last executing test programs: 6m10.926103895s ago: executing program 0 (id=3644): r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x42000, 0x0) ioctl$auto_EVIOCGMASK(r0, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0xffffffffffffff95}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) 6m10.069854297s ago: executing program 0 (id=3648): mmap$auto(0x0, 0x200000000020006, 0x2, 0xeb3, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/usbip-vudc.0/dev_desc\x00', 0x200, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 6m9.936903078s ago: executing program 0 (id=3650): openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/trace_marker\x00', 0x43, 0x0) memfd_secret$auto(0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x1a, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0x40000000df, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) socket(0x2b, 0x1, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) exit$auto(0xffffff9f) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_taskstats(0x0, r2) getpgrp(0x0) sendmsg$auto_TASKSTATS_CMD_GET(r2, 0x0, 0x20000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001bc0)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x168081, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001e40)="2e271caeedc13d69b4fc13780654c968af9f176b5bbf60445af0b193e8756a01222effbf37f05a957cb25aa6ff48fc0f820814b41e96d12cf8677427b39d1d0c92c87beaf864f5f006a2bd510c18feaf2fec4e848ef5f5f0cba87d0fa2d929", 0x5f) 6m8.859562568s ago: executing program 0 (id=3654): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x200007, 0x8) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xc004ae02, 0x88) ioctl$auto_KVM_CREATE_VM(r1, 0xc008ae88, 0x88) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000008008000) close_range$auto(0x2, 0xa, 0x4) socket(0xa, 0x1, 0x84) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/transparent_hugepage/hugepages-1024kB/stats/shmem_fallback_charge\x00', 0x22000, 0x0) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x20ffff}, 0xfffffffffffffffe) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x20000, 0x0) clock_getres$auto(0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x1cd583, 0x0) mbind$auto(0x0, 0x2091d3, 0x4, 0x0, 0x6, 0x2) openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, 0x0, 0x202601, 0x0) bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f0000000140)=@iter_create={r1, 0x400}, 0x0) madvise$auto(0x100000000000000, 0xffffffffffff0005, 0x19) madvise$auto(0x11, 0x0, 0x6) madvise$auto(0x0, 0x4, 0x3) ioctl$auto_SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f0000000080)={0xdf, 0x8, [0x8]}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1b0026bd7400fddbdf250300000004000800100003800c000980080001808847338012000100898771f1c19f17790485908208000000040002"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setrlimit$auto(0x9, 0x0) 6m7.176539868s ago: executing program 0 (id=3663): mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci5/force_suspend\x00', 0x602002, 0x0) write$auto(r0, &(0x7f0000000040)='/dev/sda\x00', 0xff) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x0, 0x0) ioctl$auto(r1, 0x401870cb, r1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0) 6m6.592688455s ago: executing program 0 (id=3664): openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2c, 0x6, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20443, 0x0) r1 = setfsuid$auto(0xee00) setreuid$auto(r1, 0x0) shmctl$auto_SHM_STAT_ANY(0x0, 0xf, &(0x7f00000006c0)={{0x7, r1, 0x0, 0x4, 0x6, 0x81, 0x48d}, 0x1, 0x5, 0x8, 0x2, @inferred, @raw=0x5, 0x5, 0x0, 0x0, 0x0}) getuid() mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x8) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x5}, 0x4, 0x966, 0x3, @raw=0x404, @integer64={0x9, 0xeb1e, 0x34}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r3, 0xc0505510, &(0x7f00000001c0)={0x0, 0x8, 0x5, @raw=0x80, 0x0, "5059d005d689f01a18c00f29b5fa494a0200f0fced42bcfab54dc63a1562e39e060000007c7fd574bccc61a93bf6de84233c"}) sendmsg$auto_MACSEC_CMD_ADD_RXSA(r0, 0x0, 0x44810) setresuid$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x9d90, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r5, &(0x7f00000020c0)=""/4093, 0xffd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) 5m51.456667606s ago: executing program 32 (id=3664): openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x80202, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2c, 0x6, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20443, 0x0) r1 = setfsuid$auto(0xee00) setreuid$auto(r1, 0x0) shmctl$auto_SHM_STAT_ANY(0x0, 0xf, &(0x7f00000006c0)={{0x7, r1, 0x0, 0x4, 0x6, 0x81, 0x48d}, 0x1, 0x5, 0x8, 0x2, @inferred, @raw=0x5, 0x5, 0x0, 0x0, 0x0}) getuid() mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x8) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x5}, 0x4, 0x966, 0x3, @raw=0x404, @integer64={0x9, 0xeb1e, 0x34}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r3, 0xc0505510, &(0x7f00000001c0)={0x0, 0x8, 0x5, @raw=0x80, 0x0, "5059d005d689f01a18c00f29b5fa494a0200f0fced42bcfab54dc63a1562e39e060000007c7fd574bccc61a93bf6de84233c"}) sendmsg$auto_MACSEC_CMD_ADD_RXSA(r0, 0x0, 0x44810) setresuid$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x9d90, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r5, &(0x7f00000020c0)=""/4093, 0xffd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) 9.352319439s ago: executing program 4 (id=5349): mmap$auto(0x0, 0x420009, 0xfff, 0xeb1, 0x401, 0x7ffd) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x4, 0x810004, 0x5, 0x8000000008011, 0x3, 0x100000000008000) r0 = socket(0xa, 0x1, 0xfffffeff) openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) setrlimit$auto(0x6, &(0x7f0000001280)={0x6, 0xf0c}) clone$auto(0x3ff, 0xa4, 0x0, 0x0, 0x8000000000000001) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000002740)={0x0, 0x0, &(0x7f0000002700)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="010429bd7000fddbdfe366000010682f1afc67be027716f1aec501b47ef5dd51c1136df1cc14325b42c7eb3b4f0c609362801bc44a8efa2fbf92dab1802d22c48aa60675a5ad18bfe4dfed312a7014db4347c9674d673a84f75a302a286382173b9253690e54ca70dd48a90b518d9cecb3764b51bc7ddd0cba531db9a06f87c5c24de5f66872ee25cd8d51797fe87583a378b131628f4d7fb1a0d350a19fce68f16fca959cc1f56f7e53d70a17d9978c0a1d25d85d1080442a1161d3e1b3b402034443981e2ed5232c30d0d0b013946d33a8cf5c06b116a9907bddcf7e504ee224eda87bd4a5c77b67bc67ccc1d19f5bbba548f5cb6f2b04dfab1851f3097a81f33ce4a5f64cdca5cfaf4ce65412778e51dbd6721691980e45d260d2c33451ee9820f2a28cb9bfc03a4b50b252ad9a527b14bf689cfe6fef471520fa4332677fb5361ef2340280397f3c7a45f614e8219540fdab285af5b5f62ccf66e2ef654c71f0fa70d075a88f0d62512f68a76ba505a5ea214b4ce0446acb0b16476798"], 0x14}, 0x1, 0x0, 0x0, 0x2400c001}, 0x8000) r4 = clone3$auto(&(0x7f00000002c0)={0x7ff, 0xfffffffffffffffa, 0x970, 0xe000, 0x10, 0x5, 0x0, 0x1c9e, 0x81, 0x0, 0xfffffffffffffffa}, 0x4) r5 = clone$auto(0x8001, 0x8000000000000001, &(0x7f0000000340)=0xf60, &(0x7f0000000380)=0x2, 0x3) msgctl$auto_IPC_SET(0x2, 0x1, &(0x7f0000000740)={{0x7, 0xee00, 0xffffffffffffffff, 0x9, 0x7, 0x1000, 0x27}, &(0x7f00000006c0)=0x7, &(0x7f0000000700)=0xff, 0x1, 0x10001, 0x7, 0x0, 0x0, 0x0, 0x6, 0x7, @raw=0xd94, @raw=0x9}) sendmsg$auto_TIPC_NL_PUBL_GET(r0, &(0x7f0000000680)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000640)={&(0x7f0000000d40)=ANY=[@ANYBLOB="08020000", @ANYRES16=r3, @ANYBLOB="000826bd7000ffdbdf2507000000f40102801f01b0800400cb800400e680efe5ccaf0ea38a16bdfc4400ff47a22624eb5ac143c4d9c5f3c58b3da789182ac92976b1ee826c2b37d136bb83b5178ae82035333783a800a326b3cfe130b5d73e7fdf3b9cb95e1b806d81cd53352a6fdf59df438959cfb14a26ac29dcaa1d35e202ce9adcca60ce3c2869fa0714d43560b3bcebf344a01e7ef95589817e8e8bc47861a4424c1214dfa886cb2c391ca6aa4a6aca600de0de3ccee8a4ae2a1c2aff1db7a14abd002da03a6a7bd092781fe16f12eccecdc84e88c010dad64fc483dc69818c7701bdb9c3650bd9cf6cb7c06cd08945babe010fc49a35f8dd5b50c3f0c1c460e1c2d766c548160800a800", @ANYRES32=r4, @ANYBLOB="0600000000000400000000b3030000000000000008f8b600", @ANYRES32=r5, @ANYBLOB="b800ce80080032000100010054003e800800e600", @ANYRES32=r6, @ANYBLOB="37002e0084508bdad554e9af502f95f1bab49fa0f65d212cf369e15b714ee90e405b0437f13062f02b75c811fb3996d1bc755cd83e0e230008006000", @ANYRES32, @ANYBLOB="040049800400278039000e00dc3829cbe58f2f13b13cdccc81dc03fcc1c0b988ab7be54c93bfa7eb1eeee7caaaa236317925034a1fe43584d946c866813f39bb6f00000008004b00e000000114003d00ff01000000000000000000000000000104005900"], 0x208}, 0x1, 0x0, 0x0, 0x4000000}, 0x20) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) ioctl$auto_FICLONERANGE(r1, 0x4020940d, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) sched_setattr$auto(0x0, 0x0, 0x3) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@generic={0x0, "94720003fc8df50bf18af7c35ab0"}, 0x1000) fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x1000000009, 0xffffffffffffffff, 0x0) r7 = open(0x0, 0x0, 0x408) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/misc/hw_random/rng_current\x00', 0x129302, 0x0) epoll_create1$auto(0x10) sigaltstack$auto(0x0, 0x0) sendmsg$auto(r7, &(0x7f0000000240)={&(0x7f00000000c0)="0ae374a59ff4b0c2840deaf1b7ed6e812a9c29a3b9016eadbf86e36e6684b813b622463e160edc753277dcd64fc5777cf9010ece226a5a55e4dfca6ee8a70989e7cc4d6d69f7865eb3df", 0x3, &(0x7f00000001c0)={&(0x7f0000000140)="0c714d3e6cb12a28585e7d1d73f1bb3fa89abd69c469919b61715495befdf15c7f130e4c0de05dcc16482c744a16c04d41cbfc13ca40bf80895696356a71f9baf6b0b2823a872359bd4b7ebf6bbacbb0bb323c3e8a5bcedc745b7f31a07bf8b76b951cc97e95e968e4d6b5e8ea30b5581e24f8c0c89a153008", 0x1e77}, 0x200, &(0x7f0000000200)="38daa7cc086018d9eca9dafa18b3dcef446baba8f70460b28ac5474d173fa6a486", 0xca, 0x3}, 0x784) sendfile$auto(r8, r8, 0x0, 0x7cc) 6.536526868s ago: executing program 4 (id=5361): mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/memory_hotplug/parameters/online_policy\x00', 0x2, 0x0) r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/hw_queues\x00', 0x2000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_LOGIN_REQUEST(r3, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r4, 0x400, 0x70bd2a, 0x25dfdbfd, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20004000) read$auto_debugfs_full_proxy_file_operations_internal(r2, &(0x7f0000000080)=""/213, 0xd5) read$auto(r1, 0x0, 0x800) 4.566500149s ago: executing program 3 (id=5373): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x10) read$auto(r0, 0x0, 0x1) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0) write$auto(r1, 0x0, 0x6) (fail_nth: 1) 4.464993802s ago: executing program 1 (id=5375): mmap$auto(0xfffffffffffffffe, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x28341, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000001, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x7, 0x2, 0x8, 0x5, 0x1, 0x7, 0xb3, 0xc, 0x2, 0x3, 0x5, 0x7, 0xfffffffe, 0x0, 0x0, 0x0, 