647b11802c1b7163c6a12b98c0513e934bbf6b2b3739990856a4825d5e01d2026773c7149972a3924890411d94063ec5bfe2cd5093906ae60c1d8c2fa4f6c8b3d6732c335e4db7135fc0d184397836bf5aef4a3c0615d84159c8c4c32d133e185bed1e0b97e5b9825302c82df83ae799a69b8cb3d55a5c3dbc13b0b535f1b10f600d3f414ff521145427e45ebfc706c48d098729ad4337fbf66dc45a150d0e34493ab3f27cee0c03830c80d786519a758c095565638e51c7fe3f319933c821de88d88590e0bcbf7c7e9412cf2bd0754931ff9431ef6c3123d4454f2fb8b7ddea3e65f1a569a6e2b47ca75e59ff5f500f60d4b3065c0b093ee2412fa0386") syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x39b8) clone$auto(0x2, 0x5feb, 0x0, 0x0, 0x2000000000003) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 7.221389113s ago: executing program 6 (id=3871): mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x1) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ip6tnl0/name_assign_type\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/ptp/ptp0/max_vclocks\x00', 0x180, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(&(0x7f0000000000)='^[#@-\x00', 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/compaction_proactiveness\x00', 0x2800, 0x0) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) preadv2$auto(r2, &(0x7f0000000080)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x0, 0x2f) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC2\x00', 0x80, 0x0) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) ioctl$auto(r4, 0xc040563d, r3) socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/pci/drivers/dh895xcc/remove_id\x00', 0x620603, 0x0) ioctl$auto(0x3, 0xae60, r5) r6 = socket$nl_generic(0x10, 0x3, 0x10) statfs$auto(&(0x7f0000000180)='}[,&*}\x00', 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0xa001, 0x0) write$auto(r7, &(0x7f0000000040)='\x00'/13, 0x81) ioctl$auto(r1, 0x4008ae6a, r6) 6.619240969s ago: executing program 5 (id=3872): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socket(0x2b, 0x1, 0x1) socket(0x2c, 0x80003, 0x0) r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f00000002c0), 0x0) setsockopt$auto(0x3, 0x11b, 0x2, 0xffffffffffffffff, 0x9) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961]}, 0x1fb, 0x81) shmdt$auto(&(0x7f0000000040)='/sys/kernel/tracing/dynamic_events\x00') sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r1 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r1, 0x0, 0x9a6, 0x7000000) pipe$auto(0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x4) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 6.394354549s ago: executing program 0 (id=3873): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f00000002c0)="09f4fdd99e7aeb02cb786f1e99896cf995d8449017b626eccf0a9b2530d92b043d1bac7f87d7f76577e327137f686470593ffd6f6f45143d2904049d2e9f16ebde50c6526d53354499a68448ee5f74ee616f440b95c2e6e8b7667f26313eda134459b615d1e790262b11664a3338477f0193e29dec725c6cd1c3c8651dc68f5e43427eb0cbd409ca75c336b7c5307b870807121daf5906e8c3d223f80f3dc6a2ad4b34f712144a0d419767b735f619cc7c5a3f55ef5418445a589dbfd42f2e423be259453dd9ff7ff603d4db6740174699f9ea41ed4becdbc265ac16a09c621f3647f950bd8ba76273dc78f74a0f606acfd7081a6cc2d67e359b2c6293c1f27c50bde495d81cdd55e94f59ece255d868f1ff0219be26da3fb72ff7c7f45eff068104c12a95a5fea670f5031832f0d58b564e53cde3f0110aa78d8e439a351ae60a4f7c06b4909179474604544143e072c306d62b72c2ac5282b81677ffc29afa3ef52266b0cd9f93a9417c193928735a45d7e4", 0x173) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x14, 0x3, 0x8) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x565) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x800, 0x800000d) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) unshare$auto(0x40000080) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/perf_event_max_stack\x00', 0x143402, 0x0) timer_create$auto_CLOCK_BOOTTIME(0x7, &(0x7f0000000000)={@sival_int=0xe780, @inferred=r0}, &(0x7f0000000040)=0x3) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0x20499d, 0x9) listmount$auto(&(0x7f0000000100)={0x20, @raw, 0xffffffffffffffff, 0xfffffffffffffff7}, 0x0, 0xf4240, 0x1) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x3000000, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) unshare$auto(0x40000080) 6.132117141s ago: executing program 6 (id=3874): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x106) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x60540, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1, 0x5, 0x100000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/fs/btrfs/features/send_stream_version\x00', 0x2800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/195, 0xc3) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyc4\x00', 0x0, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC2\x00', 0x4c0081, 0x0) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000180), 0x400100, 0x0) ioctl$auto(0x3, 0x4005411, r2) 5.996324815s ago: executing program 4 (id=3875): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000540), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'rose0\x00'}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={0x28, r1, 0x1, 0x70b527, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}]}, @ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0xfffffffd}]}, 0x28}, 0x1, 0x0, 0x0, 0x801}, 0x800) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x1000c0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r3, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0xb6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) 5.781083228s ago: executing program 6 (id=3876): r0 = socket(0x1e, 0x2, 0x1) connect$auto(r0, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) mmap$auto(0xc, 0xa00009, 0x2000000000400002, 0x91, r0, 0x2) r1 = setfsuid$auto(0xee00) r2 = setfsuid$auto(0xee01) setresuid$auto(r1, r2, r1) r3 = setfsuid$auto(0xee00) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="c4b3f01c76fd0aded9ce67153e5610df", @ANYRES16=r4, @ANYBLOB="000125bd7000fcdbdf258c0000000600ab00050000000400b8000800a4007200000006006d0008000000fc00e8004d226de9a95c88d64347bbf8a37fa10179a4c89415c61f16a5db492b405262ce47ea4b2eaf0e7d3b4662fbeed1d56a19073b59833a618b06b0fecfd66cf806da43a75ce38310c9d40e4316340ed2cd10dad3550fd1ab712640392a35c0a0d82ec3d44afb136587e2811f3b62ebb18be026daa767939871206b0f01a30134f886e8c26c493a0c7951921fdb045458013170425fa943ce87e81efd63d84cf2e887dbf2383df70b834946002c432fa3cccb7fa6ad7cb476aa9f834a6722be7510cfdd0b25ba9e844b626a40ea2c5ec9edfee512eb75116600e9f46631a07c326f49e5af3a429eec112a6d3a8a9e2cc7265d515c2012c5038b3e04006c00e00002019380399cb196863e691a7937c2e21bd525682f71aca03beb8568a88c31a20386f19e04c2d9a8b6de9c0b7a16019820b50f552d27f030893bf807a78981c1afb65a3f914cf910f746b031aa864294d84bfa49eb1901231cbb849d347bdba3756e7266a831128dc764a079fcd34aa73f7b3bfd5c92f546ddf3b15dbca7b79c4d3f776dc47d0a64feb46580c8ada37290b5fb11615d926fc148b2fc993165436fdfb94490a065de1ac5f0a7969be69d8680a3182b0e4c367403b4f89b18e48142ef4952b991291077ed3330ae030592b8f283a59db0a282d3ca5622a0b90500d3000900000005006000f7000000"], 0x220}, 0x1, 0x0, 0x0, 0x40}, 0x84a064265f700935) r5 = setfsuid$auto(0xee01) setresuid$auto(r3, r5, r3) setfsuid$auto(r3) ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(0xffffffffffffffff, 0x806c4120, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) set_mempolicy$auto(0x1, 0x0, 0x803) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r6 = openat$auto_dma_buf_debug_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x500, 0x0) read$auto_dma_buf_debug_fops_(r6, &(0x7f0000000240)=""/83, 0x53) pwritev$auto(r6, 0x0, 0x2, 0xfffffffffffff274, 0x6) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x400) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) sendmsg$auto_NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, 0x0, 0x24008041) msync$auto(0x0, 0xe0, 0x6) ioctl$auto_BLKGETZONESZ(r7, 0x80041284, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) msgget$auto(0xc, 0x77d9) msgrcv$auto(0x0, 0x0, 0xff9, 0x1, 0x3) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x9) socket$nl_generic(0x10, 0x3, 0x10) 5.350717797s ago: executing program 6 (id=3877): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000640)='/sys/bus/usb/drivers/usbip-host/match_busid\x00', 0x103400, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8001, &(0x7f0000000240)={0x0, 0xc4}, 0x1, 0x0, 0x200000000, 0x9}, 0x1000009}, 0x3, 0x0) shutdown$auto(0x200000003, 0x2) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000680)=""/249, 0xf9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r1 = socket(0x2, 0x1, 0xfffffffd) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x509000, 0x110, 0xb}, 0x18) name_to_handle_at$auto(r2, &(0x7f0000000080)='\'\\p\x00', &(0x7f00000000c0)={0x4d, 0x2, "d2fda1946ff1cd8545e02a949b5bbd31c858d6e29a50a251d12c3ec75f17fbe11fc9d6407e4dd40db7501773d6c6132833a203f2eb75f54c44a42938c9aa7c6044ae052ed6a35ee912895a48e4"}, &(0x7f0000000140)="ad018a7b53ab34795f6f8f1407686279ea737a008c57f09a06c18dd52ecc2c8911c7b6af9e64fad332340509a222bd09e383277cf050a7bcf5c752ba8c05bafac4f29f607c61b20ed4c564969efab6d179a70461b924ac46c58f908a74e46cc86e1a8d7547269f9c689fa348b0ab194f4aa4e7e1598983e97600ef7b83960bac7324e38f9062afc2e6d56ea6f1bb8ad41e864108ae1c911fdc4cce1fbb36368b368e85dc39d73284539e4bbef2dfbe33010d401617a477f0d40a8987acfa726ca51608356438686c9d4b1c118a6eac3f268e1452", 0x0) bind$auto(r1, 0x0, 0x6a) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@isdn={0x22, 0x25, 0x87, 0x81, 0xc2}, 0x81) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r4, 0x0, 0x400100000001, 0x1ff) gettid() readv$auto(r4, 0x0, 0xfff7ffffffffffff) unshare$auto(0x40000080) socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 4.547919313s ago: executing program 4 (id=3878): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_SCSI_IOCTL_DOORUNLOCK(0xffffffffffffffff, 0x5381, &(0x7f0000000080)="ebebd6c34c1ed4d9e33f3c9c1aecff5645a2d2ec2fd1e263c244754db779a3d23b0eae1d0802770e31a715c9d3f5292b2c01ee80456144") r0 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/03.0\x00', 0x149041, 0x0) write$auto(r0, 0x0, 0x80000002) write$auto(0x3, 0x0, 0x100082) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto_VHOST_SET_LOG_FD2(r1, 0x4004af07, &(0x7f0000000040)=r1) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) ioctl$auto(0x3, 0x6f51, 0xffffffffffffffff) 3.68437782s ago: executing program 5 (id=3879): r0 = socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000340), 0xffffffffffffffff) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) sendmsg$auto_SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000440)={0x0, 0xf000, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r2, 0x323, 0x70bd25, 0x25dfdbff}, 0x14}}, 0x20008804) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000280)=0x0) sendto$auto(r1, 0x0, 0x8000000000000000, 0x7, &(0x7f0000000300)=@nfc={0x27, r4, 0x0, 0x1}, 0x5) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x121802, 0x0) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x101080, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) read$auto(r5, &(0x7f0000000480)='N\xd5\f\xb9GC*(,\x80\xc4bAL\xa3`\xb1\xf2\xe7\xc0/\xff', 0x100000001) write$auto(r5, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) r6 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/block/nbd13/hctx0/cpu1/default_rq_list\x00', 0x169100, 0x0) pread64$auto(r6, 0x0, 0x1000f42d, 0x100) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fbdbdf2502000100080003008000400008000200"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.614980397s ago: executing program 4 (id=3880): mprotect$auto(0x110c230000, 0xa588, 0x6) mremap$auto(0x110c231000, 0xfffffffffffffffc, 0x101, 0x3, 0x0) prctl$auto(0x3e, 0xba7, 0x0, 0x1000001, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8842, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/sound/ctl-led/speaker/power/runtime_active_time\x00', 0x20002, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x400008000) r2 = io_uring_setup$auto(0x4, 0x0) close_range$auto(0x2, r2, 0x0) open(0x0, 0x22240, 0x55) r3 = fanotify_init$auto(0x8, 0x1) write$auto_ucma_fops_ucma(0xffffffffffffffff, &(0x7f0000000100)="38491f580d4d9641efad319d21d9a90137541d8c3b02764d3dc8f4686aba7e7e69718fb8b28b383b9c61bb387656c48831670992a4f74042a8f089bea6bff69b01fe558c5c08000000000000003a2d24843779f690fc36adb278d9443dafc0df", 0x60) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x800c6f40, 0xffffffffffffffff) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x7, 0x3, 0x10001, 0x3, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948e, 0xffffffffffffffff, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x6, 0x2, 0x6]}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) close_range$auto(r3, r4, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) msync$auto(0x1ffff000, 0x1800000000000ff, 0x3) socket$nl_generic(0x10, 0x3, 0x10) 2.506386159s ago: executing program 6 (id=3881): r0 = socket(0x10, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000340), 0xffffffffffffffff) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) sendmsg$auto_SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000440)={0x0, 0xf000, &(0x7f0000000400)={&(0x7f0000000040)={0x14, r2, 0x323, 0x70bd25, 0x25dfdbff}, 0x14}}, 0x20008804) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, 0x0) sendto$auto(r1, &(0x7f0000000180)="b03188399fe6c630a0e6e9b47e7cdf95ed6db3740c77c6e4de1bba028e746f6e53b45fe99e1671935cd1bf714c986cf5e0b12652266aaeb0a487c221e7a3986a1335b52576ce78ed4aac413528c30f05de3e549aa4743b3599b036e373822e6f7d1bd0e621f1d1", 0x8000000000000000, 0x7, &(0x7f0000000300)=@nfc={0x27, 0x0, 0x0, 0x1}, 0x5) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x121802, 0x0) openat$auto_deferred_devs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x101080, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) read$auto(r4, &(0x7f0000000480)='N\xd5\f\xb9GC*(,\x80\xc4bAL\xa3`\xb1\xf2\xe7\xc0/\xff', 0x100000001) write$auto(r4, &(0x7f0000000040)='S\x00\x00\x00\xfe\xff\xff\xff', 0x8587) r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/block/nbd13/hctx0/cpu1/default_rq_list\x00', 0x169100, 0x0) pread64$auto(r5, 0x0, 0x1000f42d, 0x100) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fbdbdf2502000100080003008000400008000200"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.50617411s ago: executing program 5 (id=3882): r0 = memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) fallocate$auto(0x3, 0x0, 0xe, 0x8ec5) mmap$auto(0x0, 0xe983, 0x3, 0x6b1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x20000000) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000", @ANYRES16, @ANYBLOB="df350abb827483"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) mmap$auto(0x0, 0x3, 0xb, 0x13, 0x4008df3, 0x0) sched_setaffinity$auto(0x0, 0x9899, &(0x7f00000000c0)=0xf19d) clone$auto(0x20003b46, 0x80000001, 0x0, 0x0, 0x2) ioctl$auto_TIOCSWINSZ2(r2, 0x5414, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) read$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000cf, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) keyctl$auto(0xf, 0x400, 0x8001, 0x100, 0x3) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) ioctl$auto(0x3, 0x80000541b, 0x38) ioctl$auto_TIOCGPTPEER2(r0, 0x5441, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) futex$auto(&(0x7f0000000100)=0x2, 0x85, 0x2, 0x0, 0x0, 0x9) 2.505523955s ago: executing program 0 (id=3889): r0 = socket(0x1e, 0x2, 0x1) connect$auto(r0, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) mmap$auto(0xc, 0xa00009, 0x2000000000400002, 0x91, r0, 0x2) r1 = setfsuid$auto(0xee00) r2 = setfsuid$auto(0xee01) setresuid$auto(r1, r2, r1) r3 = setfsuid$auto(0xee00) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="c4b3f01c76fd0aded9ce67153e5610df", @ANYRES16=r4, @ANYBLOB="000125bd7000fcdbdf258c0000000600ab00050000000400b8000800a4007200000006006d0008000000fc00e8004d226de9a95c88d64347bbf8a37fa10179a4c89415c61f16a5db492b405262ce47ea4b2eaf0e7d3b4662fbeed1d56a19073b59833a618b06b0fecfd66cf806da43a75ce38310c9d40e4316340ed2cd10dad3550fd1ab712640392a35c0a0d82ec3d44afb136587e2811f3b62ebb18be026daa767939871206b0f01a30134f886e8c26c493a0c7951921fdb045458013170425fa943ce87e81efd63d84cf2e887dbf2383df70b834946002c432fa3cccb7fa6ad7cb476aa9f834a6722be7510cfdd0b25ba9e844b626a40ea2c5ec9edfee512eb75116600e9f46631a07c326f49e5af3a429eec112a6d3a8a9e2cc7265d515c2012c5038b3e04006c00e00002019380399cb196863e691a7937c2e21bd525682f71aca03beb8568a88c31a20386f19e04c2d9a8b6de9c0b7a16019820b50f552d27f030893bf807a78981c1afb65a3f914cf910f746b031aa864294d84bfa49eb1901231cbb849d347bdba3756e7266a831128dc764a079fcd34aa73f7b3bfd5c92f546ddf3b15dbca7b79c4d3f776dc47d0a64feb46580c8ada37290b5fb11615d926fc148b2fc993165436fdfb94490a065de1ac5f0a7969be69d8680a3182b0e4c367403b4f89b18e48142ef4952b991291077ed3330ae030592b8f283a59db0a282d3ca5622a0b90500d3000900000005006000f7000000"], 0x220}, 0x1, 0x0, 0x0, 0x40}, 0x84a064265f700935) r5 = setfsuid$auto(0xee01) setresuid$auto(r3, r5, r3) setfsuid$auto(r3) ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(0xffffffffffffffff, 0x806c4120, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) set_mempolicy$auto(0x1, 0x0, 0x803) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r6 = openat$auto_dma_buf_debug_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x500, 0x0) read$auto_dma_buf_debug_fops_(r6, &(0x7f0000000240)=""/83, 0x53) pwritev$auto(r6, 0x0, 0x2, 0xfffffffffffff274, 0x6) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x400) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) sendmsg$auto_NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, 0x0, 0x24008041) msync$auto(0x0, 0xe0, 0x6) ioctl$auto_BLKGETZONESZ(r7, 0x80041284, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) msgget$auto(0xc, 0x77d9) msgrcv$auto(0x0, 0x0, 0xff9, 0x1, 0x3) 2.3424446s ago: executing program 0 (id=3883): socket(0x2b, 0x1, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @local}, 0x54) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x6, 0xd, 0xfffffffe, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x10001, 0xb, 0x2de, 0x504, 0x1, 0x101, 0x6, 0x6}, {0xfff7ffff, 0x6, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x8000000000000000}}) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x28102, 0x0) write$auto(r2, &(0x7f0000000180)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff) ioctl$auto(0x3, 0xc018aec0, 0x38) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0xa, 0x801, 0x84) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/0000:00:03.0/rescan\x00', 0xa001, 0x0) ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000140)={0x6, 0x0, [{0x2, 0x54, 0x7ff}]}) write$auto(r4, &(0x7f0000000440)='+\x00\xf6\xf0\xef\xe4s\x95\xf2\x00\x97S\xb9O\xac\xbe\xd6\\J<\x02YK\xd6M\xe6\xe7\xa0\xb8\xc3[\x01\xc5\xe8|\xb0\xb0\x80\xbf\xa5?=i\x88UB\x1d\x8e\xd3\xc2\x949\xb6\xfb\x006\x02\x9c\x83\x14\x13\x99\xc7\xb4)M\xed\tN $\xd4\x90^?J\x92\x9a?\xf8b\x03\xd8\xdd\x84\xdf\x92\xf0\xcd\xd8\xbap\x15\x80\x9eo,\xc8\xf2\x82\xd2\x88\xbeL\xa0\x9b\x86_\xf0?\f<\xf3t7\xb6\x0f\x93\xc79@\xd8x\x9e\xef!\x006\b\xdbWB\x84\xdd\xac\xdau\x86g\x8f\x02@O7\x0f\xf8\x8d(\x9c\xf2NyD\x7f3\x14\x9eg\x86%)\xd6\b\xcd\x1f\x03\x00:\xa6\x83\'\xf4\xf2\x9dd\xf4z\x89\xc5D\xc4\x02\\\x81\xcf\x02Ep\xf6`\xde*\x1dV\x94R+\x94s\x84\xa4\xd4M\xa9\xea\\Vt\xde\xedS\xf8?\x91\xef\xb3 4^\xc9DO\x88Er\xb5\x82b\x8f\xfcd\xe3\x81\xf6\xe4\x16\xe1\x15\xaf\xf2q\xc41\xf5-\xcc\xcfj\x94\xce\xc2>\t=\xe5\"a\xde\x18\xd8\xe8', 0x4) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) write$auto_seq_oss_f_ops_seq_oss(r5, &(0x7f0000000040)="f6e6812018deadf7e88f819e30236ce79200d01532f2ed0d", 0x18) getsockopt$auto(r3, 0x84, 0x71, 0x0, &(0x7f0000000280)=0x22a) 2.258504424s ago: executing program 4 (id=3884): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x0, 0x0) r0 = gettid() rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) rt_sigtimedwait$auto(&(0x7f0000000100)={0xfffffffffffffbff}, 0x0, 0x0, 0x8) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, 0x0, 0x5a1380, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000040)=0x5) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x1c1080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) open(0x0, 0x22240, 0x55) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x2000c840) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x4, 0x73) socket(0xa, 0x1, 0x84) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) shutdown$auto(0x200000003, 0x2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x549e82, 0x0) mremap$auto(0x4003, 0xb8, 0x13fd4, 0x1000000003, 0xfffff000) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4) move_pages$auto(r0, 0x1001, 0x0, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) 2.080722551s ago: executing program 0 (id=3885): mmap$auto(0x6, 0xa00006, 0x5, 0xfffffffffffffbff, 0xffffffffffffffff, 0x300000000000) mmap$auto(0x0, 0x4, 0x0, 0x78, 0xffffffffffffffff, 0x300000000000) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) r0 = epoll_create$auto(0x2) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x40103d0b, 0x0) epoll_pwait2$auto(r0, 0x0, 0x8, 0x0, 0x0, 0x8) sysfs$auto(0xffffffff, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x1) epoll_ctl$auto(0x5, 0x1, r1, 0x0) madvise$auto(0x0, 0xffffffffffff0006, 0x17) madvise$auto(0xff, 0x3, 0x8) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x687180, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(r2, 0xae03, 0x9) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) socket(0x27, 0x5, 0x7) mmap$auto(0x8, 0x400007, 0xdf, 0x12, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) 1.629468082s ago: executing program 5 (id=3886): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x801, 0x106) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyprintk\x00', 0x60540, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1, 0x5, 0x100000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyc4\x00', 0x0, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_FUSE_DEV_IOC_CLONE(r1, 0x8004e500, &(0x7f0000000040)=0x5) ioctl$auto(0x3, 0x5411, 0x38) io_uring_enter$auto(r0, 0x5, 0x1, 0x80, &(0x7f00000000c0)="0a16b9f2a94c414524e9f4de0c2c46d5935465cc3be787c8ebdca087d7ad6039ce4cd31fcccb5a56b59bf12c27841b64c33f599f30137c21fe982d80de2d279ed2a3d7889fd8b85a5201a2f3c7da20ce825f9c3bea78c9deb74d0860f737e4242b4c90d6e80adb3bf1648e70d707d5b0266441940eef65502bc88ae439fefce27344548cc1478e1e13e6179d9a3b1cc9ee2a1d83df936ceed37fb859544fa5605ae21a80e2e555fafa0e75e3793d2b27a64b43b042f308c54fcfe2e7ddd90b80aa319d4b56c1dfcc4178f7278de744692ffdd0", 0x19) 734.449794ms ago: executing program 5 (id=3887): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, 0x0, 0x400, 0x0) setsockopt$auto(0x400000000000003, 0x2d, 0x1c, 0x0, 0x3) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) r1 = socket(0x10, 0x2, 0xc) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x24, r2, 0x10, 0x70bd2c, 0x25dfdbfa, {0xa, 0x0, 0xa00}, [@CTRL_ATTR_FAMILY_NAME={0x0, 0x2, '%/\x00\xe2\xa8\\A\xe7Z\x02q[\xcb\xc0\xb0N\\\xdc\xdf(\xff\xfee\xc3\x17py\x9f\xda\xb88\xaa\xf6q*\x82\xe6(\xc9\xe6B\x9aJ82\v-i(c\x92{\xd7D\xb4\xf7\xb4\t\xb2\x98b\xd3%vu\xd4\xfd\t\xd7J\x83\x19)\xb1\x00[\xdd(\xef?