last executing test programs: 8.564926249s ago: executing program 3 (id=4912): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000000)='//\xf2\x00', 0x80000000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x1, 0x1, 0x6, 0x0, 0xffffffffffffff7f, 0x368e, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0x47, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdead, 0x804}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xc0403d11, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x200, 0x0, 0x6, @_sigsys={&(0x7f00000000c0)="55eb8df319677f9aebf453b195011dc75b314a6a2de037085459dc03a1ad199752151699faea53575d94e9e2f930abeb4f1cd2fa58eef0e25b15baeca5f900c19f32e51de1ba99fb4f82871232b300"/88, 0x1000, 0x826}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0x969d}, {0x2, 0x6}, 0x8000000000000000, 0xa, 0x8, 0xd11c, 0xb871, 0x6, 0x9ffd, 0x81, 0x4, 0x1000000000f8c5, 0x1000, 0x81, 0xc, 0xd}) mmap$auto(0x0, 0x5, 0x3, 0x14, r1, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) 8.093398178s ago: executing program 2 (id=4914): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) adjtimex$auto(0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x200, 0x0, 0x6, @_sigsys={&(0x7f00000000c0)="55eb8df319677f9aebf453b195011dc75b314a6a2de037085459dc03a1ad199752151699faea53575d94e9e2f930abeb4f1cd2fa58eef0e25b15baeca5f900c19f32e51de1ba99fb4f82871232b300"/88, 0x1000, 0x826}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0x969d}, {0x2, 0x6}, 0x8000000000000000, 0xa, 0x8, 0xd11c, 0xb871, 0x6, 0x9ffd, 0x81, 0x4, 0x1000000000f8c5, 0x1000, 0x81, 0xc, 0xd}) mmap$auto(0x0, 0x5, 0x3, 0x14, r2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) 6.199456493s ago: executing program 3 (id=4919): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video67\x00', 0x402d42, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x10000, 0x4, 0x4000000000df, 0x40eb5, 0x4, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8e40, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, 0x0, 0x3a) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) r2 = socket(0x15, 0x5, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, r2, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f6) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x4, 0x4) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r4, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r1, 0x0, 0x30004850) msync$auto(0xfffffffd, 0xd, 0x6) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) 5.976222616s ago: executing program 1 (id=4920): r0 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x3) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/usbmon8\x00', 0x640, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x103800, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_UI_GET_VERSION(0xffffffffffffffff, 0x8004552d, &(0x7f0000000100)=0x2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) io_setup$auto(0x7ffe, &(0x7f0000000000)) mmap$auto(0xa0, 0x2000400005, 0x40df, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpuidle/current_governor\x00', 0xa42, 0x0) sendfile$auto(r2, r2, 0x0, 0x4000000000001) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) r3 = socket(0x2c, 0x3, 0x0) getsockopt$auto_SO_DEBUG(r3, 0x4, 0x1, 0x0, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000080), 0x2140, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mlockall$auto(0x7) mbind$auto(0xf000, 0x8000000000000001, 0x100000000, 0x0, 0x6, 0x2) process_vm_readv$auto(0x0, &(0x7f00000000c0)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000280)="c064e96ca54644707e57bf004dad22c2a0", 0x100000000}, 0x100000000a, 0x0) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) syz_clone3(&(0x7f0000000200)={0x186800080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) 5.879305624s ago: executing program 2 (id=4921): waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0x5, 0x98, 0x10, @_timer={0x0, 0x2, @sival_int=0x7, 0x2}}}, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x8, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31) mmap$auto(0x0, 0x1, 0xfd5, 0x12, r1, 0x0) ioctl$auto_USBDEVFS_CLEAR_HALT(r1, 0x80045515, &(0x7f0000000040)=0x6ae) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r2, 0x4008af25, &(0x7f0000000000)=0x7) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b16549"}, 0x6, 0x3, 0xff) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x0) r4 = socket(0x1e, 0x5, 0x0) ioctl$auto(r4, 0x8941, 0x8) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="dbdf250300000000ff0f00000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) fcntl$auto_F_UNLCK(0xffffffffffffffff, 0x8, 0x2) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) setsockopt$auto_SO_TIMESTAMPING_NEW(r3, 0x9, 0x41, &(0x7f0000000280)='SMBD_GENL\x00', 0x5) 5.537818695s ago: executing program 3 (id=4922): bpf$auto(0x0, 0x0, 0x6f4) mmap$auto(0x0, 0xa00002, 0x400002, 0x40eb1, 0x602, 0x10001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x6, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x5, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f00000001c0)={0x6, 0x2}) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) socket(0x10, 0x2, 0xc) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) 5.351416182s ago: executing program 0 (id=4923): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) adjtimex$auto(0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0403d11, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x200, 0x0, 0x6, @_sigsys={&(0x7f00000000c0)="55eb8df319677f9aebf453b195011dc75b314a6a2de037085459dc03a1ad199752151699faea53575d94e9e2f930abeb4f1cd2fa58eef0e25b15baeca5f900c19f32e51de1ba99fb4f82871232b300"/88, 0x1000, 0x826}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0x969d}, {0x2, 0x6}, 0x8000000000000000, 0xa, 0x8, 0xd11c, 0xb871, 0x6, 0x9ffd, 0x81, 0x4, 0x1000000000f8c5, 0x1000, 0x81, 0xc, 0xd}) mmap$auto(0x0, 0x5, 0x3, 0x14, r2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) 4.658344903s ago: executing program 2 (id=4924): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000000)='//\xf2\x00', 0x80000000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xc0403d11, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x200, 0x0, 0x6, @_sigsys={&(0x7f00000000c0)="55eb8df319677f9aebf453b195011dc75b314a6a2de037085459dc03a1ad199752151699faea53575d94e9e2f930abeb4f1cd2fa58eef0e25b15baeca5f900c19f32e51de1ba99fb4f82871232b300"/88, 0x1000, 0x826}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0x969d}, {0x2, 0x6}, 0x8000000000000000, 0xa, 0x8, 0xd11c, 0xb871, 0x6, 0x9ffd, 0x81, 0x4, 0x1000000000f8c5, 0x1000, 0x81, 0xc, 0xd}) mmap$auto(0x0, 0x5, 0x3, 0x14, r1, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) 4.245526243s ago: executing program 1 (id=4925): openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x14, r0, 0x1, 0x70bd2d, 0x25dfdbfe, {0x7e, 0x0, 0x175c}}, 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0xc) 3.879203732s ago: executing program 3 (id=4926): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$auto(r0, 0x4bfa, 0x1) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r1, 0x400, 0x1) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, 0x0, 0xc08c) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r3, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) flistxattr$auto(r2, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0xfffffffffffffffb) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) 3.843314158s ago: executing program 1 (id=4927): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci1/force_suspend\x00', 0x121401, 0x0) write$auto_force_suspend_fops_hci_vhci(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.5/usb6/maxchild\x00', 0x8000, 0x0) fgetxattr$auto(r1, &(0x7f00000004c0)='security.capabilisy\x00\x06\xa1\xcd\xd3<\x81\a(\xa2f*\xaf\xc8\x02\xe9\x14\x8fE2k\x19{\xd4\xf2\xdf\x80\x9c\x87\x86\xde20\x8e\x1cN\xd4.\xd3Z\xf3K\x98vW\x7f\x94Z\x0e>\x85S&\xe5\x96\xce\xf15\xb3v\xa8R\x05\x94\x8c\x1df\x11\xbd\xd0\x7fu\xc7{\xe1\xff\xff\xc4\xbb\x17\xd5\xee\xd8\x143\xed\xc4|\xd3\f\x05\f\x95\xce\xbf9\xc8\xf1m\x96\xa3\xc0\xf29\x8b\x02\x89\xed`\xb4\xcb\xb3O\x97X\xe3\xd0j\xa5\xd0\x9e*\xf9|\xd9\xc2\xf4X\xc9[\xfa\xcf\xa3\xeb\x05EOgaA\xb1@f\x93F0\x8cR\xc5\xb6\x16\xfa\xe7\x13\x00\x02\xf4\x80\xe3\xd2\xf4MP\x87vB\xefJ\xeb\xb3\\\x88\x18` \xca\x8faI\x89\xb6\x91\x1ae\xd2\xad\xbe\xb3\xe6\bX]\xd7\x81.\xd2\xed\xc4\x9f\xb5~\xb4\xc6^\x97\xc3\xa2\x16\x99\xfc\x00_\xe6\xb0G\xe9`\xb4+2\x93\n9 EU\x1e\xb4\xbeVt\x89\xf9\xc7\xe1`4O\x00\x00\x00\x00\xa5\xe0\xf5\xb2\x00\x00t\x10\"\x15\xbc\xdb\x92\xff\xa7\xe1Vv\xe5*\xc5\xe1r\xf5\xa4Cw\x1c/?\xbcn\xe3\x8aX\xfc\xe9,\xca,9\xda\xad\x87\xb1\xb2\xff#\xa1Yi\xd3\x17l6\xa0\xd8\x1b\xad8\a\xfc%\xa6(\xcb\x97(\x16\x81\xbf\xc6\xdbw\x13!\xc9\xc6\xc3\xfbc\xfe\x83\xcd\x16 e\xcd\x91y@\xe2\xd8{\xec\xbb\xbb\x1d5\t\xed>\xa9&\xce\xfc\xab[\xae\xa1\x94\b\xcc/-\x12\x8d\x84K\xf0\xd0\x0f\x13)\x17CI\xb7\xf35\xfc\xe8(\xfa\t2\xafQ8}\xd8\xbb\xe4nlR\xf8\xc9\xf2\xa3\xe5\x83\r\t\xb96d\xd6\x1e\xbd*\xa4\xc9\xcbE2\xe9\x81\xc3\xc3\x8a\x15\xcb\xf2\x8a\n\xe8\x1c\x88\xd4\xa5\x96!dJ+\xd2\x01#v\xd8BgB`\x8alP\r\x04\xce\x04$\xaag\xb6\xdb6-0>\xb3u\xd4\xdb\xd8~\xb0\f', 0x0, 0x96) mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) sched_setattr$auto(0x0, &(0x7f0000000000)={0x1000, 0x4c, 0x7fff, 0xa9, 0x0, 0x4, 0x4008, 0x9, 0xb, 0xfffffff8}, 0x0) 3.465766841s ago: executing program 0 (id=4928): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0xb, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x311) close_range$auto(0x0, 0xffffeffe, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x6}) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000600)={&(0x7f0000000840)={0x238, 0x0, 0x100, 0x70bd2b, 0x25dfdbfd, {}, [@MAC802154_HWSIM_ATTR_RADIO_EDGE={0x224, 0x2, 0x0, 0x1, [@nested={0xa7, 0x64, 0x0, 0x1, [@generic="e6e009456b0e286181e17cfd5b5b392311b6a4ce", @generic="e0458c4243059793c4fca4396b22419183fe71d9b35519b6bf4153c5392c4dbc78c9a9de86561a8981d6b3b6e81947b11c7ac5560743537d1c75a705b6a768191e0917d353b572033b27c2a181d3887be26c58e722d3653d7a50bcdb85ab7086938b9afd77b1d11271689106f1c22dba2c1c15a28c1e4ce8b715e4acabfba1ecbf2e26c303f8bc0631957490710819"]}, @nested={0x178, 0x6a, 0x0, 0x1, [@typed={0x4, 0x110}, @nested={0x4, 0x10}, @nested={0x4, 0x87}, @nested={0x4, 0xeb}, @nested={0x4, 0xd7}, @generic="536092a7963e5567900000ee8608e68f0cf1db9a6fae6a157e66de3d98e6da8c2122a64f73f02a6afb5ce8ed3f986a70ad0ec9955c1155b222570feb2fd673a1bd4b6ed8c2d64a665e13b6d0fea1e09a423e30b5d6a5bf81c880626c51b230dde70485481ed456b3dd20b3a6362c84bc4bfe7ecb417faab91423fea0aef4a836ce01243a5c8891c20cbdb5e35d3427f49c619af49c41e6f1fc6ecf898924e5f06ef3f629cb3245a6f33ec3efd9b36adcb228f9d6fcd9d1e2520226fdafaf8821d700a663d535c50174bd9ed246cd1feaf1", @typed={0x13, 0xb9, 0x0, 0x0, @str='/dev/sequencer\x00'}, @generic="6f10727828bc97c2218802ef0f2965c0fb387a42832d0f820e2e9eae18a849a246027f1eb7cbc7ccefcfcf91b8782e17c2de6e96ef72a4e8eec5715ecec2d6a91cadba879d073bdba8c4d593146d349f399c272d6da16d098556ade589bb948d8f5593f9fe8ffdf3a81277d53d1d27b7b634ca89aabd22c92cb8d8"]}]}]}, 0x238}, 0x1, 0x0, 0x0, 0x20004104}, 0x4008001) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x11, 0x1, 0x9) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0xe540) read$auto(r0, 0x0, 0x4) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x5, 0x9b72, 0x2, 0x2) r1 = socket(0x27, 0x2, 0x1) setsockopt$auto(r1, 0x0, 0x7e, 0x0, 0x101) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r2, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d621178012495837d6a220eeaaf498ccc01", 0xfe04) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x4000000) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) rt_tgsigqueueinfo$auto(0x3, 0x96, 0x3, &(0x7f0000000180)={@siginfo_0_0={0x80000000, 0x7, 0x8000, @_sigchld={0x0, 0x0, 0x5, 0x0, 0x6}}}) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000a80)=ANY=[@ANYBLOB="6c65ebc5785388590a60d79bd9873aa84546f89cae3692410b4e5b7092599113f505f0a53607752a38d67229a2aa882145418eac234723dc4c978afb709d5aa3cba7ccbe419b56f36930342b7ab0a8293d8e8dca49b60f", @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4811}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12a93efeaa98eece29f4357069f22d06feb2def98893fdf2f8a7eaef54ccc4b7fa74fd144ba7438b4d9cc11a0afad2080a1e3ce0d6e62f9d6807d284a40a4e8b903abbd5b15eec391c3f04aef686fb6b3effeef7df792d5a1283de43b7036ef9d34e6bbefac63634269b863709e507c96701af003c5e3bbc9e6d357756cfbc4904ce6d83b015b86c5d6758f2ef5c3ecd628d44f57f81372d31de0f8e85de9079e5c02591a2fd183c78555daa3359a98436999ea50c923f271a6873cb8f63bb8d58886d01c3288af35bac3d592feb21654c55cda1"], 0x1ac}}, 0x40000) r3 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000500), 0x145402, 0x0) ioctl$auto_IOCTL_STATUS_ACCEL_DEV(r3, 0x40046103, &(0x7f0000000540)=0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.185985653s ago: executing program 1 (id=4929): openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x3) (fail_nth: 2) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = setfsuid$auto(0xee00) r2 = setfsuid$auto(0xee01) setresuid$auto(r1, r2, r1) setreuid$auto(0x0, r2) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 2.759201294s ago: executing program 0 (id=4930): openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20800, 0x0) unshare$auto(0x40000080) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event\x00', 0x101901, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x2381, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) shmctl$auto(0x0, 0xd, 0x0) r2 = socket(0x2a, 0x2, 0x0) ioctl$auto(r2, 0x541b, 0x24) mmap$auto(0x0, 0x8c8e, 0x401, 0xffffffffffffffff, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322d53) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0001, 0x0) ioctl$auto(0x3, 0xc0104d03, r4) syz_clone3(&(0x7f00000003c0)={0x383201180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58) 2.241427682s ago: executing program 3 (id=4931): bpf$auto(0x0, 0x0, 0x6f4) mmap$auto(0x0, 0xa00002, 0x400002, 0x40eb1, 0x602, 0x10001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x6, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x5, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f00000001c0)={0x6, 0x2}) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) socket(0x10, 0x2, 0xc) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) 2.141433535s ago: executing program 1 (id=4932): write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) io_uring_setup$auto(0x1d68, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x0, 0x100000], {0x6, 0x88, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x9db6, 0x5, 0x1ff, 0x6, 0x876c5, 0xc9, 0x4000000000000003}}) r0 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x30, r0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x9, 0x4, 'nfsd\x00'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x30}}, 0x4000) timer_create$auto(0x0, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x8000, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="01002bbd7000fcdbdf"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r2, 0x8, 0x0) brk$auto(0xffffffffffffff66) r5 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) msgctl$auto_IPC_RMID(0xfffffaff, 0x0, &(0x7f0000000300)={{0x7, 0xee01, 0xffffffffffffffff, 0x4, 0x3, 0x4, 0x100}, &(0x7f00000001c0)=0xd, &(0x7f0000000280), 0x8001, 0x4, 0x6, 0x7, 0x86c0, 0x8, 0x9, 0x1, @inferred=0xffffffffffffffff}) ioctl$auto_BLKTRACESETUP32(r5, 0xc0401273, &(0x7f0000000380)={"6cb7cd649d57b93a516b7e2b86d95907418f7700", 0x4b02, 0x2, 0x0, 0x8000000000000001, 0x9, r6}) sendmsg$auto_MAC802154_HWSIM_CMD_GET_RADIO(r5, &(0x7f0000000540)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x408}, 0xc, &(0x7f0000000500)={0x0}}, 0xc000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) mlockall$auto(0x7) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x202, 0x0) ioctl$auto_SNAPSHOT_CREATE_IMAGE(r5, 0x40043311, 0x0) ppoll$auto(&(0x7f0000001ac0)={0xffffffffffffffff, 0x9, 0x7}, 0x8, &(0x7f0000001b00)={0xf2, 0x9}, 0x0, 0x8) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="69b5b2dfdabb136c46000229"], 0x14}, 0x1, 0x0, 0x0, 0x240040f0}, 0xc0) 1.854851586s ago: executing program 0 (id=4933): msgctl$auto_IPC_INFO(0xfffffff7, 0x3, &(0x7f0000000600)={{0x81, 0x0, 0x0, 0x8215, 0xae5, 0x3ff, 0x4}, 0x0, 0x0, 0x2, 0x3, 0x9, 0x7, 0x101, 0x3, 0xe, 0x2, @raw=0x2, @raw=0x2}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x28f02, 0x0) write$auto(r0, &(0x7f00000000c0)='7\x7f\xb4\x86\x04|\x03\xcba\x00\x00\x00\x00\x00', 0x84) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x24, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) close_range$auto(0x2, 0xa, 0x0) clone$auto(0xffffffffffffffff, 0x6ffd, &(0x7f0000000000)=0x1, &(0x7f0000000040)=0x734, 0x7) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3) setreuid$auto(0x15, 0x5) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8) 1.259417584s ago: executing program 1 (id=4934): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r0 = socket(0xa, 0x5, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) getsockopt$auto(r0, 0x0, 0x50, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) pread64$auto(0xffffffffffffffff, 0x0, 0x7fc, 0x400) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = socket(0xa, 0x2, 0x88) capset$auto(0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x800, 0x100) setsockopt$auto(r1, 0x29, 0x10, 0x0, 0x1) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0xffffffffffffffff, 0x0, 0xffffffe6) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000017c0)='/sys/devices/virtual/block/ram3/queue/max_segment_size\x00', 0x1e1f00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/4096, 0x1000) listxattr$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0xf) 1.180766687s ago: executing program 0 (id=4935): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4) mmap$auto(0x0, 0xa00002, 0x400002, 0x40eb1, 0x602, 0x10001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x6, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x5, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f00000001c0)={0x6, 0x2}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x40) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000ffdbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) socket(0x10, 0x2, 0xc) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) 685.56975ms ago: executing program 3 (id=4936): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) adjtimex$auto(0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0403d11, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x200, 0x0, 0x6, @_sigsys={&(0x7f00000000c0)="55eb8df319677f9aebf453b195011dc75b314a6a2de037085459dc03a1ad199752151699faea53575d94e9e2f930abeb4f1cd2fa58eef0e25b15baeca5f900c19f32e51de1ba99fb4f82871232b300"/88, 0x1000, 0x826}}}, 0x3, &(0x7f0000000300)={{0xda0000000000000, 0x969d}, {0x2, 0x6}, 0x8000000000000000, 0xa, 0x8, 0xd11c, 0xb871, 0x6, 0x9ffd, 0x81, 0x4, 0x1000000000f8c5, 0x1000, 0x81, 0xc, 0xd}) mmap$auto(0x0, 0x5, 0x3, 0x14, r2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x1d) pwrite64$auto(0xc8, 0x0, 0xfded, 0x6) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f00000003c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4G\x0f\xed\xc0D\xd6\xaf%\xa5\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccT\fZq', 0x100000a3da) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) 636.828302ms ago: executing program 2 (id=4937): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000000), r0) sendmsg$auto_OVS_DP_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@OVS_DP_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x0) 