0xb0b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000]}, 0x1fe, 0x81) r1 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x401, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto(r2, 0x84, 0x71, 0x0, 0x0) readv$auto(r1, &(0x7f0000000180)={&(0x7f0000000140), 0x9}, 0x4) ioctl$auto_TIOCMGET2(r0, 0x5415, 0x0) ioctl$auto(r1, 0x1ff, r0) 3.906150982s ago: executing program 1 (id=5376): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) socket(0x2, 0x3, 0xa) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0xffffffff, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyyf\x00', 0x80b40, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xd021) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x200948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x6, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f00000000c0)="c0") openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x101841, 0x0) 3.861730387s ago: executing program 3 (id=5377): r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x8300, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/bdi/1:11/stable_pages_required\x00', 0x20400, 0x0) shmctl$auto_SHM_LOCK(0x2, 0xb, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) socket(0x18, 0x800, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x1, 0x0) sysfs$auto(0x2, 0x1f, 0x0) fsopen$auto(0x0, 0x1) r2 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r2, 0x0, 0x17) close_range$auto(0x2, 0x8, 0x0) fallocate$auto(r1, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) getdents$auto(r3, 0x0, 0x62d4) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x4) write$auto_cpu_latency_qos_fops_qos(0xffffffffffffffff, &(0x7f00000000c0)="4d46f158ba101c8c2d9356700b866489eff04b4760b3539b045b1af49ea855e368af3d1e6e1f4357d9e208a8ed480f4eff72480ed222ec48dbb1c4c6d0fd8e8a7b798aa8066160cb78be83de9b691f6907f58b4f87e18d4d420de6c18f156d749715ddbf8127891d08247d8c919da0fbb26ace2399e1c632f1e2b0c8ffe8ce7dc7b80b98438f066bd662d0d89bd610fc61883c13fe44afc3e67b91241c5cf586c524a26879", 0xa5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = getpid() sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYBLOB="010027"], 0x14}, 0x1, 0x0, 0x0, 0xf2b0dd16cfb63227}, 0x800) process_vm_readv$auto(r4, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r5) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x74, r6, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_COLOR_CHANGE_ELEMS={0x60, 0x131, 0x0, 0x1, [@NL80211_ATTR_TID_CONFIG={0x40, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x8}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x3}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}]}]}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x2}, @NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x8}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x20048014) 3.430361002s ago: executing program 4 (id=5378): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x1, 0x3}}, 0x6a) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0a3765c9b0ff8fbbff63336633bec215ead541e5766cb7e6a546c58ddbc3cbd", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xb42770053985645d}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, r2, 0x10, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_4ADDR={0x5, 0x53, 0x2}, @NL80211_ATTR_PRIVACY={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x40000) close_range$auto(r0, r0, 0x2) r3 = landlock_create_ruleset$auto(&(0x7f00000000c0)={0xd1d, 0x3, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r4, 0x4, 0x7ff) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040), 0xffffffff}, 0x6, 0x0) r6 = socket(0x1d, 0x4, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x5) recvmmsg$auto(r6, 0x0, 0xffffffff, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.294163801s ago: executing program 3 (id=5379): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) mmap$auto(0xfffffffffffffff9, 0x2000c, 0x2, 0xa818, 0x40000000000a5, 0x5) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket(0x29, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) lseek$auto(r2, 0xffffffffffffbaeb, 0xcd06) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r1, 0x0, 0x4048010) r4 = getpid() process_vm_readv$auto(r4, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) r5 = prctl$auto(0x3e, 0x1, r4, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r6 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r6, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r6, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r6, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff024}}) write$auto(r6, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_FS_IOC_RESVSP(r0, 0x40305828, 0xc) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r5, 0x0, 0x80000000) mmap$auto(0x200000000000, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000) 3.156199816s ago: executing program 2 (id=5380): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="b2", 0x1) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, &(0x7f00000000c0)={0x225c17d03}, 0x0, 0x5) futex$auto(0x0, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x4000000) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='V'], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xfffffffc, &(0x7f0000000100)={0x0, 0xfbe}, 0x8, 0x0, 0x8, 0x1}, 0x3}, 0xc, 0x4008) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) msgctl$auto_IPC_INFO(0x6, 0x3, 0x0) socket(0x2, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2101, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20280, 0x0) write$auto_proc_reg_file_ops_compat_inode(r2, 0x0, 0x0) socketpair$auto(0x1, 0x9, 0x7, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) io_uring_setup$auto(0x54fa, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x8, 0x5, 0x8) keyctl$auto(0x11, 0xdfffffffffffffff, 0x69c9, 0x0, 0xbcd) socket(0x10, 0x2, 0x0) sched_rr_get_interval$auto(0xffffffffffffffff, &(0x7f0000000000)={0x80}) 2.874871744s ago: executing program 1 (id=5381): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x129800, 0x0) ioctl$auto(r0, 0x9210640d, 0xffffffffffffffff) r1 = socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800008000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) bpf$auto_BPF_PROG_BIND_MAP(0x23, &(0x7f0000000140)=@test={r1, 0x2eef, 0x6, 0x6, 0x3e, 0x0, 0x5, 0x10001, 0x6, 0x8, 0x2, 0xfffffffffffffffd, 0xfffffff7, 0x1, 0x7fffffff}, 0x3) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) pwrite64$auto(0xc8, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/223, 0xfffffffffffffffd, 0x82) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x80000002, 0x1d, 0x3000, 0xfffffff8, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x6, 0x29c, 0x1, 0x7f, 0x0, 0x6, 0x1}, {0x10100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000) r4 = socketpair$auto(0x1f, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TCFLSH2(r3, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto(r2, 0x89ec, r4) 2.819660496s ago: executing program 2 (id=5382): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/rose7/flags\x00', 0x2262, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) epoll_create$auto(0x3e) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) 2.547983102s ago: executing program 1 (id=5383): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x5b) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000100", @ANYRES16=r1, @ANYBLOB="1b0026bd7000fddbdf25030000000400080018000380040014800f000d006f76735f7061636b6574000012000100898771f1c19f1779048590828847000004000280"], 0x48}, 0x1, 0x0, 0x0, 0x4004040}, 0x4814) r2 = openat$auto_fops_atomic_t_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/fail_iommufd/times\x00', 0x200, 0x0) read$auto_fops_atomic_t_(r2, &(0x7f0000000080)=""/41, 0x29) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/platform/drivers/xhci-hcd/uevent\x00', 0x381000, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@can, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r4, 0x4068aea3, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x201, 0x0) memfd_secret$auto(0x0) preadv2$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x80000000009}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyz7\x00', 0x48f41, 0x0) 2.354895691s ago: executing program 4 (id=5384): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/nfs/net/nfs_client/identifier\x00', 0x82942, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x1, 0x11, 0xfffffffe, 0x5, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x2, 0x10001, 0xb, 0x2de, 0x504, 0x1, 0x101, 0x6, 0x8}, {0xfff7ffff, 0x2, 0x52, 0x5, 0x10001, 0x44, 0x76c5, 0x8, 0x8000000000040000}}) r0 = getpid() r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x81, 0x0) ioctl$auto_KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000000140)={0x5}) process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, 0xee00, 0xca6d, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8000000000000000, 0x1, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000140)="4f0d6995e943b6bc1919", &(0x7f0000000200)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f326"}) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4a42, 0x0) mmap$auto(0xffffffffc, 0x100000400004, 0x1000000000000df, 0x4000009b73, r2, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x3, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x401, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) 2.326359201s ago: executing program 2 (id=5385): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$auto_TUNSETVNETBE(r0, 0x400454de, 0x0) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800008000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) futex$auto(&(0x7f0000001d40)=0x7fffffff, 0x8, 0x5, 0x0, 0x0, 0x6) socketpair$auto(0x1f, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TCFLSH2(r2, 0x80045439, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000020c0), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r3, &(0x7f0000002240)={0x0, 0x0, &(0x7f0000002200)={&(0x7f0000002100)={0x20, r4, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@HWSIM_ATTR_ADDR_TRANSMITTER={0xa, 0x2, "db1b0f6bd3ff"}]}, 0x20}, 0x1, 0x0, 0x0, 0x20040800}, 0x40804) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto(r1, 0x89f0, r1) 1.997120258s ago: executing program 3 (id=5386): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r1) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) write$auto(r3, &(0x7f0000000440)='ON\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000001e40)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="0100010000000000000004"], 0x14}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) 1.935612502s ago: executing program 2 (id=5387): sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) r0 = socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/tty50\x00', 0x1, 0x0) ioctl$auto(r1, 