\xc5\xae(\x84\xefjx\xfe\xdb\xeb\xbceaAw\x1eW\x12Bh\xc3y2\xc9\x0e\xc9\x99#\x92j\x97\xbbDOi\x03\xa4\x11\x02F [ 893.571317][T19431] dump_stack_lvl+0x100/0x190 [ 893.571362][T19431] should_fail_ex.cold+0x5/0xa [ 893.571416][T19431] _copy_to_user+0x32/0xd0 [ 893.571470][T19431] mtdchar_read+0x3cc/0x5b0 [ 893.571511][T19431] ? __pfx_mtdchar_read+0x10/0x10 [ 893.571545][T19431] ? iovec_from_user+0xbb/0x140 [ 893.571599][T19431] ? common_file_perm+0x1ab/0x4f0 [ 893.571653][T19431] ? bpf_lsm_file_permission+0x9/0x10 [ 893.571700][T19431] ? security_file_permission+0x76/0x210 [ 893.571751][T19431] ? rw_verify_area+0xce/0x6d0 [ 893.571785][T19431] ? __pfx_mtdchar_read+0x10/0x10 [ 893.571821][T19431] vfs_readv+0x5d8/0x8d0 [ 893.571852][T19431] ? get_pid_task+0x106/0x250 [ 893.571907][T19431] ? __pfx_vfs_readv+0x10/0x10 [ 893.571941][T19431] ? find_held_lock+0x2b/0x80 [ 893.571997][T19431] ? __fget_files+0x21f/0x3d0 [ 893.572050][T19431] ? do_readv+0x13e/0x340 [ 893.572078][T19431] do_readv+0x13e/0x340 [ 893.572111][T19431] ? __pfx_do_readv+0x10/0x10 [ 893.572155][T19431] do_syscall_64+0xc9/0xf80 [ 893.572199][T19431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 893.572232][T19431] RIP: 0033:0x7f416eb9aeb9 [ 893.572257][T19431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 893.572289][T19431] RSP: 002b:00007f416fb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 893.572320][T19431] RAX: ffffffffffffffda RBX: 00007f416ee15fa0 RCX: 00007f416eb9aeb9 [ 893.572342][T19431] RDX: 0000000000000006 RSI: 0000200000000040 RDI: 0000000000000003 [ 893.572362][T19431] RBP: 00007f416fb34090 R08: 0000000000000000 R09: 0000000000000000 [ 893.572383][T19431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 893.572403][T19431] R13: 00007f416ee16038 R14: 00007f416ee15fa0 R15: 00007ffca3e0eeb8 [ 893.572446][T19431] [ 894.780069][T19452] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3077'. [ 895.108331][T19458] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3072'. [ 895.769769][T19463] bridge0: port 3(netdevsim0) entered blocking state [ 895.779109][T19463] bridge0: port 3(netdevsim0) entered disabled state [ 895.786662][T19463] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 895.796978][T19463] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 895.826792][T19463] bridge0: port 3(netdevsim0) entered blocking state [ 895.834122][T19463] bridge0: port 3(netdevsim0) entered forwarding state [ 896.894312][T19476] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3074'. [ 898.199233][T19521] FAULT_INJECTION: forcing a failure. [ 898.199233][T19521] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 898.231784][T19521] CPU: 0 UID: 0 PID: 19521 Comm: syz.5.3088 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 898.231827][T19521] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 898.231839][T19521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 898.231854][T19521] Call Trace: [ 898.231861][T19521] [ 898.231871][T19521] dump_stack_lvl+0x100/0x190 [ 898.231904][T19521] should_fail_ex.cold+0x5/0xa [ 898.231943][T19521] _copy_to_user+0x32/0xd0 [ 898.231989][T19521] mtdchar_read+0x3cc/0x5b0 [ 898.232018][T19521] ? __pfx_mtdchar_read+0x10/0x10 [ 898.232042][T19521] ? iovec_from_user+0xbb/0x140 [ 898.232117][T19521] ? common_file_perm+0x1ab/0x4f0 [ 898.232169][T19521] ? bpf_lsm_file_permission+0x9/0x10 [ 898.232211][T19521] ? security_file_permission+0x76/0x210 [ 898.232261][T19521] ? iov_iter_advance+0xac/0x6d0 [ 898.232307][T19521] ? rw_verify_area+0xce/0x6d0 [ 898.232341][T19521] ? __pfx_mtdchar_read+0x10/0x10 [ 898.232371][T19521] vfs_readv+0x5d8/0x8d0 [ 898.232401][T19521] ? get_pid_task+0x106/0x250 [ 898.232454][T19521] ? __pfx_vfs_readv+0x10/0x10 [ 898.232489][T19521] ? find_held_lock+0x2b/0x80 [ 898.232543][T19521] ? __fget_files+0x21f/0x3d0 [ 898.232588][T19521] ? do_readv+0x13e/0x340 [ 898.232609][T19521] do_readv+0x13e/0x340 [ 898.232633][T19521] ? __pfx_do_readv+0x10/0x10 [ 898.232664][T19521] do_syscall_64+0xc9/0xf80 [ 898.232695][T19521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 898.232720][T19521] RIP: 0033:0x7f4abe59aeb9 [ 898.232739][T19521] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 898.232763][T19521] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 898.232786][T19521] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 898.232802][T19521] RDX: 0000000000000006 RSI: 0000200000000040 RDI: 0000000000000003 [ 898.232817][T19521] RBP: 00007f4abf4ff090 R08: 0000000000000000 R09: 0000000000000000 [ 898.232832][T19521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 898.232845][T19521] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 898.232876][T19521] [ 898.983770][T19542] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3090'. [ 899.103336][T19545] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 899.238568][T19541] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 899.595030][ T30] audit: type=1804 audit(4294967656.951:28): pid=19548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3093" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=52 res=1 errno=0 [ 901.042316][T19543] kexec: Could not allocate control_code_buffer [ 901.835156][T19596] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3101'. [ 902.498265][T19611] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3104'. [ 903.141745][T19636] validate_nla: 12 callbacks suppressed [ 903.141765][T19636] netlink: 'syz.6.3111': attribute type 1 has an invalid length. [ 904.697890][T19667] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3113'. [ 905.773751][T19694] ptrace attach of "./syz-executor exec"[16744] was attempted by "./syz-executor exec"[19694] [ 908.052283][T19744] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3126'. [ 912.161961][T19819] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3143'. [ 913.027864][T19840] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3146'. [ 913.264534][T19844] misc userio: No port type given on /dev/userio [ 913.331457][T14403] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 913.376468][T14403] Bluetooth: hci4: Received unexpected HCI Event 0x00 [ 914.453040][T19878] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3154'. [ 916.000176][T19888] zswap: compressor û not available [ 917.939874][T19917] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 918.057960][T19929] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3164'. [ 918.598606][T19932] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3167'. [ 919.095172][T19923] kexec: Could not allocate control_code_buffer [ 919.371776][T19942] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3172'. [ 919.816505][T19958] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3175'. [ 920.063338][T19961] WARNING! power/level is deprecated; use power/control instead [ 921.360379][T19982] cgroup: fork rejected by pids controller in /syz0 [ 921.797615][T20018] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3179'. [ 922.023661][T20026] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3184'. [ 924.315100][T20060] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3190'. [ 924.385111][T20059] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3193'. [ 925.082651][T20071] Invalid ELF header magic: != ELF [ 925.434800][T20075] hub 1-0:1.0: USB hub found [ 925.442954][T20075] hub 1-0:1.0: 1 port detected [ 925.597363][T20065] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3194'. [ 926.775232][T20094] netlink: 'syz.4.3205': attribute type 1 has an invalid length. [ 927.321350][T20102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 927.332248][T20102] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 927.341095][T20102] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 927.351441][T20102] page_type: f5(slab) [ 927.355576][T20102] raw: 00fff00000000040 ffff88813ff27140 dead000000000100 dead000000000122 [ 927.366003][T20102] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 927.374768][T20102] head: 00fff00000000040 ffff88813ff27140 dead000000000100 dead000000000122 [ 927.383917][T20102] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 927.392902][T20102] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 927.412589][T20102] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 927.421472][T20102] page dumped because: unmovable page [ 927.431679][T20102] page_owner tracks the page as allocated [ 927.582167][T20102] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5502, tgid 5502 (rm), ts 67019225863, free_ts 66860935545 [ 927.783110][T20102] post_alloc_hook+0x1e1/0x250 [ 927.788029][T20102] get_page_from_freelist+0xe3d/0x2e10 [ 927.856722][T20102] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 927.889358][T20102] alloc_pages_mpol+0x1fb/0x550 [ 928.066979][T20102] new_slab+0x2c4/0x440 [ 928.081426][T20123] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3218'. [ 928.096802][T20102] ___slab_alloc+0xda3/0x1ca0 [ 928.101577][T20102] __slab_alloc.isra.0+0x63/0x110 [ 928.181081][T20102] __kmalloc_noprof+0x618/0x9c0 [ 928.197082][T20102] tomoyo_realpath_from_path+0xb6/0x690 [ 928.219888][T20102] tomoyo_check_open_permission+0x2af/0x3c0 [ 928.235636][T20102] tomoyo_file_open+0x6b/0x90 [ 928.247331][T20102] security_file_open+0xb5/0x1e0 [ 928.266514][T20102] do_dentry_open+0x58c/0x1570 [ 928.276623][T20102] vfs_open+0x82/0x3f0 [ 928.293804][T20102] path_openat+0x21dc/0x3120 [ 928.305772][T20102] do_filp_open+0x1f7/0x420 [ 928.322313][T20102] page last free pid 5499 tgid 5499 stack trace: [ 928.354576][T20102] __free_frozen_pages+0x822/0x1130 [ 928.377870][T20102] __put_partials+0x127/0x160 [ 928.406667][T20102] qlist_free_all+0x47/0xe0 [ 928.430057][T20102] kasan_quarantine_reduce+0x1a0/0x1f0 [ 928.453524][T20102] __kasan_slab_alloc+0x69/0x90 [ 928.518824][T20102] kmem_cache_alloc_noprof+0x2ad/0x780 [ 928.535762][T20102] getname_flags.part.0+0x4c/0x540 [ 928.540997][T20102] getname_flags+0x93/0xf0 [ 928.623814][T20128] Invalid ELF header magic: != ELF [ 928.631307][T20102] do_sys_openat2+0xc5/0x220 [ 928.654958][T20102] __x64_sys_openat+0x12d/0x210 [ 928.659924][T20102] do_syscall_64+0xc9/0xf80 [ 928.726353][T20102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 929.483554][T20139] hub 1-0:1.0: USB hub found [ 929.505783][T20139] hub 1-0:1.0: 1 port detected [ 930.467310][T20128] tipc: can't start tipc receive workqueue [ 930.661198][T20162] random: crng reseeded on system resumption [ 930.733374][T20164] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3220'. [ 931.504984][T20176] futex_wake_op: syz.6.3222 tries to shift op by -2016; fix this program [ 931.522392][T20176] futex_wake_op: syz.6.3222 tries to shift op by -2016; fix this program [ 931.641167][T20176] 0x000000000001-0x000000020000 : "" [ 931.723806][T20176] ftl_cs: FTL header corrupt! [ 931.736694][T20185] futex_wake_op: syz.4.3223 tries to shift op by -2048; fix this program [ 932.699490][T20202] zswap: compressor not available [ 933.107559][T20212] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3231'. [ 933.356839][T20217] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3240'. [ 933.541096][T20219] Invalid ELF header magic: != ELF [ 933.743322][T20224] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3233'. [ 934.018861][T20225] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3234'. [ 934.200406][T20227] hub 1-0:1.0: USB hub found [ 934.246300][T20227] hub 1-0:1.0: 1 port detected [ 937.073739][T20282] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3245'. [ 937.215094][T20288] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3244'. [ 937.953289][T20308] Invalid ELF header magic: != ELF [ 938.088278][T20315] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3254'. [ 938.194235][T20310] zswap: compressor not available [ 938.804736][T20310] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3253'. [ 938.831340][T20314] zswap: compressor @ not available [ 939.494893][T20337] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3258'. [ 939.894159][T20348] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3259'. [ 940.713610][T20350] binder: 20349:20350 ioctl c018620c 0 returned -1 [ 940.907466][T20371] futex_wake_op: syz.5.3263 tries to shift op by -2016; fix this program [ 940.925166][T20371] futex_wake_op: syz.5.3263 tries to shift op by -2016; fix this program [ 941.039723][T20371] 0x000000000001-0x000000020000 : "" [ 941.116435][T20371] ftl_cs: FTL header corrupt! [ 941.763925][T20381] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3266'. [ 942.028797][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 942.035794][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 942.580632][T20391] FAULT_INJECTION: forcing a failure. [ 942.580632][T20391] name failslab, interval 1, probability 0, space 0, times 0 [ 942.616078][T20391] CPU: 0 UID: 0 PID: 20391 Comm: syz.5.3270 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 942.616139][T20391] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 942.616155][T20391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 942.616176][T20391] Call Trace: [ 942.616187][T20391] [ 942.616201][T20391] dump_stack_lvl+0x100/0x190 [ 942.616245][T20391] should_fail_ex.cold+0x5/0xa [ 942.616298][T20391] should_failslab+0xc2/0x120 [ 942.616344][T20391] __kmalloc_cache_noprof+0x80/0x810 [ 942.616378][T20391] ? find_held_lock+0x2b/0x80 [ 942.616417][T20391] ? alloc_pipe_info+0x10e/0x590 [ 942.616453][T20391] ? aa_file_perm+0x268/0x1540 [ 942.616493][T20391] ? alloc_pipe_info+0x10e/0x590 [ 942.616532][T20391] alloc_pipe_info+0x10e/0x590 [ 942.616575][T20391] splice_direct_to_actor+0x78f/0xa30 [ 942.616616][T20391] ? __pfx_direct_splice_actor+0x10/0x10 [ 942.616651][T20391] ? __pfx_aa_file_perm+0x10/0x10 [ 942.616690][T20391] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 942.616740][T20391] do_splice_direct+0x174/0x240 [ 942.616778][T20391] ? __pfx_do_splice_direct+0x10/0x10 [ 942.616812][T20391] ? common_file_perm+0x1ab/0x4f0 [ 942.616860][T20391] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 942.616902][T20391] ? rw_verify_area+0xce/0x6d0 [ 942.616938][T20391] do_sendfile+0xadc/0xe20 [ 942.616979][T20391] ? __pfx_do_sendfile+0x10/0x10 [ 942.617014][T20391] ? __fget_files+0x21f/0x3d0 [ 942.617060][T20391] __x64_sys_sendfile64+0x1d8/0x220 [ 942.617102][T20391] ? ksys_write+0x1ac/0x250 [ 942.617138][T20391] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 942.617194][T20391] do_syscall_64+0xc9/0xf80 [ 942.617236][T20391] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.617269][T20391] RIP: 0033:0x7f4abe59aeb9 [ 942.617294][T20391] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 942.617325][T20391] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 942.617357][T20391] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 942.617385][T20391] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 942.617414][T20391] RBP: 00007f4abf4ff090 R08: 0000000000000000 R09: 0000000000000000 [ 942.617435][T20391] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 942.617454][T20391] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 942.617497][T20391] [ 944.103200][ T5148] Bluetooth: hci1: command 0x0406 tx timeout [ 944.526026][T20421] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3277'. [ 944.660543][T20417] binder: 20416:20417 ioctl c018620c 0 returned -1 [ 945.361727][T20436] bridge0: port 4(batadv0) entered blocking state [ 945.382751][T20436] bridge0: port 4(batadv0) entered disabled state [ 945.389613][T20436] batadv0: entered allmulticast mode [ 945.424442][T20436] batadv0: entered promiscuous mode [ 945.431034][T20436] bridge0: port 4(batadv0) entered blocking state [ 945.437729][T20436] bridge0: port 4(batadv0) entered forwarding state [ 945.489719][T20440] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3282'. [ 945.598557][ T7926] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 945.608369][ T7926] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 945.636740][T20443] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3280'. [ 946.407318][T20463] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3289'. [ 946.420387][T20463] netlink: 29 bytes leftover after parsing attributes in process `syz.4.3289'. [ 946.573486][T20471] bridge0: port 4(batadv0) entered blocking state [ 946.580568][T20471] bridge0: port 4(batadv0) entered disabled state [ 946.602449][T20471] batadv0: entered allmulticast mode [ 946.633025][T20471] batadv0: entered promiscuous mode [ 946.639171][T20471] bridge0: port 4(batadv0) entered blocking state [ 946.646044][T20471] bridge0: port 4(batadv0) entered forwarding state [ 946.683228][T20474] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3292'. [ 946.705429][ T7926] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 946.715436][ T7926] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 946.970820][T20473] binder: 20472:20473 ioctl c018620c 0 returned -1 [ 947.238679][T20486] futex_wake_op: syz.4.3295 tries to shift op by -2016; fix this program [ 947.247417][T20486] futex_wake_op: syz.4.3295 tries to shift op by -2016; fix this program [ 947.297310][T20486] 0x000000000001-0x000000020000 : "" [ 947.338739][T20486] ftl_cs: FTL header corrupt! [ 947.915457][T20495] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3297'. [ 948.028681][T20498] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3298'. [ 948.038416][T20498] dummy0: entered promiscuous mode [ 948.060867][T20498] dummy0: entered allmulticast mode [ 948.206135][T20506] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3298'. [ 948.555708][T20514] mkiss: ax0: crc mode is auto. [ 949.289777][T20536] bridge0: port 4(batadv0) entered blocking state [ 949.302338][T20536] bridge0: port 4(batadv0) entered disabled state [ 949.333195][T20536] batadv0: entered allmulticast mode [ 949.344276][T20534] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3315'. [ 949.355060][T20536] batadv0: entered promiscuous mode [ 949.398097][T20536] bridge0: port 4(batadv0) entered blocking state [ 949.404788][T20536] bridge0: port 4(batadv0) entered forwarding state [ 949.632626][T20545] __nla_validate_parse: 1 callbacks suppressed [ 949.632654][T20545] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3308'. [ 949.689571][ T12] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 949.698913][ T12] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 950.488078][T20566] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3314'. [ 952.060565][T20589] block nbd7: not configured, cannot reconfigure [ 952.257165][T20593] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 952.306058][T20563] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 952.386184][T20593] ptp ptp0: new virtual clock ptp2 [ 952.437090][T20593] ptp ptp0: new virtual clock ptp3 [ 952.462145][T20593] ptp ptp0: guarantee physical clock free running [ 953.019647][T20612] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 953.038550][T20601] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3323'. [ 953.050524][T20612] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [65007]. [ 954.061737][T20641] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3332'. [ 954.321452][T20646] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3336'. [ 954.708705][T20659] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3339'. [ 955.822477][T20685] sctp: [Deprecated]: syz.5.3346 (pid 20685) Use of struct sctp_assoc_value in delayed_ack socket option. [ 955.822477][T20685] Use struct sctp_sack_info instead [ 956.333374][T20699] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3351'. [ 956.595420][T20703] FAULT_INJECTION: forcing a failure. [ 956.595420][T20703] name failslab, interval 1, probability 0, space 0, times 0 [ 956.628770][T20703] CPU: 1 UID: 0 PID: 20703 Comm: syz.6.3354 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 956.628814][T20703] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 956.628825][T20703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 956.628839][T20703] Call Trace: [ 956.628847][T20703] [ 956.628856][T20703] dump_stack_lvl+0x100/0x190 [ 956.628889][T20703] should_fail_ex.cold+0x5/0xa [ 956.628927][T20703] should_failslab+0xc2/0x120 [ 956.628964][T20703] __kmalloc_cache_noprof+0x80/0x810 [ 956.628989][T20703] ? find_held_lock+0x2b/0x80 [ 956.629010][T20703] ? alloc_pipe_info+0x10e/0x590 [ 956.629038][T20703] ? aa_file_perm+0x268/0x1540 [ 956.629065][T20703] ? alloc_pipe_info+0x10e/0x590 [ 956.629093][T20703] alloc_pipe_info+0x10e/0x590 [ 956.629125][T20703] splice_direct_to_actor+0x78f/0xa30 [ 956.629154][T20703] ? __pfx_direct_splice_actor+0x10/0x10 [ 956.629179][T20703] ? __pfx_aa_file_perm+0x10/0x10 [ 956.629207][T20703] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 956.629242][T20703] do_splice_direct+0x174/0x240 [ 