424.058518ms ago: executing program 2 (id=4938): r0 = socket(0xa, 0x5, 0x0) r1 = getsockopt$auto(r0, 0x84, 0x7f, &(0x7f0000000000)='\xc8\xfdV%\r\x80\\\xf7\\\x00', &(0x7f0000000040)=0x1004) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), r0) waitid$auto_P_PID(0x1, 0xffffffffffffffff, &(0x7f0000000200)={@siginfo_0_0={0x2, 0x8, 0x1, @_rt={0xffffffffffffffff, 0x0, @sival_ptr=&(0x7f0000000100)="f8d4d4c8dd486efed7886d40ac7d229d24baaed2adf978203ff9791f94fc31e8e25fb6facc883ae9ff20f60889a75e377feebe9f5a4df23c6d54a4a14c4ccd603ec5575b56240b7865663975291bd33971e54257fa80a96828de3232920a1f76ad905e11db6ff9a6c5d90b3ae82961380d74b44006c0ec1c31fa529d9fe3c7b73585b6fcd6936f0470ec54dfc1e01f3348e490aab45399a8c6001781f2a4298b660ec348d3f7055b2e1aeb742f738dddafac7f5c053de7fb1bfd4c61359bb9bb92759366e7eaf135de49bc603baeb24e6e40baa8beba60d5e8b04848f2c4438346ed07e8d37cb387"}}}, 0x1ff, &(0x7f0000000280)={{0x451, 0x7ff}, {0x4, 0x6}, 0x5, 0xfffffffffffffff9, 0x6, 0x6, 0x0, 0x4a, 0x1, 0x4, 0x8dce, 0x6, 0xfffffffffffffffb, 0x2d71, 0x6, 0x7}) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$auto_EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000001600)={0xee01, 0x0, 0xa910, 0x8000000000000000, 0x6, 0x9}) fsconfig$auto(r0, 0x401, &(0x7f0000001580)='TIPCv2\x00', &(0x7f00000015c0)="10", r5) move_pages$auto(r4, 0x1002, 0x0, 0x0, 0x0, 0x2) sendmsg$auto_TIPC_NL_KEY_SET(r0, &(0x7f0000001540)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000001500)={&(0x7f0000000340)={0x11b8, r2, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x11a3, 0x9, 0x0, 0x1, [@typed={0x8, 0x3a, 0x0, 0x0, @pid=r3}, @generic="1602aa5967e7768da3451e0bbec78a53f9e4f8ba373b176a278adf89c16366494e13c4e0287646d3b8a3dcdd6f29d4adb38fd2d1731a0b7c585c1663fd7ebb2d1a9d469b0854", @nested={0x77, 0x87, 0x0, 0x1, [@generic="bc4de36b0c79f79e7aede2be3a58be81fd123506d6fdc38cfd76342cef8eaaf370a1267802be58ec13b150583d2cf569817627e8259e5c459d3c859e2ad4ef7bbdcec6c4570160a3833a80aeb3509d46982f485ca5b9a422985f8deab246f613b24dbb07328e4ce5915725999c01338e93", @generic='?a']}, @nested={0x10cb, 0x0, 0x0, 0x1, [@typed={0x1004, 0x3b, 0x0, 0x0, @binary="edb21c41ee5f35a4775c17bd52d8450778eba1a177e976bbbe9556ea274d45dfafda08ea46557ecd86b5cd2c5b90572d5235d7582f0ed77f21452fe48c7acd8c4c6a44acf11e9fa78de535908b668459a8555f973231727adaf5ff80bcb8c4d2e5f9d032e4327d9171cd67fdb8c5b0ba0449cb888d58629df75e794356b9d5e96d2537a669e2a2903a658c2360c7592014514477352e8e7047e145f66a51d7816e1418efe200e555677ec2ab751e0d03edf720f4ac9e062c24bfb80d60b5899064600bf422c3a25e7179aa9b0869845202a0577928aca7f391309dbeff51b34a021926d4d3c35ecc180c6f7647018fa486ce37baee21089c8dea2a536b92a69f7d9acff07ca273036e5be58ed45e869fafdf7760c4344d3c8d4bd9ca447965b7373b057c91684cf14f6d44df8a9cf92df69988ff5706164cbba8a45d648f0685ae381aa08ec0c2674d1e37eb76af1776fe6e1a190cc7f617f2c2340d8e058472edf2d661d92cdfdccfe3f75d8f2635b74394e90090b9fc5c8f1609444650d901602b90e18b38b1ca846dec1c8874c594b0f779308a629ddacc52d0b3ad3f501a837b9a938af90eb7e68db5fe9a462f46aa42c2cb7eb5d2597072fa1b088c810b82a8253a91f23a0f815c9d0c7c10ad85ac36907cb070a60d6beb704916f54c438c5a5fd8773be2adc98ef429bb7585df3990c3194575e9d6cfd7655c89f951e7e1b3c3a03c6448f0c22b466ff0a71744ca52894aae4b69375b70bb88120fdf3452ff7dbdf8f37daae146f0fc63a4074f697e31192fde245424deb92a71e2c192caf7cc1692612e198c1ddf58ba46ac65a6ed664dd3d7865f917b1dadc1cc1605281baf0878426b6e74097f87e6d40cfd5d8e944d4b4fe89e7225cd1fabd505e5914c7e30550e8783115c4364d59e7d2b363884bfef62b7d20fb4527997560111fff5a46a4e29092bbf01e25b1a3299f870e313ccc4fd74e9ace60e71b75e1914407b75a6fefb474326d870b3e0b94686554d31b393f390326efa9ff3c652fa1baae3dcf95e5300e173f70ed01070166194d0d1940705ab298f0f855e7b93f7f4f45180a61a2acb51559282db7a97fc3fdf01a76f3f43916db07a39a6257a387ba4d546ac0e51a9dab1050cc4f19661e1d5a979a5699fe60eda7f04ef4e16ee09698f5205dc8eab3c619354002c0086486001b2ba379afebb03b6704aea60e62aff76dee3f046dbf5bb7609f10b476bc6e59f7b743dc57ef8b94ed3c4014c8b4439630b25b69841370bb70558bba403fb7e194bd6366c5a432cb5baa7f3db242c6350d8127fb2c905f1469fc829aeccff80190eb1324541fbedf30f71609fa486ea4645ecf9a4da43cda4439e98ec165da8297b0560fb58d65a2f1cb603b9baa7b2e52ebceb44bd149f5b1728678be7aa132314675cfb2dcc3343abbc10608b9adc2f645c8e15bc92b6450e1fa5aadaa237b61dfe5cec833bc34fad8a67fba27fe8043c3962795213c94d87b6b7d300e4b23451f71cb55e14c5214e23b93edaed3c3582f0e04b4db09ccfa8c065d4f627992da9977bc6657a13c6efdef97de867fc24a2ee1f808bc0e7492560f201a5b07d88c08d2e597d366677fe1c01eb7cbdc6625d7468ba6f603fa94a3768089bf5c26b7c3a03daec6515c4e1773a7d37cef34a30de386586e6600b0e74eea041ca19ca9eabea06125b800ff3619540b3f51b2f2187f39eb4b6046d7bf5456d9c02157f94903ce1424c699ac3ee749dd2a8a92659d114e77e69339d94f25581e5f0e036a41e1fa317ccc9f2d4ae7e699de69fb78e63916526edcd169ec6eeaa59fb7deffc285a02ff6978c5b7c57ebfbe1a1dac5d1bfaa32faa1433028e44ae82f8cc1ab7cf2cf3acc10d69404d09b1eeaac88f2eb04b1d96d10cd4f25e93d09f6fbe0ec989f68c75ddbf222e24535dc8ea791ad3c3c24617ba0d96a26975f6bdc769a394e132b1ed3b3a21f04adb2a7d4985c334cfded7332f3c723bf0b362cd52673f08c6134fc94adf4499984e57110584147059c8af174df96ac40d78c1c698cfa60568783621899dd156f8d5d4cb4040f8ad8ef1c6fbcdd18a01ffa90006989496a45f4c71976d04d8317c42d1b1d56521a44a287e194e036ef37f93779950c2f5fd903e6f2bab1fed4588ce79ad4941b84924d1e9a8091369bbfd5c4b681dffae68c1a9d26114e0dc87ff6592314441c3dcf6cd3446cc0dbb634fb2951c674399b2bd17527a8ad930ea0648fe5634ddfbd6a314ea074c1d2492a8d9f05c01cedcf68bab79e9ca14b79002bf1f6a7b9e226b589fb31e2c23cd41d3ce2d00ffa096182faf4682da0aba210a651875a6cba5dcf65b85c4b789c1d8a81edb0f2f7ed7bb51843cecf9508b96f52e8d500987ea30e91261ff661a8805ff6c457eab322dacec1f2d2a2b14e948be8b6028c2bc719525e804f609d3c23248fa7a8448c80185dbe76ffd6145d0a602ea25beccfaf10a0c19bcd1d6174e109a84dec67440e15ba82515e42f12e5e52efcca458d9bf2d335f5c4568bb72d6133280f44c713df63342ae344291806ca503d1040834d21355b5f5d8866815cd2cd6c029446c3d55419d81080af67d0aad7ed843dc68e9d6bc6a596bcad276e233f872dee366b821af6462cb7d03ef1d2111176d7fcb95d4088f0d266b7e0b37d7ead181ae86b9b4bc55a9f1c96f1da93c0938d471eabfdb213d3dff0960e0d4965b8e71142c0837509e90746d221c90fe1590c86d7bfad87066e1a0ef9cd42ea2ac5cefc0e1751742775883fbe8848ac585d352ff8c506f16e3336e737c1b652beb5492792655053c7d7d63f312ac40d0d7377c40a0cfdd063b31b9e3ad480c15a64b778260c03b81e5be307b11ab0e75ff196e34b89b13a24573c62dd99d7f35defc2621533a15a4c6b164ef35d0d263708f44f84bfc06e55fa26b116b41906735144a8d51af18182cdf6cb8d3fb3d8149f1ed8fa6767207c97f15e841d5a503d4f86d5ffbb8b2da935d041db9a6df6f1b8347730eeb4a7ecdfef35ca39f9ef2f5c7a94d7aa211ee95a52e7469468b2e311de5c5cab479119f9a06b2a5255294555aff48bb85dbbc9664d6acac7f81391640e1cef3e972689f3f15363f6b372e9d2b60e54b4b638337f57e523b05d45a94930499b3183a914da94b4628cca1c7a865d34d08ede36a1b5b511f1f2e2c0b8d62aeff3384247ae4c9b8ec8f3026c2be882a742e2c74e55a09f14efc56b76f0e7b4c1ff113deccb805a4921391fb054a470421679359e5a51816777c7e2967fbe18851e87c8c64350621f21b58f5521b18c3c1886449b56c5f787f6e65b1bf1991010a3c724fd9b3f9ecde2db4f4d5df3669219dcc30f45927b20716903894c07951470f28fc0236d8b5cf809fca11f00fcfb8a1052e8d1cf24194dd1044a2d3f9dfee1f8e07d7e47e3b868a367351fe6a6251f31ff60692a7a50d2fafc2d16c9937682282324605f22fb9238ea379abf53458771598d6db6aac29255c9c4845fa9b2c8b2f43e2905e50fc6d72edcf2c26319b5367d4803b3f72aa53c1f8aaf08ce7be0ce41f20a80a54c1ffe3b4879a0e86daf76ae4c31b6936daf9202e4c6386e5966f069cebc70ae99e231af953bbee3c3d95086646153bf19d169e5780d89d468071c6aa4d19039b9292e19a04bc8e5abeb6fda8f9e1a90944ae6c39cc9997597481557a84e7163315c76a7b580a811371da67f43587e464fe893c3ae3ef3d6b11bcb17e76781f459ba485c61780f69ab47124ddc2c39bb7eb9053033a9135081bb4b7fa8e3f7813acd66d7779c71e87218d27a634a751270f81b7b7cd53dbea08d87517cf85b89fe6e2d4a3a7c9d9f93320d56cd5931a1fe95ff2fdcf0cf3683343c18456d5deb75fc8c45f921fef4805dead1de997bed2ca42e8a12eed01fbfc4fdc89642a41f217dfb6664e05ffc5a333d8a0a5857eb70131812ccac88bcd7ac469d383f220af7646305ebb67c46c30e1d289c4e1455d24a3f7759de6c077ff55cf99a3ef60722a59b8660ff6bbea5f7e6530b5986a22bab0cefd27775b8d8e32db689dc39a858874d52ef854b40b8791063ac48ee8652f7c7ed979c356a10485a934bc3b3c7688908441853af35ec2b50697139e8e96c209cdedb1f919488320fd9902c8f59dd34495b51e53650680700e6d56ddb7f77212982c810ac828c393dd015a2e942f54c4869d86f3bd0d87d5096970e747cfa6771b7974112b10f85c1ce793ae58e990892a04fdcedcbc1938725ea159276384600d67238befdd5793d6750257d3455cf0b64a9f895f63ff1c45e31c0bcf5f21c7a287d2e73d57e825762eb6a7b537da8fe50ad8bffcd444806d40beeeae59c4c2e28894b5f2f0e76025b52a234231ba9781c691b4285bdb572a4fd4e3620ad5fc4253568cee69e7338d85d8cfed3c12ae65468725fe3674f917ae7406fa758eb8a311927f4a5a7a9e3df1f1cf6876884a75d285680f94361cebef59e83cc98d26f8152a227173d0995f43a0273a1129a3a3c29a4053c7ff70d9f77abbc23a4c4f8e624ea5bcd997d5ea83547d10ddceec9de027122e39f32b9812893e8392a8910f7a8cc45edeba39438fd1903ce3643c4d32fa7abbdf822d29efab3f663489f38c549622c6f860c122f09e296cc449f1e7872e3213016a8f3a0b2c538ee2d714b8839e7b73683c64341568d49ba632067b4a51acd06088cd824bb1c0b7ae87cd8da407cc2820281614b4268d95fe128912749883fdf8cf947e1f5cd8f60c849338b0a3a3a024aba7d08e6a26d579ea8c529069565281adcfe4231b5776ee7da3cb301f12f3690aeedc9b90a4a660bbbf076e7966eb8b3c5d1802d3372c9d1a8fb003b955effee9f5b69fdeba6a6713358cf80bd60cc0e245ca04ec1a49e4d1e890db49f5cde20adad977bb05315aaf117e76b702b1347a9e00bf023ce2304a4db607b38db322cfac50444dc5a50c233ce294a570232183c0c0571e60270efd322a0f3c13c33f008fb63ca8a0dd49891fb89aa7fb3947786f3e89ce4610eed6e22e7891f66ad6a537808439b072e3a75db24f774b78fb3d35dda50cb094422d5d7fff5b7ccdd8cca5a525fa0aba5827b1d27b72e48831689a74c61d4df12a6e2fe045f07851458ca6097067202e530d3aedd84a0307af30f18afc9a2975f7418d04257796be3ab713ee9adac08f417e52ae93f00bf747f9683f8b7a4efe6b339e37ac146c57d2eb620232361578d724ac5651c7e1a1bb5604358b7330b530536598e384fa3ff4047fcb92c4c9466c93373f2801383c42eb12795d8eb57ac013522300e5f15d3bc2b88ff28e7ab37a8ab0104b7fc311f94fbb8baa3c8a8f32332b420cb716f403bad314708e488150a2a104c45f8fdbc2bfea7720e87adb19890772074054d4c11d62f282f6df23efcb64d2559ab0206df23d5a19c2bd532b84b6c83f03d62a332470c5bf354994088e7a806a6a175c5ff5f6855055604f344ba40668ae49dce9029b8b02ef8a124b1c45b71e781389bbd4c6b135d3f602f577c5ce7c43bd6b44037506f3c135dfa7fdbcc755d2580736f8496fa05b827f171f0c06a660183c1f6e1e2c5619104d10f45602d0201265276769715f1b3c21fd7a6d6d0a0578065d533692afb248baafcca5f5f239d78bedc3e8a2d6ea4bb7b4006e774e3af4914731b7be19f22516367f2ab09c67c17c9988eabb6339ab07de0a4ac3d9915fc1fbeef65b6a5496e1a277b0235dd2c3e7e64974e7f09ad83d5339437c4eca1d61d69d9"}, @nested={0x4, 0x10e}, @nested={0x4, 0x1e}, @typed={0x8, 0x22, 0x0, 0x0, @pid=r4}, @generic="242fe0d34cc79e134cc4600bcabe202db0bac12675c514fabac749cd7f7849710a0b60dc565b87669986c9d3e0118acb30c9f9b6ef6e425cd5f3b19970d2cefe4a870077d2e85c5fd026a14d5a00843d633200706af9d015e282dcbcc0654c491c725ddb7b59b96860011ad50bd3d347c5c8a26e3eb168f4c890080e5cb40cbaab1072f4a003b9518f308be78fb9841bd99288c93fe52ab6b3ecbcbe6a87bd0aa4c66262baa95598991c5db23266e31a56bcb0"]}, @generic="b55007214c", @typed={0x8, 0xd, 0x0, 0x0, @ipv4=@private=0xa010101}]}]}, 0x11b8}}, 0x4000000) 25.631429ms ago: executing program 0 (id=4939): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r0, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) r1 = open(&(0x7f0000000800)='./file1\x00', 0x163ac1, 0x82) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x103e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r3, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[], 0x1a0}, 0x1, 0x0, 0x0, 0x4040004}, 0x24048000) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000300), r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'}) r5 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim5/health/break_health\x00', 0x101000, 0x0) io_uring_setup$auto(0x807, &(0x7f00000001c0)={0xfa4, 0x8, 0x2, 0x7fffffff, 0x0, 0x7, r5, [0xbc6, 0x1, 0x1], {0x3, 0x6, 0x3, 0x10000, 0x1, 0xff, 0xfffffff0, 0x7fff, 0x6}, {0x8, 0x8, 0x8, 0x5, 0x6, 0xa, 0x0, 0x9, 0x8670}}) socket$nl_generic(0x10, 0x3, 0x10) 0s ago: executing program 2 (id=4940): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video67\x00', 0x402d42, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x10000, 0x4, 0x4000000000df, 0x40eb5, 0x4, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8e40, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, 0x0, 0x3a) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) r2 = socket(0x15, 0x5, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, r2, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f6) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x4, 0x4) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r4, &(0x7f0000000000)='-\x00', 0xfdef) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r1, 0x0, 0x30004850) msync$auto(0xfffffffd, 0xd, 0x6) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) kernel console output (not intermixed with test programs): [ 1530.762756][T24136] ubi0: background thread "ubi_bgt0d" started, PID 24136 [ 1530.786968][T24134] ubi0: detaching mtd0 [ 1530.847471][T24134] ubi0: mtd0 is detached [ 1531.178375][T24144] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3376'. [ 1531.951671][T24159] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3379'. [ 1532.601275][T24166] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3380'. [ 1532.725276][T24168] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3381'. [ 1534.139647][T24180] nvme_fcloop: unknown parameter or missing value '7' [ 1534.740887][T24187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3384'. [ 1534.901641][T24190] ubi0: attaching mtd0 [ 1534.907715][T24190] ubi0: scanning is finished [ 1535.029087][T24190] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1535.070417][T24190] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1535.128247][T24190] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1535.136959][T24190] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1535.147060][T24190] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1535.202392][T24190] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1535.312369][T24190] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2714250408 [ 1535.324144][T24190] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1535.397120][T24195] ubi0: background thread "ubi_bgt0d" started, PID 24195 [ 1535.518376][T24193] ubi0: detaching mtd0 [ 1535.559916][T24193] ubi0: mtd0 is detached [ 1535.611363][T24199] ubi0: attaching mtd0 [ 1535.677675][T24199] ubi0: scanning is finished [ 1535.945688][T24199] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1535.969472][T24199] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1535.987032][T24199] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1536.004010][T24199] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1536.011585][T24199] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1536.027015][T24199] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1536.227036][T24199] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2714250408 [ 1536.278544][T24199] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1536.319319][T24208] ubi0: background thread "ubi_bgt0d" started, PID 24208 [ 1536.352206][T24200] ubi0: detaching mtd0 [ 1536.468830][T24200] ubi0: mtd0 is detached [ 1536.904924][T24219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3390'. [ 1537.202257][T24224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3391'. [ 1539.780822][T24254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3397'. [ 1540.171116][T24260] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3399'. [ 1540.806637][T24269] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3400'. [ 1540.986187][T24272] ubi0: attaching mtd0 [ 1540.994456][T24272] ubi0: scanning is finished [ 1541.191490][T24272] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1541.309321][T24272] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1541.316573][T24272] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1541.486766][T24272] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1541.573727][T24272] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1541.667583][T24272] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1541.675579][T24272] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2714250408 [ 1541.726968][T24272] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1541.827075][T24278] ubi0: background thread "ubi_bgt0d" started, PID 24278 [ 1541.833984][T24274] ubi0: detaching mtd0 [ 1541.912529][T24274] ubi0: mtd0 is detached [ 1542.524095][T24290] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3404'. [ 1543.415176][T24304] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3408'. [ 1545.496358][T24333] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3413'. [ 1546.005131][T24337] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3414'. [ 1547.610618][T24354] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3417'. [ 1548.058784][T24360] ubi0: attaching mtd0 [ 1548.064894][T24360] ubi0: scanning is finished [ 1548.223950][T24360] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1548.274604][T24360] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1548.282719][T24360] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1548.373579][T24360] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1548.402868][T24360] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1548.410365][T24360] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1548.421740][T24360] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2714250408 [ 1548.478499][T24360] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1548.547629][T24364] ubi0: background thread "ubi_bgt0d" started, PID 24364 [ 1548.562710][T24362] ubi0: detaching mtd0 [ 1548.639252][T24362] ubi0: mtd0 is detached [ 1550.320253][T24389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3424'. [ 1551.110687][T24398] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3426'. [ 1551.125694][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1551.132392][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1553.236680][T24429] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3431'. [ 1555.555966][T24454] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3436'. [ 1556.604468][T24469] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3438'. [ 1562.273435][T24535] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3449'. [ 1563.443975][T24553] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3453'. [ 1565.644101][T24583] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3458'. [ 1568.067836][T24613] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3464'. [ 1570.518037][T24649] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3471'. [ 1571.028458][T24663] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3473'. [ 1572.555130][T24676] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3475'. [ 1574.414984][T24699] ubi0: attaching mtd0 [ 1574.464628][T24699] ubi0: scanning is finished [ 1574.707002][T24699] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1574.778104][T24699] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1574.840754][T24699] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1574.873131][T24699] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1574.978397][T24699] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1575.032373][T24699] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1575.124927][T24699] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2714250408 [ 1575.238613][T24699] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1575.287028][T24705] ubi0: background thread "ubi_bgt0d" started, PID 24705 [ 1575.294305][T24700] ubi0: detaching mtd0 [ 