0x4b65, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, &(0x7f0000000200)={@inferred, 0x9, &(0x7f00000001c0)=0xfffffffffffffffa, 0x4, 0x0, 0x4, "06652b19bf85626a795114bb619c748271ad5cef9b79a37ee0d6f56e"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) quotactl$auto(0x9, 0x0, 0x62a0, 0x0) io_destroy$auto(0x0) recvfrom$auto(r0, &(0x7f00000006c0)="9c99089935cfbf5cc504b275edcfba81947af30fa759ca59b2e8fd97e5f8d869be996a8d48b8c8524e7159c992e4515a5ff4c5348863083ed5b7e3ae6bf5142150ee1b2bc012b56d1c4ee5c11d2383b4d9a405cc9d7fe0658f07c38698e01965cb882bdb4da6680a8713f136bbe0f9b45800f066477c23084fafc2b516d8d2b6959907e17471db6fe63497cb8959cb1eeea6a9da8c9b25df31642cd52f253eb5a7442aab53d49009fd1bb3572122c8989ccdd1c1046c092adc4e95ca15189f14d3d32b0b116a0c5ced9e88730dca13bc3e7d7fcd6c2a1887d55cc2594c47e748d4aa8324bd0af35ccf16480f4a66547e0b0b72bf516767e53e9dce4c562399ec86f860bc5b96e8adc98d2a95c7d8d0831761b1a9356493450cb1036e89894c557dcf03296e6cd6e2c29b4ba7eb97e3a3e1ea952a2b01cdf12a998b79fb79da931560b708245cf6b5d9b592ba39dee61b1e37a058fbcc4d9c6660f8c17a62bad0feedb8129282c8a208dd0722e74e0ec5c280490f39f9b0e4891cd6fcf86764bbc9467b29773aa00a94a2ecc87d98b75e9b722f6624db19292b7ee9d72044ca35699bddd98774b6af00978b4f92b13d7fc24b2b8d861d418ce9ccf60d6c36a0470eedecc6ccb7d22342e351ab2effb702166ce51710fb9dd660ccb5a615c4f1cf2a93927e96f1bb5cb29259a8d111eb7ea0be6ee8c6c6edb211e6bc269cba3f3f2409d41aac8c3ac4c71165fc21ce51b88880dd63ad556710edb3dd1d053d1f94faf26318bd91a1e659eabe747bf831e083b41851b73dfe6f70e3c6997792a6f4ee61c6691bc612a56bc8e5147badd9abeba907e98c96f29d522c513c19436083b427d1d628bb2812a019d6e59134e44e4af1fd5f6b5ddb7a8a0575ed1abfb7cd5f2d0d91c7024cff55e2e668e049c1c4af8e7a048c7f7875c2785157be91ba074db79def79d9483678103f07fba3f8a3d96f687b5867d946b6c41e2330ab170808ed267834ef28c8a0db02b2ee66ebf847ff533442f0bf21d20599688400b64d9c1d4e5a88eb6a840af8983e00e1e3df76d46d1e1abbd1edc0df6788cd10c693c3cb69c2bc56cfeacec43dde496452db0cf5cad886b6b616125ddb7b14c0e2248bb48ceeceb9b255ae7627ebe819f95e117abfd043d51977431b440abc6240068a06d8d55cab99ce85b9f31100cc10b2ff602118d083ac50423a143c37159960a44c6662807443bb2b7cc21815eac778e566d0063bbb0035c4a387606fdd8a611e4e1b6ccc41409d15d6ad6085fe6299b7f457389395f37698e15ce1e1badcd62467969f608335522a54338a36a5acd83fed1099bbc675af9770d1b96ab574f6919181fbfd200ae223bee605723e71da8951fc6072e4d3b2e576d7fa195221b43fc328cb6ee3fa54c4becd16013b5f51bfcb847235a2159502f4cfb883ca164c7b53adf592d06ad1844b2ffa3a0b8f88deee59f0e0fee3b9b6c4d2aa15e9ac60c9f8bb978f59d9f9fa6408097bccc3f99171cb9cea6b8f1221631d3db0d9e924f1a4f855c2ff31cb099cc4161ca8e0e1c4f9ef9e9b495daab442e08fcb3f0c34bbd47bcda40a477361a836360a89ce22e081af14b8e885316f099ac855347fc26a487f8d97dca25a2083180258a0be0e1637a0d2a9cab1b181dc6f24f22cf251fa7e5d73ffa53b5f3e7df5d88ebb66c8802b5123355220877e7b904dce972861ff10c33954e4d916c86d5663ee4e04bfe78ff1ec59d89b95e799ab01c4290cd00797e3c462bee32995cbdeb744da16d043b9c7b54be758bdcc15168ba7bb43ac095dbafd4c7ed88da642fcca5c7b6eefbce3ce055c6c162196a36f60a55214987605678ddf08c68394b876c11000e2f35f1c2cfe874f7babfe93cc8c0a311a6016dfcc548855f09a0ab9a21d1e93b85ff85fc2131194ecf2ab71259226e23ba4ac2ebcacf56b332c6ff12129f41e1a182a86ac02835b215ad03d244bf7edad5ad66d707ecd6a3e34a897f482e14e93903c2a19c263b054e575658ed46498a64914ee0cfc7d4398376a74ee70f103def2b21b972ef6abf67e9953ba2dee281b0a15e78ed198790e4c034193a537960f0dc7d016fff4551a9eba4fcdc54178b0230d02fbbd2e9976b06b94f931ff27c2c3c45fd0765a55357b0af2acc07221b13b38da5827388039831100a04d305493839a19f676c4c22d6ffe78fc6680d07200813ddfcb26674e3adf7ca8e19f172c9de97365da72b3bbabfa6bb3901331b521b788e89be182a33f6acbaacec86983da2b9a5202f69debf38eda7225e834e033b2a65455e37c65713edb6b5f9db66b1a93061f9caad824e9f0429c3613a07fe411e51d3c5b5d541bbed8469f17bbe63fcca2095bea5d7d6097c5d4a45bca7285343580dcc1957c5e823a7baa7c45796b42038ca845dbee4d794a04baaffd3899c62de93b383e1f5827d08ac4b6bc4afc8cc4fb46ba1dab7e559d09e9dab6587a56465eaedc97af3a21d2522666ff87c65aadd5a488df4bf88ddbb9ec5df178bd4222d3cf1c95b474f900ca3b7cd9e9316689fd8e7a5908b8ffa24d6fe459b693935e524b5b9ed8f6dd54dbeab5848f598f732938a4c1fc36d38b7d6d0aabe73434cd38c79855dc5177d923f76a2a02f8db7e3d33823a3f7054815652890c168c37e6989f80cf2b91358aa5cea156249c1781abb1c2fa9efb14ad3b11b2b14ee21ffb93ffa5715cb8a26703ad37f693de003de3a48bd60952af8b6551d0321bfd1e98f691b0daf888193ae3f23814296be4f7489170ad8728cfa7cca28db8e9269afeaf811479075d3f9a74f8d8ca16621f73306d965a98ef954b1b81b264172169fd43c9b0f85153154920eb376e4794a47009c15f307d25a0b0a6b7be0c489bb466a953e82016b56c7b4babf03be32bd9d950c97b12144ec7b32db86498e3fe19f45b960788a50cf993488505f4667e63aa5d47a0753c9246ab1a1c6365a89d5c8a3057d21a7268cbcdbc7c95cd6fab930444931dced1e643239996181b653ad234a676b4bcbd5070f4ce87a71d8fb0a62e5d5c61ae3f290a31f1269f1356a6d9f74cd21811357e78bc8eda28de4f385685d506b2601d572456f816deec184b67e9d9c5272f16731d59592eba540c4798719bed2e9bcd86638c60cb271948dc11384d2b0ed61ec5033b076a58f9d27d2db99b595a3862f89fdbd1879857ae27483db08ccaeb7557c8dbea333d99a3e3c473582d262e58e918eaee7cb5aaf37cc9244cca56db8eff5f1b5b22fc38778b9f410fef2fd66e8f007135fba928d4aa59c21589079a6a3b1e5278e475ae9570c3143b15b4b206faaa037c233c5d6ebdc4c15839df4fb05e6598d1801bea2c024a322fb9371d12ff4485ba1a6e0e8bb1ce66d46028d242cbe70e5f166f024dccc4d0c220cfbc75bcf3be64b2e05db1220ef979b8fb3aa41d7ee51ca6ab2e6de619032ff19315470909f62a99860f1383058e4d6e5b8eb29430484d6241e1e5f3c9a41c5cff669f6af474ace33ad1e1442e30101bbd5a2d0311095a02214bb6605dbde91026acd232733e4cb91ba7dcf278c1b840cbb7f10560a388087d2c36af652ce23c63d43d25e22e2cbb655896c27cbb0409081eb67224fbdd2790df16d77412b6bc78dd035da72bbee8dbe65f128a4fc324683633ad2a74690dc5bf8bf41d892face3a08aff863ad42b488cd0fe6e06ddeb0e06051c44caeeb39183f1132ece83b8695c74500f0b4f908c6486e169f48517da4dd37f7a8f31aa555239648b1e3050733d21097f14c6c3ae530166c11f67caa975c96f4f3b4369a647db15cd6c41192e37cdeac89802800c53ccca704a5b020c067d13d6c672c067f5bba68849216a3c2d75f5b8cade667ea71cb828701bd018bdb7105fc3fb5301ca8287728b8d72cafd843735032ffa1578f19057aa8f01215b2a4aef021975986adf32774dc76aa1e80e165b58b967f595779d983ef1096b79485b7f3c5ce70f729f2e3317a933a5d5a519fe85c70440d9bb2710c13dc59396a30799ae9516e2ad638ccb25a91e5ccb2fd388fcfb016574e7d332ce16fa9759f752db716e11c4eb709472c634041a66f01e063346a45e8400bb387a98d993f75bd36c6a2e4cc804ef252278e3b4ed48ddd3f0af8bdad32afc9226a0a738eade783f5cf7f93c7243c3c47bfc351b7daf707372cb5e7fc61505a0d625a52068de9632839a181e6b385517fca003921f1f05c19990e0e1cef2a78a0d5daa4a3d7ef85c0317e04e68cc73e089eb90ea8d8d79aacec375dcb0b2ed9180eb4488ac6f1b021d52aada29835e0b93869b2316696434411a9b9f85abeee4c0c4bb23f9537c3f5ea9bbfb48db894142b59af16f0be33dd02b2097b9f0b6ce5e4333668dd2d9b7225987e850f73918e5f9d1647165c91645e568b1bebe9fdb4d846574d54ed090761105792d9b234cff140a79ced57ed980082cd4695aadec4f76d03c22d0d9141ae35ad783745c74cdee3711b7975503ff2a53093228167a74e69c4beb21f508475abd50995e1f1a1c564c8bd874ddff7a302341c9424231cb58e8432183ccb43e617fef03b829336e5add0f7cdd2fa53ed22aa582f119be0b81b7dddff39e7f51ca3b3633075732a93ead1d875e887771cada8ea169333500f0b6396056fcc9e5112c1c238bc7bafdc10473c07a5ae49a20d2b62df54dcf55ef89a729947c3bfbb3da03944152772ee22ff8506f4834093d0f3aa36493b1b15d85b3ae261b4300cc7e21623b78295aecb5fd64110a0eba52539d61418790c275fbf3bf9cb0b9185e5b001c9df0172915ef065ce4642ce93078fa0ea538bc8bf11d76f21631fe16ddef3c460988e103f8aa7512c8ead89ae1e89bb03e9c6c350bb4caa85a9eeeb1954135b696b5e29f1d04f9161af57e04435b22c5803251e83251e4e4cfc7b970e841e72d39d7b4f8ff5d02aa11a2d3e78405de74037461ad07337107d8b19b0f6c1ff3aa72173c37ef35a525bdc68f2fdca40e602f9a7dd3517697fb009ee46f6b074cd1652eae31350b33e9d0c96f954391f332282c9ee0a3e26d5157acdd7eb33e3def820c49705881a9c62f5615ccdc94a8f63ccb5fd4d82c6c7649cb4b4be98b780617451d9c4248134028d1ea0775a82fd44fcdf9149e74626d7f142860652c7d20c04d1b175e99125c24d1f1d4b4fde0ab0a82b1dbe538e859d823c3d6a42cc1d697e67a7126e28d81d65301293675a92dfdd8e724365f3847eb7f0d3121ca3892ea568166076f262f7270e4d41947fff3567202660591da48e7ab6c8f09bc89bde9cd3265f3ab20b962a948c19dbcab41db26262ac83c7fd28426bcb7425c8852d1774250e518ea095cdbb1c66276511bc1ec8c22d43a20c61ac50ee9ec2d3d6c7f49b7d420dc4f0cd9ff181492acd08f1397fa0719792db7b68508d0153395ac5b5c9bf8beb25e4b81fcebb0a859c12f084117cb2736619c65aea7e00712c8b04d6f749e81f6b4caffc13d1626772de23a4c450d527ba86a3df1b6fb3392ccbb9b09cabb191135dcc763ae48331b59726d90a20aa005c3a6d960cca5aeb89221fd81b1930add8957a20d2c01e6dfcf26694898d8f7da90b49c1953cea858d7e4a62632d3d934c44a52fa3a5f85bf2b7a197a19f762fa2fc2df2b8943301a639de46d9b18550beebead14949d0703cb2ef6a5592382699e36eb60bf25b1da03b5cabd291fd53d4e48bd5cc09e9fdd0dc7ef3dad4d04afc144a84b8d4607982ce8d0a38caa27cd513bbc98c952450ef2be9fd032", 0x9, 0x80, &(0x7f00000016c0)=@l2={0x1f, 0x4, @any, 0x100, 0x2}, &(0x7f0000001700)=0x5) r3 = socket(0x2, 0xa, 0x1) r4 = bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r3, 0x10000}, 0x10) mmap$auto(0x0, 0x2009, 0xfffffffffffffffa, 0x8000200008011, r4, 0x8000) ioctl$auto_BCH_IOCTL_FS_USAGE(r4, 0xc040bc0b, &(0x7f0000001740)={0x7, 0x2, 0x0, '\x00', 0x2, 0x0, [{0x9, {0x7, 0xe, 0x9, "7f878c6a41007408552ffe6a26da"}}, {0x3, {0xfd, 0x64, 0xfe, "d7fb32373f7c0a424e44a66f1235d46c897486d4e69c714e2aeba5c8d86d91ea923b57bdf62fc776a74ce87db3d15f1be940181564c9b375753cb72c50995cfa9f476aa53faa0da38f8109bbea04ccdd23074bece3e6c2e418c7dd2a34c65ecd227b2d37"}}, {0x7fff, {0x0, 0xe8, 0xf9, "60fb5af9e4fe9faa28501892fe7d66967fd2ca78c2e25c16bd840ed61cb75dae24839a725388c1d083370335e96d8999ef3a570b907f4eb22a668326dce039bdd0c8fad206132244f4b52c83610a3e6738187540c8b58b76cbbba7d3a2d9081058125eb8e044c660c47fb6feabed49bbbfea9fe564cc4ee36bd9df2bf1e7750419fcc097f064f39095482c7b3cecd55ed9071609f7cc72211ed4b629d5b9e9982225c844db392f8628ba87f3bfea0adc59de630dacc90ab8483614482b363125a1cba9246f9824c808f72fd8539985de2511707e9ea37ffef6a3419745824db741d34c967377def8"}}, {0x1c7, {0xb, 0x6e, 0x2, "6fab2c2ecad61cc499cc5764c43345245434a9d2f0955c151010d72270fcfafaee041ac8e6250abd1439386fb9c287c4591777372fbeb334331be75c919742cf8a470fcd1e8c1088371eb29c4cb1261e8adf5c2904c6417a68bdc0c2b45c8e0d49e669b97d1073cd523c56648d69"}}, {0x6b6, {0x1, 0x1000, 