956.629269][T20703] ? __pfx_do_splice_direct+0x10/0x10 [ 956.629293][T20703] ? common_file_perm+0x1ab/0x4f0 [ 956.629330][T20703] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 956.629361][T20703] ? rw_verify_area+0xce/0x6d0 [ 956.629385][T20703] do_sendfile+0xadc/0xe20 [ 956.629416][T20703] ? __pfx_do_sendfile+0x10/0x10 [ 956.629440][T20703] ? __fget_files+0x21f/0x3d0 [ 956.629473][T20703] __x64_sys_sendfile64+0x1d8/0x220 [ 956.629503][T20703] ? ksys_write+0x1ac/0x250 [ 956.629529][T20703] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 956.629573][T20703] do_syscall_64+0xc9/0xf80 [ 956.629604][T20703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 956.629628][T20703] RIP: 0033:0x7feeb9f9aeb9 [ 956.629647][T20703] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 956.629671][T20703] RSP: 002b:00007feebaee6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 956.629694][T20703] RAX: ffffffffffffffda RBX: 00007feeba215fa0 RCX: 00007feeb9f9aeb9 [ 956.629710][T20703] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 956.629724][T20703] RBP: 00007feebaee6090 R08: 0000000000000000 R09: 0000000000000000 [ 956.629739][T20703] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 956.629754][T20703] R13: 00007feeba216038 R14: 00007feeba215fa0 R15: 00007ffe4b0286d8 [ 956.629784][T20703] [ 957.173761][T20708] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 957.259564][T20708] ptp ptp0: guarantee physical clock free running [ 957.938102][T20734] FAULT_INJECTION: forcing a failure. [ 957.938102][T20734] name failslab, interval 1, probability 0, space 0, times 0 [ 957.963090][T20734] CPU: 1 UID: 0 PID: 20734 Comm: syz.0.3364 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 957.963157][T20734] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 957.963172][T20734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 957.963191][T20734] Call Trace: [ 957.963210][T20734] [ 957.963222][T20734] dump_stack_lvl+0x100/0x190 [ 957.963263][T20734] should_fail_ex.cold+0x5/0xa [ 957.963312][T20734] should_failslab+0xc2/0x120 [ 957.963352][T20734] ? alloc_pipe_info+0x1ec/0x590 [ 957.963386][T20734] __kmalloc_noprof+0xf6/0x9c0 [ 957.963425][T20734] ? alloc_pipe_info+0x1ec/0x590 [ 957.963459][T20734] alloc_pipe_info+0x1ec/0x590 [ 957.963498][T20734] splice_direct_to_actor+0x78f/0xa30 [ 957.963534][T20734] ? __pfx_direct_splice_actor+0x10/0x10 [ 957.963566][T20734] ? __pfx_aa_file_perm+0x10/0x10 [ 957.963601][T20734] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 957.963643][T20734] do_splice_direct+0x174/0x240 [ 957.963676][T20734] ? __pfx_do_splice_direct+0x10/0x10 [ 957.963706][T20734] ? common_file_perm+0x1ab/0x4f0 [ 957.963749][T20734] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 957.963787][T20734] ? rw_verify_area+0xce/0x6d0 [ 957.963817][T20734] do_sendfile+0xadc/0xe20 [ 957.963854][T20734] ? __pfx_do_sendfile+0x10/0x10 [ 957.963885][T20734] ? __fget_files+0x21f/0x3d0 [ 957.963926][T20734] __x64_sys_sendfile64+0x1d8/0x220 [ 957.963964][T20734] ? ksys_write+0x1ac/0x250 [ 957.963996][T20734] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 957.964046][T20734] do_syscall_64+0xc9/0xf80 [ 957.964084][T20734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 957.964113][T20734] RIP: 0033:0x7f906339aeb9 [ 957.964137][T20734] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 957.964168][T20734] RSP: 002b:00007f9064307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 957.964196][T20734] RAX: ffffffffffffffda RBX: 00007f9063615fa0 RCX: 00007f906339aeb9 [ 957.964227][T20734] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 957.964245][T20734] RBP: 00007f9064307090 R08: 0000000000000000 R09: 0000000000000000 [ 957.964263][T20734] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 957.964281][T20734] R13: 00007f9063616038 R14: 00007f9063615fa0 R15: 00007fff56ff56f8 [ 957.964319][T20734] [ 959.267767][T20750] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3367'. [ 959.436656][T20752] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3368'. [ 959.455171][T20725] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 959.776990][T20761] futex_wake_op: syz.5.3371 tries to shift op by -2048; fix this program [ 959.832037][T20761] futex_wake_op: syz.5.3371 tries to shift op by -2048; fix this program [ 960.671131][T20791] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 960.837393][T20791] ptp ptp0: guarantee physical clock free running [ 961.957844][T20829] FAULT_INJECTION: forcing a failure. [ 961.957844][T20829] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 962.034060][T20829] CPU: 0 UID: 0 PID: 20829 Comm: syz.0.3389 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 962.034105][T20829] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 962.034116][T20829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 962.034131][T20829] Call Trace: [ 962.034139][T20829] [ 962.034148][T20829] dump_stack_lvl+0x100/0x190 [ 962.034182][T20829] should_fail_ex.cold+0x5/0xa [ 962.034224][T20829] ? prepare_alloc_pages+0x16d/0x5f0 [ 962.034263][T20829] should_fail_alloc_page+0xeb/0x140 [ 962.034299][T20829] prepare_alloc_pages+0x1f0/0x5f0 [ 962.034339][T20829] __alloc_frozen_pages_noprof+0x193/0x2410 [ 962.034371][T20829] ? stack_trace_save+0x8e/0xc0 [ 962.034398][T20829] ? __pfx_stack_trace_save+0x10/0x10 [ 962.034423][T20829] ? is_bpf_text_address+0x8a/0x1a0 [ 962.034460][T20829] ? stack_depot_save_flags+0x27/0x9c0 [ 962.034496][T20829] ? bpf_ksym_find+0x124/0x1c0 [ 962.034529][T20829] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 962.034557][T20829] ? kasan_save_track+0x14/0x30 [ 962.034585][T20829] ? __kmalloc_noprof+0x347/0x9c0 [ 962.034607][T20829] ? do_splice_read+0x285/0x370 [ 962.034631][T20829] ? splice_direct_to_actor+0x2a1/0xa30 [ 962.034655][T20829] ? do_splice_direct+0x174/0x240 [ 962.034679][T20829] ? do_sendfile+0xadc/0xe20 [ 962.034701][T20829] ? __x64_sys_sendfile64+0x1d8/0x220 [ 962.034760][T20829] ? do_syscall_64+0xc9/0xf80 [ 962.034795][T20829] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 962.034838][T20829] alloc_pages_bulk_noprof+0x777/0x1500 [ 962.034878][T20829] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 962.034906][T20829] ? copy_splice_read+0x1a3/0xb90 [ 962.034936][T20829] ? copy_splice_read+0x1a3/0xb90 [ 962.034972][T20829] copy_splice_read+0x1e1/0xb90 [ 962.035004][T20829] ? __pfx_copy_splice_read+0x10/0x10 [ 962.035031][T20829] ? look_up_lock_class+0x55/0x120 [ 962.035063][T20829] ? lockdep_init_map_type+0x5c/0x250 [ 962.035101][T20829] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 962.035129][T20829] ? __pfx_copy_splice_read+0x10/0x10 [ 962.035155][T20829] do_splice_read+0x285/0x370 [ 962.035183][T20829] splice_direct_to_actor+0x2a1/0xa30 [ 962.035211][T20829] ? __pfx_direct_splice_actor+0x10/0x10 [ 962.035244][T20829] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 962.035278][T20829] do_splice_direct+0x174/0x240 [ 962.035305][T20829] ? __pfx_do_splice_direct+0x10/0x10 [ 962.035330][T20829] ? common_file_perm+0x1ab/0x4f0 [ 962.035365][T20829] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 962.035394][T20829] ? rw_verify_area+0xce/0x6d0 [ 962.035419][T20829] do_sendfile+0xadc/0xe20 [ 962.035449][T20829] ? __pfx_do_sendfile+0x10/0x10 [ 962.035474][T20829] ? __fget_files+0x21f/0x3d0 [ 962.035506][T20829] __x64_sys_sendfile64+0x1d8/0x220 [ 962.035537][T20829] ? ksys_write+0x1ac/0x250 [ 962.035562][T20829] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 962.035601][T20829] do_syscall_64+0xc9/0xf80 [ 962.035631][T20829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 962.035655][T20829] RIP: 0033:0x7f906339aeb9 [ 962.035674][T20829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 962.035697][T20829] RSP: 002b:00007f9064307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 962.035721][T20829] RAX: ffffffffffffffda RBX: 00007f9063615fa0 RCX: 00007f906339aeb9 [ 962.035737][T20829] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 962.035751][T20829] RBP: 00007f9064307090 R08: 0000000000000000 R09: 0000000000000000 [ 962.035766][T20829] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 962.035781][T20829] R13: 00007f9063616038 R14: 00007f9063615fa0 R15: 00007fff56ff56f8 [ 962.035810][T20829] [ 962.584965][T20793] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 963.247712][T20852] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3394'. [ 963.916426][T20859] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3397'. [ 964.064751][T20863] FAULT_INJECTION: forcing a failure. [ 964.064751][T20863] name failslab, interval 1, probability 0, space 0, times 0 [ 964.112166][T20863] CPU: 0 UID: 0 PID: 20863 Comm: syz.5.3399 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 964.112226][T20863] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 964.112242][T20863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 964.112262][T20863] Call Trace: [ 964.112273][T20863] [ 964.112286][T20863] dump_stack_lvl+0x100/0x190 [ 964.112332][T20863] should_fail_ex.cold+0x5/0xa [ 964.112384][T20863] should_failslab+0xc2/0x120 [ 964.112430][T20863] __kvmalloc_node_noprof+0x101/0xac0 [ 964.112471][T20863] ? alloc_pages_bulk_noprof+0x806/0x1500 [ 964.112510][T20863] ? seq_read_iter+0x819/0x1270 [ 964.112551][T20863] ? seq_read_iter+0x819/0x1270 [ 964.112580][T20863] seq_read_iter+0x819/0x1270 [ 964.112613][T20863] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 964.112657][T20863] ? copy_splice_read+0x1a3/0xb90 [ 964.112697][T20863] kernfs_fop_read_iter+0x46c/0x610 [ 964.112741][T20863] copy_splice_read+0x4ba/0xb90 [ 964.112787][T20863] ? __pfx_copy_splice_read+0x10/0x10 [ 964.112825][T20863] ? look_up_lock_class+0x55/0x120 [ 964.112872][T20863] ? lockdep_init_map_type+0x5c/0x250 [ 964.112919][T20863] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 964.112958][T20863] ? __pfx_copy_splice_read+0x10/0x10 [ 964.112993][T20863] do_splice_read+0x285/0x370 [ 964.113040][T20863] splice_direct_to_actor+0x2a1/0xa30 [ 964.113088][T20863] ? __pfx_direct_splice_actor+0x10/0x10 [ 964.113134][T20863] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 964.113185][T20863] do_splice_direct+0x174/0x240 [ 964.113223][T20863] ? __pfx_do_splice_direct+0x10/0x10 [ 964.113256][T20863] ? common_file_perm+0x1ab/0x4f0 [ 964.113305][T20863] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 964.113349][T20863] ? rw_verify_area+0xce/0x6d0 [ 964.113410][T20863] do_sendfile+0xadc/0xe20 [ 964.113454][T20863] ? __pfx_do_sendfile+0x10/0x10 [ 964.113489][T20863] ? __fget_files+0x21f/0x3d0 [ 964.113535][T20863] __x64_sys_sendfile64+0x1d8/0x220 [ 964.113577][T20863] ? ksys_write+0x1ac/0x250 [ 964.113614][T20863] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 964.113670][T20863] do_syscall_64+0xc9/0xf80 [ 964.113712][T20863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.113744][T20863] RIP: 0033:0x7f4abe59aeb9 [ 964.113769][T20863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 964.113805][T20863] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 964.113837][T20863] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 964.113860][T20863] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 964.113880][T20863] RBP: 00007f4abf4ff090 R08: 0000000000000000 R09: 0000000000000000 [ 964.113902][T20863] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 964.113922][T20863] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 964.113966][T20863] [ 964.562814][T20867] netlink: 'syz.4.3400': attribute type 1 has an invalid length. [ 964.661609][T20870] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3402'. [ 964.918443][T20885] FAULT_INJECTION: forcing a failure. [ 964.918443][T20885] name failslab, interval 1, probability 0, space 0, times 0 [ 964.952221][T20885] CPU: 1 UID: 0 PID: 20885 Comm: syz.5.3405 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 964.952281][T20885] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 964.952298][T20885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 964.952318][T20885] Call Trace: [ 964.952330][T20885] [ 964.952343][T20885] dump_stack_lvl+0x100/0x190 [ 964.952393][T20885] should_fail_ex.cold+0x5/0xa [ 964.952448][T20885] should_failslab+0xc2/0x120 [ 964.952497][T20885] kmem_cache_alloc_noprof+0x83/0x780 [ 964.952541][T20885] ? __pfx_map_id_range_down+0x10/0x10 [ 964.952576][T20885] ? security_inode_alloc+0x3b/0x2c0 [ 964.952629][T20885] ? security_inode_alloc+0x3b/0x2c0 [ 964.952673][T20885] security_inode_alloc+0x3b/0x2c0 [ 964.952731][T20885] inode_init_always_gfp+0xced/0x1040 [ 964.952778][T20885] alloc_inode+0x8e/0x250 [ 964.952829][T20885] sock_alloc+0x44/0x280 [ 964.952857][T20885] ? security_socket_create+0x7f/0x250 [ 964.952903][T20885] __sock_create+0xc2/0x860 [ 964.952951][T20885] __sys_socket+0x14d/0x260 [ 964.952988][T20885] ? __pfx_task_work_run+0x10/0x10 [ 964.953040][T20885] ? __pfx___sys_socket+0x10/0x10 [ 964.953093][T20885] __x64_sys_socket+0x72/0xb0 [ 964.953132][T20885] ? lockdep_hardirqs_on+0x78/0x100 [ 964.953174][T20885] do_syscall_64+0xc9/0xf80 [ 964.953217][T20885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 964.953253][T20885] RIP: 0033:0x7f4abe59aeb9 [ 964.953281][T20885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 964.953314][T20885] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 964.953347][T20885] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 964.953370][T20885] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 964.953392][T20885] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 964.953414][T20885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 964.953435][T20885] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 964.953481][T20885] [ 964.953635][T20885] socket: no more sockets [ 965.183714][T20872] zswap: compressor not available [ 965.807954][T20898] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3407'. [ 966.217157][T20909] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3411'. [ 968.505580][T20950] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3420'. [ 968.563343][T20953] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3421'. [ 970.156764][T20985] FAULT_INJECTION: forcing a failure. [ 970.156764][T20985] name failslab, interval 1, probability 0, space 0, times 0 [ 970.287379][T20985] CPU: 0 UID: 0 PID: 20985 Comm: syz.5.3426 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 970.287440][T20985] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 970.287456][T20985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 970.287477][T20985] Call Trace: [ 970.287489][T20985] [ 970.287502][T20985] dump_stack_lvl+0x100/0x190 [ 970.287548][T20985] should_fail_ex.cold+0x5/0xa [ 970.287605][T20985] should_failslab+0xc2/0x120 [ 970.287653][T20985] kmem_cache_alloc_noprof+0x83/0x780 [ 970.287696][T20985] ? __kernfs_new_node+0xd2/0x960 [ 970.287749][T20985] ? __kernfs_new_node+0xd2/0x960 [ 970.287793][T20985] __kernfs_new_node+0xd2/0x960 [ 970.287846][T20985] ? __pfx___kernfs_new_node+0x10/0x10 [ 970.287903][T20985] ? find_held_lock+0x2b/0x80 [ 970.287935][T20985] ? kernfs_root+0xee/0x2a0 [ 970.287976][T20985] ? kernfs_root+0xee/0x2a0 [ 970.288022][T20985] kernfs_new_node+0x11b/0x1a0 [ 970.288072][T20985] __kernfs_create_file+0x53/0x350 [ 970.288109][T20985] sysfs_add_file_mode_ns+0x207/0x3c0 [ 970.288155][T20985] internal_create_group+0x593/0xf40 [ 970.288206][T20985] ? __pfx_internal_create_group+0x10/0x10 [ 970.288253][T20985] ? kernfs_create_link+0x1bd/0x240 [ 970.288290][T20985] internal_create_groups+0x9d/0x150 [ 970.288355][T20985] device_add+0x71a/0x1950 [ 970.288398][T20985] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 970.288430][T20985] ? __pfx_device_add+0x10/0x10 [ 970.288470][T20985] ? lockdep_init_map_type+0x5c/0x250 [ 970.288511][T20985] ? __init_waitqueue_head+0xca/0x150 [ 970.288567][T20985] netdev_register_kobject+0x1a9/0x3d0 [ 970.288603][T20985] register_netdevice+0x12b3/0x21d0 [ 970.288658][T20985] ? __pfx_register_netdevice+0x10/0x10 [ 970.288716][T20985] __ip_tunnel_create+0x52b/0x670 [ 970.288765][T20985] ? __pfx___ip_tunnel_create+0x10/0x10 [ 970.288810][T20985] ? net_generic+0xea/0x2a0 [ 970.288844][T20985] ip_tunnel_init_net+0x230/0x780 [ 970.288876][T20985] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 970.288919][T20985] ? __pfx_ipgre_init_net+0x10/0x10 [ 970.288958][T20985] ops_init+0x1e2/0x5f0 [ 970.289007][T20985] setup_net+0x118/0x3a0 [ 970.289053][T20985] ? __pfx_setup_net+0x10/0x10 [ 970.289095][T20985] ? lockdep_init_map_type+0x5c/0x250 [ 970.289136][T20985] ? mutex_init_lockep+0x110/0x150 [ 970.289182][T20985] copy_net_ns+0x46f/0x7c0 [ 970.289214][T20985] create_new_namespaces+0x3ea/0xab0 [ 970.289256][T20985] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 970.289292][T20985] ksys_unshare+0x455/0xab0 [ 970.289344][T20985] ? __pfx_ksys_unshare+0x10/0x10 [ 970.289386][T20985] ? xfd_validate_state+0x129/0x190 [ 970.289444][T20985] __x64_sys_unshare+0x31/0x40 [ 970.289485][T20985] do_syscall_64+0xc9/0xf80 [ 970.289522][T20985] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 970.289552][T20985] RIP: 0033:0x7f4abe59aeb9 [ 970.289576][T20985] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 970.289605][T20985] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 970.289634][T20985] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 970.289654][T20985] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 970.289672][T20985] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 970.289690][T20985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 970.289708][T20985] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 970.289745][T20985] [ 971.251334][T21004] FAULT_INJECTION: forcing a failure. [ 971.251334][T21004] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 971.304447][T21004] CPU: 0 UID: 0 PID: 21004 Comm: syz.4.3436 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 971.304508][T21004] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 971.304523][T21004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 971.304543][T21004] Call Trace: [ 971.304553][T21004] [ 971.304566][T21004] dump_stack_lvl+0x100/0x190 [ 971.304610][T21004] should_fail_ex.cold+0x5/0xa [ 971.304661][T21004] _copy_from_user+0x2e/0xd0 [ 971.304708][T21004] snd_seq_oss_write+0x395/0x7f0 [ 971.304756][T21004] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 971.304803][T21004] ? bpf_lsm_file_permission+0x9/0x10 [ 971.304851][T21004] odev_write+0x51/0xa0 [ 971.304882][T21004] vfs_write+0x2aa/0x1070 [ 971.304916][T21004] ? __pfx_odev_write+0x10/0x10 [ 971.304949][T21004] ? __pfx_vfs_write+0x10/0x10 [ 971.304979][T21004] ? find_held_lock+0x2b/0x80 [ 971.305008][T21004] ? __fget_files+0x215/0x3d0 [ 971.305038][T21004] ? __fget_files+0x215/0x3d0 [ 971.305079][T21004] ? __fget_files+0x21f/0x3d0 [ 971.305126][T21004] ksys_write+0x12a/0x250 [ 971.305163][T21004] ? __pfx_ksys_write+0x10/0x10 [ 971.305213][T21004] do_syscall_64+0xc9/0xf80 [ 971.305258][T21004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 971.305289][T21004] RIP: 0033:0x7f416eb9aeb9 [ 971.305321][T21004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 971.305356][T21004] RSP: 002b:00007f416fb13028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 971.305390][T21004] RAX: ffffffffffffffda RBX: 00007f416ee16090 RCX: 00007f416eb9aeb9 [ 971.305415][T21004] RDX: 00000000000002f8 RSI: 0000200000000040 RDI: 0000000000000002 [ 971.305438][T21004] RBP: 00007f416ec08c1f R08: 0000000000000000 R09: 0000000000000000 [ 971.305460][T21004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 971.305483][T21004] R13: 00007f416ee16128 R14: 00007f416ee16090 R15: 00007ffca3e0eeb8 [ 971.305526][T21004] [ 972.272830][T21015] sd 0:0:1:0: PR command failed: 1026 [ 972.286068][T21015] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 972.299185][T21015] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 972.704517][T21027] FAULT_INJECTION: forcing a failure. [ 972.704517][T21027] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 972.732279][T21027] CPU: 0 UID: 0 PID: 21027 Comm: syz.0.3442 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 972.732342][T21027] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 972.732358][T21027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 972.732380][T21027] Call Trace: [ 972.732393][T21027] [ 972.732407][T21027] dump_stack_lvl+0x100/0x190 [ 972.732453][T21027] should_fail_ex.cold+0x5/0xa [ 972.732511][T21027] _copy_from_user+0x2e/0xd0 [ 972.732561][T21027] snd_seq_oss_write+0x395/0x7f0 [ 972.732613][T21027] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 972.732669][T21027] ? bpf_lsm_file_permission+0x9/0x10 [ 972.732723][T21027] odev_write+0x51/0xa0 [ 972.732759][T21027] vfs_write+0x2aa/0x1070 [ 972.732799][T21027] ? __pfx_odev_write+0x10/0x10 [ 972.732837][T21027] ? __pfx_vfs_write+0x10/0x10 [ 972.732873][T21027] ? find_held_lock+0x2b/0x80 [ 972.732906][T21027] ? __fget_files+0x215/0x3d0 [ 972.732941][T21027] ? __fget_files+0x215/0x3d0 [ 972.732984][T21027] ? __fget_files+0x21f/0x3d0 [ 972.733031][T21027] ksys_write+0x12a/0x250 [ 972.733069][T21027] ? __pfx_ksys_write+0x10/0x10 [ 972.733121][T21027] do_syscall_64+0xc9/0xf80 [ 972.733175][T21027] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 972.733209][T21027] RIP: 0033:0x7f906339aeb9 [ 972.733235][T21027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 972.733270][T21027] RSP: 002b:00007f90642e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 972.733305][T21027] RAX: ffffffffffffffda RBX: 00007f9063616090 RCX: 00007f906339aeb9 [ 972.733329][T21027] RDX: 00000000000002f8 RSI: 0000200000000040 RDI: 0000000000000002 [ 972.733352][T21027] RBP: 00007f9063408c1f R08: 0000000000000000 R09: 0000000000000000 [ 972.733374][T21027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 972.733395][T21027] R13: 00007f9063616128 R14: 00007f9063616090 R15: 00007fff56ff56f8 [ 972.733440][T21027] [ 973.592789][ T5882] Process accounting resumed [ 973.668540][T21035] Process accounting resumed [ 974.393015][T21063] netlink: 338 bytes leftover after parsing attributes in process `syz.5.3445'. [ 975.993939][T21085] can: request_module (can-proto-4) failed. [ 976.432333][T21108] FAULT_INJECTION: forcing a failure. [ 976.432333][T21108] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 976.471390][T21108] CPU: 0 UID: 0 PID: 21108 Comm: syz.5.3450 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 976.471452][T21108] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 976.471469][T21108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 976.471489][T21108] Call Trace: [ 976.471500][T21108] [ 976.471514][T21108] dump_stack_lvl+0x100/0x190 [ 976.471562][T21108] should_fail_ex.cold+0x5/0xa [ 976.471616][T21108] _copy_from_user+0x2e/0xd0 [ 976.471670][T21108] snd_seq_oss_write+0x395/0x7f0 [ 976.471725][T21108] ? __pfx_snd_seq_oss_write+0x10/0x10 [ 976.471782][T21108] ? bpf_lsm_file_permission+0x9/0x10 [ 976.471836][T21108] odev_write+0x51/0xa0 [ 976.471882][T21108] vfs_write+0x2aa/0x1070 [ 976.471922][T21108] ? __pfx_odev_write+0x10/0x10 [ 976.471960][T21108] ? __pfx_vfs_write+0x10/0x10 [ 976.471995][T21108] ? find_held_lock+0x2b/0x80 [ 976.472031][T21108] ? __fget_files+0x215/0x3d0 [ 976.472066][T21108] ? __fget_files+0x215/0x3d0 [ 976.472112][T21108] ? __fget_files+0x21f/0x3d0 [ 976.472159][T21108] ksys_write+0x12a/0x250 [ 976.472197][T21108] ? __pfx_ksys_write+0x10/0x10 [ 976.472247][T21108] do_syscall_64+0xc9/0xf80 [ 976.472290][T21108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 976.472325][T21108] RIP: 0033:0x7f4abe59aeb9 [ 976.472352][T21108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 976.472387][T21108] RSP: 002b:00007f4abf4de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 976.472420][T21108] RAX: ffffffffffffffda RBX: 00007f4abe816090 RCX: 00007f4abe59aeb9 [ 976.472444][T21108] RDX: 00000000000002f8 RSI: 0000200000000040 RDI: 0000000000000002 [ 976.472466][T21108] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 976.472489][T21108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 976.472510][T21108] R13: 00007f4abe816128 R14: 00007f4abe816090 R15: 00007ffd8bcf5348 [ 976.472553][T21108] [ 976.690235][T21107] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3458'. [ 977.194272][T15979] Process accounting resumed [ 977.304813][T21115] Process accounting resumed [ 977.902536][T21131] FAULT_INJECTION: forcing a failure. [ 977.902536][T21131] name failslab, interval 1, probability 0, space 0, times 0 [ 977.947189][T21131] CPU: 0 UID: 0 PID: 21131 Comm: syz.4.3455 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 977.947250][T21131] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 977.947267][T21131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 977.947287][T21131] Call Trace: [ 977.947298][T21131] [ 977.947311][T21131] dump_stack_lvl+0x100/0x190 [ 977.947358][T21131] should_fail_ex.cold+0x5/0xa [ 977.947409][T21131] should_failslab+0xc2/0x120 [ 977.947451][T21131] __kmalloc_cache_noprof+0x80/0x810 [ 977.947482][T21131] ? dropmon_net_event+0x15d/0x360 [ 977.947530][T21131] ? dropmon_net_event+0x15d/0x360 [ 977.947569][T21131] ? lockdep_rtnl_is_held+0x26/0x40 [ 977.947604][T21131] dropmon_net_event+0x15d/0x360 [ 977.947647][T21131] notifier_call_chain+0x99/0x3b0 [ 977.947697][T21131] call_netdevice_notifiers_info+0xbe/0x110 [ 977.947732][T21131] register_netdevice+0x16b9/0x21d0 [ 977.947796][T21131] ? __pfx_register_netdevice+0x10/0x10 [ 977.947855][T21131] __ip_tunnel_create+0x52b/0x670 [ 977.947905][T21131] ? __pfx___ip_tunnel_create+0x10/0x10 [ 977.947950][T21131] ? net_generic+0xea/0x2a0 [ 977.947984][T21131] ip_tunnel_init_net+0x230/0x780 [ 977.948018][T21131] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 977.948060][T21131] ? __pfx_ipgre_init_net+0x10/0x10 [ 977.948100][T21131] ops_init+0x1e2/0x5f0 [ 977.948150][T21131] setup_net+0x118/0x3a0 [ 977.948197][T21131] ? __pfx_setup_net+0x10/0x10 [ 977.948240][T21131] ? lockdep_init_map_type+0x5c/0x250 [ 977.948282][T21131] ? mutex_init_lockep+0x110/0x150 [ 977.948328][T21131] copy_net_ns+0x46f/0x7c0 [ 977.948360][T21131] create_new_namespaces+0x3ea/0xab0 [ 977.948400][T21131] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 977.948437][T21131] ksys_unshare+0x455/0xab0 [ 977.948480][T21131] ? __pfx_ksys_unshare+0x10/0x10 [ 977.948535][T21131] __x64_sys_unshare+0x31/0x40 [ 977.948575][T21131] do_syscall_64+0xc9/0xf80 [ 977.948612][T21131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.948642][T21131] RIP: 0033:0x7f416eb9aeb9 [ 977.948665][T21131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 977.948694][T21131] RSP: 002b:00007f416fb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 977.948723][T21131] RAX: ffffffffffffffda RBX: 00007f416ee15fa0 RCX: 00007f416eb9aeb9 [ 977.948743][T21131] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 977.948767][T21131] RBP: 00007f416ec08c1f R08: 0000000000000000 R09: 0000000000000000 [ 977.948786][T21131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 977.948803][T21131] R13: 00007f416ee16038 R14: 00007f416ee15fa0 R15: 00007ffca3e0eeb8 [ 977.948841][T21131] [ 978.917085][T16824] Bluetooth: hci2: unexpected subevent 0x0c length: 118 > 5 [ 979.297268][T21160] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 979.578230][T21168] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3460'. [ 980.109894][T15979] Process accounting resumed [ 980.300020][T21182] Process accounting resumed [ 982.871531][T21217] FAULT_INJECTION: forcing a failure. [ 982.871531][T21217] name failslab, interval 1, probability 0, space 0, times 0 [ 982.931775][T21217] CPU: 0 UID: 0 PID: 21217 Comm: syz.0.3470 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 982.931831][T21217] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 982.931843][T21217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 982.931858][T21217] Call Trace: [ 982.931867][T21217] [ 982.931877][T21217] dump_stack_lvl+0x100/0x190 [ 982.931911][T21217] should_fail_ex.cold+0x5/0xa [ 982.931952][T21217] should_failslab+0xc2/0x120 [ 982.931988][T21217] __kmalloc_node_track_caller_noprof+0xf9/0x9d0 [ 982.932022][T21217] ? neigh_sysctl_register+0xb4/0x660 [ 982.932107][T21217] ? kmemdup_noprof+0x29/0x60 [ 982.932148][T21217] ? lockdep_hardirqs_on+0x78/0x100 [ 982.932186][T21217] kmemdup_noprof+0x29/0x60 [ 982.932231][T21217] neigh_sysctl_register+0xb4/0x660 [ 982.932284][T21217] ? __pfx_neigh_sysctl_register+0x10/0x10 [ 982.932331][T21217] ? inetdev_init+0x245/0x570 [ 982.932362][T21217] ? inetdev_event+0x7fa/0x17f0 [ 982.932391][T21217] ? notifier_call_chain+0x99/0x3b0 [ 982.932442][T21217] ? copy_net_ns+0x46f/0x7c0 [ 982.932474][T21217] ? create_new_namespaces+0x3ea/0xab0 [ 982.932509][T21217] ? unshare_nsproxy_namespaces+0xc3/0x1f0 [ 982.932546][T21217] ? ksys_unshare+0x455/0xab0 [ 982.932592][T21217] ? __x64_sys_unshare+0x31/0x40 [ 982.932648][T21217] ? do_syscall_64+0xc9/0xf80 [ 982.932686][T21217] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 982.932726][T21217] devinet_sysctl_register+0xb6/0x210 [ 982.932764][T21217] inetdev_init+0x2b8/0x570 [ 982.932801][T21217] inetdev_event+0x7fa/0x17f0 [ 982.932837][T21217] ? ib_netdevice_event+0xfc/0x330 [ 982.932877][T21217] ? __pfx_inetdev_event+0x10/0x10 [ 982.932913][T21217] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 982.932958][T21217] notifier_call_chain+0x99/0x3b0 [ 982.933012][T21217] call_netdevice_notifiers_info+0xbe/0x110 [ 982.933053][T21217] register_netdevice+0x16b9/0x21d0 [ 982.933117][T21217] ? __pfx_register_netdevice+0x10/0x10 [ 982.933184][T21217] __ip_tunnel_create+0x52b/0x670 [ 982.933241][T21217] ? __pfx___ip_tunnel_create+0x10/0x10 [ 982.933294][T21217] ? net_generic+0xea/0x2a0 [ 982.933334][T21217] ip_tunnel_init_net+0x230/0x780 [ 982.933373][T21217] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 982.933425][T21217] ? __pfx_ipgre_init_net+0x10/0x10 [ 982.933471][T21217] ops_init+0x1e2/0x5f0 [ 982.933528][T21217] setup_net+0x118/0x3a0 [ 982.933583][T21217] ? __pfx_setup_net+0x10/0x10 [ 982.933640][T21217] ? lockdep_init_map_type+0x5c/0x250 [ 982.933688][T21217] ? mutex_init_lockep+0x110/0x150 [ 982.933744][T21217] copy_net_ns+0x46f/0x7c0 [ 982.933783][T21217] create_new_namespaces+0x3ea/0xab0 [ 982.933831][T21217] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 982.933873][T21217] ksys_unshare+0x455/0xab0 [ 982.933922][T21217] ? __pfx_ksys_unshare+0x10/0x10 [ 982.933970][T21217] ? xfd_validate_state+0x129/0x190 [ 982.934036][T21217] __x64_sys_unshare+0x31/0x40 [ 982.934084][T21217] do_syscall_64+0xc9/0xf80 [ 982.934129][T21217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 982.934165][T21217] RIP: 0033:0x7f906339aeb9 [ 982.934194][T21217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 982.934228][T21217] RSP: 002b:00007f9064307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 982.934262][T21217] RAX: ffffffffffffffda RBX: 00007f9063615fa0 RCX: 00007f906339aeb9 [ 982.934285][T21217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 982.934307][T21217] RBP: 00007f9063408c1f R08: 0000000000000000 R09: 0000000000000000 [ 982.934328][T21217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 982.934349][T21217] R13: 00007f9063616038 R14: 00007f9063615fa0 R15: 00007fff56ff56f8 [ 982.934396][T21217] [ 983.614501][T21226] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3472'. [ 984.686306][T21263] FAULT_INJECTION: forcing a failure. [ 984.686306][T21263] name failslab, interval 1, probability 0, space 0, times 0 [ 984.732290][T21263] CPU: 0 UID: 0 PID: 21263 Comm: syz.5.3479 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 984.732353][T21263] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 984.732370][T21263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 984.732390][T21263] Call Trace: [ 984.732402][T21263] [ 984.732414][T21263] dump_stack_lvl+0x100/0x190 [ 984.732461][T21263] should_fail_ex.cold+0x5/0xa [ 984.732519][T21263] should_failslab+0xc2/0x120 [ 984.732568][T21263] kmem_cache_alloc_noprof+0x83/0x780 [ 984.732613][T21263] ? __pfx_map_id_range_down+0x10/0x10 [ 984.732647][T21263] ? security_inode_alloc+0x3b/0x2c0 [ 984.732700][T21263] ? security_inode_alloc+0x3b/0x2c0 [ 984.732744][T21263] security_inode_alloc+0x3b/0x2c0 [ 984.732792][T21263] inode_init_always_gfp+0xced/0x1040 [ 984.732838][T21263] alloc_inode+0x8e/0x250 [ 984.732888][T21263] sock_alloc+0x44/0x280 [ 984.732917][T21263] ? security_socket_create+0x7f/0x250 [ 984.732964][T21263] __sock_create+0xc2/0x860 [ 984.733002][T21263] ? lockdep_init_map_type+0x5c/0x250 [ 984.733052][T21263] smc_create+0x163/0x290 [ 984.733092][T21263] __sock_create+0x339/0x860 [ 984.733137][T21263] __sys_socket+0x14d/0x260 [ 984.733174][T21263] ? fput+0x79/0x100 [ 984.733232][T21263] ? __pfx___sys_socket+0x10/0x10 [ 984.733270][T21263] ? xfd_validate_state+0x129/0x190 [ 984.733333][T21263] __x64_sys_socket+0x72/0xb0 [ 984.733374][T21263] ? lockdep_hardirqs_on+0x78/0x100 [ 984.733412][T21263] do_syscall_64+0xc9/0xf80 [ 984.733456][T21263] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 984.733490][T21263] RIP: 0033:0x7f4abe59aeb9 [ 984.733519][T21263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 984.733554][T21263] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 984.733588][T21263] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 984.733612][T21263] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b [ 984.733633][T21263] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 984.733653][T21263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 984.733674][T21263] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 984.733718][T21263] [ 984.736750][T21263] socket: no more sockets [ 986.350154][T21296] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3484'. [ 986.376245][T21307] FAULT_INJECTION: forcing a failure. [ 986.376245][T21307] name failslab, interval 1, probability 0, space 0, times 0 [ 986.422348][T21307] CPU: 1 UID: 0 PID: 21307 Comm: syz.0.3486 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 986.422409][T21307] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 986.422426][T21307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 986.422446][T21307] Call Trace: [ 986.422458][T21307] [ 986.422471][T21307] dump_stack_lvl+0x100/0x190 [ 986.422518][T21307] should_fail_ex.cold+0x5/0xa [ 986.422575][T21307] should_failslab+0xc2/0x120 [ 986.422623][T21307] kmem_cache_alloc_noprof+0x83/0x780 [ 986.422669][T21307] ? d_instantiate+0x90/0xb0 [ 986.422713][T21307] ? alloc_empty_file+0x55/0x1c0 [ 986.422771][T21307] ? alloc_empty_file+0x55/0x1c0 [ 986.422818][T21307] alloc_empty_file+0x55/0x1c0 [ 986.422869][T21307] alloc_file_pseudo+0x13a/0x230 [ 986.422924][T21307] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 986.422979][T21307] ? _raw_spin_unlock+0x28/0x50 [ 986.423012][T21307] ? alloc_fd+0x476/0x790 [ 986.423055][T21307] __anon_inode_getfile+0xe8/0x280 [ 986.423114][T21307] do_epoll_create+0x329/0x4b0 [ 986.423155][T21307] __x64_sys_epoll_create+0x45/0x70 [ 986.423196][T21307] do_syscall_64+0xc9/0xf80 [ 986.423241][T21307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.423275][T21307] RIP: 0033:0x7f906339aeb9 [ 986.423304][T21307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 986.423338][T21307] RSP: 002b:00007f90642e6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 986.423373][T21307] RAX: ffffffffffffffda RBX: 00007f9063616090 RCX: 00007f906339aeb9 [ 986.423397][T21307] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000003a [ 986.423418][T21307] RBP: 00007f9063408c1f R08: 0000000000000000 R09: 0000000000000000 [ 986.423440][T21307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 986.423461][T21307] R13: 00007f9063616128 R14: 00007f9063616090 R15: 00007fff56ff56f8 [ 986.423507][T21307] [ 986.694175][T21300] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3485'. [ 988.990185][T16824] Bluetooth: hci0: unexpected event 0x30 length: 47 > 3 [ 989.783400][T21374] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3500'. [ 993.114155][T21476] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3516'. [ 994.146699][T21488] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3518'. [ 994.829712][T21509] synth uevent: /devices/virtual/net/nr1: unknown uevent action string [ 994.861393][T21509] net nr1: uevent: failed to send synthetic uevent: -22 [ 994.882429][T21512] synth uevent: /devices/virtual/net/nr1: unknown uevent action string [ 994.892510][T21512] net nr1: uevent: failed to send synthetic uevent: -22 [ 995.144093][ T5148] Bluetooth: hci0: command 0x0c1a tx timeout [ 995.813128][T21528] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3528'. [ 997.641305][T21560] zswap: compressor û not available [ 998.013725][T21569] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3536'. [ 998.275267][T21574] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3537'. [ 998.388858][ T5148] Bluetooth: hci4: unexpected subevent 0x0c length: 118 > 5 [ 998.814921][T21584] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3539'. [ 1000.426291][ T5148] Bluetooth: hci4: command 0x0406 tx timeout [ 1002.087262][T16824] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 1002.858736][T21616] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3547'. [ 1003.484118][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.490989][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1005.185353][T21623] Process accounting paused [ 1007.234803][T21660] FAULT_INJECTION: forcing a failure. [ 1007.234803][T21660] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.258427][T21660] CPU: 0 UID: 0 PID: 21660 Comm: syz.4.3556 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1007.258487][T21660] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1007.258502][T21660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1007.258523][T21660] Call Trace: [ 1007.258534][T21660] [ 1007.258547][T21660] dump_stack_lvl+0x100/0x190 [ 1007.258600][T21660] should_fail_ex.cold+0x5/0xa [ 1007.258654][T21660] should_failslab+0xc2/0x120 [ 1007.258699][T21660] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1007.258731][T21660] __kmalloc_noprof+0xf6/0x9c0 [ 1007.258778][T21660] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1007.258810][T21660] tomoyo_realpath_from_path+0xb6/0x690 [ 1007.258853][T21660] tomoyo_path_number_perm+0x23c/0x580 [ 1007.258899][T21660] ? tomoyo_path_number_perm+0x22e/0x580 [ 1007.258951][T21660] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1007.259041][T21660] ? find_held_lock+0x2b/0x80 [ 1007.259073][T21660] ? hook_file_ioctl_common+0x146/0x410 [ 1007.259120][T21660] ? __fget_files+0x215/0x3d0 [ 1007.259163][T21660] ? __fget_files+0x21f/0x3d0 [ 1007.259206][T21660] security_file_ioctl+0xd3/0x230 [ 1007.259257][T21660] __x64_sys_ioctl+0xb7/0x210 [ 1007.259311][T21660] do_syscall_64+0xc9/0xf80 [ 1007.259354][T21660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.259387][T21660] RIP: 0033:0x7f416eb9aeb9 [ 1007.259413][T21660] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1007.259446][T21660] RSP: 002b:00007f416fb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1007.259479][T21660] RAX: ffffffffffffffda RBX: 00007f416ee15fa0 RCX: 00007f416eb9aeb9 [ 1007.259501][T21660] RDX: 0000000000000008 RSI: 000000004008ae6a RDI: 0000000000000003 [ 1007.259522][T21660] RBP: 00007f416fb34090 R08: 0000000000000000 R09: 0000000000000000 [ 1007.259543][T21660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1007.259564][T21660] R13: 00007f416ee16038 R14: 00007f416ee15fa0 R15: 00007ffca3e0eeb8 [ 1007.259613][T21660] [ 1007.259935][T21660] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1007.584377][T21643] Process accounting paused [ 1008.497792][T21663] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3558'. [ 1008.957181][T21683] zswap: compressor ûW–îë“;Å0못„?u=8å}Öƒ•L­Ö(£E‘¤¤Ö¹‰jj–8+ÕÄxp¥—Èœ‹ŒNkR³¦°¤uoêÇo‹ÿ¬<µSÔH ¾}ïEd }¡ìöP¢…8a [ 1010.307613][T21707] dump_stack_lvl+0x100/0x190 [ 1010.307649][T21707] should_fail_ex.cold+0x5/0xa [ 1010.307692][T21707] should_failslab+0xc2/0x120 [ 1010.307729][T21707] ? tomoyo_encode2+0xfb/0x3c0 [ 1010.307754][T21707] __kmalloc_noprof+0xf6/0x9c0 [ 1010.307789][T21707] ? tomoyo_encode2+0xfb/0x3c0 [ 1010.307813][T21707] tomoyo_encode2+0xfb/0x3c0 [ 1010.307842][T21707] tomoyo_encode+0x29/0x50 [ 1010.307867][T21707] tomoyo_realpath_from_path+0x18c/0x690 [ 1010.307901][T21707] tomoyo_path_number_perm+0x23c/0x580 [ 1010.307939][T21707] ? tomoyo_path_number_perm+0x22e/0x580 [ 1010.307980][T21707] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1010.308051][T21707] ? find_held_lock+0x2b/0x80 [ 1010.308077][T21707] ? hook_file_ioctl_common+0x146/0x410 [ 1010.308116][T21707] ? __fget_files+0x215/0x3d0 [ 1010.308151][T21707] ? __fget_files+0x21f/0x3d0 [ 1010.308185][T21707] security_file_ioctl+0xd3/0x230 [ 1010.308226][T21707] __x64_sys_ioctl+0xb7/0x210 [ 1010.308270][T21707] do_syscall_64+0xc9/0xf80 [ 1010.308313][T21707] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1010.308341][T21707] RIP: 0033:0x7f416eb9aeb9 [ 1010.308362][T21707] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1010.308389][T21707] RSP: 002b:00007f416fb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1010.308414][T21707] RAX: ffffffffffffffda RBX: 00007f416ee15fa0 RCX: 00007f416eb9aeb9 [ 1010.308432][T21707] RDX: 0000000000000008 RSI: 000000004008ae6a RDI: 0000000000000003 [ 1010.308449][T21707] RBP: 00007f416fb34090 R08: 0000000000000000 R09: 0000000000000000 [ 1010.308465][T21707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1010.308481][T21707] R13: 00007f416ee16038 R14: 00007f416ee15fa0 R15: 00007ffca3e0eeb8 [ 1010.308516][T21707] [ 1010.308549][T21707] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1010.562746][T21704] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3566'. [ 1011.271188][T21708] hub 1-0:1.0: USB hub found [ 1011.334159][T21689] Process accounting paused [ 1011.393369][T21708] hub 1-0:1.0: 1 port detected [ 1011.656096][T21713] FAULT_INJECTION: forcing a failure. [ 1011.656096][T21713] name failslab, interval 1, probability 0, space 0, times 0 [ 1011.712174][T21713] CPU: 0 UID: 0 PID: 21713 Comm: syz.4.3569 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1011.712236][T21713] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1011.712253][T21713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1011.712284][T21713] Call Trace: [ 1011.712297][T21713] [ 1011.712311][T21713] dump_stack_lvl+0x100/0x190 [ 1011.712357][T21713] should_fail_ex.cold+0x5/0xa [ 1011.712414][T21713] should_failslab+0xc2/0x120 [ 1011.712462][T21713] ? snd_pcm_plugin_build+0x434/0x650 [ 1011.712513][T21713] __kmalloc_noprof+0xf6/0x9c0 [ 1011.712547][T21713] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 1011.712611][T21713] ? snd_pcm_plugin_build+0x434/0x650 [ 1011.712668][T21713] snd_pcm_plugin_build+0x434/0x650 [ 1011.712719][T21713] snd_pcm_plugin_build_io+0x207/0x5f0 [ 1011.712772][T21713] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 1011.712824][T21713] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1011.712880][T21713] snd_pcm_oss_change_params_locked+0x2eb3/0x39f0 [ 1011.712944][T21713] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1011.712988][T21713] ? __pfx___mutex_lock+0x10/0x10 [ 1011.713063][T21713] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1011.713115][T21713] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 1011.713161][T21713] ? hook_file_ioctl_common+0x146/0x410 [ 1011.713214][T21713] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1011.713268][T21713] ? __fget_files+0x21f/0x3d0 [ 1011.713312][T21713] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1011.713359][T21713] __x64_sys_ioctl+0x18e/0x210 [ 1011.713419][T21713] do_syscall_64+0xc9/0xf80 [ 1011.713463][T21713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.713495][T21713] RIP: 0033:0x7f416eb9aeb9 [ 1011.713523][T21713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1011.713556][T21713] RSP: 002b:00007f416fb34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1011.713591][T21713] RAX: ffffffffffffffda RBX: 00007f416ee15fa0 RCX: 00007f416eb9aeb9 [ 1011.713608][T21713] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 1011.713624][T21713] RBP: 00007f416ec08c1f R08: 0000000000000000 R09: 0000000000000000 [ 1011.713640][T21713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1011.713654][T21713] R13: 00007f416ee16038 R14: 00007f416ee15fa0 R15: 00007ffca3e0eeb8 [ 1011.713687][T21713] [ 1012.351506][T21716] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3570'. [ 1013.259125][T21729] FAULT_INJECTION: forcing a failure. [ 1013.259125][T21729] name failslab, interval 1, probability 0, space 0, times 0 [ 1013.322316][T21729] CPU: 0 UID: 0 PID: 21729 Comm: syz.5.3573 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1013.322377][T21729] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1013.322399][T21729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1013.322419][T21729] Call Trace: [ 1013.322430][T21729] [ 1013.322443][T21729] dump_stack_lvl+0x100/0x190 [ 1013.322491][T21729] should_fail_ex.cold+0x5/0xa [ 1013.322546][T21729] should_failslab+0xc2/0x120 [ 1013.322595][T21729] kmem_cache_alloc_noprof+0x83/0x780 [ 1013.322639][T21729] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 1013.322686][T21729] ? acpi_ut_create_generic_state+0x61/0xc0 [ 1013.322739][T21729] ? acpi_ut_create_generic_state+0x61/0xc0 [ 1013.322788][T21729] acpi_ut_create_generic_state+0x61/0xc0 [ 1013.322831][T21729] acpi_ps_push_scope+0x42/0x280 [ 1013.322881][T21729] acpi_ps_parse_loop+0x334/0x24a0 [ 1013.322937][T21729] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 1013.322980][T21729] ? kmem_cache_alloc_noprof+0x2ff/0x780 [ 1013.323023][T21729] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 1013.323078][T21729] ? acpi_ut_create_thread_state+0x6d/0x170 [ 1013.323137][T21729] acpi_ps_parse_aml+0x81e/0x1120 [ 1013.323194][T21729] acpi_ps_execute_method+0x5c4/0xe90 [ 1013.323252][T21729] acpi_ns_evaluate+0x640/0x1670 [ 1013.323313][T21729] acpi_evaluate_object+0x420/0xe00 [ 1013.323351][T21729] ? kernfs_fop_read_iter+0x46c/0x610 [ 1013.323386][T21729] ? vfs_read+0x825/0xb30 [ 1013.323422][T21729] ? ksys_read+0x12a/0x250 [ 1013.323465][T21729] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1013.323512][T21729] ? __pfx___might_resched+0x10/0x10 [ 1013.323569][T21729] acpi_evaluate_integer+0xdf/0x220 [ 1013.323605][T21729] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1013.323657][T21729] ? __pfx_status_show+0x10/0x10 [ 1013.323696][T21729] status_show+0xa0/0x120 [ 1013.323734][T21729] ? __pfx_status_show+0x10/0x10 [ 1013.323784][T21729] dev_attr_show+0x52/0xa0 [ 1013.323833][T21729] ? __pfx_dev_attr_show+0x10/0x10 [ 1013.323878][T21729] sysfs_kf_seq_show+0x217/0x3a0 [ 1013.323928][T21729] seq_read_iter+0x32f/0x1270 [ 1013.323982][T21729] kernfs_fop_read_iter+0x46c/0x610 [ 1013.324021][T21729] ? rw_verify_area+0xce/0x6d0 [ 1013.324053][T21729] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 1013.324102][T21729] vfs_read+0x825/0xb30 [ 1013.324144][T21729] ? __pfx_vfs_read+0x10/0x10 [ 1013.324177][T21729] ? find_held_lock+0x2b/0x80 [ 1013.324240][T21729] ksys_read+0x12a/0x250 [ 1013.324276][T21729] ? __pfx_ksys_read+0x10/0x10 [ 1013.324325][T21729] do_syscall_64+0xc9/0xf80 [ 1013.324371][T21729] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1013.324404][T21729] RIP: 0033:0x7f4abe59aeb9 [ 1013.324433][T21729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1013.324468][T21729] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1013.324502][T21729] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 1013.324526][T21729] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004 [ 1013.324548][T21729] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 1013.324570][T21729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1013.324591][T21729] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 1013.324638][T21729] [ 1013.324709][T21729] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529) [ 1014.370128][T21736] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjD ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 1014.648566][T21742] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3574'. [ 1016.559809][T21759] FAULT_INJECTION: forcing a failure. [ 1016.559809][T21759] name failslab, interval 1, probability 0, space 0, times 0 [ 1016.623921][T21759] CPU: 1 UID: 0 PID: 21759 Comm: syz.0.3580 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1016.623995][T21759] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1016.624012][T21759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1016.624033][T21759] Call Trace: [ 1016.624045][T21759] [ 1016.624059][T21759] dump_stack_lvl+0x100/0x190 [ 1016.624106][T21759] should_fail_ex.cold+0x5/0xa [ 1016.624164][T21759] should_failslab+0xc2/0x120 [ 1016.624211][T21759] ? snd_pcm_plugin_build+0x434/0x650 [ 1016.624256][T21759] __kmalloc_noprof+0xf6/0x9c0 [ 1016.624303][T21759] ? snd_pcm_plugin_build+0x434/0x650 [ 1016.624347][T21759] snd_pcm_plugin_build+0x434/0x650 [ 1016.624399][T21759] snd_pcm_plugin_build_rate+0x27c/0x760 [ 1016.624455][T21759] ? __pfx_snd_pcm_plugin_build_rate+0x10/0x10 [ 1016.624512][T21759] ? snd_pcm_hw_params+0x262/0x1cb0 [ 1016.624567][T21759] snd_pcm_plug_format_plugins+0x788/0x1430 [ 1016.624620][T21759] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 1016.624676][T21759] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1016.624733][T21759] snd_pcm_oss_change_params_locked+0x2e3c/0x39f0 [ 1016.624795][T21759] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1016.624838][T21759] ? __pfx___mutex_lock+0x10/0x10 [ 1016.624879][T21759] ? snd_pcm_oss_ioctl+0x1bbb/0x3720 [ 1016.624958][T21759] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1016.625010][T21759] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 1016.625055][T21759] ? hook_file_ioctl_common+0x146/0x410 [ 1016.625109][T21759] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1016.625158][T21759] ? __fget_files+0x21f/0x3d0 [ 1016.625202][T21759] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1016.625246][T21759] __x64_sys_ioctl+0x18e/0x210 [ 1016.625302][T21759] do_syscall_64+0xc9/0xf80 [ 1016.625345][T21759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1016.625380][T21759] RIP: 0033:0x7f906339aeb9 [ 1016.625407][T21759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1016.625442][T21759] RSP: 002b:00007f9064307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1016.625475][T21759] RAX: ffffffffffffffda RBX: 00007f9063615fa0 RCX: 00007f906339aeb9 [ 1016.625499][T21759] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 1016.625521][T21759] RBP: 00007f9063408c1f R08: 0000000000000000 R09: 0000000000000000 [ 1016.625543][T21759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1016.625566][T21759] R13: 00007f9063616038 R14: 00007f9063615fa0 R15: 00007fff56ff56f8 [ 1016.625613][T21759] [ 1017.276164][T21772] netlink: 350 bytes leftover after parsing attributes in process `syz.5.3584'. [ 1018.062285][T21790] input input32: cannot allocate more than FF_MAX_EFFECTS effects [ 1018.141990][T21791] FAULT_INJECTION: forcing a failure. [ 1018.141990][T21791] name failslab, interval 1, probability 0, space 0, times 0 [ 1018.208653][T21791] CPU: 0 UID: 0 PID: 21791 Comm: syz.4.3590 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1018.208715][T21791] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1018.208732][T21791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1018.208753][T21791] Call Trace: [ 1018.208764][T21791] [ 1018.208778][T21791] dump_stack_lvl+0x100/0x190 [ 1018.208839][T21791] should_fail_ex.cold+0x5/0xa [ 1018.208897][T21791] should_failslab+0xc2/0x120 [ 1018.208946][T21791] __kmalloc_cache_noprof+0x80/0x810 [ 1018.208984][T21791] ? sched_core_share_pid+0x3bc/0x9d0 [ 1018.209025][T21791] ? do_raw_spin_unlock+0x145/0x1e0 [ 1018.209083][T21791] ? sched_core_share_pid+0x3bc/0x9d0 [ 1018.209122][T21791] sched_core_share_pid+0x3bc/0x9d0 [ 1018.209160][T21791] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1018.209198][T21791] ? cap_task_prctl+0x104/0xa50 [ 1018.209241][T21791] ? __pfx_sched_core_share_pid+0x10/0x10 [ 1018.209282][T21791] ? static_key_count+0x5a/0x70 [ 1018.209335][T21791] ? security_task_prctl+0x11c/0x160 [ 1018.209379][T21791] __do_sys_prctl+0xe13/0x21a0 [ 1018.209433][T21791] ? __pfx___do_sys_prctl+0x10/0x10 [ 1018.209497][T21791] do_syscall_64+0xc9/0xf80 [ 1018.209542][T21791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1018.209576][T21791] RIP: 0033:0x7f416eb9aeb9 [ 1018.209603][T21791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1018.209637][T21791] RSP: 002b:00007f416fb13028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 1018.209669][T21791] RAX: ffffffffffffffda RBX: 00007f416ee16090 RCX: 00007f416eb9aeb9 [ 1018.209691][T21791] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000003e [ 1018.209712][T21791] RBP: 00007f416ec08c1f R08: 0000000000000000 R09: 0000000000000000 [ 1018.209733][T21791] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1018.209753][T21791] R13: 00007f416ee16128 R14: 00007f416ee16090 R15: 00007ffca3e0eeb8 [ 1018.209797][T21791] [ 1019.308828][T21803] FAULT_INJECTION: forcing a failure. [ 1019.308828][T21803] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.382223][T21803] CPU: 1 UID: 0 PID: 21803 Comm: syz.5.3594 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1019.382283][T21803] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1019.382300][T21803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1019.382320][T21803] Call Trace: [ 1019.382331][T21803] [ 1019.382344][T21803] dump_stack_lvl+0x100/0x190 [ 1019.382387][T21803] should_fail_ex.cold+0x5/0xa [ 1019.382442][T21803] should_failslab+0xc2/0x120 [ 1019.382487][T21803] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 1019.382528][T21803] ? do_raw_spin_lock+0x128/0x260 [ 1019.382576][T21803] ? find_held_lock+0x2b/0x80 [ 1019.382607][T21803] ? __d_alloc+0x34/0xa80 [ 1019.382665][T21803] ? __d_alloc+0x34/0xa80 [ 1019.382700][T21803] __d_alloc+0x34/0xa80 [ 1019.382743][T21803] d_alloc_pseudo+0x1c/0xc0 [ 1019.382795][T21803] alloc_file_pseudo+0xcf/0x230 [ 1019.382848][T21803] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1019.382898][T21803] ? alloc_fd+0x476/0x790 [ 1019.382942][T21803] sock_alloc_file+0x50/0x210 [ 1019.382995][T21803] __sys_socket+0x1c0/0x260 [ 1019.383033][T21803] ? fput+0x79/0x100 [ 1019.383077][T21803] ? __pfx___sys_socket+0x10/0x10 [ 1019.383116][T21803] ? xfd_validate_state+0x129/0x190 [ 1019.383183][T21803] __x64_sys_socket+0x72/0xb0 [ 1019.383224][T21803] ? lockdep_hardirqs_on+0x78/0x100 [ 1019.383278][T21803] do_syscall_64+0xc9/0xf80 [ 1019.383323][T21803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1019.383361][T21803] RIP: 0033:0x7f4abe59aeb9 [ 1019.383388][T21803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1019.383425][T21803] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1019.383455][T21803] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 1019.383476][T21803] RDX: 000000000000000a RSI: 0000000000000003 RDI: 0000000000000002 [ 1019.383496][T21803] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 1019.383518][T21803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1019.383541][T21803] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 1019.383586][T21803] [ 1020.300750][T21813] FAULT_INJECTION: forcing a failure. [ 1020.300750][T21813] name failslab, interval 1, probability 0, space 0, times 0 [ 1020.329631][T21813] CPU: 0 UID: 0 PID: 21813 Comm: syz.5.3596 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1020.329678][T21813] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1020.329689][T21813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1020.329705][T21813] Call Trace: [ 1020.329713][T21813] [ 1020.329723][T21813] dump_stack_lvl+0x100/0x190 [ 1020.329758][T21813] should_fail_ex.cold+0x5/0xa [ 1020.329800][T21813] should_failslab+0xc2/0x120 [ 1020.329840][T21813] ? snd_pcm_plugin_build+0x64/0x650 [ 1020.329873][T21813] __kmalloc_noprof+0xf6/0x9c0 [ 1020.329897][T21813] ? trace_kmalloc+0x83/0xb0 [ 1020.329930][T21813] ? __kmalloc_noprof+0x365/0x9c0 [ 1020.329961][T21813] ? snd_pcm_plugin_build+0x64/0x650 [ 1020.329994][T21813] snd_pcm_plugin_build+0x64/0x650 [ 1020.330027][T21813] ? snd_pcm_plugin_build+0x4b7/0x650 [ 1020.330063][T21813] snd_pcm_plugin_build_linear+0x254/0x850 [ 1020.330103][T21813] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 1020.330144][T21813] ? snd_pcm_hw_params+0x262/0x1cb0 [ 1020.330184][T21813] snd_pcm_plug_format_plugins+0x536/0x1430 [ 1020.330223][T21813] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 1020.330262][T21813] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1020.330303][T21813] snd_pcm_oss_change_params_locked+0x2e3c/0x39f0 [ 1020.330348][T21813] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1020.330379][T21813] ? __pfx___mutex_lock+0x10/0x10 [ 1020.330409][T21813] ? snd_pcm_oss_ioctl+0x1bbb/0x3720 [ 1020.330460][T21813] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1020.330508][T21813] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 1020.330541][T21813] ? hook_file_ioctl_common+0x146/0x410 [ 1020.330620][T21813] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1020.330670][T21813] ? __fget_files+0x21f/0x3d0 [ 1020.330721][T21813] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1020.330756][T21813] __x64_sys_ioctl+0x18e/0x210 [ 1020.330799][T21813] do_syscall_64+0xc9/0xf80 [ 1020.330834][T21813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1020.330860][T21813] RIP: 0033:0x7f4abe59aeb9 [ 1020.330880][T21813] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1020.330906][T21813] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1020.330930][T21813] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 1020.330948][T21813] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 1020.330963][T21813] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 1020.330978][T21813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1020.330993][T21813] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 1020.331025][T21813] [ 1021.373049][T21823] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3600'. [ 1021.408794][T21826] futex_wake_op: syz.4.3602 tries to shift op by -2048; fix this program [ 1021.432382][T21826] futex_wake_op: syz.4.3602 tries to shift op by -2048; fix this program [ 1021.513006][T21829] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3601'. [ 1022.502734][T21846] zswap: compressor not available [ 1023.158874][ T5148] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 1023.342745][T21858] FAULT_INJECTION: forcing a failure. [ 1023.342745][T21858] name failslab, interval 1, probability 0, space 0, times 0 [ 1023.502132][T21858] CPU: 0 UID: 0 PID: 21858 Comm: syz.6.3608 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1023.502178][T21858] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1023.502189][T21858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1023.502205][T21858] Call Trace: [ 1023.502214][T21858] [ 1023.502224][T21858] dump_stack_lvl+0x100/0x190 [ 1023.502257][T21858] should_fail_ex.cold+0x5/0xa [ 1023.502299][T21858] should_failslab+0xc2/0x120 [ 1023.502340][T21858] ? snd_pcm_plugin_build+0x64/0x650 [ 1023.502372][T21858] __kmalloc_noprof+0xf6/0x9c0 [ 1023.502406][T21858] ? snd_pcm_plugin_build+0x64/0x650 [ 1023.502437][T21858] snd_pcm_plugin_build+0x64/0x650 [ 1023.502475][T21858] snd_pcm_plugin_build_rate+0x27c/0x760 [ 1023.502515][T21858] ? __pfx_snd_pcm_plugin_build_rate+0x10/0x10 [ 1023.502557][T21858] ? snd_pcm_hw_params+0x262/0x1cb0 [ 1023.502599][T21858] snd_pcm_plug_format_plugins+0x788/0x1430 [ 1023.502645][T21858] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 1023.502685][T21858] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1023.502726][T21858] snd_pcm_oss_change_params_locked+0x2e3c/0x39f0 [ 1023.502772][T21858] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1023.502804][T21858] ? __pfx___mutex_lock+0x10/0x10 [ 1023.502833][T21858] ? snd_pcm_oss_ioctl+0x1bbb/0x3720 [ 1023.502885][T21858] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1023.502922][T21858] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 1023.502954][T21858] ? hook_file_ioctl_common+0x146/0x410 [ 1023.502993][T21858] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1023.503028][T21858] ? __fget_files+0x21f/0x3d0 [ 1023.503059][T21858] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1023.503092][T21858] __x64_sys_ioctl+0x18e/0x210 [ 1023.503133][T21858] do_syscall_64+0xc9/0xf80 [ 1023.503165][T21858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1023.503190][T21858] RIP: 0033:0x7feeb9f9aeb9 [ 1023.503211][T21858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1023.503235][T21858] RSP: 002b:00007feebaee6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1023.503259][T21858] RAX: ffffffffffffffda RBX: 00007feeba215fa0 RCX: 00007feeb9f9aeb9 [ 1023.503275][T21858] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 1023.503291][T21858] RBP: 00007feeba008c1f R08: 0000000000000000 R09: 0000000000000000 [ 1023.503306][T21858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1023.503332][T21858] R13: 00007feeba216038 R14: 00007feeba215fa0 R15: 00007ffe4b0286d8 [ 1023.503364][T21858] [ 1024.891556][T21872] hub 1-0:1.0: USB hub found [ 1024.907324][T21872] hub 1-0:1.0: 1 port detected [ 1024.995734][T21879] FAULT_INJECTION: forcing a failure. [ 1024.995734][T21879] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.017273][T21879] CPU: 1 UID: 0 PID: 21879 Comm: syz.5.3612 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1025.017318][T21879] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1025.017330][T21879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1025.017346][T21879] Call Trace: [ 1025.017356][T21879] [ 1025.017367][T21879] dump_stack_lvl+0x100/0x190 [ 1025.017401][T21879] should_fail_ex.cold+0x5/0xa [ 1025.017442][T21879] should_failslab+0xc2/0x120 [ 1025.017487][T21879] __kmalloc_cache_noprof+0x80/0x810 [ 1025.017516][T21879] ? alloc_super+0x52/0xd20 [ 1025.017545][T21879] ? alloc_super+0x52/0xd20 [ 1025.017568][T21879] alloc_super+0x52/0xd20 [ 1025.017597][T21879] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1025.017625][T21879] sget_fc+0x117/0xc70 [ 1025.017650][T21879] ? __pfx_set_anon_super_fc+0x10/0x10 [ 1025.017676][T21879] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1025.017704][T21879] get_tree_nodev+0x28/0x190 [ 1025.017732][T21879] mqueue_get_tree+0xf1/0x130 [ 1025.017762][T21879] vfs_get_tree+0x92/0x320 [ 1025.017801][T21879] fc_mount_longterm+0x1a/0x270 [ 1025.017826][T21879] mq_init_ns+0x482/0x820 [ 1025.017861][T21879] copy_ipcs+0x3dd/0x7e0 [ 1025.017897][T21879] create_new_namespaces+0x20a/0xab0 [ 1025.017925][T21879] ? security_capable+0x80/0x260 [ 1025.017958][T21879] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1025.017989][T21879] ksys_unshare+0x455/0xab0 [ 1025.018026][T21879] ? __pfx_ksys_unshare+0x10/0x10 [ 1025.018065][T21879] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1025.018118][T21879] __x64_sys_unshare+0x31/0x40 [ 1025.018153][T21879] do_syscall_64+0xc9/0xf80 [ 1025.018185][T21879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1025.018211][T21879] RIP: 0033:0x7f4abe59aeb9 [ 1025.018240][T21879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1025.018265][T21879] RSP: 002b:00007f4abf4de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1025.018290][T21879] RAX: ffffffffffffffda RBX: 00007f4abe816090 RCX: 00007f4abe59aeb9 [ 1025.018307][T21879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 1025.018323][T21879] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 1025.018338][T21879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1025.018353][T21879] R13: 00007f4abe816128 R14: 00007f4abe816090 R15: 00007ffd8bcf5348 [ 1025.018385][T21879] [ 1025.270098][T16824] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 1025.923052][T21885] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3613'. [ 1026.504831][T21892] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3615'. [ 1026.929187][T21900] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3619'. [ 1026.942512][ T5148] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 1026.976772][T21899] FAULT_INJECTION: forcing a failure. [ 1026.976772][T21899] name failslab, interval 1, probability 0, space 0, times 0 [ 1026.997323][T21899] CPU: 1 UID: 0 PID: 21899 Comm: syz.0.3620 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1026.997391][T21899] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1026.997410][T21899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1026.997431][T21899] Call Trace: [ 1026.997444][T21899] [ 1026.997457][T21899] dump_stack_lvl+0x100/0x190 [ 1026.997504][T21899] should_fail_ex.cold+0x5/0xa [ 1026.997561][T21899] should_failslab+0xc2/0x120 [ 1026.997612][T21899] ? snd_pcm_plugin_build+0x434/0x650 [ 1026.997656][T21899] __kmalloc_noprof+0xf6/0x9c0 [ 1026.997690][T21899] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 1026.997754][T21899] ? snd_pcm_plugin_build+0x434/0x650 [ 1026.997799][T21899] snd_pcm_plugin_build+0x434/0x650 [ 1026.997851][T21899] snd_pcm_plugin_build_io+0x207/0x5f0 [ 1026.997902][T21899] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 1026.997953][T21899] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1026.998010][T21899] snd_pcm_oss_change_params_locked+0x2eb3/0x39f0 [ 1026.998075][T21899] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1026.998129][T21899] ? __pfx___mutex_lock+0x10/0x10 [ 