1575.385912][T24700] ubi0: mtd0 is detached [ 1576.247534][T24729] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3485'. [ 1578.955976][T24770] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3493'. [ 1581.578963][T24790] ubi0: attaching mtd0 [ 1581.649958][T24790] ubi0: scanning is finished [ 1582.089552][T24790] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1582.114668][T24790] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1582.122341][T24790] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1582.141210][T24790] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1582.149188][T24790] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1582.156339][T24790] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1582.164695][T24790] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2714250408 [ 1582.179138][T24790] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1582.256216][T24812] ubi0: background thread "ubi_bgt0d" started, PID 24812 [ 1582.268331][T24809] ubi: mtd0 is already attached to ubi0 [ 1582.698068][T24821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3501'. [ 1583.464412][T24830] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3502'. [ 1585.255528][T24847] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3505'. [ 1586.131520][T24863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3508'. [ 1587.213781][T24876] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3510'. [ 1588.552748][T24895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3513'. [ 1590.306185][T24907] ubi: mtd0 is already attached to ubi0 [ 1590.749292][T24922] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3516'. [ 1591.979497][T24943] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3520'. [ 1592.054165][T24937] ubi: mtd0 is already attached to ubi0 [ 1592.326735][T24948] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3521'. [ 1592.680494][T24951] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3523'. [ 1594.461232][T24964] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3525'. [ 1595.131040][T24978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3528'. [ 1597.293465][T25009] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3534'. [ 1597.579672][T25007] ubi: mtd0 is already attached to ubi0 [ 1598.038482][T25018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3535'. [ 1599.600939][T25034] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3538'. [ 1600.081038][T25038] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3539'. [ 1602.995699][T25076] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3547'. [ 1604.955970][T25109] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3551'. [ 1606.190802][T25120] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3553'. [ 1606.383351][T25118] nvme_fcloop: unknown parameter or missing value '7' [ 1607.081201][T25134] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3556'. [ 1607.879471][T25130] ubi: mtd0 is already attached to ubi0 [ 1607.976325][T25141] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3557'. [ 1608.318650][T25144] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3558'. [ 1610.688482][T25169] ubi: mtd0 is already attached to ubi0 [ 1611.316037][T25180] nvme_fcloop: unknown parameter or missing value '7' [ 1611.877633][T25185] ubi: mtd0 is already attached to ubi0 [ 1612.014555][T25193] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3568'. [ 1612.524969][T25188] ubi: mtd0 is already attached to ubi0 [ 1612.572150][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1612.578877][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1614.958753][T25226] ubi: mtd0 is already attached to ubi0 [ 1615.434326][T25234] nvme_fcloop: unknown parameter or missing value '7' [ 1616.082927][T25249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3579'. [ 1616.109256][T25244] ubi: mtd0 is already attached to ubi0 [ 1617.128576][T25265] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3584'. [ 1617.384843][T25269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3585'. [ 1617.893634][T25276] ubi: mtd0 is already attached to ubi0 [ 1617.918682][T25276] ubi0: detaching mtd0 [ 1617.929110][T25276] ubi0: mtd0 is detached [ 1618.647889][T25276] binder: 25275:25276 ioctl c0306201 0 returned -14 [ 1618.880790][T25282] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3587'. [ 1619.076666][T25284] nvme_fcloop: unknown parameter or missing value '7' [ 1619.559520][T25292] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3589'. [ 1619.580726][T25290] nvme_fcloop: unknown parameter or missing value '7' [ 1619.980210][T25301] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3591'. [ 1620.297851][T25304] ubi0: attaching mtd0 [ 1620.304071][T25304] ubi0: scanning is finished [ 1620.617571][T25304] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1620.667083][T25304] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1620.675619][T25304] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1620.684549][T25304] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 1620.714484][T25304] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1620.722740][T25304] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1620.797202][T25304] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2714250408 [ 1620.880808][T25304] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1620.916988][T25306] ubi0: background thread "ubi_bgt0d" started, PID 25306 [ 1623.739081][T25340] nvme_fcloop: unknown parameter or missing value '7' [ 1624.069548][T25336] ubi: mtd0 is already attached to ubi0 [ 1624.369049][T25352] ubi: mtd0 is already attached to ubi0 [ 1627.106772][T25389] ubi: mtd0 is already attached to ubi0 [ 1627.383858][T25393] nvme_fcloop: unknown parameter or missing value '7' [ 1627.519612][T25399] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3610'. [ 1627.700098][T25401] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3611'. [ 1627.991307][T25406] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3612'. [ 1628.391605][T25409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3613'. [ 1629.803363][T25420] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3614'. [ 1631.308390][T25443] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3619'. [ 1632.602655][T25453] nvme_fcloop: unknown parameter or missing value '7' [ 1633.087512][T25463] nvme_fcloop: unknown parameter or missing value '7' [ 1633.442498][T25475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3626'. [ 1633.460958][ T30] audit: type=1804 audit(1765892415.088:14): pid=25476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3625" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=20 res=1 errno=0 [ 1634.284337][T25484] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3627'. [ 1635.469272][T25491] ubi: mtd0 is already attached to ubi0 [ 1636.402903][T25503] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1636.446773][T25506] nvme_fcloop: unknown parameter or missing value '7' [ 1636.633517][T25513] ubi: mtd0 is already attached to ubi0 [ 1636.651197][T25513] ubi0: detaching mtd0 [ 1636.673800][T25513] ubi0: mtd0 is detached [ 1637.519208][T25530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3637'. [ 1637.733884][T25531] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3636'. [ 1638.131345][T25539] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3638'. [ 1639.694789][T25550] ubi8: attaching mtd0 [ 1639.709091][T25550] ubi8: scanning is finished [ 1639.929250][T25550] ubi8: attached mtd0 (name "mtdram test device", size 0 MiB) [ 1639.936745][T25550] ubi8: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 1639.969457][T25550] ubi8: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 1639.976746][T25550] ubi8: VID header offset: 64 (aligned 64), data offset: 128 [ 1640.017010][T25550] ubi8: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 1640.075741][T25550] ubi8: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 1640.127112][T25550] ubi8: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 2714250408 [ 1640.180422][T25550] ubi8: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 1640.206707][T25552] ubi8: background thread "ubi_bgt8d" started, PID 25552 [ 1640.283453][T25556] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3641'. [ 1640.492936][T25560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3642'. [ 1641.038626][T25566] nvme_fcloop: unknown parameter or missing value '7' [ 1641.859356][T25576] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3645'. [ 1644.970763][T25615] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3652'. [ 1645.139347][T25621] nvme_fcloop: unknown parameter or missing value '7' [ 1645.734718][T25627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3654'. [ 1646.403329][T25641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3658'. [ 1646.673187][T25645] ubi: mtd0 is already attached to ubi8 [ 1647.970693][T25661] ubi: mtd0 is already attached to ubi8 [ 1648.603111][T25666] nvme_fcloop: unknown parameter or missing value '7' [ 1649.675808][T25688] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3666'. [ 1650.234845][T25696] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3667'. [ 1650.996073][T25701] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3668'. [ 1652.620828][T25717] ubi: mtd0 is already attached to ubi8 [ 1653.672300][T25736] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3676'. [ 1654.776747][T25754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3679'. [ 1656.487986][T25776] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3683'. [ 1656.793574][T25781] ubi: mtd0 is already attached to ubi8 [ 1657.122516][T25772] ubi: mtd0 is already attached to ubi8 [ 1657.874418][T25798] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3688'. [ 1658.317449][T25792] ubi: mtd0 is already attached to ubi8 [ 1659.315352][T25809] ubi: mtd0 is already attached to ubi8 [ 1660.421154][T25834] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3694'. [ 1660.603039][T25830] ubi: mtd0 is already attached to ubi8 [ 1660.795513][T25832] ubi: mtd0 is already attached to ubi8 [ 1662.186904][T25850] ubi: mtd0 is already attached to ubi8 [ 1662.834551][T25860] ubi: mtd0 is already attached to ubi8 [ 1662.855166][T25863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3700'. [ 1663.848402][T25876] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3702'. [ 1666.411685][T25905] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3708'. [ 1668.333971][T25920] ubi: mtd0 is already attached to ubi8 [ 1668.517979][T25923] ubi: mtd0 is already attached to ubi8 [ 1669.694883][T25943] ubi: mtd0 is already attached to ubi8 [ 1669.862643][T25945] nvme_fcloop: unknown parameter or missing value 'l' [ 1673.067724][T25987] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3725'. [ 1673.139340][T25985] ubi: mtd0 is already attached to ubi8 [ 1673.213660][T25980] ubi: mtd0 is already attached to ubi8 [ 1674.004055][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1674.010519][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1674.545441][T25998] nvme_fcloop: unknown parameter or missing value 'l' [ 1675.566419][T26004] ubi: mtd0 is already attached to ubi8 [ 1675.880530][T26020] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3733'. [ 1678.227351][T26049] nvme_fcloop: unknown parameter or missing value '7' [ 1678.962559][T26056] nvme_fcloop: unknown parameter or missing value '7' [ 1679.435806][T26069] ubi: mtd0 is already attached to ubi8 [ 1680.878568][T26083] ubi: mtd0 is already attached to ubi8 [ 1682.892836][T26110] nvme_fcloop: unknown parameter or missing value '7' [ 1683.521002][T26124] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3754'. [ 1686.353955][T26155] ubi: mtd0 is already attached to ubi8 [ 1686.686284][T26164] ubi: mtd0 is already attached to ubi8 [ 1686.847678][T26168] nvme_fcloop: unknown parameter or missing value '7' [ 1687.345803][T26175] ubi: mtd0 is already attached to ubi8 [ 1689.030646][T26193] ubi: mtd0 is already attached to ubi8 [ 1690.390856][T26219] nvme_fcloop: unknown parameter or missing value '7' [ 1691.796586][T26250] ubi: mtd0 is already attached to ubi8 [ 1693.082129][T26268] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3783'. [ 1693.157274][T26266] ubi: mtd0 is already attached to ubi8 [ 1693.768797][T26272] nvme_fcloop: unknown parameter or missing value '7' [ 1695.268047][T26288] ubi: mtd0 is already attached to ubi8 [ 1696.238256][T26311] nvme_fcloop: unknown parameter or missing value '7' [ 1696.879696][T26323] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3796'. [ 1697.858247][T26333] ubi: mtd0 is already attached to ubi8 [ 1699.336613][T26351] ubi: mtd0 is already attached to ubi8 [ 1700.092116][T26368] nvme_fcloop: unknown parameter or missing value '7' [ 1702.341334][T26406] ubi: mtd0 is already attached to ubi8 [ 1703.779665][T26421] ubi: mtd0 is already attached to ubi8 [ 1704.035062][T26425] nvme_fcloop: unknown parameter or missing value '7' [ 1706.948031][T26471] ubi: mtd0 is already attached to ubi8 [ 1707.142685][T26478] nvme_fcloop: unknown parameter or missing value '7' [ 1709.384028][T26502] ubi: mtd0 is already attached to ubi8 [ 1709.581358][T26515] ubi: mtd0 is already attached to ubi8 [ 1710.189760][T26522] ubi: mtd0 is already attached to ubi8 [ 1710.918863][T26532] ubi: mtd0 is already attached to ubi8 [ 1711.292056][T26536] nvme_fcloop: unknown parameter or missing value '7' [ 1712.509523][T26556] ubi: mtd0 is already attached to ubi8 [ 1713.072156][T26573] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3845'. [ 1715.133326][T26593] nvme_fcloop: unknown parameter or missing value '7' [ 1716.842652][T26624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3855'. [ 1718.169613][T26639] ubi: mtd0 is already attached to ubi8 [ 1718.602035][T26645] ubi: mtd0 is already attached to ubi8 [ 1719.641592][T26656] nvme_fcloop: unknown parameter or missing value '7' [ 1720.725314][T26681] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3866'. [ 1723.233566][T26707] ubi: mtd0 is already attached to ubi8 [ 1723.801847][T26715] nvme_fcloop: unknown parameter or missing value '7' [ 1723.807918][T26713] ubi: mtd0 is already attached to ubi8 [ 1724.542260][T26734] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3876'. [ 1727.854837][T26776] nvme_fcloop: unknown parameter or missing value '7' [ 1728.025886][T26780] ubi: mtd0 is already attached to ubi8 [ 1729.392294][T26803] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3888'. [ 1729.610079][T26805] ubi: mtd0 is already attached to ubi8 [ 1730.283191][T26812] ubi: mtd0 is already attached to ubi8 [ 1730.836739][T26824] nvme_fcloop: unknown parameter or missing value '7' [ 1732.309577][T26848] ubi: mtd0 is already attached to ubi8 [ 1732.369306][T26851] ubi: mtd0 is already attached to ubi8 [ 1733.545268][T26863] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3901'. [ 1734.330010][T26872] ubi: mtd0 is already attached to ubi8 [ 1734.770104][T26877] nvme_fcloop: unknown parameter or missing value '7' [ 1735.440015][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1735.446496][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1736.917674][T26909] ubi: mtd0 is already attached to ubi8 [ 1737.547946][T26911] ubi: mtd0 is already attached to ubi8 [ 1737.752867][T26920] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3913'. [ 1737.776599][T26916] ubi: mtd0 is already attached to ubi8 [ 1738.319852][T26930] nvme_fcloop: unknown parameter or missing value '7' [ 1739.014016][T26934] ubi: mtd0 is already attached to ubi8 [ 1739.892422][T26947] ubi: mtd0 is already attached to ubi8 [ 1741.910940][T26977] ubi: mtd0 is already attached to ubi8 [ 1742.520518][T26979] nvme_fcloop: unknown parameter or missing value '7' [ 1742.578243][T26982] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3926'. [ 1743.950086][T26993] ubi: mtd0 is already attached to ubi8 [ 1744.182965][T27002] ubi: mtd0 is already attached to ubi8 [ 1746.512217][T27036] nvme_fcloop: unknown parameter or missing value '7' [ 1746.922514][T27044] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3939'. [ 1749.431925][T27073] ubi: mtd0 is already attached to ubi8 [ 1750.200279][T27092] nvme_fcloop: unknown parameter or missing value '7' [ 1750.855208][T27105] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3951'. [ 1751.054691][T27104] ubi: mtd0 is already attached to ubi8 [ 1752.132560][T27110] ubi: mtd0 is already attached to ubi8 [ 1752.522119][T27125] ubi: mtd0 is already attached to ubi8 [ 1753.450066][T27136] nvme_fcloop: unknown parameter or missing value '7' [ 1753.836032][T27139] ubi: mtd0 is already attached to ubi8 [ 1754.017803][T27144] ubi: mtd0 is already attached to ubi8 [ 1754.293910][T27147] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3962'. [ 1757.676493][T27181] ubi: mtd0 is already attached to ubi8 [ 1759.993710][T27210] ubi: mtd0 is already attached to ubi8 [ 1761.253612][T27230] ubi: mtd0 is already attached to ubi8 [ 1761.492626][T27235] nvme_fcloop: unknown parameter or missing value '7' [ 1763.640677][T27273] ubi: mtd0 is already attached to ubi8 [ 1764.293569][T27274] ubi: mtd0 is already attached to ubi8 [ 1765.065636][T27282] ubi: mtd0 is already attached to ubi8 [ 1765.419456][T27289] nvme_fcloop: unknown parameter or missing value '7' [ 1767.986009][T27322] ubi: mtd0 is already attached to ubi8 [ 1769.482419][T27337] ubi: mtd0 is already attached to ubi8 [ 1769.785378][T27345] nvme_fcloop: unknown parameter or missing value '7' [ 1770.619309][T27353] ubi: mtd0 is already attached to ubi8 [ 1774.372171][T27406] nvme_fcloop: unknown parameter or missing value '7' [ 1774.635169][T27404] ubi: mtd0 is already attached to ubi8 [ 1774.945174][T27416] nvme_fcloop: unknown parameter or missing value '7' [ 1775.950899][T27431] ubi: mtd0 is already attached to ubi8 [ 1775.964750][T27426] ubi: mtd0 is already attached to ubi8 [ 1780.401876][T27471] nvme_fcloop: unknown parameter or missing value '7' [ 1781.378322][T27477] ubi: mtd0 is already attached to ubi8 [ 1781.588709][T27490] ubi: mtd0 is already attached to ubi8 [ 1784.183695][T27520] ubi: mtd0 is already attached to ubi8 [ 1786.283029][T27544] ubi: mtd0 is already attached to ubi8 [ 1790.834465][T27597] ubi: mtd0 is already attached to ubi8 [ 1791.536338][T27619] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4056'. [ 1793.454898][T27645] ubi: mtd0 is already attached to ubi8 [ 1796.880067][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1796.887005][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1797.881523][T27706] ubi: mtd0 is already attached to ubi8 [ 1798.886316][T27718] ubi: mtd0 is already attached to ubi8 [ 1800.632880][T27737] ubi: mtd0 is already attached to ubi8 [ 1800.784805][T27744] ubi: mtd0 is already attached to ubi8 [ 1803.399731][T27774] ubi: mtd0 is already attached to ubi8 [ 1803.888739][T27768] ubi: mtd0 is already attached to ubi8 [ 1803.895273][T27781] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4087'. [ 1804.971634][T27789] ubi: mtd0 is already attached to ubi8 [ 1805.953267][T27810] ubi: mtd0 is already attached to ubi8 [ 1806.403351][T27812] ubi: mtd0 is already attached to ubi8 [ 1808.017826][T27831] ubi: mtd0 is already attached to ubi8 [ 1808.360143][T27840] ubi: mtd0 is already attached to ubi8 [ 1808.507118][T27847] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4101'. [ 1809.633348][T27859] ubi: mtd0 is already attached to ubi8 [ 1810.013442][T27861] ubi: mtd0 is already attached to ubi8 [ 1812.587799][T27902] ubi: mtd0 is already attached to ubi8 [ 1817.919102][T27973] ubi: mtd0 is already attached to ubi8 [ 1818.697049][T27981] ubi: mtd0 is already attached to ubi8 [ 1819.182994][T27994] ubi: mtd0 is already attached to ubi8 [ 1820.857320][T28011] ubi: mtd0 is already attached to ubi8 [ 1821.165236][T28019] ubi: mtd0 is already attached to ubi8 [ 1821.481736][T28018] ubi: mtd0 is already attached to ubi8 [ 1824.129937][T28057] ubi: mtd0 is already attached to ubi8 [ 1824.455583][T28059] ubi: mtd0 is already attached to ubi8 [ 1825.445022][T28072] ubi: mtd0 is already attached to ubi8 [ 1827.420613][T28093] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4154'. [ 1828.460376][T28104] ubi: mtd0 is already attached to ubi8 [ 1831.808456][T28138] ubi: mtd0 is already attached to ubi8 [ 1832.294485][T28133] ubi: mtd0 is already attached to ubi8 [ 1834.733108][T28163] ubi: mtd0 is already attached to ubi8 [ 1835.398019][T28175] ubi: mtd0 is already attached to ubi8 [ 1835.645149][T28182] ubi: mtd0 is already attached to ubi8 [ 1836.271052][T28189] ubi: mtd0 is already attached to ubi8 [ 1836.397910][T28188] ubi: mtd0 is already attached to ubi8 [ 1837.704022][T28209] ubi: mtd0 is already attached to ubi8 [ 1838.192400][T28216] ubi: mtd0 is already attached to ubi8 [ 1839.252966][T28227] ubi: mtd0 is already attached to ubi8 [ 1840.112153][T28248] ubi: mtd0 is already attached to ubi8 [ 1840.890717][T28251] ubi: mtd0 is already attached to ubi8 [ 1841.800748][T28256] ubi: mtd0 is already attached to ubi8 [ 1841.929363][T28269] ubi: mtd0 is already attached to ubi8 [ 1842.263088][T28261] ubi: mtd0 is already attached to ubi8 [ 1842.910614][T28281] ubi: mtd0 is already attached to ubi8 [ 1843.082337][T28284] ubi: mtd0 is already attached to ubi8 [ 1844.080306][T28297] ubi: mtd0 is already attached to ubi8 [ 1845.892827][T28307] ubi: mtd0 is already attached to ubi8 [ 1847.999543][T28337] ubi: mtd0 is already attached to ubi8 [ 1849.521564][T28359] ubi: mtd0 is already attached to ubi8 [ 1850.172764][T28367] ubi: mtd0 is already attached to ubi8 [ 1850.534784][T28375] ubi: mtd0 is already attached to ubi8 [ 1851.647131][T28393] ubi: mtd0 is already attached to ubi8 [ 1852.470593][T28397] ubi: mtd0 is already attached to ubi8 [ 1852.571362][T28403] ubi: mtd0 is already attached to ubi8 [ 1853.456479][T28413] ubi: mtd0 is already attached to ubi8 [ 1853.772471][T28418] ubi: mtd0 is already attached to ubi8 [ 1854.613273][T28427] ubi: mtd0 is already attached to ubi8 [ 1854.646622][T28426] ubi: mtd0 is already attached to ubi8 [ 1855.607978][T28434] ubi: mtd0 is already attached to ubi8 [ 1855.872536][T28440] ubi: mtd0 is already attached to ubi8 [ 1857.161441][T28454] ubi: mtd0 is already attached to ubi8 [ 1857.329785][T28456] ubi: mtd0 is already attached to ubi8 [ 1858.330108][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1858.336498][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1858.453025][T28475] ubi: mtd0 is already attached to ubi8 [ 1859.423049][T28492] ubi: mtd0 is already attached to ubi8 [ 1859.684794][T28491] ubi: mtd0 is already attached to ubi8 [ 1859.739315][T28490] ubi: mtd0 is already attached to ubi8 [ 1860.878122][T28501] ubi: mtd0 is already attached to ubi8 [ 1861.939476][T28518] ubi: mtd0 is already attached to ubi8 [ 1862.858965][T28526] ubi: mtd0 is already attached to ubi8 [ 1863.421311][T28538] ubi: mtd0 is already attached to ubi8 [ 1863.480179][T28539] ubi: mtd0 is already attached to ubi8 [ 1863.988260][T28544] ubi: mtd0 is already attached to ubi8 [ 1864.504479][T28548] ubi: mtd0 is already attached to ubi8 [ 1865.109412][T28555] ubi: mtd0 is already attached to ubi8 [ 1865.448162][T28560] ubi: mtd0 is already attached to ubi8 [ 1867.481702][T28580] ubi: mtd0 is already attached to ubi8 [ 1867.702397][T28587] ubi: mtd0 is already attached to ubi8 [ 1868.115995][T28595] ubi: mtd0 is already attached to ubi8 [ 1869.463983][T28608] ubi: mtd0 is already attached to ubi8 [ 1874.538186][T28670] ubi: mtd0 is already attached to ubi8 [ 1874.740735][T28666] ubi: mtd0 is already attached to ubi8 [ 1875.578961][T28683] ubi: mtd0 is already attached to ubi8 [ 1875.846651][T28696] ubi: mtd0 is already attached to ubi8 [ 1897.507552][T28951] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4325'. [ 1900.968739][T28996] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4333'. [ 1908.095746][T29075] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4349'. [ 1916.604579][T29188] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4371'. [ 1919.762697][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1919.769169][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1933.082266][T29393] nvme_fcloop: unknown parameter or missing value '7' [ 1934.593932][T29423] nvme_fcloop: unknown parameter or missing value '7' [ 1934.966949][T29435] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4418'. [ 1935.838087][ T30] audit: type=1804 audit(1765892717.468:15): pid=29444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4420" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=20 res=1 errno=0 [ 1936.003125][T29446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4421'. [ 1937.096597][T29453] nvme_fcloop: unknown parameter or missing value '7' [ 1937.590993][T29462] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4424'. [ 1940.074520][T29511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4435'. [ 1941.578215][T29525] nvme_fcloop: unknown parameter or missing value '7' [ 1941.837161][T29531] nvme_fcloop: unknown parameter or missing value '7' [ 1943.486217][T29562] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4444'. [ 1943.725777][T29566] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4445'. [ 1944.662890][ T30] audit: type=1804 audit(1765892726.288:16): pid=29572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.4446" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=20 res=1 errno=0 [ 1945.544979][T29583] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4448'. [ 1946.270635][T29592] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4450'. [ 1946.844087][ T30] audit: type=1804 audit(1765892728.448:17): pid=29599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.4452" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=20 res=1 errno=0 [ 1947.401370][T29609] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4454'. [ 1947.809149][ T30] audit: type=1804 audit(1765892729.438:18): pid=29616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.4455" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=20 res=1 errno=0 [ 1949.189343][T29635] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4458'. [ 1949.207657][ T30] audit: type=1804 audit(1765892730.838:19): pid=29636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.4459" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=20 res=1 errno=0 [ 1949.516865][T29642] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4461'. [ 1951.535582][T29665] nvme_fcloop: unknown parameter or missing value '7' [ 1953.266978][T29693] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4471'. [ 1954.349991][T29704] nvme_fcloop: unknown parameter or missing value '7' [ 1955.197314][T29718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4476'. [ 1955.694760][T29721] nvme_fcloop: unknown parameter or missing value '7' [ 1958.056867][T29760] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4484'. [ 1960.207898][T29785] nvme_fcloop: unknown parameter or missing value '7' [ 1960.398675][T29792] nvme_fcloop: unknown parameter or missing value '7' [ 1961.139155][T29797] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4491'. [ 1961.467627][T29802] nvme_fcloop: unknown parameter or missing value '7' [ 1962.811465][T29818] nvme_fcloop: unknown parameter or missing value '7' [ 1962.976310][T29821] nvme_fcloop: unknown parameter or missing value '7' [ 1963.135925][T29831] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4498'. [ 1965.162282][T29863] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4505'. [ 1967.187808][T29884] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4508'. [ 1967.449952][T29892] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4510'. [ 1967.627546][T29891] nvme_fcloop: unknown parameter or missing value '7' [ 1968.727885][T29903] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4512'. [ 1968.887700][ T30] audit: type=1804 audit(1765892750.518:20): pid=29907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.4513" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=20 res=1 errno=0 [ 1969.695799][T29918] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4515'. [ 1970.241915][ T30] audit: type=1804 audit(1765892751.868:21): pid=29922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.4516" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=20 res=1 errno=0 [ 1972.970778][T29956] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4523'. [ 1974.230627][T29974] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4526'. [ 1974.569000][T29978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4527'. [ 1976.139803][T29999] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4530'. [ 1977.908944][T30021] nvme_fcloop: unknown parameter or missing value '7' [ 1979.458365][T30054] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4541'. [ 1980.120761][T30062] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4542'. [ 1980.736534][T30068] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4544'. [ 1980.950463][T30072] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4545'. [ 1981.243243][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1981.252114][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1981.471763][T30076] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4546'. [ 1984.393338][T30122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4554'. [ 1985.248171][T30132] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4555'. [ 1985.760704][T30140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4557'. [ 1989.939085][T30191] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4568'. [ 1994.361862][T30249] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4581'. [ 2002.397041][T30355] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4604'. [ 2034.218581][T30754] FAULT_INJECTION: forcing a failure. [ 2034.218581][T30754] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 2034.296801][T30754] CPU: 1 UID: 0 PID: 30754 Comm: syz.1.4686 Tainted: G L syzkaller #0 PREEMPT(full) [ 2034.296831][T30754] Tainted: [L]=SOFTLOCKUP [ 2034.296837][T30754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2034.296851][T30754] Call Trace: [ 2034.296856][T30754] [ 2034.296863][T30754] dump_stack_lvl+0x16c/0x1f0 [ 2034.297025][T30754] should_fail_ex+0x512/0x640 [ 2034.297095][T30754] _copy_to_user+0x32/0xd0 [ 2034.297138][T30754] simple_read_from_buffer+0xcb/0x170 [ 2034.297208][T30754] proc_fail_nth_read+0x197/0x240 [ 2034.297274][T30754] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2034.297298][T30754] ? rw_verify_area+0xcf/0x6c0 [ 2034.297357][T30754] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2034.297383][T30754] vfs_read+0x1e4/0xcf0 [ 2034.297403][T30754] ? __pfx___mutex_lock+0x10/0x10 [ 2034.297457][T30754] ? __pfx_vfs_read+0x10/0x10 [ 2034.297481][T30754] ? __fget_files+0x20e/0x3c0 [ 2034.297580][T30754] ksys_read+0x12a/0x250 [ 2034.297599][T30754] ? __pfx_ksys_read+0x10/0x10 [ 2034.297617][T30754] ? rcu_is_watching+0x12/0xc0 [ 2034.297657][T30754] do_syscall_64+0xcd/0xf80 [ 2034.297714][T30754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2034.297742][T30754] RIP: 0033:0x7f930b78e1dc [ 2034.297757][T30754] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2034.297772][T30754] RSP: 002b:00007f930c677030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2034.297785][T30754] RAX: ffffffffffffffda RBX: 00007f930b9e5fa0 RCX: 00007f930b78e1dc [ 2034.297795][T30754] RDX: 000000000000000f RSI: 00007f930c6770a0 RDI: 0000000000000004 [ 2034.297803][T30754] RBP: 00007f930c677090 R08: 0000000000000000 R09: 0000000000000000 [ 2034.297812][T30754] R10: 0000000000000c01 R11: 0000000000000246 R12: 0000000000000001 [ 2034.297820][T30754] R13: 00007f930b9e6038 R14: 00007f930b9e5fa0 R15: 00007ffe8cf4d328 [ 2034.297839][T30754] [ 2034.759931][T30759] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 2036.547138][T30789] FAULT_INJECTION: forcing a failure. [ 2036.547138][T30789] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2036.574684][T30789] CPU: 1 UID: 0 PID: 30789 Comm: syz.1.4696 Tainted: G L syzkaller #0 PREEMPT(full) [ 2036.574727][T30789] Tainted: [L]=SOFTLOCKUP [ 2036.574735][T30789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2036.574749][T30789] Call Trace: [ 2036.574758][T30789] [ 2036.574768][T30789] dump_stack_lvl+0x16c/0x1f0 [ 2036.574813][T30789] should_fail_ex+0x512/0x640 [ 2036.574847][T30789] _copy_from_user+0x2e/0xd0 [ 2036.574877][T30789] io_uring_setup+0xc1/0x1f60 [ 2036.574976][T30789] ? __pfx_io_uring_setup+0x10/0x10 [ 2036.575008][T30789] ? __mutex_unlock_slowpath+0x161/0x790 [ 2036.575049][T30789] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2036.575101][T30789] ? fput+0x70/0xf0 [ 2036.575128][T30789] ? ksys_write+0x1ac/0x250 [ 2036.575171][T30789] ? __pfx_ksys_write+0x10/0x10 [ 2036.575209][T30789] __x64_sys_io_uring_setup+0xc2/0x170 [ 2036.575245][T30789] do_syscall_64+0xcd/0xf80 [ 2036.575281][T30789] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2036.575308][T30789] RIP: 0033:0x7f930b78f7c9 [ 2036.575328][T30789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2036.575352][T30789] RSP: 002b:00007f930c677038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 2036.575377][T30789] RAX: ffffffffffffffda RBX: 00007f930b9e5fa0 RCX: 00007f930b78f7c9 [ 2036.575394][T30789] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000004766 [ 2036.575409][T30789] RBP: 00007f930c677090 R08: 0000000000000000 R09: 0000000000000000 [ 2036.575425][T30789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2036.575440][T30789] R13: 00007f930b9e6038 R14: 00007f930b9e5fa0 R15: 00007ffe8cf4d328 [ 2036.575475][T30789] [ 2037.259476][T30808] mmap: syz.0.4699 (30808) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 2039.118153][T30847] FAULT_INJECTION: forcing a failure. [ 2039.118153][T30847] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2039.236867][T30847] CPU: 0 UID: 0 PID: 30847 Comm: syz.1.4710 Tainted: G L syzkaller #0 PREEMPT(full) [ 2039.236901][T30847] Tainted: [L]=SOFTLOCKUP [ 2039.236906][T30847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2039.236915][T30847] Call Trace: [ 2039.236920][T30847] [ 2039.236927][T30847] dump_stack_lvl+0x16c/0x1f0 [ 2039.236954][T30847] should_fail_ex+0x512/0x640 [ 2039.236974][T30847] _copy_from_user+0x2e/0xd0 [ 2039.236991][T30847] kstrtobool_from_user+0x99/0x180 [ 2039.237010][T30847] ? __pfx_kstrtobool_from_user+0x10/0x10 [ 2039.237028][T30847] ? __lock_acquire+0x436/0x2890 [ 2039.237074][T30847] force_suspend_write+0x9b/0x1c0 [ 2039.237193][T30847] ? __pfx_force_suspend_write+0x10/0x10 [ 2039.237220][T30847] full_proxy_write+0x131/0x1a0 [ 2039.237280][T30847] ? __pfx_full_proxy_write+0x10/0x10 [ 2039.237297][T30847] vfs_write+0x2a0/0x11d0 [ 2039.237320][T30847] ? __pfx___mutex_lock+0x10/0x10 [ 2039.237343][T30847] ? __pfx_vfs_write+0x10/0x10 [ 2039.237367][T30847] ? __fget_files+0x20e/0x3c0 [ 2039.237393][T30847] ksys_write+0x12a/0x250 [ 2039.237412][T30847] ? __pfx_ksys_write+0x10/0x10 [ 2039.237438][T30847] do_syscall_64+0xcd/0xf80 [ 2039.237460][T30847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2039.237475][T30847] RIP: 0033:0x7f930b78f7c9 [ 2039.237488][T30847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2039.237502][T30847] RSP: 002b:00007f930c677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2039.237516][T30847] RAX: ffffffffffffffda RBX: 00007f930b9e5fa0 RCX: 00007f930b78f7c9 [ 2039.237525][T30847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 2039.237533][T30847] RBP: 00007f930c677090 R08: 0000000000000000 R09: 0000000000000000 [ 2039.237542][T30847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2039.237550][T30847] R13: 00007f930b9e6038 R14: 00007f930b9e5fa0 R15: 00007ffe8cf4d328 [ 2039.237569][T30847] [ 2039.760025][T30854] FAULT_INJECTION: forcing a failure. [ 2039.760025][T30854] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2039.878095][T30854] CPU: 0 UID: 0 PID: 30854 Comm: syz.0.4711 Tainted: G L syzkaller #0 PREEMPT(full) [ 2039.878134][T30854] Tainted: [L]=SOFTLOCKUP [ 2039.878141][T30854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2039.878155][T30854] Call Trace: [ 2039.878163][T30854] [ 2039.878172][T30854] dump_stack_lvl+0x16c/0x1f0 [ 2039.878213][T30854] should_fail_ex+0x512/0x640 [ 2039.878243][T30854] _copy_from_user+0x2e/0xd0 [ 2039.878268][T30854] copy_msghdr_from_user+0x98/0x160 [ 2039.878404][T30854] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2039.878445][T30854] ? __lock_acquire+0x436/0x2890 [ 2039.878478][T30854] ___sys_recvmsg+0xdb/0x1a0 [ 2039.878510][T30854] ? __pfx____sys_recvmsg+0x10/0x10 [ 2039.878546][T30854] ? find_held_lock+0x2b/0x80 [ 2039.878595][T30854] do_recvmmsg+0x2fe/0x750 [ 2039.878630][T30854] ? __pfx_do_recvmmsg+0x10/0x10 [ 2039.878666][T30854] ? __mutex_unlock_slowpath+0x161/0x790 [ 2039.878713][T30854] ? __fget_files+0x20e/0x3c0 [ 2039.878754][T30854] __x64_sys_recvmmsg+0x22a/0x280 [ 2039.878788][T30854] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 2039.878837][T30854] do_syscall_64+0xcd/0xf80 [ 2039.878874][T30854] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2039.878899][T30854] RIP: 0033:0x7fc2fe58f7c9 [ 2039.878918][T30854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2039.878942][T30854] RSP: 002b:00007fc2ff474038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 2039.878966][T30854] RAX: ffffffffffffffda RBX: 00007fc2fe7e6090 RCX: 00007fc2fe58f7c9 [ 2039.878982][T30854] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 2039.878997][T30854] RBP: 00007fc2ff474090 R08: 0000000000000000 R09: 0000000000000000 [ 2039.879012][T30854] R10: 000000000000007f R11: 0000000000000246 R12: 0000000000000001 [ 2039.879027][T30854] R13: 00007fc2fe7e6128 R14: 00007fc2fe7e6090 R15: 00007ffc82f49448 [ 2039.879059][T30854] [ 2040.132702][T30857] [ 2040.519446][T30874] [U] [ 2040.524581][T30874] [U] [ 2040.527304][T30874] [U] [ 2040.530023][T30874] [U] [ 2040.571182][T30874] [U] [ 2040.573910][T30874] [U] [ 2040.576612][T30874] [U] [ 2040.579310][T30874] [U] [ 2040.597389][T30874] [U] [ 2040.600115][T30874] [U] [ 2040.602800][T30874] [U] [ 2040.605482][T30874] [U] [ 2040.723080][T30874] [U] [ 2040.725823][T30874] [U] [ 2040.728507][T30874] [U] [ 2040.731185][T30874] [U] [ 2040.783854][T30874] [U] [ 2040.786594][T30874] [U] [ 2040.789309][T30874] [U] [ 2040.792028][T30874] [U] [ 2040.860404][T30884] FAULT_INJECTION: forcing a failure. [ 2040.860404][T30884] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2040.909118][T30884] CPU: 0 UID: 0 PID: 30884 Comm: syz.2.4716 Tainted: G L syzkaller #0 PREEMPT(full) [ 2040.909161][T30884] Tainted: [L]=SOFTLOCKUP [ 2040.909167][T30884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2040.909175][T30884] Call Trace: [ 2040.909180][T30884] [ 2040.909187][T30884] dump_stack_lvl+0x16c/0x1f0 [ 2040.909214][T30884] should_fail_ex+0x512/0x640 [ 2040.909234][T30884] _copy_from_iter+0x2a4/0x16c0 [ 