0x8, "87e580732bef147bc1e351fd28b7ed063caa16cda5523114d3611395de8c81d01355b4a54975a8d4178619fc0a66ab18e1ab65b8d1df23369148b168c9c034d0b6f6f2341bf93e30276dd88a40d4a15549a03e8654a036cfff879bb00bb752e69fe654afaab2f1c6e2d616e4d6f1d678d6c18c8f06857abca8a84b4a8107e9b154dbd67b61058c078814f9fa7da4da2c65dbf3a5722304414d9eb680ae745d3ab8fe5c4766d2134161aa341d0f4465a02dae286b76a71379ff3e044ddcc9d3b13cfe3a1b4885905e67e24629b31370068bed1832bc6030035a8f0ba403142736ef52448aff213a5f665c6aeb0574200cc74c00394fdbeb8f35986d2112782225fec468b718e389ac1e73a5ff7f7ee54d7b117e6fad83fba4fb0f957b64abdec9e77567e695a0253727f5a5084b0a10e3da51bdedbdbeb5718aa2fde4b7b23a4ef1e9bbbdca3098037a57a876e880bfe0bdffb1b11fbadfa2fc765143631fff923dbfa5588315372733f31831f938328fd275452db7c1bbe89255f834b88c1bab32bf5aafb5cfc955f5d82f740509faa89c5fb72f5ac41338d193cc413091ed0662970095711b4774d97167bf77dd4cb0d33ddc8259d650b2e5e0a92bc050dbaa227b66693fc33d87f0de3696afb938111669355401873537c676ccb0ac22831c32bab7ef4f80f9fc5bbf543fe927685cdfc143d9e615314b3689cc67e6006324278f3325430cef24c8a45130a9d7d13a9d35f3266a4c16a4947a043d414f092d5d492f0a7f36ba1957975c47a28336bd25117a2e281009e3f7eaaa02975954f64c93cece608b11f1c7ee306730c1f9a108847e05d423c54ad8f7a023254c8e47c53e72dca13336a0864d7379fb51263b3d538c4baab42a0a894789f7be7b0846e5871a8fa25f95d26fab51039b64a5fc5797772c8ed9065b9ea740f9353ad9b09e8e94d32999f53aa6a91d0c15d1e637a7a11d5535a8ea47fc75217277cac4ec9728ed87344a9d3389fbc47f1d96c8b16caf0b6deeba7fe6303c28b79e986b8decede5965a8d8fbe4bbf704955874ee9f7255f291253c2469a123f03b34761205a3c09aaabfa5692f56ba7dbab4ba191d34ffbaacc5786ee62ccf12df97c880d38d8513cacfbaa7e86daa3b851b155941a757beb6ab03a15a9623b5f5bcab925106a9b7a4f636f703f62d5b076b7651c424ccc1ea94b1b468a351042e052e7f865703c96e95dd0e4be7ef61fa20b990a5843ad20609cd731af1bc9d825da1b0db1a53a22ebd0ec51002e50d402ce5ee397a374d84e58d01f756d9009b5d5b396e61355425c27dc81b2461d2879f41a97b0503fb38e093cf2b0f7ec812c156424f64cf9a16a6dcf1e3b14a71baaa9599662dd55a449ef332f8981307d0c3842fb71c65ec13cb81075be5fb02ec0984107eda41c3f5b6dc660511801a1db428eb180f8bbd1455ac89cb801d2b6e100f8355e37bf6281fcac3b739f96672c87f6c40d3ab83b6e0adf76cc9963a1e7328e9f776e2c53c3e13271f4538a50dad4cd874ed264ca6c64ad95d5fea22586c42699e75444828f80aea6f90cc9bcb0dadc8cac7672102a9970e4ebdb65b919b18c842d5996a6e30002645ec3bb386eab38f653884e2d561bb62ec90b626c5b5c97411e2cd36233f4b3e43cab31e72d56c4ab766671d464604a980ea5d5c1cbae76bb1b64182a662272b578526a4375083ce0d5232de1e6c4a9c2402471e8d25250a1778397a45594775866c40c6596b3f03f1d7d6cf804dec2a3dbda85cbe2b1359a93e9f3ed9a4213ae1dff59e6699a49e095817746d850a86c096e251673c27935539d4ef07930a1c412da744981a5ed905d4bbff3ad1e2f3537381fb3fef538637319a7a6f5edf10fb3f550013a52c07b8c5c0486e152a07e30659ddfd829bdc5adaefc761e2eab48a81401566de7e481d6f0fef07ce613a412a0e87507516bb0dba7203f68b087d3b1dd095f36a2bfc55d7f9542a18d7e893e027b0deac440526ccf74b8dd90316091056abe361581a8abb9a622c6a364f346125ba89f937307f843841b2080a6d4cd1ee7b514b2a6dc2b58fb0188360630336e720c4e0e12942383438d7ebef559de09fc96c2ed5f0247b2a6837442e67887b6990e33f59687e29256ba51d5fe37106be43aa195481bade92b4f1477c3c6f53b28d3db8331f930d535055014425964f6ef512cd7e670824d3fb85d484eddd9b9f51ff3da3b4f6db2f008e3e14db9b768b62bec41f0a92ad1dae45e0563b06f6424119a7b59ad20a99c60f3a7b2f1963107792266db3dbd687f41d0e7ca63497acbe257661d43b895537fec28228743a80814fcfe1579ea93e28e4a4727546c147ef191c541363389d25824d4fe73ddc95355e1b84b8f25d09ae01c8a26065e342af1825caf68fdf03b36a374495eff10ce0b827b1f1f7e6a54afb4906492b032d70167a037d435c2fede018b9a65f3efa7e1b88705651d71b199a835edbe65407558f35a2e7d2e1a14d97828262323b89ec765f8a00ded5366bb1a9b6d0cdce52cafe918516480c6139172862c3b195f7e9edb1763071c5db61cc9f9d7827dd5dec2a47d795ef319f1944dd5a1b4a2e51e8bd3e31a59cddaabf5e7a68529933c3398dd21db83931dbe752672b380afc84a8dace35bef2f97f075b19b14bc60bb487a3b9b9c2edb0b59f97172abdd3dbec44c8744f67a8f7788019d1c5d5abf635c070935618892913ad87c3b56da49bd16b9435141ce92380fb3abc4522fd87ba92b7f9f7ef93d2146b90ec8d2ce1a5f8a98d967dd8559fce0b81cb6195cffe786d65dee2bfac79ea9bd603b641570ba910ea326669454cb05a06c8014d9686efc92a6f8da7135912a8e2ad9957fc3d0ffab6e7403da37d53cdb7cdc1b6c357e603d5ad8009851726f863bc16f3b2bc49b416290f47dbc7bc89bc878b660aa8c6ccdacedac878b5fea34dabf52b58c7a6ca1b0037fc010999d66d6344d286b3bf45280696bfcec2395fccae6dd95947877d52e263c886cbe6cd2edea38a9bbd89b2511dedd8bc4649d4089f4f578b2500d7451220b1e7c1ac4b741bf4f849633deb726c394642d80806ce2ebd515c2768e4948f9de8c5a6c7699dedfebc63e6dcfb1349dff61772e99035b5eb6e961dff4cb915adc3b62bd6217a0d92b1c48e541e1fef6aa961aac7bcde03e3e5d0408fc82d47267168ea92df3048790d12aeeab23d3e55c9a1d262429746bf3f2a3bbc4de4af187ff41cf71471950e0f4b3eec181081ddd00ca730bdf4fc63b1a7c048ae3b979f87e02a5212317a054206d03c502e199652a3fbb5aca2763deaa50526e2454b253c9f93cf99369c87db8f602d35ffbde81aeda2572158efd5871e00a035a4b2177595052deb09738f3ba7bc12860ed808bbd4f8050de591a2652083a76773c74e5fae97b8067396177724d9112b1f1ca80ff376daf128de274f26ab5bfb19b411d613ed875681267146951f60e6c6a247d71a918e29c0b91609b8e89fb7b958f8d2ef968a34a9f6f1a16a4aa5a2f672d89b847bcb6d4894bb769db0d31c926f570390ea3ad19ea3e98fec0610f05b736fbf9a8c882a92e5b62d98e41a7ef7514b3efd22ddacfeec79acc6d4ce6447dc8ebc4208888800fec1efa533d869ae9e6a336fcab2b289669223a0203dae7d1e574bf1cac63815f7bb6c4daff116828482db9f5455cc64a3b3d46194ce4141c2e24885a23cb236dff474188f5ad41d4feb9b8831700eff2aa698eef41475d334bb9c8cbbfd91a7107741e7e16028af1e1fd4738171c1957107ad0de74072364e8fc705ad3b05a278c1603edba32c2b4718b9198d4d48647da0be02e5e08401b063d0985d4d4404ef0fda9e2c8cb3d92a7adea3016ebcf87443a1c732aae0c59721b519296a82d3f94e8cd66b11eab51734b05d30c74f894d9cf4d9cb9c4588cba5a9dba8e109005c0535b744faa58ff96c255661e6160891922a1475df3dc8c74762b1e6c31352da4b0fcac6118789e5a044e82839f285a3b0967e0951f8590937dbee378780c67d5c62743fe85af5a39fc02694a9f6809ef4ce0b38622e54d85e24be01a6fd0313d2ee002dd2b2f06a32d6657cc6be4744df3fa2f4977b65fb2ff842c8ff750b62dc5e6927a2401d72bc9bc6eece3f0bac628e1214418e423560c3d0393e1437c35baca234c995bd6b8b1f5ac53671a22a4440c05c0192ea1361f65b60bea63839f4cebea31b95361925f8d5b64846c7941aa796b0a29b8bd1d64fc6a81f544e9ad964356eaa2eb813e6c04cd12fee28fb607355e79631076d2728373831e01da08cb3a035c6b5f99a91c99762ff722f81a2aa55183bb157c7d086c6e49bb6df2eab5b02a42d8886c19a36f93c2b6d1a548bb55a606917fa628134c0a3857297311a4e574125f457b00cd8b619191634a00d3868952043de65533a4cbebf4cec36bc9db225b7597fa0174b579bae95d98cc099b2de821a8f8f1684defdf4d7ad193484738b6e3609d02e8fb3057b88eb9d868c7e96d61f6e74beae668d16d426b708a02e132ad412d510f02825f592c7fb97cd3170760b589fa400c197777d41969e6cc02b302ed2c5befa37db7fbdc0ded2d3b2d328fec9f1b5b2b4d347ef674ed5f288f6e941a9abb659d14869a4c55647e74b85d0e07d37dafc6d87d6d256fa5baf4f0913c178201630b58480966dce5e8f9990b9c8666d7b3a16d4b6f4512f6c40c6e1cc04ebc2a673982591842b12d0628dbd94e31fb876b35063cf0f6658d152206c5b1e3f2f22ee6587e31eb03435f419f396aeb00d69e871a722297239e5b47d534ab03d4a9ab9ac32c4c7ee8e50d11381537010c702c9322abf0170248c8b6fd4561c002fd3fead18e08a7b6dafb28dc573c74f31ac1cc73a9641f638000abc66f1cbb30e44e533108397732b8513d880318fbc6109def1cf1308b69ad997eb142376658b66198d8855ceb210d641516796a619f2be01b337408b109d2d3c0b65234671768d7ca17302539bc9ccf806da853b871a6f86930f5c916820f2ea1c151b8e4bf85735c1a3f9890cab4b2c0b509bfdd4ea1671a1743ab8d0628d1d22b525efd19c6650f05f2b7e987bd6f301797d57e6c2126d1bb779e02f048705c137dc4cf70688c3848041f7fac6dc3739b69d528b66576a26976800cf4ce7d629d0a9904951c7014b711941bb24d43acca91492780dc1519e37e9a3e689d963853119ea31bafe0c055d97c955fbd9d6ebc8fc508e915494a2328b87bb95ac0703a3c9db775c1a5235e050caf20360689fecaac02106388193e25d7fde3fb937499fe9b13fc3bc516aa064fc8577349c667d3ea3058c004507825ff2e7f6a549ccbfada076488271072eb02c18a729abd2d17491bb3014f409c857390aa479fb0b31ae9810980a87bc88a2149cfffe346a9210741de00918dd49214b1fab081b474b7f7eb393d45e4d2121fb97a3364ff05ba3efe1975f1b24384e82cd6e6e6ff9fabb26f39d2be3a5855c4f3676ebc29b92185984d202f64b6b62a8e256761b304d78157291971cfea73dc5cf2ddc8166e3a91ffdb49bddd602757a711765ab1c98bdf0651e7169772fcc14c6c6ec67211a243992b86e5e6fc45cfe22374dfa4336d73b8fa17fca1c95414bbbf189c5fa9a5289d8e1349c095809d2f4d7b7edcbda9cd80abbcfe4b468ba3bfe3f00ccb89d0ffa78329cee8c19a1d51111f29470cc893ed2d97abd5de80cdb6097a9231f4086ecd2125559ab9d60b66428a1e602c4ad379ff015480"}}]}) close_range$auto(0x2, 0x8, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfdef) waitid$auto(0x9d4, 0xffffffffffffffff, 0x0, 0xfffffbff, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) msgsnd$auto(0xfffff800, 0x0, 0x1, 0x1) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r6, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) ioctl$auto_BINDER_SET_CONTEXT_MGR(r5, 0x40046207, 0x0) sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16, @ANYBLOB="81"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r2, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_KEY(r0, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000600)={&(0x7f0000002980)=ANY=[@ANYBLOB="d4020000", @ANYRES16=0x0, @ANYBLOB="040228bd7000fbdbdf25090000000500a30080000000b8022c80e800028044000080080002005b00000008000100060000000800010e000000000800020000000000080002008100000008000200090000000800010006000000080001000900000024000080080052aa2d23000008000200010000000800010081ffffff0800010001000100540000800800020009000000080001000101000008000100ff0000020800020005000000080001009324000008000100040000000800010004000000080002004000000008000100ed08000008000200000000000c00008008000200020000001c00008008000200ffffffff080002000700000008000100050000000800010093000000f40002803c000080080001007f0000000800010006000000080001000000000008000100ffff00000800020007000000080001000100010008000200ff7fffff3400008008000200070000000800010000020000080001000400000008000200b9ffffff08000200fb03000008000200b9a900002400008008000100050000000800020004000000080002000400000008000100010000003400008008000200010000000800020081000000080001004e9e0000080002000400000008000200020000000800020038000000140000800800010001000080080001003d0300001400008008000200000000000800020000000000040002805c000280340000800800020000030000080001000500000008000200050000000800010009000000080001008000000008000100ad0100002400008608000200070000000800020080000000080001000008000008000200000000e008000100090000000800010001000000580002802400008008000100070000000800010002000000080002000800000008000200480000000c000080080002000700000024000080080002000337990008000100a60f0000080002000500000008000100ff0300000800010010000000f03fa8f3642316313bef30226c470396107e7a7105441dc07c49a44e46f542d72716bdc3b5cff9903488129600e284c3b0f369cd37abc54058c3cf1710de6481a771499f094c2878b9d10f11ffb194ddcbd9f0d672b301b8bf2deb1bc57b4fe7e87b0e0996291d70ba66184960088a3d7b3a6942a9bdb9fe2800d12a9b4f7d9128496e07d14e5dc1d5e1c9e0c90c5d7a2960dd28741b5763e924c13e307d0fae8de5d7d1d07d0376e2cefe"], 0x2d4}, 0x1, 0x0, 0x0, 0x80}, 0x11) 1.221427946s ago: executing program 1 (id=5388): r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x8300, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/bdi/1:11/stable_pages_required\x00', 0x20400, 0x0) shmctl$auto_SHM_LOCK(0x2, 0xb, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) socket(0x18, 0x800, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x1, 0x0) sysfs$auto(0x2, 0x1f, 0x0) fsopen$auto(0x0, 0x1) r2 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r2, 0x0, 0x17) close_range$auto(0x2, 0x8, 0x0) fallocate$auto(r1, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x0) getdents$auto(r3, 0x0, 0x62d4) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x4) write$auto_cpu_latency_qos_fops_qos(0xffffffffffffffff, &(0x7f00000000c0)="4d46f158ba101c8c2d9356700b866489eff04b4760b3539b045b1af49ea855e368af3d1e6e1f4357d9e208a8ed480f4eff72480ed222ec48dbb1c4c6d0fd8e8a7b798aa8066160cb78be83de9b691f6907f58b4f87e18d4d420de6c18f156d749715ddbf8127891d08247d8c919da0fbb26ace2399e1c632f1e2b0c8ffe8ce7dc7b80b98438f066bd662d0d89bd610fc61883c13fe44afc3e67b91241c5cf586c524a26879", 