1026.998205][T21899] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1026.998258][T21899] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 1026.998306][T21899] ? hook_file_ioctl_common+0x146/0x410 [ 1026.998361][T21899] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1026.998409][T21899] ? __fget_files+0x21f/0x3d0 [ 1026.998452][T21899] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1026.998500][T21899] __x64_sys_ioctl+0x18e/0x210 [ 1026.998558][T21899] do_syscall_64+0xc9/0xf80 [ 1026.998603][T21899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1026.998638][T21899] RIP: 0033:0x7f906339aeb9 [ 1026.998665][T21899] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1026.998700][T21899] RSP: 002b:00007f9064307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1026.998734][T21899] RAX: ffffffffffffffda RBX: 00007f9063615fa0 RCX: 00007f906339aeb9 [ 1026.998758][T21899] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 1026.998780][T21899] RBP: 00007f9063408c1f R08: 0000000000000000 R09: 0000000000000000 [ 1026.998802][T21899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1026.998823][T21899] R13: 00007f9063616038 R14: 00007f9063615fa0 R15: 00007fff56ff56f8 [ 1026.998871][T21899] [ 1028.018807][T21917] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3621'. [ 1028.749325][T21935] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3625'. [ 1030.466530][T21955] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3628'. [ 1031.016787][T21971] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3635'. [ 1031.113895][T21968] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3634'. [ 1031.622811][T21977] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3636'. [ 1032.972314][T22004] hub 1-0:1.0: USB hub found [ 1032.977623][T22004] hub 1-0:1.0: 1 port detected [ 1033.080943][T22003] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3648'. [ 1034.431748][T22033] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3646'. [ 1035.660110][T22054] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3654'. [ 1035.999761][T22024] Process accounting resumed [ 1036.503781][T22078] netlink: 252 bytes leftover after parsing attributes in process `syz.6.3661'. [ 1036.538990][T22078] netlink: 252 bytes leftover after parsing attributes in process `syz.6.3661'. [ 1037.011049][T22081] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(5.33554432.1), cmd(16) [ 1037.545946][T22090] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3664'. [ 1037.985832][T22081] Process accounting resumed [ 1042.386370][T22125] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3675'. [ 1042.480854][T22114] Process accounting resumed [ 1042.632813][T22122] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3674'. [ 1042.765598][T22128] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3676'. [ 1043.974565][T22145] netlink: 'syz.6.3682': attribute type 11 has an invalid length. [ 1044.025721][T22145] netlink: 'syz.6.3682': attribute type 11 has an invalid length. [ 1044.063155][T22145] netlink: 'syz.6.3682': attribute type 11 has an invalid length. [ 1044.111826][T22145] netlink: 'syz.6.3682': attribute type 11 has an invalid length. [ 1044.304391][T22153] random: crng reseeded on system resumption [ 1046.750206][T22164] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1047.119513][T22175] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3686'. [ 1048.302488][T22181] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 1049.383120][T22181] input: failed to attach handler evdev to device input33, error: -4 [ 1050.365245][T22198] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3688'. [ 1051.388014][ T5148] Bluetooth: hci2: unexpected subevent 0x0c length: 118 > 5 [ 1052.098702][T22225] FAULT_INJECTION: forcing a failure. [ 1052.098702][T22225] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1052.149893][T22226] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3696'. [ 1052.320070][T22225] CPU: 0 UID: 0 PID: 22225 Comm: syz.4.3693 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1052.320114][T22225] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1052.320125][T22225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1052.320144][T22225] Call Trace: [ 1052.320152][T22225] [ 1052.320161][T22225] dump_stack_lvl+0x100/0x190 [ 1052.320200][T22225] should_fail_ex.cold+0x5/0xa [ 1052.320276][T22225] _copy_to_user+0x32/0xd0 [ 1052.320341][T22225] simple_read_from_buffer+0xcb/0x170 [ 1052.320379][T22225] proc_fail_nth_read+0x1af/0x230 [ 1052.320420][T22225] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1052.320462][T22225] ? rw_verify_area+0xce/0x6d0 [ 1052.320485][T22225] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1052.320517][T22225] vfs_read+0x1e4/0xb30 [ 1052.320549][T22225] ? __pfx_vfs_read+0x10/0x10 [ 1052.320573][T22225] ? find_held_lock+0x2b/0x80 [ 1052.320597][T22225] ? __fget_files+0x215/0x3d0 [ 1052.320627][T22225] ? __fget_files+0x21f/0x3d0 [ 1052.320660][T22225] ksys_read+0x12a/0x250 [ 1052.320685][T22225] ? __pfx_ksys_read+0x10/0x10 [ 1052.320712][T22225] ? fput+0x79/0x100 [ 1052.320747][T22225] do_syscall_64+0xc9/0xf80 [ 1052.320778][T22225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1052.320801][T22225] RIP: 0033:0x7f416eb5b78e [ 1052.320824][T22225] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1052.320851][T22225] RSP: 002b:00007f416fb33fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1052.320874][T22225] RAX: ffffffffffffffda RBX: 00007f416fb346c0 RCX: 00007f416eb5b78e [ 1052.320890][T22225] RDX: 000000000000000f RSI: 00007f416fb340a0 RDI: 0000000000000004 [ 1052.320905][T22225] RBP: 00007f416fb34090 R08: 0000000000000000 R09: 0000000000000000 [ 1052.320920][T22225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1052.320934][T22225] R13: 00007f416ee16038 R14: 00007f416ee15fa0 R15: 00007ffca3e0eeb8 [ 1052.320965][T22225] [ 1054.519204][T22265] zswap: compressor not available [ 1054.899196][T22274] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3706'. [ 1055.813028][T22278] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3707'. [ 1056.888628][ T5148] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 1057.914014][ T30] audit: type=1800 audit(4294967815.451:31): pid=22307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3715" name="dbroot" dev="configfs" ino=100565 res=0 errno=0 [ 1057.941605][T22301] netlink: 354 bytes leftover after parsing attributes in process `syz.5.3714'. [ 1059.163840][T22315] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3716'. [ 1059.941446][T22324] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3719'. [ 1060.435420][T22330] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3720'. [ 1063.451005][T22348] netlink: 354 bytes leftover after parsing attributes in process `syz.6.3725'. [ 1064.892572][T22359] sg_write: process 678 (syz.6.3730) changed security contexts after opening file descriptor, this is not allowed. [ 1064.917542][T22361] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3728'. [ 1064.924044][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1064.935248][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1065.369170][T22365] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3729'. [ 1066.167469][T22375] Process accounting paused [ 1066.559566][T22388] FAULT_INJECTION: forcing a failure. [ 1066.559566][T22388] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1066.626481][T22388] CPU: 0 UID: 0 PID: 22388 Comm: syz.4.3735 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1066.626546][T22388] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1066.626564][T22388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1066.626587][T22388] Call Trace: [ 1066.626599][T22388] [ 1066.626613][T22388] dump_stack_lvl+0x100/0x190 [ 1066.626662][T22388] should_fail_ex.cold+0x5/0xa [ 1066.626719][T22388] get_futex_key+0x1d2/0x1620 [ 1066.626771][T22388] ? __pfx_get_futex_key+0x10/0x10 [ 1066.626818][T22388] ? find_held_lock+0x2b/0x80 [ 1066.626852][T22388] ? snd_pcm_oss_get_active_substream+0x17f/0x1d0 [ 1066.626907][T22388] futex_wake+0xea/0x530 [ 1066.626958][T22388] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1066.627008][T22388] ? __pfx_futex_wake+0x10/0x10 [ 1066.627070][T22388] ? find_held_lock+0x2b/0x80 [ 1066.627103][T22388] ? __might_fault+0xc5/0x140 [ 1066.627148][T22388] do_futex+0x32b/0x350 [ 1066.627195][T22388] ? __pfx_do_futex+0x10/0x10 [ 1066.627242][T22388] ? snd_pcm_oss_ioctl+0x2b6/0x3720 [ 1066.627293][T22388] __x64_sys_futex+0x34f/0x4d0 [ 1066.627346][T22388] ? __fget_files+0x21f/0x3d0 [ 1066.627392][T22388] ? __pfx___x64_sys_futex+0x10/0x10 [ 1066.627438][T22388] ? xfd_validate_state+0x129/0x190 [ 1066.627494][T22388] do_syscall_64+0xc9/0xf80 [ 1066.627526][T22388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1066.627551][T22388] RIP: 0033:0x7f416eb9aeb9 [ 1066.627572][T22388] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1066.627596][T22388] RSP: 002b:00007f416fb340e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1066.627619][T22388] RAX: ffffffffffffffda RBX: 00007f416ee15fa8 RCX: 00007f416eb9aeb9 [ 1066.627636][T22388] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f416ee15fac [ 1066.627652][T22388] RBP: 00007f416ee15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1066.627667][T22388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1066.627682][T22388] R13: 00007f416ee16038 R14: 00007ffca3e0edd0 R15: 00007ffca3e0eeb8 [ 1066.627713][T22388] [ 1067.284660][ T5148] Bluetooth: hci4: unexpected subevent 0x0c length: 118 > 5 [ 1068.059492][T22397] Process accounting paused [ 1068.347091][T22402] netlink: 354 bytes leftover after parsing attributes in process `syz.4.3739'. [ 1070.754199][T22446] FAULT_INJECTION: forcing a failure. [ 1070.754199][T22446] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.771766][T22446] CPU: 1 UID: 0 PID: 22446 Comm: syz.6.3746 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1070.771828][T22446] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1070.771845][T22446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1070.771867][T22446] Call Trace: [ 1070.771879][T22446] [ 1070.771892][T22446] dump_stack_lvl+0x100/0x190 [ 1070.771949][T22446] should_fail_ex.cold+0x5/0xa [ 1070.772010][T22446] should_failslab+0xc2/0x120 [ 1070.772057][T22446] ? snd_pcm_plugin_build+0x434/0x650 [ 1070.772101][T22446] __kmalloc_noprof+0xf6/0x9c0 [ 1070.772133][T22446] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 1070.772197][T22446] ? snd_pcm_plugin_build+0x434/0x650 [ 1070.772243][T22446] snd_pcm_plugin_build+0x434/0x650 [ 1070.772295][T22446] snd_pcm_plugin_build_io+0x207/0x5f0 [ 1070.772347][T22446] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 1070.772396][T22446] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1070.772453][T22446] snd_pcm_oss_change_params_locked+0x2eb3/0x39f0 [ 1070.772515][T22446] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1070.772557][T22446] ? __pfx___mutex_lock+0x10/0x10 [ 1070.772631][T22446] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1070.772682][T22446] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 1070.772727][T22446] ? hook_file_ioctl_common+0x146/0x410 [ 1070.772780][T22446] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1070.772827][T22446] ? __fget_files+0x21f/0x3d0 [ 1070.772870][T22446] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1070.772972][T22446] __x64_sys_ioctl+0x18e/0x210 [ 1070.773029][T22446] do_syscall_64+0xc9/0xf80 [ 1070.773073][T22446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.773109][T22446] RIP: 0033:0x7feeb9f9aeb9 [ 1070.773137][T22446] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1070.773172][T22446] RSP: 002b:00007feebaee6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1070.773207][T22446] RAX: ffffffffffffffda RBX: 00007feeba215fa0 RCX: 00007feeb9f9aeb9 [ 1070.773231][T22446] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 1070.773252][T22446] RBP: 00007feeba008c1f R08: 0000000000000000 R09: 0000000000000000 [ 1070.773273][T22446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1070.773294][T22446] R13: 00007feeba216038 R14: 00007feeba215fa0 R15: 00007ffe4b0286d8 [ 1070.773340][T22446] [ 1071.957099][T22460] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3749'. [ 1072.311737][ T5148] Bluetooth: hci4: unexpected subevent 0x0c length: 118 > 5 [ 1072.346725][T22461] zswap: compressor not available [ 1072.491206][T22456] Process accounting paused [ 1072.863391][T22473] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3751'. [ 1074.515241][ T5148] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 1075.758026][ T30] audit: type=1800 audit(4294967833.301:32): pid=22549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3770" name="features" dev="configfs" ino=101803 res=0 errno=0 [ 1075.779891][T22546] FAULT_INJECTION: forcing a failure. [ 1075.779891][T22546] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.808555][T22546] CPU: 1 UID: 0 PID: 22546 Comm: syz.5.3769 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1075.808619][T22546] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1075.808637][T22546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1075.808662][T22546] Call Trace: [ 1075.808675][T22546] [ 1075.808688][T22546] dump_stack_lvl+0x100/0x190 [ 1075.808739][T22546] should_fail_ex.cold+0x5/0xa [ 1075.808797][T22546] should_failslab+0xc2/0x120 [ 1075.808846][T22546] ? snd_pcm_plugin_build+0x64/0x650 [ 1075.808891][T22546] __kmalloc_noprof+0xf6/0x9c0 [ 1075.808926][T22546] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 1075.808990][T22546] ? snd_pcm_plugin_build+0x64/0x650 [ 1075.809035][T22546] snd_pcm_plugin_build+0x64/0x650 [ 1075.809088][T22546] snd_pcm_plugin_build_io+0x207/0x5f0 [ 1075.809139][T22546] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 1075.809194][T22546] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1075.809235][T22546] snd_pcm_oss_change_params_locked+0x2eb3/0x39f0 [ 1075.809281][T22546] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1075.809312][T22546] ? __pfx___mutex_lock+0x10/0x10 [ 1075.809364][T22546] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 1075.809401][T22546] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 1075.809434][T22546] ? hook_file_ioctl_common+0x146/0x410 [ 1075.809480][T22546] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1075.809515][T22546] ? __fget_files+0x21f/0x3d0 [ 1075.809547][T22546] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1075.809581][T22546] __x64_sys_ioctl+0x18e/0x210 [ 1075.809623][T22546] do_syscall_64+0xc9/0xf80 [ 1075.809655][T22546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1075.809681][T22546] RIP: 0033:0x7f4abe59aeb9 [ 1075.809703][T22546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1075.809727][T22546] RSP: 002b:00007f4abf4ff028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1075.809751][T22546] RAX: ffffffffffffffda RBX: 00007f4abe815fa0 RCX: 00007f4abe59aeb9 [ 1075.809768][T22546] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 1075.809783][T22546] RBP: 00007f4abe608c1f R08: 0000000000000000 R09: 0000000000000000 [ 1075.809798][T22546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1075.809813][T22546] R13: 00007f4abe816038 R14: 00007f4abe815fa0 R15: 00007ffd8bcf5348 [ 1075.809845][T22546] [ 1076.721568][T22552] zswap: compressor not available [ 1077.613425][T22579] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3777'. [ 1078.131145][T22571] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1078.180901][T22571] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1078.222866][T22571] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1078.239528][T22571] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1078.350265][T22571] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1078.398716][T22571] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1079.782239][ T5148] Bluetooth: hci0: command 0x0c1a tx timeout [ 1080.184702][ T5148] Bluetooth: hci2: command 0x040f tx timeout [ 1080.267485][ T5148] Bluetooth: hci1: command 0x0406 tx timeout [ 1080.422720][ T5148] Bluetooth: hci4: command 0x0406 tx timeout [ 1081.065752][ T5148] Bluetooth: hci0: unexpected subevent 0x0c length: 118 > 5 [ 1081.204345][T22626] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3790'. [ 1082.356742][ T5148] Bluetooth: hci1: command 0x0406 tx timeout [ 1082.502098][ T5148] Bluetooth: hci4: command 0x0406 tx timeout [ 1082.542398][T22646] zswap: compressor not available [ 1084.843538][T22682] bridge0: port 4(dummy0) entered blocking state [ 1084.901242][T22682] bridge0: port 4(dummy0) entered disabled state [ 1084.913780][T22682] dummy0: entered allmulticast mode [ 1084.932745][T22682] dummy0: entered promiscuous mode [ 1084.940098][T22682] bridge0: port 4(dummy0) entered blocking state [ 1084.946710][T22682] bridge0: port 4(dummy0) entered forwarding state [ 1085.889485][ T5148] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 1086.109387][ T5148] Bluetooth: hci4: unexpected subevent 0x0c length: 118 > 5 [ 1086.187257][ T5148] Bluetooth: hci2: unexpected subevent 0x0c length: 118 > 5 [ 1089.842886][T22721] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3811'. [ 1091.487545][ T5148] Bluetooth: hci0: unexpected subevent 0x0c length: 118 > 5 [ 1095.364919][T22778] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3822'. [ 1096.023187][ T5148] Bluetooth: hci0: unexpected subevent 0x0c length: 118 > 5 [ 1096.486734][T22784] Process accounting resumed [ 1096.515442][T22775] netlink: 330 bytes leftover after parsing attributes in process `syz.6.3819'. [ 1097.761360][T22824] FAULT_INJECTION: forcing a failure. [ 1097.761360][T22824] name failslab, interval 1, probability 0, space 0, times 0 [ 1097.952222][T22824] CPU: 1 UID: 0 PID: 22824 Comm: syz.5.3828 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1097.952285][T22824] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1097.952302][T22824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1097.952323][T22824] Call Trace: [ 1097.952336][T22824] [ 1097.952348][T22824] dump_stack_lvl+0x100/0x190 [ 1097.952397][T22824] should_fail_ex.cold+0x5/0xa [ 1097.952451][T22824] should_failslab+0xc2/0x120 [ 1097.952501][T22824] kmem_cache_alloc_noprof+0x83/0x780 [ 1097.952546][T22824] ? vm_area_alloc+0x1f/0x160 [ 1097.952585][T22824] ? vm_area_alloc+0x1f/0x160 [ 1097.952618][T22824] vm_area_alloc+0x1f/0x160 [ 1097.952651][T22824] __mmap_region+0x101e/0x2820 [ 1097.952698][T22824] ? __pfx___mmap_region+0x10/0x10 [ 1097.952768][T22824] ? finish_task_switch.isra.0+0x204/0xb70 [ 1097.952808][T22824] ? lockdep_hardirqs_on+0x78/0x100 [ 1097.952850][T22824] ? finish_task_switch.isra.0+0x204/0xb70 [ 1097.952966][T22824] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 1097.953023][T22824] ? rcu_is_watching+0x12/0xc0 [ 1097.953068][T22824] mmap_region+0x180/0x3e0 [ 1097.953128][T22824] do_mmap+0xc63/0x12f0 [ 1097.953189][T22824] ? __pfx_do_mmap+0x10/0x10 [ 1097.953242][T22824] ? __pfx_down_write_killable+0x10/0x10 [ 1097.953299][T22824] vm_mmap_pgoff+0x29e/0x470 [ 1097.953361][T22824] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1097.953422][T22824] ? __x64_sys_futex+0x34f/0x4d0 [ 1097.953469][T22824] ? __x64_sys_futex+0x358/0x4d0 [ 1097.953524][T22824] ksys_mmap_pgoff+0x7d/0x5b0 [ 1097.953574][T22824] ? syscall_user_dispatch+0x76/0x130 [ 1097.953630][T22824] __x64_sys_mmap+0x125/0x190 [ 1097.953669][T22824] do_syscall_64+0xc9/0xf80 [ 1097.953714][T22824] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1097.953750][T22824] RIP: 0033:0x7f4abe59aeb9 [ 1097.953780][T22824] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1097.953814][T22824] RSP: 002b:00007f4abf4bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1097.953847][T22824] RAX: ffffffffffffffda RBX: 00007f4abe816180 RCX: 00007f4abe59aeb9 [ 1097.953871][T22824] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1097.953894][T22824] RBP: 00007f4abe608c1f R08: fffffffffffffffa R09: 0000000000008000 [ 1097.953917][T22824] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1097.953938][T22824] R13: 00007f4abe816218 R14: 00007f4abe816180 R15: 00007ffd8bcf5348 [ 1097.953988][T22824] [ 1098.729117][ T5148] Bluetooth: hci4: unexpected subevent 0x0c length: 118 > 5 [ 1098.761430][T22825] Process accounting resumed [ 1101.917820][ T5148] Bluetooth: hci1: unexpected subevent 0x01 length: 3 < 18 [ 1102.608545][T22889] Process accounting resumed [ 1102.995571][ T5148] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 1103.626033][T22925] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3859'. [ 1104.372054][ T5148] Bluetooth: hci4: unexpected subevent 0x0c length: 118 > 5 [ 1104.877739][T22945] FAULT_INJECTION: forcing a failure. [ 1104.877739][T22945] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1104.890972][T22945] CPU: 1 UID: 0 PID: 22945 Comm: syz.4.3851 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1104.891017][T22945] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1104.891028][T22945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1104.891043][T22945] Call Trace: [ 1104.891053][T22945] [ 1104.891064][T22945] dump_stack_lvl+0x100/0x190 [ 1104.891097][T22945] should_fail_ex.cold+0x5/0xa [ 1104.891138][T22945] get_futex_key+0x1d2/0x1620 [ 1104.891174][T22945] ? __pfx_get_futex_key+0x10/0x10 [ 1104.891203][T22945] ? futex_hash+0x2c5/0x380 [ 1104.891242][T22945] futex_wake+0xea/0x530 [ 1104.891281][T22945] ? __pfx_futex_wait+0x10/0x10 [ 1104.891304][T22945] ? __pfx_futex_wake+0x10/0x10 [ 1104.891348][T22945] ? __pfx_do_recvmmsg+0x10/0x10 [ 1104.891376][T22945] ? vfs_write+0x15d/0x1070 [ 1104.891405][T22945] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1104.891438][T22945] do_futex+0x32b/0x350 [ 1104.891472][T22945] ? __pfx_do_futex+0x10/0x10 [ 1104.891514][T22945] __x64_sys_futex+0x34f/0x4d0 [ 1104.891550][T22945] ? fdget_pos+0x2c0/0x380 [ 1104.891586][T22945] ? __pfx___x64_sys_futex+0x10/0x10 [ 1104.891619][T22945] ? ksys_write+0x1ac/0x250 [ 1104.891647][T22945] ? __pfx_ksys_write+0x10/0x10 [ 1104.891683][T22945] do_syscall_64+0xc9/0xf80 [ 1104.891717][T22945] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1104.891742][T22945] RIP: 0033:0x7f416eb9aeb9 [ 1104.891762][T22945] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1104.891787][T22945] RSP: 002b:00007f416fb340e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1104.891811][T22945] RAX: ffffffffffffffda RBX: 00007f416ee15fa8 RCX: 00007f416eb9aeb9 [ 1104.891827][T22945] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f416ee15fac [ 1104.891843][T22945] RBP: 00007f416ee15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1104.891858][T22945] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1104.891874][T22945] R13: 00007f416ee16038 R14: 00007ffca3e0edd0 R15: 00007ffca3e0eeb8 [ 1104.891905][T22945] [ 1106.915180][T22957] netlink: 334 bytes leftover after parsing attributes in process `syz.0.3855'. [ 1108.405975][T22967] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3861'. [ 1110.014855][T22992] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3862'. [ 1110.231494][T22986] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3865'. [ 1111.771298][T23008] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3869'. [ 1111.797370][ T5148] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 1111.954943][T23002] kexec: Could not allocate control_code_buffer [ 1112.664470][T23023] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3872'. [ 1112.751642][T23023] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1112.802849][T23023] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1112.854836][T23023] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1112.862823][T23023] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1112.914224][T23023] bridge0: port 4(batadv0) entered disabled state [ 1114.193008][T23023] batadv0 (unregistering): left allmulticast mode [ 1114.266349][T23023] batadv0 (unregistering): left promiscuous mode [ 1114.423250][T23023] bridge0: port 4(batadv0) entered disabled state [ 1115.763275][T23056] netlink: 334 bytes leftover after parsing attributes in process `syz.5.3879'. [ 1117.347714][T23075] netlink: 334 bytes leftover after parsing attributes in process `syz.6.3881'. [ 1119.020100][T23093] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3887'. [ 1126.257546][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1126.264233][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1187.379437][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1187.387100][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1248.511049][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1248.517714][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1278.421490][ T31] INFO: task kworker/u8:0:12 blocked for more than 143 seconds. [ 1278.430144][ T31] Tainted: G U I L syzkaller #0 [ 1278.440768][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1278.450033][ T31] task:kworker/u8:0 state:D stack:24296 pid:12 tgid:12 ppid:2 task_flags:0x4248060 flags:0x00080000 [ 1278.462642][ T31] Workqueue: writeback wb_workfn (flush-8:0) [ 1278.468738][ T31] Call Trace: [ 1278.472435][ T31] [ 1278.475993][ T31] ? __schedule+0xf65/0x5e10 [ 1278.480621][ T31] __schedule+0xfe4/0x5e10 [ 1278.485278][ T31] ? __pfx_blk_mq_flush_plug_list+0x10/0x10 [ 1278.491340][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1278.496383][ T31] ? __blk_flush_plug+0x2f3/0x4b0 [ 1278.501866][ T31] ? __pfx___schedule+0x10/0x10 [ 1278.506956][ T31] ? find_held_lock+0x2b/0x80 [ 1278.512294][ T31] ? schedule+0x2bf/0x390 [ 1278.516747][ T31] schedule+0xdd/0x390 [ 1278.521456][ T31] io_schedule+0x8a/0xf0 [ 1278.527142][ T31] bit_wait_io+0xd/0xe0 [ 1278.531484][ T31] __wait_on_bit+0x65/0x180 [ 1278.536435][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 1278.541789][ T31] out_of_line_wait_on_bit+0xdc/0x110 [ 1278.547241][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 1278.553966][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 1278.559530][ T31] do_get_write_access+0x82f/0x1190 [ 1278.564914][ T31] ? jbd2_write_access_granted+0x61/0x3d0 [ 1278.570910][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 1278.576951][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 1278.583694][ T31] ext4_reserve_inode_write+0x1b7/0x330 [ 1278.589500][ T31] __ext4_mark_inode_dirty+0x18f/0x840 [ 1278.595103][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 1278.601794][ T31] ? __pfx___might_resched+0x10/0x10 [ 1278.607546][ T31] ? jbd2__journal_start+0xf7/0x6a0 [ 1278.613025][ T31] ? __ext4_journal_start_sb+0x32a/0x5c0 [ 1278.618934][ T31] ? __ext4_journal_start_sb+0x1ce/0x5c0 [ 1278.624796][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 1278.630621][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 1278.636104][ T31] ext4_dirty_inode+0xd9/0x130 [ 1278.642147][ T31] ? rcu_is_watching+0x12/0xc0 [ 1278.646983][ T31] __mark_inode_dirty+0x1ec/0x1560 [ 1278.652264][ T31] ext4_da_update_reserve_space+0x2ac/0x6e0 [ 1278.658547][ T31] ext4_es_insert_extent+0xa6b/0x10b0 [ 1278.665704][ T31] ? do_writepages+0x278/0x600 [ 1278.670653][ T31] ? __pfx_ext4_es_insert_extent+0x10/0x10 [ 1278.676548][ T31] ? find_held_lock+0x2b/0x80 [ 1278.681471][ T31] ? percpu_counter_add_batch+0xb9/0x230 [ 1278.687279][ T31] ? rcu_is_watching+0x12/0xc0 [ 1278.692176][ T31] ? ext4_es_lookup_extent+0xcc/0xc70 [ 1278.697796][ T31] ext4_map_blocks+0x735/0x13c0 [ 1278.702987][ T31] ? __pfx_ext4_map_blocks+0x10/0x10 [ 1278.708539][ T31] ? trace_kmem_cache_alloc+0x80/0xb0 [ 1278.714139][ T31] ? kmem_cache_alloc_noprof+0x2ff/0x780 [ 1278.720059][ T31] ? ext4_alloc_io_end_vec+0x2b/0x1c0 [ 1278.725614][ T31] ? ext4_ext_index_trans_blocks+0x167/0x1a0 [ 1278.732980][ T31] ? __ext4_journal_ensure_credits+0x265/0x2f0 [ 1278.739309][ T31] ext4_do_writepages+0x21ee/0x3df0 [ 1278.744829][ T31] ? __pfx_ext4_do_writepages+0x10/0x10 [ 1278.750546][ T31] ? ext4_writepages+0x347/0x790 [ 1278.755542][ T31] ext4_writepages+0x347/0x790 [ 1278.760488][ T31] ? __pfx_ext4_writepages+0x10/0x10 [ 1278.765986][ T31] ? __pfx_ext4_writepages+0x10/0x10 [ 1278.771721][ T31] do_writepages+0x278/0x600 [ 1278.776640][ T31] ? __pfx_do_writepages+0x10/0x10 [ 1278.781978][ T31] __writeback_single_inode+0x164/0x13c0 [ 1278.787832][ T31] ? find_held_lock+0x2b/0x80 [ 1278.792636][ T31] ? __pfx___writeback_single_inode+0x10/0x10 [ 1278.799044][ T31] ? do_raw_spin_unlock+0x145/0x1e0 [ 1278.804597][ T31] writeback_sb_inodes+0x72e/0x1b90 [ 1278.809970][ T31] ? kasan_save_stack+0x30/0x50 [ 1278.814865][ T31] ? __pfx_writeback_sb_inodes+0x10/0x10 [ 1278.820807][ T31] ? evict+0x599/0xad0 [ 1278.824986][ T31] ? _raw_spin_unlock+0x28/0x50 [ 1278.830026][ T31] ? move_expired_inodes+0x5ea/0x8f0 [ 1278.836610][ T31] __writeback_inodes_wb+0xf8/0x2d0 [ 1278.842104][ T31] ? __pfx___writeback_inodes_wb+0x10/0x10 [ 1278.848013][ T31] ? queue_io+0x286/0x4f0 [ 1278.852523][ T31] wb_writeback+0x6b4/0xab0 [ 1278.857196][ T31] ? __pfx_wb_writeback+0x10/0x10 [ 1278.862539][ T31] ? get_nr_dirty_inodes+0x115/0x190 [ 1278.867913][ T31] wb_workfn+0x885/0xbb0 [ 1278.872522][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1278.878491][ T31] ? __pfx_wb_workfn+0x10/0x10 [ 1278.883819][ T31] ? process_one_work+0x80b/0x1840 [ 1278.889232][ T31] ? rcu_is_watching+0x12/0xc0 [ 1278.894056][ T31] process_one_work+0x9c2/0x1840 [ 1278.899363][ T31] ? __pfx_process_one_work+0x10/0x10 [ 1278.904838][ T31] ? assign_work+0x19c/0x250 [ 1278.909680][ T31] worker_thread+0x5da/0xe40 [ 1278.914396][ T31] ? kthread+0x17d/0x730 [ 1278.918824][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1278.924131][ T31] kthread+0x3b3/0x730 [ 1278.928246][ T31] ? __pfx_kthread+0x10/0x10 [ 1278.934307][ T31] ? ret_from_fork+0x79/0xaf0 [ 1278.939123][ T31] ? ret_from_fork+0x79/0xaf0 [ 1278.943866][ T31] ? rcu_is_watching+0x12/0xc0 [ 1278.948763][ T31] ? __pfx_kthread+0x10/0x10 [ 1278.953581][ T31] ret_from_fork+0x754/0xaf0 [ 1278.958228][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1278.963501][ T31] ? __switch_to+0x7b9/0x10c0 [ 1278.968330][ T31] ? __pfx_kthread+0x10/0x10 [ 1278.973176][ T31] ret_from_fork_asm+0x1a/0x30 [ 1278.978028][ T31] [ 1278.981576][ T31] INFO: task khugepaged:38 blocked for more than 143 seconds. [ 1278.989600][ T31] Tainted: G U I L syzkaller #0 [ 1278.996165][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1279.005061][ T31] task:khugepaged state:D stack:26728 pid:38 tgid:38 ppid:2 task_flags:0x200040 flags:0x00080000 [ 1279.017396][ T31] Call Trace: [ 1279.020906][ T31] [ 1279.023882][ T31] ? __schedule+0xf65/0x5e10 [ 1279.028674][ T31] __schedule+0xfe4/0x5e10 [ 1279.033166][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1279.039533][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1279.044560][ T31] ? __pfx___schedule+0x10/0x10 [ 1279.049520][ T31] ? find_held_lock+0x2b/0x80 [ 1279.054266][ T31] ? schedule+0x2bf/0x390 [ 1279.060315][ T31] schedule+0xdd/0x390 [ 1279.064433][ T31] schedule_preempt_disabled+0x13/0x30 [ 1279.070056][ T31] rwsem_down_write_slowpath+0x530/0x1280 [ 1279.075879][ T31] ? __pfx_rwsem_down_write_slowpath+0x10/0x10 [ 1279.082182][ T31] ? __pfx___might_resched+0x10/0x10 [ 1279.087509][ T31] ? __thp_vma_allowable_orders+0x1c8/0xcd0 [ 1279.093550][ T31] down_write+0x1c7/0x1f0 [ 1279.098241][ T31] ? __pfx_down_write+0x10/0x10 [ 1279.103236][ T31] ? hugepage_vma_revalidate.isra.0+0x86/0x570 [ 1279.109625][ T31] collapse_huge_page+0x54a/0x3840 [ 1279.114817][ T31] ? kmem_cache_free+0x143/0x720 [ 1279.119881][ T31] ? collect_mm_slot+0x322/0x3d0 [ 1279.125059][ T31] ? khugepaged+0x7c3/0x16a0 [ 1279.129803][ T31] ? kthread+0x3b3/0x730 [ 1279.134225][ T31] ? ret_from_fork+0x754/0xaf0 [ 1279.140785][ T31] ? ret_from_fork_asm+0x1a/0x30 [ 1279.145840][ T31] ? __pfx_collapse_huge_page+0x10/0x10 [ 1279.152006][ T31] ? __pte_offset_map_lock+0x174/0x320 [ 1279.157628][ T31] ? find_held_lock+0x2b/0x80 [ 1279.162450][ T31] ? hpage_collapse_scan_pmd+0xd1f/0x1600 [ 1279.168311][ T31] ? hpage_collapse_scan_pmd+0xd1f/0x1600 [ 1279.174129][ T31] hpage_collapse_scan_pmd+0xd5e/0x1600 [ 1279.179920][ T31] ? __pfx_hpage_collapse_scan_pmd+0x10/0x10 [ 1279.186156][ T31] ? __pfx___might_resched+0x10/0x10 [ 1279.191564][ T31] khugepaged+0x1215/0x16a0 [ 1279.196223][ T31] ? __pfx_khugepaged+0x10/0x10 [ 1279.201223][ T31] ? __schedule+0xfc1/0x5e10 [ 1279.205869][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1279.211262][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1279.217649][ T31] ? find_held_lock+0x2b/0x80 [ 1279.222416][ T31] ? __kthread_parkme+0xbb/0x230 [ 1279.227474][ T31] ? __kthread_parkme+0x18c/0x230 [ 1279.232556][ T31] ? __pfx_khugepaged+0x10/0x10 [ 1279.237631][ T31] kthread+0x3b3/0x730 [ 1279.243074][ T31] ? __pfx_kthread+0x10/0x10 [ 1279.247799][ T31] ? ret_from_fork+0x79/0xaf0 [ 1279.252501][ T31] ? ret_from_fork+0x79/0xaf0 [ 1279.257275][ T31] ? rcu_is_watching+0x12/0xc0 [ 1279.262105][ T31] ? __pfx_kthread+0x10/0x10 [ 1279.266777][ T31] ret_from_fork+0x754/0xaf0 [ 1279.271575][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1279.276734][ T31] ? __switch_to+0x7b9/0x10c0 [ 1279.281574][ T31] ? __pfx_kthread+0x10/0x10 [ 1279.286495][ T31] ret_from_fork_asm+0x1a/0x30 [ 1279.291435][ T31] [ 1279.294632][ T31] INFO: task jbd2/sda1-8:5159 blocked for more than 144 seconds. [ 1279.303031][ T31] Tainted: G U I L syzkaller #0 [ 1279.310187][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1279.319359][ T31] task:jbd2/sda1-8 state:D stack:25736 pid:5159 tgid:5159 ppid:2 task_flags:0x240040 flags:0x00080000 [ 1279.331446][ T31] Call Trace: [ 1279.334861][ T31] [ 1279.337896][ T31] ? __schedule+0xf65/0x5e10 [ 1279.343718][ T31] __schedule+0xfe4/0x5e10 [ 1279.348313][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1279.353471][ T31] ? __pfx___schedule+0x10/0x10 [ 1279.358643][ T31] ? find_held_lock+0x2b/0x80 [ 1279.363531][ T31] ? schedule+0x2bf/0x390 [ 1279.368182][ T31] schedule+0xdd/0x390 [ 1279.372318][ T31] io_schedule+0x8a/0xf0 [ 1279.376697][ T31] bit_wait_io+0xd/0xe0 [ 1279.380941][ T31] __wait_on_bit+0x65/0x180 [ 1279.385605][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 1279.390862][ T31] out_of_line_wait_on_bit+0xdc/0x110 [ 1279.396412][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 1279.402547][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 1279.408196][ T31] ? __pfx___might_resched+0x10/0x10 [ 1279.413666][ T31] __wait_on_buffer+0x64/0x70 [ 1279.418742][ T31] jbd2_journal_commit_transaction+0x379c/0x6680 [ 1279.425395][ T31] ? __pfx_jbd2_journal_commit_transaction+0x10/0x10 [ 1279.432812][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1279.439472][ T31] ? debug_object_deactivate+0x2e4/0x3b0 [ 1279.446432][ T31] ? __pfx_debug_object_deactivate+0x10/0x10 [ 1279.452613][ T31] ? find_held_lock+0x2b/0x80 [ 1279.457476][ T31] ? __try_to_del_timer_sync+0x107/0x160 [ 1279.463476][ T31] ? __try_to_del_timer_sync+0x107/0x160 [ 1279.469669][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1279.475879][ T31] ? rcu_is_watching+0x12/0xc0 [ 1279.480806][ T31] ? __timer_delete_sync+0x151/0x1c0 [ 1279.486707][ T31] kjournald2+0x200/0x760 [ 1279.491648][ T31] ? __pfx_kjournald2+0x10/0x10 [ 1279.496747][ T31] ? find_held_lock+0x2b/0x80 [ 1279.501592][ T31] ? __kthread_parkme+0xbb/0x230 [ 1279.506837][ T31] ? __kthread_parkme+0xbb/0x230 [ 1279.512032][ T31] ? rcu_is_watching+0x12/0xc0 [ 1279.516950][ T31] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1279.523369][ T31] ? __kthread_parkme+0x18c/0x230 [ 1279.528599][ T31] ? __pfx_kjournald2+0x10/0x10 [ 1279.533898][ T31] kthread+0x3b3/0x730 [ 1279.538494][ T31] ? __pfx_kthread+0x10/0x10 [ 1279.543247][ T31] ? ret_from_fork+0x79/0xaf0 [ 1279.549421][ T31] ? ret_from_fork+0x79/0xaf0 [ 1279.554183][ T31] ? rcu_is_watching+0x12/0xc0 [ 1279.559401][ T31] ? __pfx_kthread+0x10/0x10 [ 1279.564272][ T31] ret_from_fork+0x754/0xaf0 [ 1279.568984][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1279.574248][ T31] ? __switch_to+0x7b9/0x10c0 [ 1279.579227][ T31] ? __pfx_kthread+0x10/0x10 [ 1279.583925][ T31] ret_from_fork_asm+0x1a/0x30 [ 1279.588888][ T31] [ 1279.592259][ T31] INFO: task syz-executor:5814 blocked for more than 144 seconds. [ 1279.600344][ T31] Tainted: G U I L syzkaller #0 [ 1279.607141][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1279.616397][ T31] task:syz-executor state:D stack:21880 pid:5814 tgid:5814 ppid:5813 task_flags:0x440100 flags:0x00080000 [ 1279.629245][ T31] Call Trace: [ 1279.632586][ T31] [ 1279.635742][ T31] ? __schedule+0xf65/0x5e10 [ 1279.640615][ T31] __schedule+0xfe4/0x5e10 [ 1279.645591][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1279.652256][ T31] ? __pfx___schedule+0x10/0x10 [ 1279.657988][ T31] ? find_held_lock+0x2b/0x80 [ 1279.662833][ T31] ? schedule+0x2bf/0x390 [ 1279.667310][ T31] schedule+0xdd/0x390 [ 1279.671443][ T31] io_schedule+0x8a/0xf0 [ 1279.675825][ T31] bit_wait_io+0xd/0xe0 [ 1279.680036][ T31] __wait_on_bit+0x65/0x180 [ 1279.684579][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 1279.689740][ T31] out_of_line_wait_on_bit+0xdc/0x110 [ 1279.696309][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 1279.702482][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 1279.708188][ T31] do_get_write_access+0x82f/0x1190 [ 1279.713563][ T31] ? jbd2_write_access_granted+0x61/0x3d0 [ 1279.719494][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 1279.725666][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 1279.731870][ T31] ext4_reserve_inode_write+0x1b7/0x330 [ 1279.738684][ T31] __ext4_mark_inode_dirty+0x18f/0x840 [ 1279.744481][ T31] ? trace_kmem_cache_alloc+0x80/0xb0 [ 1279.751188][ T31] ? kmem_cache_alloc_noprof+0x2ff/0x780 [ 1279.757301][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 1279.763451][ T31] ? rcu_is_watching+0x12/0xc0 [ 1279.768562][ T31] ? trace_jbd2_handle_start+0x7f/0x200 [ 1279.774290][ T31] ? jbd2__journal_start+0xf7/0x6a0 [ 1279.779671][ T31] ? __ext4_journal_start_sb+0x32a/0x5c0 [ 1279.785452][ T31] ? __ext4_journal_start_sb+0x1ce/0x5c0 [ 1279.791238][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 1279.796353][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 1279.802351][ T31] ext4_dirty_inode+0xd9/0x130 [ 1279.807548][ T31] ? rcu_is_watching+0x12/0xc0 [ 1279.812416][ T31] __mark_inode_dirty+0x1ec/0x1560 [ 1279.817752][ T31] generic_update_time+0xcf/0xf0 [ 1279.822853][ T31] file_update_time_flags+0x401/0x510 [ 1279.828343][ T31] ext4_page_mkwrite+0x35b/0x1980 [ 1279.833564][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 1279.839198][ T31] ? vm_normal_page+0x1b6/0x330 [ 1279.844236][ T31] ? find_held_lock+0x2b/0x80 [ 1279.848975][ T31] ? rcu_read_unlock+0x2d/0xb0 [ 1279.855555][ T31] do_page_mkwrite+0x17a/0x440 [ 1279.860696][ T31] do_wp_page+0x4aa/0x4c10 [ 1279.865600][ T31] ? __pfx_do_wp_page+0x10/0x10 [ 1279.870593][ T31] ? do_raw_spin_lock+0x128/0x260 [ 1279.875925][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1279.881386][ T31] __handle_mm_fault+0x1ac0/0x2b50 [ 1279.886611][ T31] ? reacquire_held_locks+0xce/0x1e0 [ 1279.892123][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 1279.898048][ T31] ? lock_vma_under_rcu+0x17c/0x5a0 [ 1279.903420][ T31] handle_mm_fault+0x36d/0xa20 [ 1279.908321][ T31] do_user_addr_fault+0x5a3/0x12f0 [ 1279.913603][ T31] exc_page_fault+0x6f/0xd0 [ 1279.918353][ T31] asm_exc_page_fault+0x26/0x30 [ 1279.923259][ T31] RIP: 0033:0x7efd478795a7 [ 1279.927918][ T31] RSP: 002b:00007ffe8a987620 EFLAGS: 00010202 [ 1279.934106][ T31] RAX: 00007efd463bc000 RBX: 000055557d75a230 RCX: 0000000000000005 [ 1279.942330][ T31] RDX: 0000000000000a82 RSI: 000055557d75ab30 RDI: 0000000000000020 [ 1279.950550][ T31] RBP: 00007ffe8a987b20 R08: 000000000000031e R09: 000055557d75ab50 [ 1279.960194][ T31] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffe8a987960 [ 1279.968559][ T31] R13: 00007ffe8a987750 R14: 585858582e7a7973 R15: 00007ffe8a9876a0 [ 1279.977284][ T31] [ 1279.980836][ T31] INFO: task syz.4.3870:23021 blocked for more than 144 seconds. [ 1279.988968][ T31] Tainted: G U I L syzkaller #0 [ 1279.995764][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1280.004569][ T31] task:syz.4.3870 state:D stack:22824 pid:23021 tgid:23021 ppid:18113 task_flags:0x400640 flags:0x00080001 [ 1280.016696][ T31] Call Trace: [ 1280.020006][ T31] [ 1280.023037][ T31] ? __schedule+0xf65/0x5e10 [ 1280.027684][ T31] __schedule+0xfe4/0x5e10 [ 1280.032148][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1280.037283][ T31] ? __pfx___schedule+0x10/0x10 [ 1280.042299][ T31] ? find_held_lock+0x2b/0x80 [ 1280.047144][ T31] ? schedule+0x2bf/0x390 [ 1280.051537][ T31] schedule+0xdd/0x390 [ 1280.057008][ T31] io_schedule+0x8a/0xf0 [ 1280.061423][ T31] folio_wait_bit_common+0x414/0xa70 [ 1280.066839][ T31] ? folio_wait_bit_common+0x2a0/0xa70 [ 1280.072739][ T31] ? __pfx_folio_wait_bit_common+0x10/0x10 [ 1280.078659][ T31] ? find_held_lock+0x2b/0x80 [ 1280.084080][ T31] ? __pfx_wake_page_function+0x10/0x10 [ 1280.089693][ T31] ? __filemap_get_folio_mpol+0x3ba/0xe70 [ 1280.095594][ T31] filemap_fault+0x5fb/0x37c0 [ 1280.100348][ T31] ? __pfx_filemap_fault+0x10/0x10 [ 1280.105572][ T31] ? __pfx_filemap_map_pages+0x10/0x10 [ 1280.111097][ T31] __do_fault+0x10d/0x550 [ 1280.115573][ T31] do_fault+0xaf9/0x1990 [ 1280.119974][ T31] __handle_mm_fault+0x1807/0x2b50 [ 1280.125413][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 1280.131116][ T31] ? __pte_offset_map_lock+0x174/0x320 [ 1280.137079][ T31] ? find_held_lock+0x2b/0x80 [ 1280.141821][ T31] ? follow_page_pte+0x5b4/0x1410 [ 1280.146989][ T31] handle_mm_fault+0x36d/0xa20 [ 1280.151840][ T31] __get_user_pages+0xf9c/0x34d0 [ 1280.158255][ T31] ? __pfx___get_user_pages+0x10/0x10 [ 1280.163790][ T31] get_dump_page+0x27e/0x3d0 [ 1280.168483][ T31] ? __pfx_get_dump_page+0x10/0x10 [ 1280.173866][ T31] ? dump_user_range+0x73b/0xb50 [ 1280.178879][ T31] dump_user_range+0x18d/0xb50 [ 1280.183875][ T31] ? __pfx_dump_user_range+0x10/0x10 [ 1280.189242][ T31] ? __pfx_writenote+0x10/0x10 [ 1280.195192][ T31] elf_core_dump+0x2d16/0x3c60 [ 1280.200070][ T31] ? __pfx_elf_core_dump+0x10/0x10 [ 1280.205426][ T31] ? kasan_save_stack+0x30/0x50 [ 1280.210491][ T31] ? kasan_save_track+0x14/0x30 [ 1280.215508][ T31] ? __kasan_kmalloc+0xaa/0xb0 [ 1280.220706][ T31] ? __kvmalloc_node_noprof+0x34d/0xac0 [ 1280.226424][ T31] ? vfs_coredump+0x1f01/0x5530 [ 1280.231423][ T31] ? arch_do_signal_or_restart+0x91/0x770 [ 1280.237300][ T31] ? irqentry_exit+0x1f8/0x670 [ 1280.242168][ T31] ? asm_exc_invalid_op+0x1a/0x20 [ 1280.247349][ T31] ? 