2040.909304][T30884] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 2040.909382][T30884] ? __pfx__copy_from_iter+0x10/0x10 [ 2040.909399][T30884] ? __pfx__mutex_trylock_nest_lock+0x10/0x10 [ 2040.909428][T30884] file_tty_write.constprop.0+0x487/0x9b0 [ 2040.909453][T30884] vfs_write+0x7d3/0x11d0 [ 2040.909484][T30884] ? __pfx_tty_write+0x10/0x10 [ 2040.909504][T30884] ? __pfx_vfs_write+0x10/0x10 [ 2040.909522][T30884] ? find_held_lock+0x2b/0x80 [ 2040.909552][T30884] ksys_write+0x12a/0x250 [ 2040.909571][T30884] ? __pfx_ksys_write+0x10/0x10 [ 2040.909596][T30884] do_syscall_64+0xcd/0xf80 [ 2040.909618][T30884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2040.909633][T30884] RIP: 0033:0x7fbf9ad8f7c9 [ 2040.909646][T30884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2040.909660][T30884] RSP: 002b:00007fbf9bb97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2040.909674][T30884] RAX: ffffffffffffffda RBX: 00007fbf9afe5fa0 RCX: 00007fbf9ad8f7c9 [ 2040.909683][T30884] RDX: 0000000100000001 RSI: 0000000000000000 RDI: 0000000000000006 [ 2040.909691][T30884] RBP: 00007fbf9bb97090 R08: 0000000000000000 R09: 0000000000000000 [ 2040.909700][T30884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2040.909708][T30884] R13: 00007fbf9afe6038 R14: 00007fbf9afe5fa0 R15: 00007ffe7cd70bb8 [ 2040.909727][T30884] [ 2041.329946][T30883] [U] [ 2041.835871][T30899] FAULT_INJECTION: forcing a failure. [ 2041.835871][T30899] name failslab, interval 1, probability 0, space 0, times 0 [ 2041.855583][T30899] CPU: 0 UID: 0 PID: 30899 Comm: syz.1.4720 Tainted: G L syzkaller #0 PREEMPT(full) [ 2041.855624][T30899] Tainted: [L]=SOFTLOCKUP [ 2041.855634][T30899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2041.855649][T30899] Call Trace: [ 2041.855657][T30899] [ 2041.855667][T30899] dump_stack_lvl+0x16c/0x1f0 [ 2041.855702][T30899] should_fail_ex+0x512/0x640 [ 2041.855720][T30899] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 2041.855807][T30899] should_failslab+0xc2/0x120 [ 2041.855868][T30899] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 2041.855884][T30899] ? __pfx___might_resched+0x10/0x10 [ 2041.855912][T30899] ? sock_alloc_inode+0x25/0x1c0 [ 2041.855963][T30899] ? __pfx_sock_alloc_inode+0x10/0x10 [ 2041.855982][T30899] ? sock_alloc_inode+0x25/0x1c0 [ 2041.856000][T30899] sock_alloc_inode+0x25/0x1c0 [ 2041.856019][T30899] alloc_inode+0x64/0x240 [ 2041.856037][T30899] sock_alloc+0x40/0x280 [ 2041.856055][T30899] __sock_create+0xc2/0x8a0 [ 2041.856080][T30899] __sys_socketpair+0x1d8/0x5a0 [ 2041.856095][T30899] ? __pfx___sys_socketpair+0x10/0x10 [ 2041.856111][T30899] ? __pfx_ksys_write+0x10/0x10 [ 2041.856134][T30899] __x64_sys_socketpair+0x96/0x100 [ 2041.856147][T30899] ? lockdep_hardirqs_on+0x7c/0x110 [ 2041.856168][T30899] do_syscall_64+0xcd/0xf80 [ 2041.856190][T30899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2041.856205][T30899] RIP: 0033:0x7f930b78f7c9 [ 2041.856218][T30899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2041.856231][T30899] RSP: 002b:00007f930c677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 2041.856245][T30899] RAX: ffffffffffffffda RBX: 00007f930b9e5fa0 RCX: 00007f930b78f7c9 [ 2041.856255][T30899] RDX: 8000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 2041.856264][T30899] RBP: 00007f930c677090 R08: 0000000000000000 R09: 0000000000000000 [ 2041.856272][T30899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2041.856280][T30899] R13: 00007f930b9e6038 R14: 00007f930b9e5fa0 R15: 00007ffe8cf4d328 [ 2041.856299][T30899] [ 2041.856546][T30899] socket: no more sockets [ 2042.641670][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2042.648269][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2042.933390][T30934] syz.0.4726 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 2043.523815][T30947] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4729'. [ 2043.623132][T30947] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2043.670008][T30947] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2043.719837][T30947] bond0 (unregistering): Released all slaves [ 2044.534307][T30959] ubi: mtd0 is already attached to ubi8 [ 2045.733424][T30991] FAULT_INJECTION: forcing a failure. [ 2045.733424][T30991] name failslab, interval 1, probability 0, space 0, times 0 [ 2045.790702][T30991] CPU: 0 UID: 0 PID: 30991 Comm: syz.1.4742 Tainted: G L syzkaller #0 PREEMPT(full) [ 2045.790745][T30991] Tainted: [L]=SOFTLOCKUP [ 2045.790754][T30991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2045.790768][T30991] Call Trace: [ 2045.790778][T30991] [ 2045.790788][T30991] dump_stack_lvl+0x16c/0x1f0 [ 2045.790834][T30991] should_fail_ex+0x512/0x640 [ 2045.790853][T30991] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2045.790874][T30991] should_failslab+0xc2/0x120 [ 2045.790896][T30991] kmem_cache_alloc_noprof+0x83/0x770 [ 2045.790913][T30991] ? mpol_new+0x11b/0x2d0 [ 2045.791016][T30991] ? mpol_new+0x11b/0x2d0 [ 2045.791033][T30991] mpol_new+0x11b/0x2d0 [ 2045.791053][T30991] do_mbind+0x211/0xf20 [ 2045.791075][T30991] ? __pfx_do_mbind+0x10/0x10 [ 2045.791088][T30991] ? find_held_lock+0x2b/0x80 [ 2045.791117][T30991] ? __pfx_get_nodes+0x10/0x10 [ 2045.791135][T30991] ? __fget_files+0x20e/0x3c0 [ 2045.791159][T30991] kernel_mbind+0x1e3/0x1f0 [ 2045.791174][T30991] ? __pfx_kernel_mbind+0x10/0x10 [ 2045.791194][T30991] do_syscall_64+0xcd/0xf80 [ 2045.791216][T30991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2045.791232][T30991] RIP: 0033:0x7f930b78f7c9 [ 2045.791245][T30991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2045.791259][T30991] RSP: 002b:00007f930c635038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 2045.791273][T30991] RAX: ffffffffffffffda RBX: 00007f930b9e6180 RCX: 00007f930b78f7c9 [ 2045.791283][T30991] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 2045.791291][T30991] RBP: 00007f930c635090 R08: 0000000000000006 R09: 0000000000000002 [ 2045.791299][T30991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2045.791307][T30991] R13: 00007f930b9e6218 R14: 00007f930b9e6180 R15: 00007ffe8cf4d328 [ 2045.791331][T30991] [ 2046.209460][T30985] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4739'. [ 2046.266448][T30985] ipvlan0: entered promiscuous mode [ 2046.301102][T30985] ipvlan0: entered allmulticast mode [ 2046.306417][T30985] veth0_vlan: entered allmulticast mode [ 2046.726193][T30999] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4743'. [ 2047.041965][T31013] FAULT_INJECTION: forcing a failure. [ 2047.041965][T31013] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2047.087672][T31013] CPU: 1 UID: 0 PID: 31013 Comm: syz.1.4745 Tainted: G L syzkaller #0 PREEMPT(full) [ 2047.087735][T31013] Tainted: [L]=SOFTLOCKUP [ 2047.087745][T31013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2047.087760][T31013] Call Trace: [ 2047.087769][T31013] [ 2047.087780][T31013] dump_stack_lvl+0x16c/0x1f0 [ 2047.087823][T31013] should_fail_ex+0x512/0x640 [ 2047.087865][T31013] _copy_to_user+0x32/0xd0 [ 2047.087897][T31013] simple_read_from_buffer+0xcb/0x170 [ 2047.087936][T31013] proc_fail_nth_read+0x197/0x240 [ 2047.087980][T31013] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2047.088024][T31013] ? rw_verify_area+0xcf/0x6c0 [ 2047.088057][T31013] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 2047.088098][T31013] vfs_read+0x1e4/0xcf0 [ 2047.088135][T31013] ? __pfx___mutex_lock+0x10/0x10 [ 2047.088177][T31013] ? __pfx_vfs_read+0x10/0x10 [ 2047.088223][T31013] ? __fget_files+0x20e/0x3c0 [ 2047.088270][T31013] ksys_read+0x12a/0x250 [ 2047.088304][T31013] ? __pfx_ksys_read+0x10/0x10 [ 2047.088350][T31013] do_syscall_64+0xcd/0xf80 [ 2047.088391][T31013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2047.088419][T31013] RIP: 0033:0x7f930b78e1dc [ 2047.088441][T31013] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 2047.088466][T31013] RSP: 002b:00007f930c635030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2047.088491][T31013] RAX: ffffffffffffffda RBX: 00007f930b9e6180 RCX: 00007f930b78e1dc [ 2047.088509][T31013] RDX: 000000000000000f RSI: 00007f930c6350a0 RDI: 000000000000000b [ 2047.088525][T31013] RBP: 00007f930c635090 R08: 0000000000000000 R09: 0000000000000000 [ 2047.088541][T31013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2047.088557][T31013] R13: 00007f930b9e6218 R14: 00007f930b9e6180 R15: 00007ffe8cf4d328 [ 2047.088595][T31013] [ 2047.415865][T31023] FAULT_INJECTION: forcing a failure. [ 2047.415865][T31023] name failslab, interval 1, probability 0, space 0, times 0 [ 2047.492809][T31023] CPU: 1 UID: 0 PID: 31023 Comm: syz.3.4747 Tainted: G L syzkaller #0 PREEMPT(full) [ 2047.492849][T31023] Tainted: [L]=SOFTLOCKUP [ 2047.492857][T31023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2047.492869][T31023] Call Trace: [ 2047.492876][T31023] [ 2047.492885][T31023] dump_stack_lvl+0x16c/0x1f0 [ 2047.492927][T31023] should_fail_ex+0x512/0x640 [ 2047.492952][T31023] ? __kvmalloc_node_noprof+0x129/0xa40 [ 2047.492989][T31023] should_failslab+0xc2/0x120 [ 2047.493022][T31023] __kvmalloc_node_noprof+0x14a/0xa40 [ 2047.493056][T31023] ? seq_read_iter+0x830/0x12d0 [ 2047.493165][T31023] ? seq_read_iter+0x830/0x12d0 [ 2047.493194][T31023] seq_read_iter+0x830/0x12d0 [ 2047.493241][T31023] kernfs_fop_read_iter+0x46c/0x610 [ 2047.493310][T31023] ? rw_verify_area+0xcf/0x6c0 [ 2047.493344][T31023] vfs_read+0x8bf/0xcf0 [ 2047.493384][T31023] ? __pfx_vfs_read+0x10/0x10 [ 2047.493442][T31023] ksys_read+0x12a/0x250 [ 2047.493474][T31023] ? __pfx_ksys_read+0x10/0x10 [ 2047.493521][T31023] do_syscall_64+0xcd/0xf80 [ 2047.493561][T31023] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2047.493586][T31023] RIP: 0033:0x7f60c138f7c9 [ 2047.493607][T31023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2047.493634][T31023] RSP: 002b:00007f60c2240038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 2047.493659][T31023] RAX: ffffffffffffffda RBX: 00007f60c15e6090 RCX: 00007f60c138f7c9 [ 2047.493677][T31023] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000006 [ 2047.493690][T31023] RBP: 00007f60c2240090 R08: 0000000000000000 R09: 0000000000000000 [ 2047.493704][T31023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2047.493718][T31023] R13: 00007f60c15e6128 R14: 00007f60c15e6090 R15: 00007ffc8c6fe098 [ 2047.493754][T31023] [ 2049.328957][T31054] mkiss: ax0: crc mode is auto. [ 2049.340353][T31054] FAULT_INJECTION: forcing a failure. [ 2049.340353][T31054] name failslab, interval 1, probability 0, space 0, times 0 [ 2049.353195][T31054] CPU: 0 UID: 0 PID: 31054 Comm: syz.0.4753 Tainted: G L syzkaller #0 PREEMPT(full) [ 2049.353219][T31054] Tainted: [L]=SOFTLOCKUP [ 2049.353225][T31054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2049.353233][T31054] Call Trace: [ 2049.353240][T31054] [ 2049.353246][T31054] dump_stack_lvl+0x16c/0x1f0 [ 2049.353272][T31054] should_fail_ex+0x512/0x640 [ 2049.353289][T31054] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2049.353308][T31054] should_failslab+0xc2/0x120 [ 2049.353329][T31054] __kmalloc_cache_noprof+0x80/0x800 [ 2049.353345][T31054] ? fuse_dev_alloc_install+0x2b/0x40 [ 2049.353440][T31054] ? cuse_channel_open+0x1de/0x7f0 [ 2049.353482][T31054] ? cuse_channel_open+0x1de/0x7f0 [ 2049.353501][T31054] cuse_channel_open+0x1de/0x7f0 [ 2049.353521][T31054] ? __pfx_cuse_channel_open+0x10/0x10 [ 2049.353541][T31054] misc_open+0x26d/0x450 [ 2049.353591][T31054] ? __pfx_misc_open+0x10/0x10 [ 2049.353607][T31054] chrdev_open+0x234/0x6a0 [ 2049.353653][T31054] ? __pfx_chrdev_open+0x10/0x10 [ 2049.353675][T31054] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 2049.353798][T31054] do_dentry_open+0x748/0x1590 [ 2049.353818][T31054] ? __pfx_chrdev_open+0x10/0x10 [ 2049.353844][T31054] vfs_open+0x82/0x3f0 [ 2049.353861][T31054] path_openat+0x2078/0x3140 [ 2049.353906][T31054] ? __pfx_path_openat+0x10/0x10 [ 2049.353933][T31054] do_filp_open+0x20b/0x470 [ 2049.353954][T31054] ? __pfx_do_filp_open+0x10/0x10 [ 2049.353988][T31054] ? alloc_fd+0x471/0x7d0 [ 2049.354014][T31054] do_sys_openat2+0x121/0x290 [ 2049.354029][T31054] ? __pfx_do_sys_openat2+0x10/0x10 [ 2049.354045][T31054] ? find_held_lock+0x2b/0x80 [ 2049.354069][T31054] __x64_sys_openat+0x174/0x210 [ 2049.354085][T31054] ? __pfx___x64_sys_openat+0x10/0x10 [ 2049.354109][T31054] do_syscall_64+0xcd/0xf80 [ 2049.354131][T31054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2049.354146][T31054] RIP: 0033:0x7fc2fe58f7c9 [ 2049.354160][T31054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2049.354174][T31054] RSP: 002b:00007fc2ff495038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2049.354187][T31054] RAX: ffffffffffffffda RBX: 00007fc2fe7e5fa0 RCX: 00007fc2fe58f7c9 [ 2049.354197][T31054] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 2049.354206][T31054] RBP: 00007fc2fe613f91 R08: 0000000000000000 R09: 0000000000000000 [ 2049.354214][T31054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2049.354223][T31054] R13: 00007fc2fe7e6038 R14: 00007fc2fe7e5fa0 R15: 00007ffc82f49448 [ 2049.354242][T31054] [ 2050.136285][ T30] audit: type=1800 audit(1765892831.758:22): pid=31063 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.4757" name="features" dev="configfs" ino=219338 res=0 errno=0 [ 2050.360710][T31076] FAULT_INJECTION: forcing a failure. [ 2050.360710][T31076] name failslab, interval 1, probability 0, space 0, times 0 [ 2050.373408][T31076] CPU: 1 UID: 0 PID: 31076 Comm: syz.1.4759 Tainted: G L syzkaller #0 PREEMPT(full) [ 2050.373432][T31076] Tainted: [L]=SOFTLOCKUP [ 2050.373437][T31076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2050.373445][T31076] Call Trace: [ 2050.373451][T31076] [ 2050.373457][T31076] dump_stack_lvl+0x16c/0x1f0 [ 2050.373483][T31076] should_fail_ex+0x512/0x640 [ 2050.373500][T31076] ? fs_reclaim_acquire+0xae/0x150 [ 2050.373525][T31076] should_failslab+0xc2/0x120 [ 2050.373547][T31076] __kmalloc_noprof+0xeb/0x910 [ 2050.373563][T31076] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 2050.373684][T31076] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 2050.373703][T31076] tomoyo_realpath_from_path+0xc2/0x6e0 [ 2050.373723][T31076] ? tomoyo_profile+0x47/0x60 [ 2050.373768][T31076] tomoyo_path_number_perm+0x245/0x580 [ 2050.373783][T31076] ? tomoyo_path_number_perm+0x237/0x580 [ 2050.373801][T31076] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 2050.373857][T31076] ? find_held_lock+0x2b/0x80 [ 2050.373893][T31076] ? find_held_lock+0x2b/0x80 [ 2050.373910][T31076] ? hook_file_ioctl_common+0x144/0x410 [ 2050.373955][T31076] ? __fget_files+0x20e/0x3c0 [ 2050.373979][T31076] security_file_ioctl+0x9b/0x240 [ 2050.374015][T31076] __x64_sys_ioctl+0xb7/0x210 [ 2050.374060][T31076] do_syscall_64+0xcd/0xf80 [ 2050.374083][T31076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2050.374098][T31076] RIP: 0033:0x7f930b78f7c9 [ 2050.374111][T31076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2050.374125][T31076] RSP: 002b:00007f930c677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2050.374140][T31076] RAX: ffffffffffffffda RBX: 00007f930b9e5fa0 RCX: 00007f930b78f7c9 [ 2050.374152][T31076] RDX: 0000000000000000 RSI: 0000000080044704 RDI: 0000000000000015 [ 2050.374160][T31076] RBP: 00007f930c677090 R08: 0000000000000000 R09: 0000000000000000 [ 2050.374169][T31076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2050.374177][T31076] R13: 00007f930b9e6038 R14: 00007f930b9e5fa0 R15: 00007ffe8cf4d328 [ 2050.374196][T31076] [ 2050.374203][T31076] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2051.845504][T31100] FAULT_INJECTION: forcing a failure. [ 2051.845504][T31100] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2051.906830][T31100] CPU: 1 UID: 0 PID: 31100 Comm: syz.1.4764 Tainted: G L syzkaller #0 PREEMPT(full) [ 2051.906856][T31100] Tainted: [L]=SOFTLOCKUP [ 2051.906861][T31100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2051.906870][T31100] Call Trace: [ 2051.906875][T31100] [ 2051.906881][T31100] dump_stack_lvl+0x16c/0x1f0 [ 2051.906908][T31100] should_fail_ex+0x512/0x640 [ 2051.906928][T31100] _copy_from_user+0x2e/0xd0 [ 2051.906944][T31100] copy_msghdr_from_user+0x98/0x160 [ 2051.906965][T31100] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 2051.906986][T31100] ? __pfx__kstrtoull+0x10/0x10 [ 2051.907008][T31100] ___sys_sendmsg+0xfe/0x1d0 [ 2051.907026][T31100] ? __pfx____sys_sendmsg+0x10/0x10 [ 2051.907052][T31100] ? find_held_lock+0x2b/0x80 [ 2051.907078][T31100] ? proc_fail_nth_write+0x9f/0x220 [ 2051.907093][T31100] ? find_held_lock+0x2b/0x80 [ 2051.907112][T31100] __sys_sendmmsg+0x200/0x420 [ 2051.907132][T31100] ? __pfx___sys_sendmmsg+0x10/0x10 [ 2051.907154][T31100] ? do_sys_openat2+0x196/0x290 [ 2051.907171][T31100] ? __pfx_do_sys_openat2+0x10/0x10 [ 2051.907195][T31100] ? ksys_write+0x1ac/0x250 [ 2051.907226][T31100] ? __pfx_ksys_write+0x10/0x10 [ 2051.907248][T31100] __x64_sys_sendmmsg+0x9c/0x100 [ 2051.907266][T31100] ? lockdep_hardirqs_on+0x7c/0x110 [ 2051.907287][T31100] do_syscall_64+0xcd/0xf80 [ 2051.907308][T31100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2051.907323][T31100] RIP: 0033:0x7f930b78f7c9 [ 2051.907335][T31100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2051.907350][T31100] RSP: 002b:00007f930c677038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2051.907363][T31100] RAX: ffffffffffffffda RBX: 00007f930b9e5fa0 RCX: 00007f930b78f7c9 [ 2051.907373][T31100] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 2051.907381][T31100] RBP: 00007f930c677090 R08: 0000000000000000 R09: 0000000000000000 [ 2051.907389][T31100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2051.907398][T31100] R13: 00007f930b9e6038 R14: 00007f930b9e5fa0 R15: 00007ffe8cf4d328 [ 2051.907417][T31100] [ 2052.372995][T31113] zswap: compressor _¥ not available [ 2052.473033][T31120] FAULT_INJECTION: forcing a failure. [ 2052.473033][T31120] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2052.506765][T31120] CPU: 1 UID: 0 PID: 31120 Comm: syz.2.4768 Tainted: G L syzkaller #0 PREEMPT(full) [ 2052.506805][T31120] Tainted: [L]=SOFTLOCKUP [ 2052.506813][T31120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2052.506826][T31120] Call Trace: [ 2052.506833][T31120] [ 2052.506844][T31120] dump_stack_lvl+0x16c/0x1f0 [ 2052.506883][T31120] should_fail_ex+0x512/0x640 [ 2052.506913][T31120] _copy_from_user+0x2e/0xd0 [ 2052.506942][T31120] do_sock_getsockopt+0x3a1/0x410 [ 2052.506981][T31120] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 2052.507016][T31120] ? __fget_files+0x204/0x3c0 [ 2052.507068][T31120] __sys_getsockopt+0x123/0x1b0 [ 2052.507107][T31120] __x64_sys_getsockopt+0xbd/0x160 [ 2052.507136][T31120] ? do_syscall_64+0x91/0xf80 [ 2052.507191][T31120] ? lockdep_hardirqs_on+0x7c/0x110 [ 2052.507227][T31120] do_syscall_64+0xcd/0xf80 [ 2052.507265][T31120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2052.507292][T31120] RIP: 0033:0x7fbf9ad8f7c9 [ 2052.507313][T31120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2052.507338][T31120] RSP: 002b:00007fbf9bb97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 2052.507369][T31120] RAX: ffffffffffffffda RBX: 00007fbf9afe5fa0 RCX: 00007fbf9ad8f7c9 [ 2052.507387][T31120] RDX: 000000000000007f RSI: 0000000000000084 RDI: 0000000000000003 [ 2052.507402][T31120] RBP: 00007fbf9bb97090 R08: 0000200000000040 R09: 0000000000000000 [ 2052.507419][T31120] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2052.507435][T31120] R13: 00007fbf9afe6038 R14: 00007fbf9afe5fa0 R15: 