0xa5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = getpid() sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)=ANY=[@ANYRES16=0x0, @ANYBLOB="010027"], 0x14}, 0x1, 0x0, 0x0, 0xf2b0dd16cfb63227}, 0x800) process_vm_readv$auto(r4, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r5) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x74, r6, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_COLOR_CHANGE_ELEMS={0x60, 0x131, 0x0, 0x1, [@NL80211_ATTR_TID_CONFIG={0x40, 0x11d, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x3}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x8}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x3}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}]}]}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x2}, @NL80211_ATTR_FREQ_FIXED={0x4}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0x8}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x20048014) 1.219787646s ago: executing program 3 (id=5389): r0 = socket(0xa, 0x3, 0x3b) waitid$auto(0x8, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x2, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x4, 0x800) mmap$auto(0x0, 0x800e983, 0xdf, 0xeb1, r1, 0x8000) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x5, 0x0) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) writev$auto(r3, &(0x7f0000000300)={&(0x7f0000000200), 0x200}, 0x3) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram2\x00', 0xac402, 0x0) r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyc0\x00', 0x585800, 0x0) sendfile$auto(r6, r5, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4) bpf$auto(0x12, 0x0, 0x26) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) fstat$auto(r7, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x4610, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d7) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000000), r0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r4, 0x8000) 794.316021ms ago: executing program 4 (id=5390): r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000000), 0x50002, 0x0) r1 = socket(0xa, 0x3, 0x3a) setsockopt$auto(r1, 0x29, 0xcf, 0x0, 0x1) r2 = openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x0, 0x0) read$auto_drm_connector_fops_drm_debugfs(r2, &(0x7f0000000040)=""/99, 0x63) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x200, 0x0) r4 = epoll_create$auto(0x200004) epoll_ctl$auto(r4, 0x1, r3, 0x0) ioctl$auto_BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(r2, r0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)={0x14, r5, 0x936355e497c8b7e5, 0x70bd25, 0x25dddbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) 432.779511ms ago: executing program 1 (id=5391): close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) time$auto(&(0x7f0000000000)=0x101) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/clear_refs\x00', 0xfa140, 0x0) r1 = waitid$auto(0x5, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0x8, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) prctl$auto(0x5, 0x80000000, r1, 0x78, 0x8) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r2, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) open(0x0, 0x22240, 0x147) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0xffffffffffffffff, 0x20007, 0x0, 0x0, 0x0, 0xffffffff) syz_clone(0x12000, 0x0, 0x0, 0x0, 0x0, 0x0) setresgid$auto(0x0, 0x0, 0x0) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x2000, 0x0) ioctl$auto(r3, 0x961064a0, 0x600000000200007) shmctl$auto_SHM_STAT(0x8b1, 0xd, 0x0) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x35c9, &(0x7f00000004c0)={{0x800, 0x3ff}, {0x9, 0x3}, 0x3, 0x3d, 0x7ff, 0x9, 0x1, 0x6, 0x7, 0x5, 0x7, 0xfffffffffffffffc, 0x5, 0x7f, 0x4, 0xf08}) shmctl$auto_SHM_STAT(0x1, 0xd, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0) write$auto_tty_fops_tty_io(r4, &(0x7f00000001c0)="45064c26a9b623d4d4f71bb38a2b23ee98135322dc51f0e04ef14299b57662a5a410faf47410dae85937debd718bfb464adeac10a5b80dd3cadca6bd35837809c12f54724b31f83cdc41ca60cc9c9403aabdf3426ebeb25870e527235f", 0x5d) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b"}, 0x6, 0x3, 0xff) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x8800, 0x0) 342.624741ms ago: executing program 4 (id=5392): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio1\x00', 0x20342, 0x0) r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000004c0), 0x2202, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_WRITE(r1, 0x40085503, &(0x7f0000000340)={0xf, 0x0, 0xffffff7c}) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x8040, 0x0) ioctl$auto_IOCTL_VMCI_VERSION(r2, 0x79f, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1e9a42, 0x0) timer_create$auto(0x9, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="69b5b2dfdabb136c46000229"], 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4000000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r3 = socket(0x2, 0x1, 0x0) bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0xb2c, 0x2, 0x20000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1bff, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x5, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0x100085) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0x26, 0x1, 0xfe) 246.472093ms ago: executing program 2 (id=5393): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00', @ANYRES16, @ANYBLOB="e958e86e5bafd39a3f8aa96117ffbe687c"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x1, &(0x7f00000000c0)={&(0x7f0000000340), 0xf1f}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0) 239.578065ms ago: executing program 3 (id=5394): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4a42, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) r2 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r2, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x24, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x108) ioctl$auto_SNDCTL_DSP_GETIPTR(r0, 0x800c5011, &(0x7f0000000040)="58b310c51b19eeafcd466fbae644b3e03791c6d3e0263e90f3ed0e0439365eda37d57133daff50416616903e4bfffde5dde5c45ebb4af6f13b1bb835233ca8a7f18aaeb6394d72d3b0b1bbf40cfb69d9a5346c7545e24c2c93a38abbfebc2eb939b70d7fe951fd5f0cb30283825184f4bbd7a00a176bd91e7d1d85bedf4f37589197fc4d54632a1706984c5db1415c03ccdf880ed725a9b3e9af2d87f1a186b1085a82f39d38d772b2c97194e2d8e8affa37a6") 0s ago: executing program 2 (id=5395): r0 = openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000000), 0xc000, 0x0) close_range$auto(r0, r0, 0xffff) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) kernel console output (not intermixed with test programs): ) [ 1789.550971][T32220] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1789.550979][T32220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1789.550989][T32220] Call Trace: [ 1789.550994][T32220] [ 1789.551001][T32220] dump_stack_lvl+0x100/0x190 [ 1789.551029][T32220] should_fail_ex.cold+0x5/0xa [ 1789.551047][T32220] _copy_from_user+0x2e/0xd0 [ 1789.551073][T32220] do_sock_getsockopt+0x30b/0x3d0 [ 1789.551096][T32220] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1789.551118][T32220] ? 0xffffffffff600000 [ 1789.551137][T32220] __sys_getsockopt+0x133/0x1d0 [ 1789.551155][T32220] ? 0xffffffffff600000 [ 1789.551167][T32220] ? __pfx_ksys_write+0x10/0x10 [ 1789.551193][T32220] ? __x64_sys_getsockopt+0xbd/0x160 [ 1789.551209][T32220] __x64_sys_getsockopt+0xbd/0x160 [ 1789.551225][T32220] ? do_syscall_64+0x95/0xf80 [ 1789.551244][T32220] ? lockdep_hardirqs_on+0x78/0x100 [ 1789.551261][T32220] do_syscall_64+0x106/0xf80 [ 1789.551277][T32220] ? clear_bhb_loop+0x40/0x90 [ 1789.551296][T32220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1789.551311][T32220] RIP: 0033:0x7f64a519c799 [ 1789.551324][T32220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1789.551342][T32220] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 1789.551358][T32220] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1789.551369][T32220] RDX: 0000000000002721 RSI: 0000000000000114 RDI: 0000000000000003 [ 1789.551378][T32220] RBP: 00007f64a6054090 R08: 0000000000000000 R09: 0000000000000000 [ 1789.551387][T32220] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 1789.551397][T32220] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1789.551410][T32220] ? 0xffffffffff600000 [ 1789.551427][T32220] [ 1791.847812][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1791.855108][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1792.851163][ C0] vcan0: j1939_tp_rxtimer: 0xffff888059063000: rx timeout, send abort [ 1792.861632][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888059063000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1793.743070][T32293] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1793.770752][T32293] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1793.792019][T32293] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1793.814738][T32293] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1794.157738][ C0] vcan0: j1939_tp_rxtimer: 0xffff888059062c00: rx timeout, send abort [ 1794.166368][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888059062c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 1794.454376][T32332] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4451'. [ 1794.965840][ T5838] Bluetooth: hci4: command 0x0c1a tx timeout [ 1795.174464][T32344] FAULT_INJECTION: forcing a failure. [ 1795.174464][T32344] name failslab, interval 1, probability 0, space 0, times 0 [ 1795.222951][T32346] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4455'. [ 1795.293783][T32344] CPU: 0 UID: 0 PID: 32344 Comm: syz.3.4454 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1795.293819][T32344] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1795.293828][T32344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1795.293838][T32344] Call Trace: [ 1795.293844][T32344] [ 1795.293851][T32344] dump_stack_lvl+0x100/0x190 [ 1795.293878][T32344] should_fail_ex.cold+0x5/0xa [ 1795.293897][T32344] should_failslab+0xc2/0x120 [ 1795.293914][T32344] __kvmalloc_node_noprof+0xfa/0xa00 [ 1795.293936][T32344] ? seq_read_iter+0x819/0x1270 [ 1795.293963][T32344] seq_read_iter+0x819/0x1270 [ 1795.293986][T32344] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1795.294015][T32344] kernfs_fop_read_iter+0x46c/0x610 [ 1795.294036][T32344] copy_splice_read+0x4ba/0xb90 [ 1795.294066][T32344] ? __pfx_copy_splice_read+0x10/0x10 [ 1795.294091][T32344] ? look_up_lock_class+0x55/0x120 [ 1795.294113][T32344] ? lockdep_init_map_type+0x5c/0x250 [ 1795.294134][T32344] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1795.294159][T32344] ? __pfx_copy_splice_read+0x10/0x10 [ 1795.294181][T32344] do_splice_read+0x285/0x370 [ 1795.294207][T32344] splice_direct_to_actor+0x2a1/0xa30 [ 1795.294232][T32344] ? __pfx_direct_splice_actor+0x10/0x10 [ 