0xffffffffff600000 [ 1280.251595][ T31] ? vfs_coredump+0x276c/0x5530 [ 1280.256620][ T31] vfs_coredump+0x276c/0x5530 [ 1280.262567][ T31] ? __pfx_vfs_coredump+0x10/0x10 [ 1280.267684][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1280.272883][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1280.277859][ T31] ? lock_acquire+0x17c/0x330 [ 1280.282654][ T31] ? lock_acquire+0x17c/0x330 [ 1280.287395][ T31] ? bpf_ksym_find+0x124/0x1c0 [ 1280.292273][ T31] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1280.298933][ T31] ? arch_stack_walk+0xa6/0xf0 [ 1280.304120][ T31] ? stack_trace_save+0x8e/0xc0 [ 1280.309002][ T31] ? __pfx_stack_trace_save+0x10/0x10 [ 1280.314503][ T31] ? stack_depot_save_flags+0x27/0x9c0 [ 1280.320029][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1280.325388][ T31] ? proc_coredump_connector+0x2d3/0x4f0 [ 1280.331107][ T31] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1280.337950][ T31] ? rcu_is_watching+0x12/0xc0 [ 1280.342897][ T31] get_signal+0x1f2a/0x21e0 [ 1280.347496][ T31] ? __pfx_get_signal+0x10/0x10 [ 1280.352757][ T31] ? force_sig_fault+0xc3/0x100 [ 1280.357669][ T31] ? __pfx_force_sig_fault+0x10/0x10 [ 1280.364339][ T31] arch_do_signal_or_restart+0x91/0x770 [ 1280.370025][ T31] ? notify_die+0xc7/0x1a0 [ 1280.374593][ T31] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1280.380791][ T31] ? rcu_is_watching+0x12/0xc0 [ 1280.385706][ T31] ? trace_irq_disable.constprop.0+0xd0/0x110 [ 1280.392003][ T31] irqentry_exit+0x1f8/0x670 [ 1280.396753][ T31] ? handle_invalid_op+0x34/0x40 [ 1280.401855][ T31] asm_exc_invalid_op+0x1a/0x20 [ 1280.406765][ T31] RIP: 0033:0x14 [ 1280.410422][ T31] RSP: 002b:0000000000005ff3 EFLAGS: 00010202 [ 1280.417032][ T31] RAX: 0000000000000000 RBX: 00007f416ee16180 RCX: 00007f416eb9aeb9 [ 1280.425152][ T31] RDX: 0000000000000000 RSI: 0000000000005feb RDI: 0000000000000002 [ 1280.433341][ T31] RBP: 00007f416ec08c1f R08: 0002000000000003 R09: 0000000000000000 [ 1280.441659][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1280.449993][ T31] R13: 00007f416ee16218 R14: 00007f416ee16180 R15: 00007ffca3e0eeb8 [ 1280.458217][ T31] [ 1280.462625][ T31] INFO: task syz.5.3887:23092 blocked for more than 145 seconds. [ 1280.470411][ T31] Tainted: G U I L syzkaller #0 [ 1280.477060][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1280.486082][ T31] task:syz.5.3887 state:D stack:26584 pid:23092 tgid:23092 ppid:15856 task_flags:0x440040 flags:0x00080002 [ 1280.499528][ T31] Call Trace: [ 1280.503126][ T31] [ 1280.506107][ T31] ? __schedule+0xf65/0x5e10 [ 1280.511156][ T31] __schedule+0xfe4/0x5e10 [ 1280.515830][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1280.521427][ T31] ? __pfx___schedule+0x10/0x10 [ 1280.526429][ T31] ? find_held_lock+0x2b/0x80 [ 1280.531253][ T31] ? schedule+0x2bf/0x390 [ 1280.535664][ T31] schedule+0xdd/0x390 [ 1280.539851][ T31] io_schedule+0x8a/0xf0 [ 1280.544229][ T31] bit_wait_io+0xd/0xe0 [ 1280.548448][ T31] __wait_on_bit+0x65/0x180 [ 1280.553114][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 1280.558144][ T31] out_of_line_wait_on_bit+0xdc/0x110 [ 1280.564909][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 1280.571058][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 1280.576601][ T31] do_get_write_access+0x82f/0x1190 [ 1280.581926][ T31] ? jbd2_write_access_granted+0x61/0x3d0 [ 1280.587702][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 1280.593798][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 1280.599995][ T31] ext4_reserve_inode_write+0x1b7/0x330 [ 1280.605614][ T31] __ext4_mark_inode_dirty+0x18f/0x840 [ 1280.611329][ T31] ? trace_kmem_cache_alloc+0x80/0xb0 [ 1280.616877][ T31] ? kmem_cache_alloc_noprof+0x2ff/0x780 [ 1280.622668][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 1280.628707][ T31] ? rcu_is_watching+0x12/0xc0 [ 1280.633920][ T31] ? trace_jbd2_handle_start+0x7f/0x200 [ 1280.639941][ T31] ? jbd2__journal_start+0xf7/0x6a0 [ 1280.645218][ T31] ? __ext4_journal_start_sb+0x32a/0x5c0 [ 1280.651739][ T31] ? __ext4_journal_start_sb+0x1ce/0x5c0 [ 1280.657564][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 1280.662628][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 1280.669351][ T31] ext4_dirty_inode+0xd9/0x130 [ 1280.674293][ T31] ? rcu_is_watching+0x12/0xc0 [ 1280.679138][ T31] __mark_inode_dirty+0x1ec/0x1560 [ 1280.684585][ T31] generic_update_time+0xcf/0xf0 [ 1280.689771][ T31] file_update_time_flags+0x401/0x510 [ 1280.695318][ T31] ext4_page_mkwrite+0x35b/0x1980 [ 1280.700500][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 1280.706035][ T31] ? __raw_spin_lock_init+0x3a/0x110 [ 1280.711462][ T31] do_page_mkwrite+0x17a/0x440 [ 1280.716320][ T31] do_fault+0x3d7/0x1990 [ 1280.720683][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1280.725784][ T31] __handle_mm_fault+0x1807/0x2b50 [ 1280.732030][ T31] ? reacquire_held_locks+0xce/0x1e0 [ 1280.737381][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 1280.743491][ T31] ? lock_vma_under_rcu+0x17c/0x5a0 [ 1280.748874][ T31] ? lockdep_hardirqs_on+0x78/0x100 [ 1280.754368][ T31] handle_mm_fault+0x36d/0xa20 [ 1280.759532][ T31] do_user_addr_fault+0x5a3/0x12f0 [ 1280.764959][ T31] exc_page_fault+0x6f/0xd0 [ 1280.770756][ T31] asm_exc_page_fault+0x26/0x30 [ 1280.775708][ T31] RIP: 0033:0x7f4abe46f6c0 [ 1280.780223][ T31] RSP: 002b:00007ffd8bcf5390 EFLAGS: 00010202 [ 1280.786380][ T31] RAX: 0000001b33400000 RBX: ffffffff8175d983 RCX: 0000001b333ffff8 [ 1280.794493][ T31] RDX: 0000001b32e24220 RSI: 0000000000000008 RDI: 00007f4abf345720 [ 1280.802853][ T31] RBP: 00000000000001ae R08: 00007f4abe800000 R09: 00007f4abe802000 [ 1280.811051][ T31] R10: 000000008175d987 R11: 000000000000000d R12: 00007f4abe816218 [ 1280.819412][ T31] R13: 0000000000000203 R14: ffffffff8175d053 R15: 00007f4abf345720 [ 1280.827440][ T31] ? in_gate_area_no_mm+0x13/0x70 [ 1280.832670][ T31] ? ia32_sys_call+0x753/0x19e0 [ 1280.837611][ T31] [ 1280.840818][ T31] INFO: task syz.4.3888:23096 blocked for more than 145 seconds. [ 1280.849013][ T31] Tainted: G U I L syzkaller #0 [ 1280.855564][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1280.864328][ T31] task:syz.4.3888 state:D stack:27976 pid:23096 tgid:23096 ppid:18113 task_flags:0x440040 flags:0x00080002 [ 1280.877435][ T31] Call Trace: [ 1280.880832][ T31] [ 1280.883804][ T31] ? __schedule+0xf65/0x5e10 [ 1280.888943][ T31] __schedule+0xfe4/0x5e10 [ 1280.893443][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1280.898585][ T31] ? __pfx___schedule+0x10/0x10 [ 1280.903698][ T31] ? find_held_lock+0x2b/0x80 [ 1280.908572][ T31] ? schedule+0x2bf/0x390 [ 1280.912976][ T31] schedule+0xdd/0x390 [ 1280.917065][ T31] io_schedule+0x8a/0xf0 [ 1280.921509][ T31] bit_wait_io+0xd/0xe0 [ 1280.926066][ T31] __wait_on_bit+0x65/0x180 [ 1280.930783][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 1280.935816][ T31] out_of_line_wait_on_bit+0xdc/0x110 [ 1280.941350][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 1280.947664][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 1280.953283][ T31] do_get_write_access+0x82f/0x1190 [ 1280.958936][ T31] ? jbd2_write_access_granted+0x61/0x3d0 [ 1280.964753][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 1280.972422][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 1280.978650][ T31] ext4_reserve_inode_write+0x1b7/0x330 [ 1280.984810][ T31] __ext4_mark_inode_dirty+0x18f/0x840 [ 1280.990561][ T31] ? trace_kmem_cache_alloc+0x80/0xb0 [ 1280.996105][ T31] ? kmem_cache_alloc_noprof+0x2ff/0x780 [ 1281.002072][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 1281.008384][ T31] ? rcu_is_watching+0x12/0xc0 [ 1281.013323][ T31] ? trace_jbd2_handle_start+0x7f/0x200 [ 1281.019057][ T31] ? jbd2__journal_start+0xf7/0x6a0 [ 1281.024363][ T31] ? __ext4_journal_start_sb+0x32a/0x5c0 [ 1281.030246][ T31] ? __ext4_journal_start_sb+0x1ce/0x5c0 [ 1281.036578][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 1281.041691][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 1281.047195][ T31] ext4_dirty_inode+0xd9/0x130 [ 1281.052770][ T31] ? rcu_is_watching+0x12/0xc0 [ 1281.057648][ T31] __mark_inode_dirty+0x1ec/0x1560 [ 1281.062856][ T31] generic_update_time+0xcf/0xf0 [ 1281.068357][ T31] file_update_time_flags+0x401/0x510 [ 1281.075362][ T31] ext4_page_mkwrite+0x35b/0x1980 [ 1281.080545][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 1281.086081][ T31] do_page_mkwrite+0x17a/0x440 [ 1281.091018][ T31] do_fault+0x3d7/0x1990 [ 1281.095337][ T31] __handle_mm_fault+0x1807/0x2b50 [ 1281.100816][ T31] ? reacquire_held_locks+0xce/0x1e0 [ 1281.106157][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 1281.111761][ T31] ? lock_vma_under_rcu+0x17c/0x5a0 [ 1281.117030][ T31] handle_mm_fault+0x36d/0xa20 [ 1281.121918][ T31] do_user_addr_fault+0x5a3/0x12f0 [ 1281.127103][ T31] exc_page_fault+0x6f/0xd0 [ 1281.132026][ T31] asm_exc_page_fault+0x26/0x30 [ 1281.137016][ T31] RIP: 0033:0x7f416ea6f6c0 [ 1281.141554][ T31] RSP: 002b:00007ffca3e0ef00 EFLAGS: 00010202 [ 1281.147729][ T31] RAX: 0000001b30223000 RBX: ffffffff82a9b7ac RCX: 0000001b30222ff8 [ 1281.155963][ T31] RDX: 0000001b2fc24218 RSI: 0000000000000008 RDI: 00007f416f945720 [ 1281.164044][ T31] RBP: 0000000000000201 R08: 00007f416ee00000 R09: 00007f416ee02000 [ 1281.172148][ T31] R10: 0000000082a9b7b0 R11: 0000000000000000 R12: 00007f416ee16038 [ 1281.181823][ T31] R13: 000000000000026c R14: ffffffff82a9b1e5 R15: 00007f416f945720 [ 1281.190045][ T31] ? __dquot_initialize+0xf5/0xd70 [ 1281.195572][ T31] ? __dquot_initialize+0x6bc/0xd70 [ 1281.200902][ T31] [ 1281.204165][ T31] INFO: task syz.0.3890:23099 blocked for more than 146 seconds. [ 1281.212254][ T31] Tainted: G U I L syzkaller #0 [ 1281.218896][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1281.227672][ T31] task:syz.0.3890 state:D stack:27640 pid:23099 tgid:23099 ppid:16744 task_flags:0x440040 flags:0x00080002 [ 1281.239819][ T31] Call Trace: [ 1281.243119][ T31] [ 1281.246173][ T31] ? __schedule+0xf65/0x5e10 [ 1281.250910][ T31] __schedule+0xfe4/0x5e10 [ 1281.255396][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1281.260503][ T31] ? __pfx___schedule+0x10/0x10 [ 1281.265403][ T31] ? find_held_lock+0x2b/0x80 [ 1281.270218][ T31] ? schedule+0x2bf/0x390 [ 1281.274606][ T31] schedule+0xdd/0x390 [ 1281.280302][ T31] io_schedule+0x8a/0xf0 [ 1281.284714][ T31] bit_wait_io+0xd/0xe0 [ 1281.289432][ T31] __wait_on_bit+0x65/0x180 [ 1281.294041][ T31] ? __pfx_bit_wait_io+0x10/0x10 [ 1281.299190][ T31] out_of_line_wait_on_bit+0xdc/0x110 [ 1281.304621][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10 [ 1281.310751][ T31] ? __pfx_wake_bit_function+0x10/0x10 [ 1281.316442][ T31] do_get_write_access+0x82f/0x1190 [ 1281.321775][ T31] ? jbd2_write_access_granted+0x61/0x3d0 [ 1281.328095][ T31] jbd2_journal_get_write_access+0x1d6/0x280 [ 1281.334170][ T31] __ext4_journal_get_write_access+0x6a/0x340 [ 1281.340441][ T31] ext4_reserve_inode_write+0x1b7/0x330 [ 1281.346212][ T31] __ext4_mark_inode_dirty+0x18f/0x840 [ 1281.351933][ T31] ? trace_kmem_cache_alloc+0x80/0xb0 [ 1281.357446][ T31] ? kmem_cache_alloc_noprof+0x2ff/0x780 [ 1281.363219][ T31] ? __pfx___ext4_mark_inode_dirty+0x10/0x10 [ 1281.369719][ T31] ? rcu_is_watching+0x12/0xc0 [ 1281.374548][ T31] ? trace_jbd2_handle_start+0x7f/0x200 [ 1281.381407][ T31] ? jbd2__journal_start+0xf7/0x6a0 [ 1281.386778][ T31] ? __ext4_journal_start_sb+0x32a/0x5c0 [ 1281.392584][ T31] ? __ext4_journal_start_sb+0x1ce/0x5c0 [ 1281.398796][ T31] ? ext4_dirty_inode+0xa1/0x130 [ 1281.403813][ T31] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 1281.409498][ T31] ext4_dirty_inode+0xd9/0x130 [ 1281.414344][ T31] ? rcu_is_watching+0x12/0xc0 [ 1281.419288][ T31] __mark_inode_dirty+0x1ec/0x1560 [ 1281.424715][ T31] generic_update_time+0xcf/0xf0 [ 1281.430022][ T31] file_update_time_flags+0x401/0x510 [ 1281.435699][ T31] ext4_page_mkwrite+0x35b/0x1980 [ 1281.440790][ T31] ? __pfx_ext4_page_mkwrite+0x10/0x10 [ 1281.446391][ T31] ? __raw_spin_lock_init+0x3a/0x110 [ 1281.451843][ T31] do_page_mkwrite+0x17a/0x440 [ 1281.456910][ T31] do_fault+0x3d7/0x1990 [ 1281.461608][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1281.466723][ T31] __handle_mm_fault+0x1807/0x2b50 [ 1281.472174][ T31] ? reacquire_held_locks+0xce/0x1e0 [ 1281.477801][ T31] ? __pfx___handle_mm_fault+0x10/0x10 [ 1281.484543][ T31] ? lock_vma_under_rcu+0x17c/0x5a0 [ 1281.490066][ T31] handle_mm_fault+0x36d/0xa20 [ 1281.495135][ T31] do_user_addr_fault+0x5a3/0x12f0 [ 1281.500606][ T31] exc_page_fault+0x6f/0xd0 [ 1281.505632][ T31] asm_exc_page_fault+0x26/0x30 [ 1281.510649][ T31] RIP: 0033:0x7f906326f6c0 [ 1281.515197][ T31] RSP: 002b:00007fff56ff5740 EFLAGS: 00010202 [ 1281.521322][ T31] RAX: 0000001b33124000 RBX: ffffffff893de6eb RCX: 0000001b33123ff8 [ 1281.529439][ T31] RDX: 00000000003ffde8 RSI: 00000000003ffde8 RDI: 00007f9064145700 [ 1281.537638][ T31] RBP: 0000000000000001 R08: 0000000000000000 R09: 00007f9063602000 [ 1281.545777][ T31] R10: 00007f9064145700 R11: 0000000000000000 R12: 00007f9063616038 [ 1281.553886][ T31] R13: 0000000000000000 R14: ffffffff893def81 R15: 00007f9064145720 [ 1281.562003][ T31] ? __x64_sys_socket+0x11/0xb0 [ 1281.567059][ T31] ? compat_sock_ioctl+0x36b/0x760 [ 1281.572236][ T31] [ 1281.575397][ T31] [ 1281.575397][ T31] Showing all locks held in the system: [ 1281.584509][ T31] 6 locks held by kworker/u8:0/12: [ 1281.589781][ T31] #0: ffff888140ee3948 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x11ae/0x1840 [ 1281.600758][ T31] #1: ffffc90000117c98 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x927/0x1840 [ 1281.612978][ T31] #2: ffff8880334d20e0 (&type->s_umount_key#32){++++}-{4:4}, at: super_trylock_shared+0x1e/0xf0 [ 1281.623969][ T31] #3: ffff8880334d4b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x278/0x600 [ 1281.634513][ T31] #4: ffff8880334d6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xfaa/0x13a0 [ 1281.644306][ T31] #5: ffff8880771c15b0 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x469/0x13c0 [ 1281.654301][ T31] 1 lock held by khungtaskd/31: [ 1281.659309][ T31] #0: ffffffff8e5e3120 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 1281.669289][ T31] 1 lock held by khugepaged/38: [ 1281.674178][ T31] #0: ffff888035fc8340 (&mm->mmap_lock){++++}-{4:4}, at: collapse_huge_page+0x54a/0x3840 [ 1281.686219][ T31] 3 locks held by syz-executor/5814: [ 1281.691840][ T31] #0: ffff88807e9b7a88 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x11d/0x5a0 [ 1281.701618][ T31] #1: ffff8880334d2518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x17a/0x440 [ 1281.711495][ T31] #2: ffff8880334d6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xfaa/0x13a0 [ 1281.721318][ T31] 2 locks held by getty/18620: [ 1281.726617][ T31] #0: ffff88814e2cd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1281.736719][ T31] #1: ffffc90004a7b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 1281.746984][ T31] 2 locks held by syz.4.3870/23021: [ 1281.752284][ T31] #0: ffff888142ef6420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x1f2a/0x21e0 [ 1281.761580][ T31] #1: ffff888035fc8340 (&mm->mmap_lock){++++}-{4:4}, at: dump_user_range+0x151/0xb50 [ 1281.772196][ T31] 3 locks held by syz.5.3887/23092: [ 1281.777537][ T31] #0: ffff8880344ba588 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x11d/0x5a0 [ 1281.788314][ T31] #1: ffff8880334d2518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x17a/0x440 [ 1281.798030][ T31] #2: ffff8880334d6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xfaa/0x13a0 [ 1281.807931][ T31] 3 locks held by syz.4.3888/23096: [ 1281.813168][ T31] #0: ffff88803037e808 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x11d/0x5a0 [ 1281.822557][ T31] #1: ffff8880334d2518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x17a/0x440 [ 1281.832357][ T31] #2: ffff8880334d6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xfaa/0x13a0 [ 1281.842478][ T31] 3 locks held by syz.0.3890/23099: [ 1281.847807][ T31] #0: ffff88803165e448 (vm_lock){++++}-{0:0}, at: lock_vma_under_rcu+0x11d/0x5a0 [ 1281.857313][ T31] #1: ffff8880334d2518 (sb_pagefaults){.+.+}-{0:0}, at: do_page_mkwrite+0x17a/0x440 [ 1281.867598][ T31] #2: ffff8880334d6950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xfaa/0x13a0 [ 1281.877504][ T31] [ 1281.879855][ T31] ============================================= [ 1281.879855][ T31] [ 1281.889532][ T31] NMI backtrace for cpu 1 [ 1281.889566][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1281.889620][ T31] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1281.889635][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1281.889654][ T31] Call Trace: [ 1281.889665][ T31] [ 1281.889678][ T31] dump_stack_lvl+0x100/0x190 [ 1281.889720][ T31] nmi_cpu_backtrace.cold+0x12d/0x151 [ 1281.889763][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1281.889817][ T31] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 1281.889870][ T31] sys_info+0x141/0x190 [ 1281.889911][ T31] watchdog+0xcc3/0xfe0 [ 1281.889955][ T31] ? __pfx_watchdog+0x10/0x10 [ 1281.889991][ T31] ? __kthread_parkme+0x18c/0x230 [ 1281.890031][ T31] ? __pfx_watchdog+0x10/0x10 [ 1281.890067][ T31] ? __pfx_watchdog+0x10/0x10 [ 1281.890099][ T31] kthread+0x3b3/0x730 [ 1281.890145][ T31] ? __pfx_kthread+0x10/0x10 [ 1281.890188][ T31] ? ret_from_fork+0x79/0xaf0 [ 1281.890226][ T31] ? ret_from_fork+0x79/0xaf0 [ 1281.890256][ T31] ? rcu_is_watching+0x12/0xc0 [ 1281.890287][ T31] ? __pfx_kthread+0x10/0x10 [ 1281.890335][ T31] ret_from_fork+0x754/0xaf0 [ 1281.890368][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1281.890402][ T31] ? __switch_to+0x7b9/0x10c0 [ 1281.890442][ T31] ? __pfx_kthread+0x10/0x10 [ 1281.890499][ T31] ret_from_fork_asm+0x1a/0x30 [ 1281.890565][ T31] [ 1281.890577][ T31] Sending NMI from CPU 1 to CPUs 0: [ 1282.042389][ C0] NMI backtrace for cpu 0 [ 1282.042418][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1282.042462][ C0] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1282.042474][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1282.042491][ C0] RIP: 0010:account_other_time+0x7/0x320 [ 1282.042536][ C0] Code: 48 89 df e8 4b 95 94 00 eb d9 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 c7 c0 54 a2 b7 90 <41> 56 48 ba 00 00 00 00 00 fc ff df 48 89 c1 41 55 83 e0 07 48 c1 [ 1282.042562][ C0] RSP: 0018:ffffc90000007ce0 EFLAGS: 00000002 [ 1282.042584][ C0] RAX: ffffffff90b7a254 RBX: 0000000000989680 RCX: ffffffff81f6ed9c [ 1282.042602][ C0] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffffffffffffff [ 1282.042619][ C0] RBP: ffffffff8e297ac0 R08: 0000000000000003 R09: 0000000000000000 [ 1282.042636][ C0] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 1282.042652][ C0] R13: 1ffff92000000fa4 R14: 0000000000000000 R15: ffff8880b8428da0 [ 1282.042670][ C0] FS: 0000000000000000(0000) GS:ffff8881245e3000(0000) knlGS:0000000000000000 [ 1282.042695][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1282.042713][ C0] CR2: 00007f7e13a41700 CR3: 00000000593e6000 CR4: 00000000003526f0 [ 1282.042730][ C0] Call Trace: [ 1282.042739][ C0] [ 1282.042748][ C0] irqtime_account_process_tick+0x22/0x170 [ 1282.042788][ C0] update_process_times+0x75/0x2d0 [ 1282.042827][ C0] ? __pfx_update_process_times+0x10/0x10 [ 1282.042865][ C0] ? read_tsc+0x9/0x20 [ 1282.042897][ C0] ? ktime_get+0x1a7/0x300 [ 1282.042925][ C0] ? debug_object_deactivate+0x2e4/0x3b0 [ 1282.042961][ C0] tick_nohz_handler+0x27b/0x720 [ 1282.042993][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 1282.043023][ C0] ? __hrtimer_run_queues+0x433/0x990 [ 1282.043066][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 1282.043097][ C0] __hrtimer_run_queues+0x1ad/0x990 [ 1282.043142][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 1282.043183][ C0] ? ktime_get_update_offsets_now+0x2cd/0x4d0 [ 1282.043225][ C0] hrtimer_interrupt+0x397/0x8c0 [ 1282.043258][ C0] __sysvec_apic_timer_interrupt+0x109/0x3c0 [ 1282.043289][ C0] sysvec_apic_timer_interrupt+0x9e/0xc0 [ 1282.043319][ C0] [ 1282.043327][ C0] [ 1282.043337][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1282.043373][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 1282.043403][ C0] Code: a6 7a 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 23 7b 17 00 fb f4 fc 31 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 1282.043428][ C0] RSP: 0018:ffffffff8e207e00 EFLAGS: 00000242 [ 1282.043447][ C0] RAX: 000000000072b70d RBX: ffffffff8e297ac0 RCX: ffffffff8b7404b5 [ 1282.043464][ C0] RDX: 0000000000000000 RSI: ffffffff8dc413ca RDI: ffffffff8bfa32a0 [ 1282.043482][ C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed101708673d [ 1282.043498][ C0] R10: ffff8880b84339eb R11: 0000000000000000 R12: fffffbfff1c52f58 [ 1282.043516][ C0] R13: 0000000000000000 R14: ffffffff90b771d0 R15: 0000000000000000 [ 1282.043537][ C0] ? ct_kernel_exit+0x125/0x180 [ 1282.043572][ C0] default_idle+0x9/0x10 [ 1282.043604][ C0] default_idle_call+0x6c/0xb0 [ 1282.043639][ C0] do_idle+0x35b/0x4b0 [ 1282.043665][ C0] ? __pfx_do_idle+0x10/0x10 [ 1282.043695][ C0] cpu_startup_entry+0x4f/0x60 [ 1282.043722][ C0] rest_init+0x251/0x260 [ 1282.043757][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 1282.043787][ C0] start_kernel+0x47a/0x480 [ 1282.043830][ C0] x86_64_start_reservations+0x24/0x30 [ 1282.043857][ C0] x86_64_start_kernel+0x122/0x130 [ 1282.043884][ C0] common_startup_64+0x13e/0x148 [ 1282.043925][ C0] [ 1282.044816][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1282.044888][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U I L syzkaller #0 PREEMPT(full) [ 1282.045016][ T31] Tainted: [U]=USER, [I]=FIRMWARE_WORKAROUND, [L]=SOFTLOCKUP [ 1282.045058][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 1282.045126][ T31] Call Trace: [ 1282.045159][ T31] [ 1282.045191][ T31] dump_stack_lvl+0x100/0x190 [ 1282.045315][ T31] vpanic+0x20d/0x630 [ 1282.045392][ T31] panic+0xd1/0xd1 [ 1282.045468][ T31] ? __pfx_panic+0x10/0x10 [ 1282.045595][ T31] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 1282.045730][ T31] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 1282.045864][ T31] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 1282.045997][ T31] ? watchdog.cold+0x198/0x1ca [ 1282.046092][ T31] ? watchdog+0xcd3/0xfe0 [ 1282.046187][ T31] watchdog.cold+0x1a9/0x1ca [ 1282.046309][ T31] ? __pfx_watchdog+0x10/0x10 [ 1282.046403][ T31] ? __kthread_parkme+0x18c/0x230 [ 1282.046508][ T31] ? __pfx_watchdog+0x10/0x10 [ 1282.046595][ T31] ? __pfx_watchdog+0x10/0x10 [ 1282.046676][ T31] kthread+0x3b3/0x730 [ 1282.046807][ T31] ? __pfx_kthread+0x10/0x10 [ 1282.046976][ T31] ? ret_from_fork+0x79/0xaf0 [ 1282.047057][ T31] ? ret_from_fork+0x79/0xaf0 [ 1282.047129][ T31] ? rcu_is_watching+0x12/0xc0 [ 1282.047199][ T31] ? __pfx_kthread+0x10/0x10 [ 1282.047318][ T31] ret_from_fork+0x754/0xaf0 [ 1282.047413][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1282.047499][ T31] ? __switch_to+0x7b9/0x10c0 [ 1282.047603][ T31] ? __pfx_kthread+0x10/0x10 [ 1282.047728][ T31] ret_from_fork_asm+0x1a/0x30 [ 1282.047899][ T31] [ 1282.574222][ T31] Kernel Offset: disabled [ 1282.578570][ T31] Rebooting in 86400 seconds..