00007ffe7cd70bb8 [ 2052.507471][T31120] [ 2055.098754][T31177] Invalid ELF header magic: != ELF [ 2055.136739][T31178] Invalid ELF header magic: != ELF [ 2055.828722][T31190] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4778'. [ 2055.972405][T31193] FAULT_INJECTION: forcing a failure. [ 2055.972405][T31193] name failslab, interval 1, probability 0, space 0, times 0 [ 2056.045641][T31193] CPU: 0 UID: 0 PID: 31193 Comm: syz.1.4778 Tainted: G L syzkaller #0 PREEMPT(full) [ 2056.045687][T31193] Tainted: [L]=SOFTLOCKUP [ 2056.045698][T31193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2056.045714][T31193] Call Trace: [ 2056.045723][T31193] [ 2056.045734][T31193] dump_stack_lvl+0x16c/0x1f0 [ 2056.045782][T31193] should_fail_ex+0x512/0x640 [ 2056.045802][T31193] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2056.045822][T31193] should_failslab+0xc2/0x120 [ 2056.045845][T31193] kmem_cache_alloc_noprof+0x83/0x770 [ 2056.045862][T31193] ? create_new_namespaces+0x30/0xab0 [ 2056.045885][T31193] ? create_new_namespaces+0x30/0xab0 [ 2056.045903][T31193] create_new_namespaces+0x30/0xab0 [ 2056.045922][T31193] ? bpf_lsm_capable+0x9/0x10 [ 2056.045975][T31193] ? security_capable+0x7e/0x260 [ 2056.046054][T31193] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 2056.046078][T31193] ksys_unshare+0x45b/0xa40 [ 2056.046106][T31193] ? __pfx_ksys_unshare+0x10/0x10 [ 2056.046129][T31193] ? xfd_validate_state+0x61/0x180 [ 2056.046152][T31193] __x64_sys_unshare+0x31/0x40 [ 2056.046165][T31193] do_syscall_64+0xcd/0xf80 [ 2056.046187][T31193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2056.046203][T31193] RIP: 0033:0x7f930b78f7c9 [ 2056.046216][T31193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2056.046231][T31193] RSP: 002b:00007f930c656038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 2056.046245][T31193] RAX: ffffffffffffffda RBX: 00007f930b9e6090 RCX: 00007f930b78f7c9 [ 2056.046255][T31193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 2056.046263][T31193] RBP: 00007f930b813f91 R08: 0000000000000000 R09: 0000000000000000 [ 2056.046273][T31193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2056.046281][T31193] R13: 00007f930b9e6128 R14: 00007f930b9e6090 R15: 00007ffe8cf4d328 [ 2056.046304][T31193] [ 2057.161943][T18942] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 2057.174402][T18942] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 2057.197346][T18942] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 2057.205736][T18942] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 2057.213582][T18942] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 2057.474531][T31209] chnl_net:caif_netlink_parms(): no params data found [ 2057.650043][T31215] FAULT_INJECTION: forcing a failure. [ 2057.650043][T31215] name fail_futex, interval 1, probability 0, space 0, times 1 [ 2057.664091][T31215] CPU: 1 UID: 0 PID: 31215 Comm: syz.0.4785 Tainted: G L syzkaller #0 PREEMPT(full) [ 2057.664137][T31215] Tainted: [L]=SOFTLOCKUP [ 2057.664147][T31215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2057.664165][T31215] Call Trace: [ 2057.664173][T31215] [ 2057.664185][T31215] dump_stack_lvl+0x16c/0x1f0 [ 2057.664233][T31215] should_fail_ex+0x512/0x640 [ 2057.664271][T31215] should_fail_futex+0x4c/0x60 [ 2057.664301][T31215] futex_lock_pi_atomic+0x127/0xc50 [ 2057.664345][T31215] futex_lock_pi+0x23f/0x7c0 [ 2057.664389][T31215] ? __pfx_futex_lock_pi+0x10/0x10 [ 2057.664425][T31215] ? __futex_wait+0x24b/0x2f0 [ 2057.664466][T31215] ? lockdep_hardirqs_on+0x7c/0x110 [ 2057.664528][T31215] ? futex_private_hash_put+0x160/0x1b0 [ 2057.664564][T31215] ? __pfx_futex_wake_mark+0x10/0x10 [ 2057.664612][T31215] ? ksys_write+0x190/0x250 [ 2057.664657][T31215] do_futex+0x11a/0x350 [ 2057.664689][T31215] ? __pfx_do_futex+0x10/0x10 [ 2057.664730][T31215] __x64_sys_futex+0x1e0/0x4c0 [ 2057.664766][T31215] ? fput+0x70/0xf0 [ 2057.664791][T31215] ? __pfx___x64_sys_futex+0x10/0x10 [ 2057.664832][T31215] ? xfd_validate_state+0x61/0x180 [ 2057.664858][T31215] ? __pfx_ksys_write+0x10/0x10 [ 2057.664908][T31215] do_syscall_64+0xcd/0xf80 [ 2057.664950][T31215] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2057.664979][T31215] RIP: 0033:0x7fc2fe58f7c9 [ 2057.665002][T31215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2057.665029][T31215] RSP: 002b:00007fc2ff495038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 2057.665055][T31215] RAX: ffffffffffffffda RBX: 00007fc2fe7e5fa0 RCX: 00007fc2fe58f7c9 [ 2057.665075][T31215] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 2057.665092][T31215] RBP: 00007fc2fe613f91 R08: 0000000000000000 R09: 000000008000fff5 [ 2057.665110][T31215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2057.665127][T31215] R13: 00007fc2fe7e6038 R14: 00007fc2fe7e5fa0 R15: 00007ffc82f49448 [ 2057.665166][T31215] [ 2058.299003][ T7491] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2058.464740][T31209] bridge0: port 1(bridge_slave_0) entered blocking state [ 2058.539537][T31209] bridge0: port 1(bridge_slave_0) entered disabled state [ 2058.557108][T31209] bridge_slave_0: entered allmulticast mode [ 2058.570513][T31209] bridge_slave_0: entered promiscuous mode [ 2058.720548][ T7491] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2058.765515][T31209] bridge0: port 2(bridge_slave_1) entered blocking state [ 2058.765667][T31209] bridge0: port 2(bridge_slave_1) entered disabled state [ 2058.765862][T31209] bridge_slave_1: entered allmulticast mode [ 2058.768185][T31209] bridge_slave_1: entered promiscuous mode [ 2058.822845][T31209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2058.825586][T31209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2059.170091][T31232] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 2059.190515][T31232] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 2059.287605][T18942] Bluetooth: hci2: command tx timeout [ 2059.346043][T31232] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 2059.353079][T31232] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 2059.422792][ T7491] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2059.481638][T31209] team0: Port device team_slave_0 added [ 2059.524805][T31232] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 2059.548649][T31232] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 2059.571768][T31209] team0: Port device team_slave_1 added [ 2059.587382][T31232] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 2059.596513][T31232] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 2059.629020][T31232] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 2059.663665][ T7491] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2059.814700][T31209] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2059.828097][T31209] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2059.876709][T31209] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2059.903854][T31209] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2059.919912][T31209] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2059.978141][T31242] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 2059.992395][T31209] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2060.124900][T31248] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4791'. [ 2060.199375][T31209] hsr_slave_0: entered promiscuous mode [ 2060.215795][T31209] hsr_slave_1: entered promiscuous mode [ 2060.366475][ T7491] bridge_slave_1: left allmulticast mode [ 2060.384705][ T7491] bridge_slave_1: left promiscuous mode [ 2060.416961][ T7491] bridge0: port 2(bridge_slave_1) entered disabled state [ 2060.480874][ T7491] bridge_slave_0: left allmulticast mode [ 2060.486670][ T7491] bridge_slave_0: left promiscuous mode [ 2060.499518][ T7491] bridge0: port 1(bridge_slave_0) entered disabled state [ 2061.207974][T18942] Bluetooth: hci4: command 0x0406 tx timeout [ 2061.366896][T18942] Bluetooth: hci1: command 0x0406 tx timeout [ 2061.595196][ T7491] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2061.613137][ T5839] Bluetooth: hci3: command 0x0406 tx timeout [ 2061.619695][T18942] Bluetooth: hci2: command 0x040f tx timeout [ 2062.092748][ T7491] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2062.108395][ T7491] bond0 (unregistering): Released all slaves [ 2063.288183][T18942] Bluetooth: hci4: command 0x0406 tx timeout [ 2063.436734][T18942] Bluetooth: hci1: command 0x0406 tx timeout [ 2063.676781][ T5839] Bluetooth: hci3: command 0x0406 tx timeout [ 2063.683388][T18942] Bluetooth: hci2: command 0x040f tx timeout [ 2065.222595][T31313] process 'syz.3.4802' launched './file0' with NULL argv: empty string added [ 2065.756751][T18942] Bluetooth: hci2: command 0x040f tx timeout [ 2065.816986][ T7491] hsr_slave_0: left promiscuous mode [ 2065.856803][ T7491] hsr_slave_1: left promiscuous mode [ 2065.904814][ T7491] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2065.940555][ T7491] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2065.979774][ T7491] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2066.001177][ T7491] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2066.075400][ T7491] veth1_macvtap: left promiscuous mode [ 2066.102772][ T7491] veth0_macvtap: left promiscuous mode [ 2066.123164][ T7491] veth1_vlan: left promiscuous mode [ 2066.146809][ T7491] veth0_vlan: left promiscuous mode [ 2066.319088][T31338] netlink: 330 bytes leftover after parsing attributes in process `syz.2.4806'. [ 2066.472750][ T24] Process accounting resumed [ 2066.498781][T31342] netlink: 10852 bytes leftover after parsing attributes in process `syz.3.4807'. [ 2067.593612][ T7491] team0 (unregistering): Port device team_slave_1 removed [ 2067.659610][ T7491] team0 (unregistering): Port device team_slave_0 removed [ 2067.846763][T18942] Bluetooth: hci2: command 0x040f tx timeout [ 2068.801106][T31209] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2068.863273][T31209] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2068.925764][T31209] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2068.957545][T31358] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 2068.978637][T31209] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2068.991309][T31358] FAULT_INJECTION: forcing a failure. [ 2068.991309][T31358] name failslab, interval 1, probability 0, space 0, times 0 [ 2069.083628][T31358] CPU: 0 UID: 0 PID: 31358 Comm: syz.2.4811 Tainted: G L syzkaller #0 PREEMPT(full) [ 2069.083654][T31358] Tainted: [L]=SOFTLOCKUP [ 2069.083660][T31358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2069.083669][T31358] Call Trace: [ 2069.083674][T31358] [ 2069.083681][T31358] dump_stack_lvl+0x16c/0x1f0 [ 2069.083714][T31358] should_fail_ex+0x512/0x640 [ 2069.083730][T31358] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2069.083752][T31358] should_failslab+0xc2/0x120 [ 2069.083774][T31358] kmem_cache_alloc_noprof+0x83/0x770 [ 2069.083792][T31358] ? __kernfs_new_node+0xd2/0x990 [ 2069.083813][T31358] ? __kernfs_new_node+0xd2/0x990 [ 2069.083828][T31358] __kernfs_new_node+0xd2/0x990 [ 2069.083847][T31358] ? __pfx___kernfs_new_node+0x10/0x10 [ 2069.083869][T31358] ? find_held_lock+0x2b/0x80 [ 2069.083889][T31358] ? kernfs_root+0xee/0x2a0 [ 2069.083909][T31358] kernfs_new_node+0x13c/0x1e0 [ 2069.083932][T31358] __kernfs_create_file+0x53/0x350 [ 2069.083966][T31358] sysfs_add_file_mode_ns+0x207/0x3c0 [ 2069.084058][T31358] sysfs_merge_group+0x1aa/0x340 [ 2069.084078][T31358] ? __pfx_sysfs_merge_group+0x10/0x10 [ 2069.084100][T31358] ? __pfx_dev_add_physical_location+0x10/0x10 [ 2069.084185][T31358] ? bus_to_subsys+0x131/0x160 [ 2069.084243][T31358] dpm_sysfs_add+0x237/0x280 [ 2069.084320][T31358] device_add+0x9cc/0x1980 [ 2069.084354][T31358] ? __pfx_device_add+0x10/0x10 [ 2069.084372][T31358] ? kstrdup+0xb5/0x100 [ 2069.084400][T31358] ? kfree_const+0x55/0x60 [ 2069.084424][T31358] device_create_groups_vargs+0x1f8/0x270 [ 2069.084459][T31358] device_create_with_groups+0xf4/0x130 [ 2069.084482][T31358] ? __pfx_device_create_with_groups+0x10/0x10 [ 2069.084516][T31358] led_classdev_register_ext+0x4c4/0xa30 [ 2069.084565][T31358] ? __pfx_led_classdev_register_ext+0x10/0x10 [ 2069.084607][T31358] ? __pfx_kasprintf+0x10/0x10 [ 2069.084656][T31358] input_leds_connect+0x552/0x8e0 [ 2069.084719][T31358] input_attach_handler.isra.0+0x176/0x250 [ 2069.084763][T31358] input_register_device+0xab9/0x11b0 [ 2069.084781][T31358] ? atkbd_set_device_attrs+0x7e1/0xa90 [ 2069.084805][T31358] atkbd_set_scroll+0x238/0x370 [ 2069.084829][T31358] ? __pfx_atkbd_set_scroll+0x10/0x10 [ 2069.084853][T31358] ? mark_held_locks+0x49/0x80 [ 2069.084868][T31358] ? __pfx_atkbd_set_scroll+0x10/0x10 [ 2069.084890][T31358] atkbd_attr_set_helper.isra.0+0x12e/0x260 [ 2069.084915][T31358] ? __pfx_atkbd_do_set_scroll+0x10/0x10 [ 2069.084936][T31358] dev_attr_store+0x58/0x80 [ 2069.084983][T31358] ? __pfx_dev_attr_store+0x10/0x10 [ 2069.085001][T31358] sysfs_kf_write+0xf2/0x150 [ 2069.085019][T31358] kernfs_fop_write_iter+0x3af/0x570 [ 2069.085039][T31358] ? __pfx_sysfs_kf_write+0x10/0x10 [ 2069.085055][T31358] vfs_write+0x7d3/0x11d0 [ 2069.085077][T31358] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 2069.085100][T31358] ? __pfx_vfs_write+0x10/0x10 [ 2069.085134][T31358] ksys_write+0x12a/0x250 [ 2069.085153][T31358] ? __pfx_ksys_write+0x10/0x10 [ 2069.085179][T31358] do_syscall_64+0xcd/0xf80 [ 2069.085203][T31358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2069.085219][T31358] RIP: 0033:0x7fbf9ad8f7c9 [ 2069.085233][T31358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2069.085247][T31358] RSP: 002b:00007fbf9bb97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2069.085262][T31358] RAX: ffffffffffffffda RBX: 00007fbf9afe5fa0 RCX: 00007fbf9ad8f7c9 [ 2069.085271][T31358] RDX: 00000000000098c7 RSI: 0000200000000440 RDI: 0000000000000006 [ 2069.085280][T31358] RBP: 00007fbf9ae13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2069.085289][T31358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2069.085298][T31358] R13: 00007fbf9afe6038 R14: 00007fbf9afe5fa0 R15: 00007ffe7cd70bb8 [ 2069.085319][T31358] [ 2069.086036][T31358] input input8: failed to register LED input8::numlock: -12 [ 2069.269875][T31209] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2069.538907][T31209] 8021q: adding VLAN 0 to HW filter on device team0 [ 2069.550710][T15535] bridge0: port 1(bridge_slave_0) entered blocking state [ 2069.557842][T15535] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2069.567467][T31358] input: failed to attach handler leds to device input8, error: -12 [ 2069.666054][T15535] bridge0: port 2(bridge_slave_1) entered blocking state [ 2069.673205][T15535] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2069.742116][T31372] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 2069.918117][T18942] Bluetooth: hci2: command 0x040f tx timeout [ 2070.262653][T31209] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2070.400445][T31209] veth0_vlan: entered promiscuous mode [ 2070.449244][T31209] veth1_vlan: entered promiscuous mode [ 2070.476048][T31387] FAULT_INJECTION: forcing a failure. [ 2070.476048][T31387] name failslab, interval 1, probability 0, space 0, times 0 [ 2070.533727][T31209] veth0_macvtap: entered promiscuous mode [ 2070.540200][T31387] CPU: 0 UID: 0 PID: 31387 Comm: syz.0.4815 Tainted: G L syzkaller #0 PREEMPT(full) [ 2070.540224][T31387] Tainted: [L]=SOFTLOCKUP [ 2070.540229][T31387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2070.540238][T31387] Call Trace: [ 2070.540243][T31387] [ 2070.540249][T31387] dump_stack_lvl+0x16c/0x1f0 [ 2070.540276][T31387] should_fail_ex+0x512/0x640 [ 2070.540292][T31387] ? fs_reclaim_acquire+0xae/0x150 [ 2070.540316][T31387] should_failslab+0xc2/0x120 [ 2070.540338][T31387] __kmalloc_noprof+0xeb/0x910 [ 2070.540354][T31387] ? tomoyo_encode2+0x100/0x3e0 [ 2070.540376][T31387] ? tomoyo_encode2+0x100/0x3e0 [ 2070.540394][T31387] tomoyo_encode2+0x100/0x3e0 [ 2070.540414][T31387] tomoyo_encode+0x29/0x50 [ 2070.540432][T31387] tomoyo_realpath_from_path+0x18f/0x6e0 [ 2070.540456][T31387] tomoyo_path_number_perm+0x245/0x580 [ 2070.540471][T31387] ? tomoyo_path_number_perm+0x237/0x580 [ 2070.540489][T31387] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 2070.540506][T31387] ? find_held_lock+0x2b/0x80 [ 2070.540541][T31387] ? find_held_lock+0x2b/0x80 [ 2070.540558][T31387] ? hook_file_ioctl_common+0x144/0x410 [ 2070.540579][T31387] ? __fget_files+0x20e/0x3c0 [ 2070.540602][T31387] security_file_ioctl+0x9b/0x240 [ 2070.540620][T31387] __x64_sys_ioctl+0xb7/0x210 [ 2070.540639][T31387] do_syscall_64+0xcd/0xf80 [ 2070.540662][T31387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2070.540678][T31387] RIP: 0033:0x7fc2fe58f7c9 [ 2070.540690][T31387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2070.540703][T31387] RSP: 002b:00007fc2ff495038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2070.540718][T31387] RAX: ffffffffffffffda RBX: 00007fc2fe7e5fa0 RCX: 00007fc2fe58f7c9 [ 2070.540727][T31387] RDX: 0000000000000000 RSI: 0000000040085203 RDI: 0000000000000003 [ 2070.540742][T31387] RBP: 00007fc2ff495090 R08: 0000000000000000 R09: 0000000000000000 [ 2070.540750][T31387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2070.540758][T31387] R13: 00007fc2fe7e6038 R14: 00007fc2fe7e5fa0 R15: 00007ffc82f49448 [ 2070.540777][T31387] [ 2070.540794][T31387] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2070.786863][T31209] veth1_macvtap: entered promiscuous mode [ 2070.802882][T31209] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2070.854953][T31209] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2070.895775][ T7491] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2070.905041][ T7491] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2070.916217][ T7491] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2070.925895][ T7491] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2071.057064][ T2983] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2071.075787][ T285] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2071.087078][ T2983] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2071.088225][ T285] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2071.411347][T31395] FAULT_INJECTION: forcing a failure. [ 2071.411347][T31395] name failslab, interval 1, probability 0, space 0, times 0 [ 2071.476868][T31395] CPU: 0 UID: 0 PID: 31395 Comm: syz.1.4783 Tainted: G L syzkaller #0 PREEMPT(full) [ 2071.476902][T31395] Tainted: [L]=SOFTLOCKUP [ 2071.476908][T31395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2071.476916][T31395] Call Trace: [ 2071.476922][T31395] [ 2071.476928][T31395] dump_stack_lvl+0x16c/0x1f0 [ 2071.476969][T31395] should_fail_ex+0x512/0x640 [ 2071.476987][T31395] ? fs_reclaim_acquire+0xae/0x150 [ 2071.477011][T31395] should_failslab+0xc2/0x120 [ 2071.477033][T31395] __kmalloc_noprof+0xeb/0x910 [ 2071.477049][T31395] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 2071.477072][T31395] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 2071.477090][T31395] tomoyo_realpath_from_path+0xc2/0x6e0 [ 2071.477111][T31395] ? tomoyo_profile+0x47/0x60 [ 2071.477133][T31395] tomoyo_path_number_perm+0x245/0x580 [ 2071.477148][T31395] ? tomoyo_path_number_perm+0x237/0x580 [ 2071.477166][T31395] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 2071.477189][T31395] ? find_held_lock+0x2b/0x80 [ 2071.477235][T31395] ? find_held_lock+0x2b/0x80 [ 2071.477267][T31395] ? hook_file_ioctl_common+0x144/0x410 [ 2071.477290][T31395] ? __fget_files+0x20e/0x3c0 [ 2071.477313][T31395] security_file_ioctl+0x9b/0x240 [ 2071.477330][T31395] __x64_sys_ioctl+0xb7/0x210 [ 2071.477350][T31395] do_syscall_64+0xcd/0xf80 [ 2071.477372][T31395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2071.477387][T31395] RIP: 0033:0x7f62ecd8f7c9 [ 2071.477399][T31395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2071.477413][T31395] RSP: 002b:00007f62eafee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2071.477429][T31395] RAX: ffffffffffffffda RBX: 00007f62ecfe5fa0 RCX: 00007f62ecd8f7c9 [ 2071.477439][T31395] RDX: 0000000000000000 RSI: 000000004048aecb RDI: 0000000000000004 [ 2071.477447][T31395] RBP: 00007f62eafee090 R08: 0000000000000000 R09: 0000000000000000 [ 2071.477456][T31395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2071.477464][T31395] R13: 00007f62ecfe6038 R14: 00007f62ecfe5fa0 R15: 00007ffe8363ad68 [ 2071.477483][T31395] [ 2071.477489][T31395] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2071.841151][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 2071.860148][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 2071.868543][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 2071.877478][ T5839] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 2071.887156][ T5839] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 2072.448159][T31400] chnl_net:caif_netlink_parms(): no params data found [ 2072.561902][ T50] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2072.594570][T31409] syz.1.4821 (31409) used greatest stack depth: 19688 bytes left [ 2072.733982][ T50] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2072.948191][ T50] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2073.367710][ T50] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2073.451863][T31400] bridge0: port 1(bridge_slave_0) entered blocking state [ 2073.477779][T31400] bridge0: port 1(bridge_slave_0) entered disabled state [ 2073.486939][T31400] bridge_slave_0: entered allmulticast mode [ 2073.496855][T31400] bridge_slave_0: entered promiscuous mode [ 2073.561616][T31400] bridge0: port 2(bridge_slave_1) entered blocking state [ 2073.586954][T31400] bridge0: port 2(bridge_slave_1) entered disabled state [ 2073.598523][T31400] bridge_slave_1: entered allmulticast mode [ 2073.621436][T31400] bridge_slave_1: entered promiscuous mode [ 2073.740385][T31400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2073.759266][T31400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2073.871814][T31400] team0: Port device team_slave_0 added [ 2073.916080][T31400] team0: Port device team_slave_1 added [ 2073.917494][T18942] Bluetooth: hci0: command tx timeout [ 2074.055296][T31400] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2074.067789][T31400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2074.096497][T31400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2074.133464][T31400] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2074.145780][T31400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2074.207764][T31400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2074.241993][T31442] openvswitch: netlink: Multiple metadata blocks provided [ 2074.307463][ T50] bridge_slave_1: left allmulticast mode [ 2074.313599][ T50] bridge_slave_1: left promiscuous mode [ 2074.333806][ T50] bridge0: port 2(bridge_slave_1) entered disabled state [ 2074.379685][ T50] bridge_slave_0: left allmulticast mode [ 2074.391097][ T50] bridge_slave_0: left promiscuous mode [ 2074.411646][ T50] bridge0: port 1(bridge_slave_0) entered disabled state [ 2074.452066][T31446] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4828'. [ 2075.005342][T31455] syz.0.4829 (31455): /proc/31447/oom_adj is deprecated, please use /proc/31447/oom_score_adj instead. [ 2075.068960][T31455] : Can't lookup blockdev [ 2075.172062][T31400] hsr_slave_0: entered promiscuous mode [ 2075.189585][T31400] hsr_slave_1: entered promiscuous mode [ 2075.220476][T31400] debugfs: 'hsr0' already exists in 'hsr' [ 2075.235917][T31400] Cannot create hsr debugfs directory [ 2075.849248][ T50] hsr_slave_0: left promiscuous mode [ 2075.891864][ T50] hsr_slave_1: left promiscuous mode [ 2075.908960][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2075.920027][ T50] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2075.947733][ T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2075.955157][ T50] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2076.003440][T18942] Bluetooth: hci0: command tx timeout [ 2076.075421][ T50] veth1_macvtap: left promiscuous mode [ 2076.094838][ T50] veth0_macvtap: left promiscuous mode [ 2076.116173][ T50] veth1_vlan: left promiscuous mode [ 2076.146631][ T50] veth0_vlan: left promiscuous mode [ 2078.077013][T18942] Bluetooth: hci0: command tx timeout [ 2078.412687][ T50] team0 (unregistering): Port device team_slave_1 removed [ 2079.009612][ T50] team0 (unregistering): Port device team_slave_0 removed [ 2080.156944][T18942] Bluetooth: hci0: command tx timeout [ 2081.798662][T31400] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 2081.859946][T31400] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 2081.935639][T31400] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 2082.009673][T31400] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 2082.304826][T31400] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2082.392979][T31400] 8021q: adding VLAN 0 to HW filter on device team0 [ 2082.447140][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 2082.454296][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2082.567746][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 2082.574908][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2082.678978][T31569] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4846'. [ 2083.618752][T31400] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2083.743974][T31400] veth0_vlan: entered promiscuous mode [ 2083.785167][T31400] veth1_vlan: entered promiscuous mode [ 2083.902386][T31400] veth0_macvtap: entered promiscuous mode [ 2083.961577][T31400] veth1_macvtap: entered promiscuous mode [ 2084.028129][T31400] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2084.060675][T31400] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2084.109311][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2084.140743][ T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2084.196387][ T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2084.220925][ T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2084.592611][ T4122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2084.617390][ T4122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2084.656260][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2084.687102][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2084.795680][T31628] FAULT_INJECTION: forcing a failure. [ 2084.795680][T31628] name failslab, interval 1, probability 0, space 0, times 0 [ 2084.834900][T31628] CPU: 0 UID: 0 PID: 31628 Comm: syz.0.4853 Tainted: G L syzkaller #0 PREEMPT(full) [ 2084.834942][T31628] Tainted: [L]=SOFTLOCKUP [ 2084.834951][T31628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2084.834965][T31628] Call Trace: [ 2084.834974][T31628] [ 2084.834984][T31628] dump_stack_lvl+0x16c/0x1f0 [ 2084.835026][T31628] should_fail_ex+0x512/0x640 [ 2084.835055][T31628] ? fs_reclaim_acquire+0xae/0x150 [ 2084.835099][T31628] should_failslab+0xc2/0x120 [ 2084.835136][T31628] __kmalloc_noprof+0xeb/0x910 [ 2084.835161][T31628] ? tomoyo_encode2+0x100/0x3e0 [ 2084.835200][T31628] ? tomoyo_encode2+0x100/0x3e0 [ 2084.835231][T31628] tomoyo_encode2+0x100/0x3e0 [ 2084.835268][T31628] tomoyo_encode+0x29/0x50 [ 2084.835299][T31628] tomoyo_realpath_from_path+0x18f/0x6e0 [ 2084.835344][T31628] tomoyo_path_number_perm+0x245/0x580 [ 2084.835382][T31628] ? tomoyo_path_number_perm+0x237/0x580 [ 2084.835415][T31628] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 2084.835447][T31628] ? find_held_lock+0x2b/0x80 [ 2084.835511][T31628] ? find_held_lock+0x2b/0x80 [ 2084.835542][T31628] ? hook_file_ioctl_common+0x144/0x410 [ 2084.835580][T31628] ? __fget_files+0x20e/0x3c0 [ 2084.835621][T31628] security_file_ioctl+0x9b/0x240 [ 2084.835654][T31628] __x64_sys_ioctl+0xb7/0x210 [ 2084.835688][T31628] do_syscall_64+0xcd/0xf80 [ 2084.835727][T31628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2084.835755][T31628] RIP: 0033:0x7fc2fe58f7c9 [ 2084.835775][T31628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2084.835796][T31628] RSP: 002b:00007fc2ff495038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2084.835821][T31628] RAX: ffffffffffffffda RBX: 00007fc2fe7e5fa0 RCX: 00007fc2fe58f7c9 [ 2084.835839][T31628] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002 [ 2084.835856][T31628] RBP: 00007fc2ff495090 R08: 0000000000000000 R09: 0000000000000000 [ 2084.835873][T31628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2084.835888][T31628] R13: 00007fc2fe7e6038 R14: 00007fc2fe7e5fa0 R15: 00007ffc82f49448 [ 2084.835925][T31628] [ 2084.835948][T31628] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2085.132277][T31631] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 2085.661479][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 2085.673586][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 2085.688340][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 2085.696182][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 2085.706356][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 2086.130793][T31638] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4855'. [ 2086.661422][T31640] chnl_net:caif_netlink_parms(): no params data found [ 2087.177399][T31640] bridge0: port 1(bridge_slave_0) entered blocking state [ 2087.207333][T31640] bridge0: port 1(bridge_slave_0) entered disabled state [ 2087.233108][T31640] bridge_slave_0: entered allmulticast mode [ 2087.258774][T31640] bridge_slave_0: entered promiscuous mode [ 2087.287989][T31640] bridge0: port 2(bridge_slave_1) entered blocking state [ 2087.302987][T31640] bridge0: port 2(bridge_slave_1) entered disabled state [ 2087.337072][T31640] bridge_slave_1: entered allmulticast mode [ 2087.377888][T31640] bridge_slave_1: entered promiscuous mode [ 2087.411382][T31673] random: crng reseeded on system resumption [ 2087.433914][T31673] hub 1-0:1.0: USB hub found [ 2087.443784][T31673] hub 1-0:1.0: 1 port detected [ 2087.482676][T31673] Restarting kernel threads ... [ 2087.491254][T31673] Done restarting kernel threads. [ 2087.590233][ T6684] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2087.620174][T31640] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2087.657679][T31640] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2087.767082][ T5839] Bluetooth: hci1: command tx timeout [ 2087.775598][ T6684] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2087.826032][T31640] team0: Port device team_slave_0 added [ 2087.878705][T31640] team0: Port device team_slave_1 added [ 2087.921970][ T6684] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2088.049891][ T6684] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2088.087816][T31640] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2088.106651][T31640] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2088.142470][T31640] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2088.164135][T31640] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2088.189851][T31640] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2088.286830][T31640] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2088.589223][T31677] FAULT_INJECTION: forcing a failure. [ 2088.589223][T31677] name failslab, interval 1, probability 0, space 0, times 0 [ 2088.607024][T31640] hsr_slave_0: entered promiscuous mode [ 2088.618413][T31640] hsr_slave_1: entered promiscuous mode [ 2088.626416][T31640] debugfs: 'hsr0' already exists in 'hsr' [ 2088.632363][T31677] CPU: 1 UID: 0 PID: 31677 Comm: syz.0.4860 Tainted: G L syzkaller #0 PREEMPT(full) [ 2088.632390][T31677] Tainted: [L]=SOFTLOCKUP [ 2088.632395][T31677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2088.632404][T31677] Call Trace: [ 2088.632409][T31677] [ 2088.632415][T31677] dump_stack_lvl+0x16c/0x1f0 [ 2088.632441][T31677] should_fail_ex+0x512/0x640 [ 2088.632458][T31677] ? kmem_cache_alloc_noprof+0x62/0x770 [ 2088.632478][T31677] should_failslab+0xc2/0x120 [ 2088.632500][T31677] kmem_cache_alloc_noprof+0x83/0x770 [ 2088.632516][T31677] ? __pfx_vma_modify_policy+0x10/0x10 [ 2088.632533][T31677] ? __mpol_dup+0x74/0x380 [ 2088.632550][T31677] ? __mpol_dup+0x74/0x380 [ 2088.632562][T31677] __mpol_dup+0x74/0x380 [ 2088.632575][T31677] ? __pfx___mpol_dup+0x10/0x10 [ 2088.632593][T31677] mbind_range+0x2ad/0x570 [ 2088.632610][T31677] do_mbind+0x83a/0xf20 [ 2088.632629][T31677] ? __pfx_do_mbind+0x10/0x10 [ 2088.632642][T31677] ? find_held_lock+0x2b/0x80 [ 2088.632671][T31677] ? __pfx_get_nodes+0x10/0x10 [ 2088.632690][T31677] ? __fget_files+0x20e/0x3c0 [ 2088.632714][T31677] kernel_mbind+0x1e3/0x1f0 [ 2088.632730][T31677] ? __pfx_kernel_mbind+0x10/0x10 [ 2088.632750][T31677] do_syscall_64+0xcd/0xf80 [ 2088.632772][T31677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2088.632788][T31677] RIP: 0033:0x7fc2fe58f7c9 [ 2088.632801][T31677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2088.632815][T31677] RSP: 002b:00007fc2ff495038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 2088.632829][T31677] RAX: ffffffffffffffda RBX: 00007fc2fe7e5fa0 RCX: 00007fc2fe58f7c9 [ 2088.632838][T31677] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 2088.632846][T31677] RBP: 00007fc2ff495090 R08: 0000000000000006 R09: 0000000000000002 [ 2088.632855][T31677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2088.632863][T31677] R13: 00007fc2fe7e6038 R14: 00007fc2fe7e5fa0 R15: 00007ffc82f49448 [ 2088.632882][T31677] [ 2089.053126][T31640] Cannot create hsr debugfs directory [ 2089.394864][ T6684] bridge_slave_1: left allmulticast mode [ 2089.406693][ T6684] bridge_slave_1: left promiscuous mode [ 2089.412534][ T6684] bridge0: port 2(bridge_slave_1) entered disabled state [ 2089.454040][ T6684] bridge_slave_0: left allmulticast mode [ 2089.466744][ T6684] bridge_slave_0: left promiscuous mode [ 2089.472607][ T6684] bridge0: port 1(bridge_slave_0) entered disabled state [ 2089.843581][ T5839] Bluetooth: hci1: command tx timeout [ 2090.409426][T31709] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 2090.689991][ T6684] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2090.707776][ T6684] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2090.727632][ T6684] bond0 (unregistering): Released all slaves [ 2091.919565][ T5839] Bluetooth: hci1: command tx timeout [ 2093.172554][ T6684] hsr_slave_0: left promiscuous mode [ 2093.198711][ T6684] hsr_slave_1: left promiscuous mode [ 2093.213443][ T6684] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2093.245659][ T6684] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2093.265777][ T6684] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2093.290950][ T6684] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2093.391392][ T6684] veth1_macvtap: left promiscuous mode [ 2093.421203][ T6684] veth0_macvtap: left promiscuous mode [ 2093.450249][ T6684] veth1_vlan: left promiscuous mode [ 2093.528312][ T6684] veth0_vlan: left promiscuous mode [ 2093.996770][ T5839] Bluetooth: hci1: command tx timeout [ 2094.732966][T31765] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4872'. [ 2095.402836][T31789] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4874'. [ 2095.632587][ T6684] team0 (unregistering): Port device team_slave_1 removed [ 2095.729545][ T6684] team0 (unregistering): Port device team_slave_0 removed [ 2096.047745][T31797] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4875'. [ 2096.753273][T31640] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 2096.799220][T31640] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 2096.875117][T31640] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 2096.913301][T31640] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 2097.041769][T31640] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2097.076096][T31640] 8021q: adding VLAN 0 to HW filter on device team0 [ 2097.102373][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state [ 2097.109599][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2097.159605][ T1965] bridge0: port 2(bridge_slave_1) entered blocking state [ 2097.166840][ T1965] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2097.863221][T31640] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2098.026139][T31640] veth0_vlan: entered promiscuous mode [ 2098.042971][T31640] veth1_vlan: entered promiscuous mode [ 2098.148784][T31640] veth0_macvtap: entered promiscuous mode [ 2098.277506][T31640] veth1_macvtap: entered promiscuous mode [ 2098.397424][T31640] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2098.441396][T31640] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2098.478397][ T1134] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2098.502674][T31843] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4881'. [ 2098.612110][ T1134] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2098.623153][ T1134] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2098.633533][ T1134] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2098.878729][T17896] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2098.897129][T17896] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2098.968904][T17896] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2098.998453][T17896] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2100.186055][T31868] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4885'. [ 2100.861517][T18942] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 2100.871701][T18942] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 2100.886791][T18942] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 2100.902061][T18942] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 2100.911861][T18942] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 2101.269264][T31884] FAULT_INJECTION: forcing a failure. [ 2101.269264][T31884] name failslab, interval 1, probability 0, space 0, times 0 [ 2101.305764][T31884] CPU: 0 UID: 0 PID: 31884 Comm: syz.1.4889 Tainted: G L syzkaller #0 PREEMPT(full) [ 2101.305790][T31884] Tainted: [L]=SOFTLOCKUP [ 2101.305796][T31884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2101.305804][T31884] Call Trace: [ 2101.305810][T31884] [ 2101.305815][T31884] dump_stack_lvl+0x16c/0x1f0 [ 2101.305841][T31884] should_fail_ex+0x512/0x640 [ 2101.305858][T31884] ? __kmalloc_cache_noprof+0x5f/0x800 [ 2101.305877][T31884] should_failslab+0xc2/0x120 [ 2101.305898][T31884] __kmalloc_cache_noprof+0x80/0x800 [ 2101.305914][T31884] ? ip6_setup_cork+0x223/0x1530 [ 2101.306017][T31884] ? ip6_setup_cork+0x223/0x1530 [ 2101.306029][T31884] ip6_setup_cork+0x223/0x1530 [ 2101.306047][T31884] ip6_make_skb+0x25b/0x3f0 [ 2101.306061][T31884] ? ip6_dst_check+0x343/0x950 [ 2101.306119][T31884] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 2101.306193][T31884] ? __pfx_ip6_make_skb+0x10/0x10 [ 2101.306208][T31884] ? find_held_lock+0x2b/0x80 [ 2101.306231][T31884] ? sk_dst_check+0x1da/0x540 [ 2101.306271][T31884] ? udpv6_sendmsg+0x2365/0x2d30 [ 2101.306311][T31884] udpv6_sendmsg+0x2365/0x2d30 [ 2101.306330][T31884] ? aa_label_sk_perm+0x194/0x5f0 [ 2101.306371][T31884] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 2101.306398][T31884] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 2101.306419][T31884] ? __lock_acquire+0x436/0x2890 [ 2101.306440][T31884] ? __pfx___might_resched+0x10/0x10 [ 2101.306460][T31884] ? __lock_acquire+0x436/0x2890 [ 2101.306479][T31884] ? iovec_from_user+0xbb/0x140 [ 2101.306499][T31884] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 2101.306519][T31884] ? inet6_sendmsg+0x105/0x140 [ 2101.306557][T31884] inet6_sendmsg+0x105/0x140 [ 2101.306587][T31884] ____sys_sendmsg+0x705/0xc30 [ 2101.306620][T31884] ? copy_msghdr_from_user+0x10a/0x160 [ 2101.306657][T31884] ? __pfx_____sys_sendmsg+0x10/0x10 [ 2101.306695][T31884] ? __pfx__kstrtoull+0x10/0x10 [ 2101.306733][T31884] ___sys_sendmsg+0x134/0x1d0 [ 2101.306760][T31884] ? __pfx____sys_sendmsg+0x10/0x10 [ 2101.306786][T31884] ? find_held_lock+0x2b/0x80 [ 2101.306815][T31884] __sys_sendmmsg+0x200/0x420 [ 2101.306835][T31884] ? __pfx___sys_sendmmsg+0x10/0x10 [ 2101.306859][T31884] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 2101.306888][T31884] ? fput+0x70/0xf0 [ 2101.306902][T31884] ? ksys_write+0x1ac/0x250 [ 2101.306921][T31884] ? __pfx_ksys_write+0x10/0x10 [ 2101.306943][T31884] __x64_sys_sendmmsg+0x9c/0x100 [ 2101.306961][T31884] ? lockdep_hardirqs_on+0x7c/0x110 [ 2101.306981][T31884] do_syscall_64+0xcd/0xf80 [ 2101.307003][T31884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2101.307018][T31884] RIP: 0033:0x7f62ecd8f7c9 [ 2101.307032][T31884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2101.307045][T31884] RSP: 002b:00007f62eafee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 2101.307060][T31884] RAX: ffffffffffffffda RBX: 00007f62ecfe5fa0 RCX: 00007f62ecd8f7c9 [ 2101.307069][T31884] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 2101.307077][T31884] RBP: 00007f62eafee090 R08: 0000000000000000 R09: 0000000000000000 [ 2101.307086][T31884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2101.307094][T31884] R13: 00007f62ecfe6038 R14: 00007f62ecfe5fa0 R15: 00007ffe8363ad68 [ 2101.307112][T31884] [ 2101.948828][T31879] chnl_net:caif_netlink_parms(): no params data found [ 2102.129943][T31879] bridge0: port 1(bridge_slave_0) entered blocking state [ 2102.143129][T31879] bridge0: port 1(bridge_slave_0) entered disabled state [ 2102.151658][T31879] bridge_slave_0: entered allmulticast mode [ 2102.213301][T31879] bridge_slave_0: entered promiscuous mode [ 2102.248803][T31879] bridge0: port 2(bridge_slave_1) entered blocking state [ 2102.260738][T31879] bridge0: port 2(bridge_slave_1) entered disabled state [ 2102.306959][T31879] bridge_slave_1: entered allmulticast mode [ 2102.354140][T31879] bridge_slave_1: entered promiscuous mode [ 2102.545157][T31879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2102.612396][T31879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2102.701548][T31879] team0: Port device team_slave_0 added [ 2102.709093][T31879] team0: Port device team_slave_1 added [ 2102.747871][T31879] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2102.754826][T31879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2102.847722][T31879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2102.977457][T18942] Bluetooth: hci3: command tx timeout [ 2103.188656][T31879] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2103.237201][T31879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2103.317670][T31879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2103.417873][T31879] hsr_slave_0: entered promiscuous mode [ 2103.428018][T31879] hsr_slave_1: entered promiscuous mode [ 2103.461235][T31879] debugfs: 'hsr0' already exists in 'hsr' [ 2103.476788][T31879] Cannot create hsr debugfs directory [ 2103.936556][T31879] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2104.091923][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 2104.099070][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 2104.166305][T31879] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2104.285445][T31879] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2104.419937][T31879] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2104.477646][T31915] FAULT_INJECTION: forcing a failure. [ 2104.477646][T31915] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2104.492774][T31915] CPU: 1 UID: 0 PID: 31915 Comm: syz.1.4897 Tainted: G L syzkaller #0 PREEMPT(full) [ 2104.492821][T31915] Tainted: [L]=SOFTLOCKUP [ 2104.492831][T31915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2104.492849][T31915] Call Trace: [ 2104.492858][T31915] [ 2104.492869][T31915] dump_stack_lvl+0x16c/0x1f0 [ 2104.492917][T31915] should_fail_ex+0x512/0x640 [ 2104.492954][T31915] _copy_from_iter+0x43b/0x16c0 [ 2104.492995][T31915] ? __pfx__copy_from_iter+0x10/0x10 [ 2104.493024][T31915] ? do_raw_spin_lock+0x12c/0x2b0 [ 2104.493057][T31915] ? find_held_lock+0x2b/0x80 [ 2104.493093][T31915] ? rcu_is_watching+0x12/0xc0 [ 2104.493131][T31915] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2104.493252][T31915] write_pool_user+0xe8/0x2f0 [ 2104.493339][T31915] ? __pfx_write_pool_user+0x10/0x10 [ 2104.493392][T31915] ? __futex_wait+0x24b/0x2f0 [ 2104.493428][T31915] ? copy_iovec_from_user+0x131/0x170 [ 2104.493460][T31915] do_iter_readv_writev+0x662/0x9e0 [ 2104.493501][T31915] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 2104.493538][T31915] ? common_file_perm+0x1b1/0x500 [ 2104.493605][T31915] ? bpf_lsm_file_permission+0x9/0x10 [ 2104.493648][T31915] ? security_file_permission+0x71/0x210 [ 2104.493686][T31915] ? rw_verify_area+0xcf/0x6c0 [ 2104.493725][T31915] vfs_writev+0x35f/0xde0 [ 2104.493766][T31915] ? __lock_acquire+0x436/0x2890 [ 2104.493795][T31915] ? __pfx_vfs_writev+0x10/0x10 [ 2104.493834][T31915] ? putname+0xf5/0x1a0 [ 2104.493880][T31915] ? __fget_files+0x20e/0x3c0 [ 2104.493928][T31915] ? do_writev+0x132/0x340 [ 2104.493961][T31915] do_writev+0x132/0x340 [ 2104.493997][T31915] ? __pfx_do_writev+0x10/0x10 [ 2104.494042][T31915] do_syscall_64+0xcd/0xf80 [ 2104.494085][T31915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2104.494114][T31915] RIP: 0033:0x7f62ecd8f7c9 [ 2104.494138][T31915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2104.494166][T31915] RSP: 002b:00007f62eafee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 2104.494194][T31915] RAX: ffffffffffffffda RBX: 00007f62ecfe5fa0 RCX: 00007f62ecd8f7c9 [ 2104.494213][T31915] RDX: 0000000000000003 RSI: 00002000000003c0 RDI: 0000000000000007 [ 2104.494231][T31915] RBP: 00007f62ece13f91 R08: 0000000000000000 R09: 0000000000000000 [ 2104.494249][T31915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2104.494266][T31915] R13: 00007f62ecfe6038 R14: 00007f62ecfe5fa0 R15: 00007ffe8363ad68 [ 2104.494311][T31915] [ 2105.036910][T18942] Bluetooth: hci3: command tx timeout [ 2105.054255][T31879] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 2105.074287][T31879] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 2105.104296][T31879] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 2105.131213][T31879] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 2105.455656][T31879] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2105.496688][T31879] 8021q: adding VLAN 0 to HW filter on device team0 [ 2105.525163][ T6684] bridge0: port 1(bridge_slave_0) entered blocking state [ 2105.532328][ T6684] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2105.598024][ T6684] bridge0: port 2(bridge_slave_1) entered blocking state [ 2105.605327][ T6684] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2106.284793][T31879] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2106.386193][T31879] veth0_vlan: entered promiscuous mode [ 2106.534416][T31879] veth1_vlan: entered promiscuous mode [ 2106.675378][T31879] veth0_macvtap: entered promiscuous mode [ 2106.742654][T31879] veth1_macvtap: entered promiscuous mode [ 2106.800127][T31879] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2106.860059][T31879] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2106.912712][ T4122] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2106.934401][ T4122] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2106.960371][ T4122] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2107.071148][ T4122] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2107.116793][T18942] Bluetooth: hci3: command tx timeout [ 2107.316798][T17896] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2107.324645][T17896] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2107.458682][T17896] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2107.500114][T17896] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2109.223352][T18942] Bluetooth: hci3: command tx timeout [ 2111.540729][T32022] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 2113.365885][T32035] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4919'. [ 2116.081812][T32080] FAULT_INJECTION: forcing a failure. [ 2116.081812][T32080] name failslab, interval 1, probability 0, space 0, times 0 [ 2116.192605][T32080] CPU: 1 UID: 0 PID: 32080 Comm: syz.1.4929 Tainted: G L syzkaller #0 PREEMPT(full) [ 2116.192644][T32080] Tainted: [L]=SOFTLOCKUP [ 2116.192652][T32080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2116.192666][T32080] Call Trace: [ 2116.192675][T32080] [ 2116.192684][T32080] dump_stack_lvl+0x16c/0x1f0 [ 2116.192729][T32080] should_fail_ex+0x512/0x640 [ 2116.192758][T32080] ? __kmalloc_noprof+0xca/0x910 [ 2116.192792][T32080] should_failslab+0xc2/0x120 [ 2116.192830][T32080] __kmalloc_noprof+0xeb/0x910 [ 2116.192858][T32080] ? tracepoint_add_func+0x2a6/0xea0 [ 2116.192901][T32080] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 2116.192939][T32080] ? tracepoint_add_func+0x2a6/0xea0 [ 2116.192974][T32080] tracepoint_add_func+0x2a6/0xea0 [ 2116.193008][T32080] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 2116.193036][T32080] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 2116.193056][T32080] tracepoint_probe_register+0xbf/0x100 [ 2116.193078][T32080] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 2116.193099][T32080] ? ftrace_set_clr_event+0x156/0x330 [ 2116.193151][T32080] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 2116.193177][T32080] tracing_start_sched_switch+0xaf/0x1e0 [ 2116.193197][T32080] __ftrace_event_enable_disable+0x692/0x800 [ 2116.193216][T32080] __ftrace_set_clr_event_nolock+0x390/0xb70 [ 2116.193237][T32080] ftrace_set_clr_event+0x16e/0x330 [ 2116.193253][T32080] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 2116.193276][T32080] ftrace_event_write+0x259/0x2c0 [ 2116.193291][T32080] ? __pfx_ftrace_event_write+0x10/0x10 [ 2116.193314][T32080] ? __pfx_ftrace_event_write+0x10/0x10 [ 2116.193329][T32080] vfs_write+0x2a0/0x11d0 [ 2116.193351][T32080] ? __pfx___mutex_lock+0x10/0x10 [ 2116.193375][T32080] ? __pfx_vfs_write+0x10/0x10 [ 2116.193400][T32080] ? __fget_files+0x20e/0x3c0 [ 2116.193425][T32080] ksys_write+0x12a/0x250 [ 2116.193444][T32080] ? __pfx_ksys_write+0x10/0x10 [ 2116.193469][T32080] do_syscall_64+0xcd/0xf80 [ 2116.193491][T32080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2116.193507][T32080] RIP: 0033:0x7f62ecd8f7c9 [ 2116.193520][T32080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2116.193534][T32080] RSP: 002b:00007f62eafee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2116.193548][T32080] RAX: ffffffffffffffda RBX: 00007f62ecfe5fa0 RCX: 00007f62ecd8f7c9 [ 2116.193557][T32080] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000004 [ 2116.193565][T32080] RBP: 00007f62eafee090 R08: 0000000000000000 R09: 0000000000000000 [ 2116.193574][T32080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2116.193582][T32080] R13: 00007f62ecfe6038 R14: 00007f62ecfe5fa0 R15: 00007ffe8363ad68 [ 2116.193602][T32080] [ 2116.193618][T32080] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup [ 2117.362305][T32098] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4933'. [ 2118.451078][T32113] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4937'. [ 2119.156210][T32130] ------------[ cut here ]------------ [ 2119.162031][T32130] WARNING: kernel/tracepoint.c:358 at tracepoint_probe_unregister+0x894/0xd70, CPU#1: syz.0.4939/32130 [ 2119.173256][T32130] Modules linked in: [ 2119.177614][T32130] CPU: 1 UID: 0 PID: 32130 Comm: syz.0.4939 Tainted: G L syzkaller #0 PREEMPT(full) [ 2119.188649][T32130] Tainted: [L]=SOFTLOCKUP [ 2119.192994][T32130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2119.203161][T32130] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 2119.209807][T32130] Code: 41 5e 41 5f e9 cd 4e b8 09 e8 d8 21 fe ff 48 c7 c6 b0 23 c0 81 48 89 df e8 19 ab e3 ff eb 9f bb fe ff ff ff e8 bd 21 fe ff 90 <0f> 0b 90 eb 91 e8 b2 21 fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 2119.230728][T32130] RSP: 0018:ffffc90004747878 EFLAGS: 00010283 [ 2119.237821][T32130] RAX: 000000000004d6fe RBX: 00000000fffffffe RCX: ffffc9000e27b000 [ 2119.245856][T32130] RDX: 0000000000080000 RSI: ffffffff81c034f3 RDI: 0000000000000005 [ 2119.253879][T32130] RBP: ffff88801b6fe7c8 R08: 0000000000000005 R09: 0000000000000000 [ 2119.261881][T32130] R10: 0000000000000001 R11: ffff88802a29c830 R12: ffffffff81c66870 [ 2119.269888][T32130] R13: 0000000000000002 R14: 0000000000000000 R15: ffffffff8e755000 [ 2119.278089][T32130] FS: 00007f6e02e526c0(0000) GS:ffff8881249fd000(0000) knlGS:0000000000000000 [ 2119.287119][T32130] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2119.293848][T32130] CR2: 0000001b34ffeff8 CR3: 000000003a69a000 CR4: 00000000003526f0 [ 2119.301864][T32130] Call Trace: [ 2119.305152][T32130] [ 2119.308107][T32130] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 2119.314445][T32130] tracing_stop_cmdline_record+0x66/0xa0 [ 2119.320351][T32130] __ftrace_event_enable_disable+0x700/0x800 [ 2119.326364][T32130] ftrace_event_set_open+0x232/0x380 [ 2119.332682][T32130] do_dentry_open+0x748/0x1590 [ 2119.338145][T32130] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 2119.344003][T32130] vfs_open+0x82/0x3f0 [ 2119.348171][T32130] path_openat+0x2078/0x3140 [ 2119.352822][T32130] ? __pfx_path_openat+0x10/0x10 [ 2119.357898][T32130] do_filp_open+0x20b/0x470 [ 2119.362541][T32130] ? __pfx_do_filp_open+0x10/0x10 [ 2119.367650][T32130] ? alloc_fd+0x471/0x7d0 [ 2119.371988][T32130] do_sys_openat2+0x121/0x290 [ 2119.376709][T32130] ? __pfx_do_sys_openat2+0x10/0x10 [ 2119.381954][T32130] ? find_held_lock+0x2b/0x80 [ 2119.386677][T32130] __x64_sys_openat+0x174/0x210 [ 2119.391529][T32130] ? __pfx___x64_sys_openat+0x10/0x10 [ 2119.396926][T32130] do_syscall_64+0xcd/0xf80 [ 2119.401438][T32130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2119.407384][T32130] RIP: 0033:0x7f6e01f8f7c9 [ 2119.411794][T32130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2119.431605][T32130] RSP: 002b:00007f6e02e52038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2119.441124][T32130] RAX: ffffffffffffffda RBX: 00007f6e021e6090 RCX: 00007f6e01f8f7c9 [ 2119.449726][T32130] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 2119.457728][T32130] RBP: 00007f6e02013f91 R08: 0000000000000000 R09: 0000000000000000 [ 2119.465689][T32130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2119.473717][T32130] R13: 00007f6e021e6128 R14: 00007f6e021e6090 R15: 00007fff19810678 [ 2119.481716][T32130] [ 2119.484730][T32130] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 2119.491998][T32130] CPU: 1 UID: 0 PID: 32130 Comm: syz.0.4939 Tainted: G L syzkaller #0 PREEMPT(full) [ 2119.502920][T32130] Tainted: [L]=SOFTLOCKUP [ 2119.507249][T32130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 2119.517298][T32130] Call Trace: [ 2119.520568][T32130] [ 2119.523484][T32130] dump_stack_lvl+0x3d/0x1f0 [ 2119.528073][T32130] vpanic+0x640/0x6f0 [ 2119.532046][T32130] ? tracepoint_probe_unregister+0x894/0xd70 [ 2119.538027][T32130] panic+0xca/0xd0 [ 2119.541741][T32130] ? __pfx_panic+0x10/0x10 [ 2119.546149][T32130] check_panic_on_warn+0xab/0xb0 [ 2119.551081][T32130] __warn+0x108/0x3c0 [ 2119.555052][T32130] __report_bug+0x2a0/0x520 [ 2119.559551][T32130] ? tracepoint_probe_unregister+0x894/0xd70 [ 2119.565534][T32130] ? __pfx___report_bug+0x10/0x10 [ 2119.570633][T32130] ? rcu_is_watching+0x12/0xc0 [ 2119.575470][T32130] ? trace_contention_end+0xdd/0x110 [ 2119.580768][T32130] ? __mutex_lock+0x27b/0x1ca0 [ 2119.585545][T32130] ? tracepoint_probe_unregister+0x9c/0xd70 [ 2119.591442][T32130] ? tracepoint_probe_unregister+0x894/0xd70 [ 2119.597441][T32130] report_bug+0xb2/0x220 [ 2119.601770][T32130] ? tracepoint_probe_unregister+0x894/0xd70 [ 2119.607756][T32130] handle_bug+0x127/0x260 [ 2119.612170][T32130] exc_invalid_op+0x17/0x50 [ 2119.616666][T32130] asm_exc_invalid_op+0x1a/0x20 [ 2119.621507][T32130] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 2119.628106][T32130] Code: 41 5e 41 5f e9 cd 4e b8 09 e8 d8 21 fe ff 48 c7 c6 b0 23 c0 81 48 89 df e8 19 ab e3 ff eb 9f bb fe ff ff ff e8 bd 21 fe ff 90 <0f> 0b 90 eb 91 e8 b2 21 fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 2119.647740][T32130] RSP: 0018:ffffc90004747878 EFLAGS: 00010283 [ 2119.653820][T32130] RAX: 000000000004d6fe RBX: 00000000fffffffe RCX: ffffc9000e27b000 [ 2119.661794][T32130] RDX: 0000000000080000 RSI: ffffffff81c034f3 RDI: 0000000000000005 [ 2119.669787][T32130] RBP: ffff88801b6fe7c8 R08: 0000000000000005 R09: 0000000000000000 [ 2119.677751][T32130] R10: 0000000000000001 R11: ffff88802a29c830 R12: ffffffff81c66870 [ 2119.685799][T32130] R13: 0000000000000002 R14: 0000000000000000 R15: ffffffff8e755000 [ 2119.693777][T32130] ? __pfx_probe_sched_switch+0x10/0x10 [ 2119.699334][T32130] ? tracepoint_probe_unregister+0x893/0xd70 [ 2119.705319][T32130] ? tracepoint_probe_unregister+0x893/0xd70 [ 2119.711297][T32130] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 2119.717628][T32130] tracing_stop_cmdline_record+0x66/0xa0 [ 2119.723258][T32130] __ftrace_event_enable_disable+0x700/0x800 [ 2119.729252][T32130] ftrace_event_set_open+0x232/0x380 [ 2119.734580][T32130] do_dentry_open+0x748/0x1590 [ 2119.739372][T32130] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 2119.745183][T32130] vfs_open+0x82/0x3f0 [ 2119.749254][T32130] path_openat+0x2078/0x3140 [ 2119.753877][T32130] ? __pfx_path_openat+0x10/0x10 [ 2119.758817][T32130] do_filp_open+0x20b/0x470 [ 2119.763318][T32130] ? __pfx_do_filp_open+0x10/0x10 [ 2119.768354][T32130] ? alloc_fd+0x471/0x7d0 [ 2119.772685][T32130] do_sys_openat2+0x121/0x290 [ 2119.777352][T32130] ? __pfx_do_sys_openat2+0x10/0x10 [ 2119.782539][T32130] ? find_held_lock+0x2b/0x80 [ 2119.787214][T32130] __x64_sys_openat+0x174/0x210 [ 2119.792052][T32130] ? __pfx___x64_sys_openat+0x10/0x10 [ 2119.797418][T32130] do_syscall_64+0xcd/0xf80 [ 2119.801917][T32130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2119.807799][T32130] RIP: 0033:0x7f6e01f8f7c9 [ 2119.812201][T32130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 2119.831807][T32130] RSP: 002b:00007f6e02e52038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 2119.840224][T32130] RAX: ffffffffffffffda RBX: 00007f6e021e6090 RCX: 00007f6e01f8f7c9 [ 2119.848207][T32130] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 2119.856271][T32130] RBP: 00007f6e02013f91 R08: 0000000000000000 R09: 0000000000000000 [ 2119.864242][T32130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2119.872213][T32130] R13: 00007f6e021e6128 R14: 00007f6e021e6090 R15: 00007fff19810678 [ 2119.880194][T32130] [ 2119.883664][T32130] Kernel Offset: disabled [ 2119.887985][T32130] Rebooting in 86400 seconds..