1795.294259][T32344] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1795.294289][T32344] do_splice_direct+0x174/0x240 [ 1795.294304][T32344] ? __pfx_do_splice_direct+0x10/0x10 [ 1795.294329][T32344] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1795.294355][T32344] ? rw_verify_area+0xce/0x6d0 [ 1795.294377][T32344] do_sendfile+0xadc/0xe20 [ 1795.294403][T32344] ? __pfx_do_sendfile+0x10/0x10 [ 1795.294426][T32344] ? __fget_files+0x21f/0x3d0 [ 1795.294451][T32344] __x64_sys_sendfile64+0x1d8/0x220 [ 1795.294468][T32344] ? ksys_write+0x1ac/0x250 [ 1795.294490][T32344] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1795.294513][T32344] do_syscall_64+0x106/0xf80 [ 1795.294530][T32344] ? clear_bhb_loop+0x40/0x90 [ 1795.294549][T32344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1795.294564][T32344] RIP: 0033:0x7ff001f9c799 [ 1795.294578][T32344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1795.294592][T32344] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1795.294608][T32344] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1795.294619][T32344] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1795.294628][T32344] RBP: 00007ff0001f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1795.294637][T32344] R10: 00000000000007cc R11: 0000000000000246 R12: 0000000000000001 [ 1795.294646][T32344] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1795.294666][T32344] [ 1795.953686][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 1795.959702][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 1795.967851][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 1796.846120][T32367] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4461'. [ 1797.226670][T32381] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4466'. [ 1797.346969][T32383] FAULT_INJECTION: forcing a failure. [ 1797.346969][T32383] name failslab, interval 1, probability 0, space 0, times 0 [ 1797.420448][T32383] CPU: 0 UID: 0 PID: 32383 Comm: syz.4.4467 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1797.420486][T32383] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1797.420495][T32383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1797.420506][T32383] Call Trace: [ 1797.420512][T32383] [ 1797.420518][T32383] dump_stack_lvl+0x100/0x190 [ 1797.420549][T32383] should_fail_ex.cold+0x5/0xa [ 1797.420568][T32383] should_failslab+0xc2/0x120 [ 1797.420585][T32383] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1797.420608][T32383] ? security_file_alloc+0x34/0x2c0 [ 1797.420624][T32383] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1797.420644][T32383] security_file_alloc+0x34/0x2c0 [ 1797.420660][T32383] init_file+0x95/0x480 [ 1797.420678][T32383] alloc_empty_file+0x73/0x1c0 [ 1797.420697][T32383] path_openat+0xe8/0x31a0 [ 1797.420712][T32383] ? kasan_save_stack+0x3f/0x50 [ 1797.420733][T32383] ? kasan_save_stack+0x30/0x50 [ 1797.420753][T32383] ? kasan_save_track+0x14/0x30 [ 1797.420774][T32383] ? __kasan_slab_alloc+0x89/0x90 [ 1797.420786][T32383] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1797.420807][T32383] ? do_getname+0x35/0x390 [ 1797.420823][T32383] ? do_sys_openat2+0xc5/0x1e0 [ 1797.420841][T32383] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1797.420860][T32383] ? __pfx_path_openat+0x10/0x10 [ 1797.420882][T32383] do_file_open+0x20e/0x430 [ 1797.420898][T32383] ? __pfx_do_file_open+0x10/0x10 [ 1797.420927][T32383] ? alloc_fd+0x476/0x790 [ 1797.420943][T32383] ? do_getname+0x191/0x390 [ 1797.420962][T32383] do_sys_openat2+0x10d/0x1e0 [ 1797.420981][T32383] ? __pfx_do_sys_openat2+0x10/0x10 [ 1797.421007][T32383] __x64_sys_openat+0x12d/0x210 [ 1797.421026][T32383] ? __pfx___x64_sys_openat+0x10/0x10 [ 1797.421053][T32383] do_syscall_64+0x106/0xf80 [ 1797.421071][T32383] ? clear_bhb_loop+0x40/0x90 [ 1797.421089][T32383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1797.421104][T32383] RIP: 0033:0x7fccd159c799 [ 1797.421118][T32383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1797.421132][T32383] RSP: 002b:00007fccd238b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1797.421147][T32383] RAX: ffffffffffffffda RBX: 00007fccd1815fa0 RCX: 00007fccd159c799 [ 1797.421158][T32383] RDX: 0000000000080202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1797.421168][T32383] RBP: 00007fccd1632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1797.421177][T32383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1797.421187][T32383] R13: 00007fccd1816038 R14: 00007fccd1815fa0 R15: 00007ffe47eb9a28 [ 1797.421207][T32383] [ 1799.870574][T27030] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 1799.947644][T32440] tipc: Started in network mode [ 1799.999600][T32440] tipc: Node identity ee00, cluster identity 4711 [ 1800.064246][T32440] tipc: Node number set to 60928 [ 1800.646618][T32456] FAULT_INJECTION: forcing a failure. [ 1800.646618][T32456] name failslab, interval 1, probability 0, space 0, times 0 [ 1800.704533][T32456] CPU: 0 UID: 0 PID: 32456 Comm: syz.3.4483 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1800.704570][T32456] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1800.704579][T32456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1800.704589][T32456] Call Trace: [ 1800.704595][T32456] [ 1800.704602][T32456] dump_stack_lvl+0x100/0x190 [ 1800.704629][T32456] should_fail_ex.cold+0x5/0xa [ 1800.704648][T32456] should_failslab+0xc2/0x120 [ 1800.704664][T32456] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1800.704686][T32456] ? alloc_empty_file+0x55/0x1c0 [ 1800.704706][T32456] ? __pfx_stack_trace_save+0x10/0x10 [ 1800.704724][T32456] alloc_empty_file+0x55/0x1c0 [ 1800.704743][T32456] path_openat+0xe8/0x31a0 [ 1800.704757][T32456] ? kasan_save_stack+0x3f/0x50 [ 1800.704779][T32456] ? kasan_save_stack+0x30/0x50 [ 1800.704799][T32456] ? kasan_save_track+0x14/0x30 [ 1800.704819][T32456] ? __kasan_slab_alloc+0x89/0x90 [ 1800.704832][T32456] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1800.704852][T32456] ? do_getname+0x35/0x390 [ 1800.704870][T32456] ? do_sys_openat2+0xc5/0x1e0 [ 1800.704889][T32456] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1800.704907][T32456] ? __pfx_path_openat+0x10/0x10 [ 1800.704929][T32456] do_file_open+0x20e/0x430 [ 1800.704946][T32456] ? __pfx_do_file_open+0x10/0x10 [ 1800.704975][T32456] ? alloc_fd+0x476/0x790 [ 1800.704991][T32456] ? do_getname+0x191/0x390 [ 1800.705019][T32456] do_sys_openat2+0x10d/0x1e0 [ 1800.705039][T32456] ? __pfx_do_sys_openat2+0x10/0x10 [ 1800.705066][T32456] __x64_sys_openat+0x12d/0x210 [ 1800.705087][T32456] ? __pfx___x64_sys_openat+0x10/0x10 [ 1800.705116][T32456] do_syscall_64+0x106/0xf80 [ 1800.705134][T32456] ? clear_bhb_loop+0x40/0x90 [ 1800.705152][T32456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1800.705168][T32456] RIP: 0033:0x7ff001f9c799 [ 1800.705182][T32456] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1800.705196][T32456] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1800.705211][T32456] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1800.705221][T32456] RDX: 0000000000080201 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 1800.705231][T32456] RBP: 00007ff002032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1800.705240][T32456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1800.705249][T32456] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1800.705270][T32456] [ 1801.225102][T32469] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 1801.745298][T32475] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 1802.613941][T32494] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4492'. [ 1806.302727][T32573] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4511'. [ 1807.190854][T32593] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1808.531371][T32625] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4523'. [ 1808.560373][T32628] FAULT_INJECTION: forcing a failure. [ 1808.560373][T32628] name failslab, interval 1, probability 0, space 0, times 0 [ 1808.601566][T32628] CPU: 0 UID: 0 PID: 32628 Comm: syz.2.4524 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1808.601603][T32628] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1808.601613][T32628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1808.601623][T32628] Call Trace: [ 1808.601630][T32628] [ 1808.601637][T32628] dump_stack_lvl+0x100/0x190 [ 1808.601669][T32628] should_fail_ex.cold+0x5/0xa [ 1808.601688][T32628] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1808.601708][T32628] should_failslab+0xc2/0x120 [ 1808.601724][T32628] __kmalloc_noprof+0xe0/0x850 [ 1808.601751][T32628] tomoyo_realpath_from_path+0xb6/0x690 [ 1808.601774][T32628] tomoyo_check_open_permission+0x2af/0x3c0 [ 1808.601799][T32628] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1808.601847][T32628] ? do_raw_spin_lock+0x128/0x260 [ 1808.601871][T32628] ? path_get+0x61/0x80 [ 1808.601891][T32628] tomoyo_file_open+0x6b/0x90 [ 1808.601911][T32628] security_file_open+0xb5/0x1e0 [ 1808.601927][T32628] do_dentry_open+0x5aa/0x1660 [ 1808.601944][T32628] ? security_inode_permission+0xbf/0x250 [ 1808.601970][T32628] vfs_open+0x82/0x3f0 [ 1808.601990][T32628] path_openat+0x208c/0x31a0 [ 1808.602012][T32628] ? __pfx_path_openat+0x10/0x10 [ 1808.602035][T32628] do_file_open+0x20e/0x430 [ 1808.602051][T32628] ? __pfx_do_file_open+0x10/0x10 [ 1808.602084][T32628] ? alloc_fd+0x476/0x790 [ 1808.602101][T32628] ? do_getname+0x191/0x390 [ 1808.602121][T32628] do_sys_openat2+0x10d/0x1e0 [ 1808.602140][T32628] ? __pfx_do_sys_openat2+0x10/0x10 [ 1808.602160][T32628] ? __fget_files+0x21f/0x3d0 [ 1808.602178][T32628] __x64_sys_openat+0x12d/0x210 [ 1808.602198][T32628] ? __pfx___x64_sys_openat+0x10/0x10 [ 1808.602224][T32628] do_syscall_64+0x106/0xf80 [ 1808.602242][T32628] ? clear_bhb_loop+0x40/0x90 [ 1808.602260][T32628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1808.602276][T32628] RIP: 0033:0x7f64a519c799 [ 1808.602291][T32628] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1808.602306][T32628] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1808.602321][T32628] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1808.602332][T32628] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1808.602341][T32628] RBP: 00007f64a5232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1808.602351][T32628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1808.602360][T32628] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1808.602380][T32628] [ 1808.602388][T32628] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1809.188276][T32633] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4526'. [ 1809.859037][T32653] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4531'. [ 1810.601012][T32666] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4533'. [ 1810.999163][T32672] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 1811.681095][T32689] FAULT_INJECTION: forcing a failure. [ 1811.681095][T32689] name failslab, interval 1, probability 0, space 0, times 0 [ 1811.795036][T32689] CPU: 0 UID: 0 PID: 32689 Comm: syz.2.4537 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1811.795073][T32689] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1811.795082][T32689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1811.795093][T32689] Call Trace: [ 1811.795099][T32689] [ 1811.795105][T32689] dump_stack_lvl+0x100/0x190 [ 1811.795134][T32689] should_fail_ex.cold+0x5/0xa [ 1811.795153][T32689] should_failslab+0xc2/0x120 [ 1811.795168][T32689] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1811.795189][T32689] ? alloc_empty_file+0x55/0x1c0 [ 1811.795208][T32689] ? __pfx_stack_trace_save+0x10/0x10 [ 1811.795225][T32689] alloc_empty_file+0x55/0x1c0 [ 1811.795244][T32689] path_openat+0xe8/0x31a0 [ 1811.795258][T32689] ? kasan_save_stack+0x3f/0x50 [ 1811.795280][T32689] ? kasan_save_stack+0x30/0x50 [ 1811.795300][T32689] ? kasan_save_track+0x14/0x30 [ 1811.795321][T32689] ? __kasan_slab_alloc+0x89/0x90 [ 1811.795334][T32689] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1811.795355][T32689] ? do_getname+0x35/0x390 [ 1811.795371][T32689] ? do_sys_openat2+0xc5/0x1e0 [ 1811.795390][T32689] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1811.795409][T32689] ? __pfx_path_openat+0x10/0x10 [ 1811.795431][T32689] do_file_open+0x20e/0x430 [ 1811.795448][T32689] ? __pfx_do_file_open+0x10/0x10 [ 1811.795519][T32689] ? alloc_fd+0x476/0x790 [ 1811.795537][T32689] ? do_getname+0x191/0x390 [ 1811.795557][T32689] do_sys_openat2+0x10d/0x1e0 [ 1811.795576][T32689] ? __pfx_do_sys_openat2+0x10/0x10 [ 1811.795598][T32689] ? __fget_files+0x21f/0x3d0 [ 1811.795615][T32689] __x64_sys_openat+0x12d/0x210 [ 1811.795635][T32689] ? __pfx___x64_sys_openat+0x10/0x10 [ 1811.795662][T32689] do_syscall_64+0x106/0xf80 [ 1811.795679][T32689] ? clear_bhb_loop+0x40/0x90 [ 1811.795697][T32689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1811.795716][T32689] RIP: 0033:0x7f64a519c799 [ 1811.795730][T32689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1811.795745][T32689] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1811.795761][T32689] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1811.795771][T32689] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1811.795781][T32689] RBP: 00007f64a5232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1811.795791][T32689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1811.795800][T32689] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1811.795821][T32689] [ 1812.509454][T32701] vivid-007: ================= START STATUS ================= [ 1812.537546][T32701] vivid-007: Generate PTS: true [ 1812.548627][T32701] vivid-007: Generate SCR: true [ 1812.558399][T32701] tpg source WxH: 320x240 (Y'CbCr) [ 1812.564174][T32701] tpg field: 1 [ 1812.570692][T32701] tpg crop: (0,0)/320x240 [ 1812.588426][T32701] tpg compose: (0,0)/320x240 [ 1812.593099][T32701] tpg colorspace: 8 [ 1812.605485][T32701] tpg transfer function: 0/0 [ 1812.610178][T32701] tpg Y'CbCr encoding: 0/0 [ 1812.634062][T32701] tpg quantization: 0/0 [ 1812.638241][T32701] tpg RGB range: 0/2 [ 1812.664843][T32701] vivid-007: ================== END STATUS ================== [ 1812.730688][ T3530] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1812.921718][ T3530] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1813.041028][ T3530] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1813.197849][ T3530] netdevsim netdevsim0 netdevsim0 (unregistering): left allmulticast mode [ 1813.274509][ T3530] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1813.703809][ T3530] bridge_slave_1: left allmulticast mode [ 1813.733760][ T3530] bridge_slave_1: left promiscuous mode [ 1813.756204][ T3530] bridge0: port 2(bridge_slave_1) entered disabled state [ 1813.791110][T32727] nfs: Unknown parameter 'nl802154' [ 1813.877430][ T3530] bridge_slave_0: left allmulticast mode [ 1813.913818][ T3530] bridge_slave_0: left promiscuous mode [ 1813.919571][ T3530] bridge0: port 1(bridge_slave_0) entered disabled state [ 1814.010474][T32734] block nbd0: NBD_DISCONNECT [ 1814.260367][T32741] FAULT_INJECTION: forcing a failure. [ 1814.260367][T32741] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1814.343932][T32741] CPU: 0 UID: 0 PID: 32741 Comm: syz.4.4551 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1814.343968][T32741] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1814.343976][T32741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1814.343985][T32741] Call Trace: [ 1814.343991][T32741] [ 1814.343997][T32741] dump_stack_lvl+0x100/0x190 [ 1814.344023][T32741] should_fail_ex.cold+0x5/0xa [ 1814.344042][T32741] _copy_from_user+0x2e/0xd0 [ 1814.344067][T32741] sk_setsockopt+0x2ee/0x5230 [ 1814.344087][T32741] ? __pfx___might_resched+0x10/0x10 [ 1814.344119][T32741] ? __pfx_sk_setsockopt+0x10/0x10 [ 1814.344139][T32741] ? ksys_write+0x190/0x250 [ 1814.344163][T32741] ? __pfx_aa_sk_perm+0x10/0x10 [ 1814.344189][T32741] ? find_held_lock+0x2b/0x80 [ 1814.344205][T32741] ? aa_sock_opt_perm+0xfe/0x1b0 [ 1814.344228][T32741] do_sock_setsockopt+0x193/0x1d0 [ 1814.344251][T32741] __sys_setsockopt+0x119/0x190 [ 1814.344272][T32741] __x64_sys_setsockopt+0xbd/0x160 [ 1814.344288][T32741] ? do_syscall_64+0x95/0xf80 [ 1814.344306][T32741] ? lockdep_hardirqs_on+0x78/0x100 [ 1814.344323][T32741] do_syscall_64+0x106/0xf80 [ 1814.344339][T32741] ? clear_bhb_loop+0x40/0x90 [ 1814.344359][T32741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1814.344374][T32741] RIP: 0033:0x7fccd159c799 [ 1814.344388][T32741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1814.344403][T32741] RSP: 002b:00007fccd238b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1814.344418][T32741] RAX: ffffffffffffffda RBX: 00007fccd1815fa0 RCX: 00007fccd159c799 [ 1814.344428][T32741] RDX: 000000000000004a RSI: 0000000000000001 RDI: 0000000000000003 [ 1814.344437][T32741] RBP: 00007fccd238b090 R08: 0000000000000009 R09: 0000000000000000 [ 1814.344446][T32741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1814.344455][T32741] R13: 00007fccd1816038 R14: 00007fccd1815fa0 R15: 00007ffe47eb9a28 [ 1814.344475][T32741] [ 1814.805105][T32755] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4553'. [ 1815.038672][ T3530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1815.058181][ T3530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1815.069848][ T3530] bond0 (unregistering): Released all slaves [ 1815.874782][ T306] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4556'. [ 1815.901560][ T3530] hsr_slave_0: left promiscuous mode [ 1815.915870][ T3530] hsr_slave_1: left promiscuous mode [ 1815.949269][ T3530] veth1_macvtap: left promiscuous mode [ 1815.968946][ T3530] veth0_macvtap: left promiscuous mode [ 1815.988255][ T3530] veth1_vlan: left promiscuous mode [ 1816.005711][ T3530] veth0_vlan: left promiscuous mode [ 1816.133358][ T314] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4557'. [ 1816.190347][ T3530] pim6reg (unregistering): left allmulticast mode [ 1816.470705][ T3530] team0 (unregistering): Port device team_slave_1 removed [ 1816.485342][ T3530] team0 (unregistering): Port device team_slave_0 removed [ 1816.775863][ T322] netlink: 93 bytes leftover after parsing attributes in process `syz.4.4558'. [ 1817.500653][ T336] netlink: 338 bytes leftover after parsing attributes in process `syz.3.4561'. [ 1820.233043][ T403] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4573'. [ 1821.163264][ T423] futex_wake_op: syz.1.4576 tries to shift op by -2048; fix this program [ 1822.461180][ T441] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1823.994658][ T481] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4587'. [ 1824.006478][ T472] zswap: compressor not available [ 1824.042130][ T464] kvm: kvm [460]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x1 [ 1825.721847][ T510] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4595'. [ 1825.819074][ T516] netlink: 93 bytes leftover after parsing attributes in process `syz.1.4597'. [ 1826.769186][ T529] program syz.1.4600 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1829.096263][ T604] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4614'. [ 1830.196762][ T632] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1832.046163][ T682] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1834.834510][ T739] zswap: compressor not available [ 1836.442699][ T803] FAULT_INJECTION: forcing a failure. [ 1836.442699][ T803] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1836.511674][ T803] CPU: 0 UID: 0 PID: 803 Comm: syz.1.4654 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1836.511710][ T803] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1836.511719][ T803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1836.511729][ T803] Call Trace: [ 1836.511735][ T803] [ 1836.511741][ T803] dump_stack_lvl+0x100/0x190 [ 1836.511768][ T803] should_fail_ex.cold+0x5/0xa [ 1836.511787][ T803] get_futex_key+0x1d2/0x1620 [ 1836.511808][ T803] ? __pfx_get_futex_key+0x10/0x10 [ 1836.511832][ T803] futex_wake+0xea/0x530 [ 1836.511856][ T803] ? __pfx_futex_wake+0x10/0x10 [ 1836.511881][ T803] ? do_vfs_ioctl+0x226/0x13e0 [ 1836.511905][ T803] do_futex+0x32b/0x350 [ 1836.511924][ T803] ? __pfx_do_futex+0x10/0x10 [ 1836.511944][ T803] ? find_held_lock+0x2b/0x80 [ 1836.511961][ T803] __x64_sys_futex+0x34f/0x4d0 [ 1836.511981][ T803] ? __fget_files+0x21f/0x3d0 [ 1836.511996][ T803] ? __pfx___x64_sys_futex+0x10/0x10 [ 1836.512016][ T803] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 1836.512035][ T803] ? syscall_user_dispatch+0x76/0x130 [ 1836.512059][ T803] do_syscall_64+0x106/0xf80 [ 1836.512081][ T803] ? clear_bhb_loop+0x40/0x90 [ 1836.512100][ T803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1836.512116][ T803] RIP: 0033:0x7f5dd959c799 [ 1836.512130][ T803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1836.512146][ T803] RSP: 002b:00007f5dda3f30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1836.512162][ T803] RAX: ffffffffffffffda RBX: 00007f5dd9815fa8 RCX: 00007f5dd959c799 [ 1836.512173][ T803] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5dd9815fac [ 1836.512182][ T803] RBP: 00007f5dd9815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1836.512191][ T803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1836.512200][ T803] R13: 00007f5dd9816038 R14: 00007ffd201ed000 R15: 00007ffd201ed0e8 [ 1836.512220][ T803] [ 1838.042242][ T852] Invalid ELF header magic: != ELF [ 1839.417692][ T877] zswap: compressor not available [ 1840.155430][ T900] bridge0: port 3(gretap0) entered blocking state [ 1840.299535][ T900] bridge0: port 3(gretap0) entered disabled state [ 1840.376269][ T900] gretap0: entered allmulticast mode [ 1840.412989][ T910] input: f¬ as /devices/virtual/input/input16 [ 1840.452458][ T900] gretap0: entered promiscuous mode [ 1840.532672][ T900] FAULT_INJECTION: forcing a failure. [ 1840.532672][ T900] name failslab, interval 1, probability 0, space 0, times 0 [ 1840.557235][ T910] zram: Removed device: zram0 [ 1840.700394][ T900] CPU: 0 UID: 0 PID: 900 Comm: syz.2.4667 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1840.700438][ T900] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1840.700448][ T900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1840.700457][ T900] Call Trace: [ 1840.700463][ T900] [ 1840.700470][ T900] dump_stack_lvl+0x100/0x190 [ 1840.700499][ T900] should_fail_ex.cold+0x5/0xa [ 1840.700518][ T900] should_failslab+0xc2/0x120 [ 1840.700535][ T900] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1840.700555][ T900] ? nbp_vlan_add+0x1eb/0x3e0 [ 1840.700579][ T900] nbp_vlan_add+0x1eb/0x3e0 [ 1840.700597][ T900] nbp_vlan_init+0x373/0x500 [ 1840.700613][ T900] ? __pfx_nbp_vlan_init+0x10/0x10 [ 1840.700633][ T900] ? __local_bh_enable_ip+0x9e/0x120 [ 1840.700649][ T900] ? lockdep_hardirqs_on+0x78/0x100 [ 1840.700667][ T900] ? br_fdb_add_local+0x43/0x60 [ 1840.700694][ T900] ? __local_bh_enable_ip+0x9e/0x120 [ 1840.700714][ T900] br_add_if+0xf79/0x1b40 [ 1840.700730][ T900] ? veth_get_iflink+0x2a3/0x2c0 [ 1840.700752][ T900] add_del_if+0x114/0x160 [ 1840.700770][ T900] br_dev_siocdevprivate+0x8ac/0x1650 [ 1840.700788][ T900] ? __lock_acquire+0x4a5/0x2630 [ 1840.700808][ T900] ? __pfx_br_dev_siocdevprivate+0x10/0x10 [ 1840.700832][ T900] ? do_raw_spin_lock+0x128/0x260 [ 1840.700857][ T900] ? mark_held_locks+0x40/0x70 [ 1840.700878][ T900] ? netdev_name_node_lookup+0x107/0x150 [ 1840.700893][ T900] ? __mutex_lock+0x26a/0x1b90 [ 1840.700913][ T900] dev_ifsioc+0xc1e/0x1e90 [ 1840.700931][ T900] ? __pfx_dev_ifsioc+0x10/0x10 [ 1840.700947][ T900] ? __pfx___mutex_lock+0x10/0x10 [ 1840.700974][ T900] ? dev_load+0x8e/0x240 [ 1840.700988][ T900] ? dev_load+0x8e/0x240 [ 1840.701007][ T900] dev_ioctl+0x70e/0x1070 [ 1840.701025][ T900] sock_ioctl+0x494/0x6b0 [ 1840.701051][ T900] ? __pfx_sock_ioctl+0x10/0x10 [ 1840.701072][ T900] ? hook_file_ioctl_common+0x146/0x410 [ 1840.701101][ T900] ? __fget_files+0x21f/0x3d0 [ 1840.701117][ T900] ? __pfx_sock_ioctl+0x10/0x10 [ 1840.701140][ T900] __x64_sys_ioctl+0x18e/0x210 [ 1840.701165][ T900] do_syscall_64+0x106/0xf80 [ 1840.701183][ T900] ? clear_bhb_loop+0x40/0x90 [ 1840.701202][ T900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1840.701218][ T900] RIP: 0033:0x7f64a519c799 [ 1840.701232][ T900] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1840.701247][ T900] RSP: 002b:00007f64a6012028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1840.701263][ T900] RAX: ffffffffffffffda RBX: 00007f64a5416180 RCX: 00007f64a519c799 [ 1840.701275][ T900] RDX: 0000200000000040 RSI: 00000000000089fc RDI: 0000000000000008 [ 1840.701285][ T900] RBP: 00007f64a5232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1840.701294][ T900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1840.701303][ T900] R13: 00007f64a5416218 R14: 00007f64a5416180 R15: 00007fff666e96c8 [ 1840.701323][ T900] [ 1841.396783][ T900] gretap0: failed to initialize vlan filtering on this port [ 1841.429946][ T900] gretap0: left allmulticast mode [ 1841.790991][ T942] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1843.023731][ T966] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input17 [ 1843.249476][ T963] zswap: compressor not available [ 1843.492848][ T979] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4686'. [ 1843.548172][ T981] nfs: Unknown parameter 'nl802154' [ 1843.736497][ T985] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1843.866945][ T989] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4690'. [ 1844.301129][ T1003] zswap: compressor not available [ 1844.413881][ T1015] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4697'. [ 1844.542081][ T1020] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1844.842449][ T1034] netlink: 'syz.2.4701': attribute type 1 has an invalid length. [ 1845.053385][ T1037] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1845.828381][ T1078] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4709'. [ 1845.847691][ T1071] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4708'. [ 1845.864920][ T1067] zswap: compressor not available [ 1846.513283][ T1072] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1846.537466][ T1072] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1846.580627][ T1072] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1846.599001][ T1072] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1846.620742][ T1072] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1847.003797][ T1106] sock: sock_timestamping_bind_phc: sock not bind to device [ 1847.273384][ T1110] zswap: compressor not available [ 1847.927137][T27030] Bluetooth: hci4: command 0x0c1a tx timeout [ 1848.036459][ T1130] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4722'. [ 1848.648452][T27030] Bluetooth: hci1: command 0x0c1a tx timeout [ 1848.654645][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 1848.660675][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 1848.943995][ T1137] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4724'. [ 1850.059342][ T1152] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1850.066060][ T1152] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1850.072307][ T1152] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1850.079533][ T1152] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1850.803849][ T1146] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1851.196032][ T1186] sock: sock_timestamping_bind_phc: sock not bind to device [ 1851.687904][ T1175] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1851.719534][ T1175] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1851.753993][ T1175] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1851.793441][ T1175] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1852.564319][ T1146] Bluetooth: hci4: command 0x0c1a tx timeout [ 1852.580933][ T1231] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1853.289710][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1853.296812][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1853.764355][ T1146] Bluetooth: hci3: command 0x0c1a tx timeout [ 1853.770455][T27029] Bluetooth: hci0: command 0x0c1a tx timeout [ 1853.847466][ T1146] Bluetooth: hci1: command 0x0c1a tx timeout [ 1854.405642][ T1282] FAULT_INJECTION: forcing a failure. [ 1854.405642][ T1282] name failslab, interval 1, probability 0, space 0, times 0 [ 1854.503939][ T1282] CPU: 0 UID: 0 PID: 1282 Comm: syz.2.4758 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1854.503975][ T1282] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1854.503983][ T1282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1854.503993][ T1282] Call Trace: [ 1854.503999][ T1282] [ 1854.504006][ T1282] dump_stack_lvl+0x100/0x190 [ 1854.504033][ T1282] should_fail_ex.cold+0x5/0xa [ 1854.504051][ T1282] should_failslab+0xc2/0x120 [ 1854.504067][ T1282] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1854.504089][ T1282] ? alloc_empty_file+0x55/0x1c0 [ 1854.504107][ T1282] ? __pfx_stack_trace_save+0x10/0x10 [ 1854.504125][ T1282] alloc_empty_file+0x55/0x1c0 [ 1854.504144][ T1282] path_openat+0xe8/0x31a0 [ 1854.504158][ T1282] ? kasan_save_stack+0x3f/0x50 [ 1854.504180][ T1282] ? kasan_save_stack+0x30/0x50 [ 1854.504201][ T1282] ? kasan_save_track+0x14/0x30 [ 1854.504222][ T1282] ? __kasan_slab_alloc+0x89/0x90 [ 1854.504235][ T1282] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 1854.504255][ T1282] ? do_getname+0x35/0x390 [ 1854.504272][ T1282] ? do_sys_openat2+0xc5/0x1e0 [ 1854.504300][ T1282] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1854.504319][ T1282] ? __pfx_path_openat+0x10/0x10 [ 1854.504341][ T1282] do_file_open+0x20e/0x430 [ 1854.504358][ T1282] ? __pfx_do_file_open+0x10/0x10 [ 1854.504387][ T1282] ? alloc_fd+0x476/0x790 [ 1854.504406][ T1282] ? do_getname+0x191/0x390 [ 1854.504428][ T1282] do_sys_openat2+0x10d/0x1e0 [ 1854.504449][ T1282] ? __pfx_do_sys_openat2+0x10/0x10 [ 1854.504467][ T1282] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1854.504490][ T1282] ? __fget_files+0x21f/0x3d0 [ 1854.504507][ T1282] __x64_sys_openat+0x12d/0x210 [ 1854.504527][ T1282] ? __pfx___x64_sys_openat+0x10/0x10 [ 1854.504545][ T1282] ? ksys_write+0x1ac/0x250 [ 1854.504574][ T1282] do_syscall_64+0x106/0xf80 [ 1854.504590][ T1282] ? clear_bhb_loop+0x40/0x90 [ 1854.504608][ T1282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1854.504624][ T1282] RIP: 0033:0x7f64a519c799 [ 1854.504637][ T1282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1854.504652][ T1282] RSP: 002b:00007f64a5faf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1854.504667][ T1282] RAX: ffffffffffffffda RBX: 00007f64a5416450 RCX: 00007f64a519c799 [ 1854.504677][ T1282] RDX: 0000000000168081 RSI: 0000200000001bc0 RDI: ffffffffffffff9c [ 1854.504687][ T1282] RBP: 00007f64a5faf090 R08: 0000000000000000 R09: 0000000000000000 [ 1854.504695][ T1282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1854.504704][ T1282] R13: 00007f64a54164e8 R14: 00007f64a5416450 R15: 00007fff666e96c8 [ 1854.504724][ T1282] [ 1855.922089][ T1322] openvswitch: netlink: IP tunnel dst address not specified [ 1856.058683][ T1325] sock: sock_timestamping_bind_phc: sock not bind to device [ 1856.791227][ T1350] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1859.095414][ T1406] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1859.330394][ T1410] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4788'. [ 1859.799968][ T1431] netlink: 338 bytes leftover after parsing attributes in process `syz.4.4793'. [ 1860.149448][ T1440] sp0: Synchronizing with TNC [ 1861.670231][ T1474] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4802'. [ 1862.678223][ T1505] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4809'. [ 1862.893841][ T1510] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4810'. [ 1863.260275][ T30] kauditd_printk_skb: 55 callbacks suppressed [ 1863.260292][ T30] audit: type=1800 audit(1772649716.296:74): pid=1517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4812" name="discovery_nqn" dev="configfs" ino=184556 res=0 errno=0 [ 1863.786461][ T1525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4815'. [ 1865.153787][ T1554] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4820'. [ 1865.466347][ T1562] FAULT_INJECTION: forcing a failure. [ 1865.466347][ T1562] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1865.534369][ T1562] CPU: 0 UID: 0 PID: 1562 Comm: syz.1.4822 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1865.534418][ T1562] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1865.534490][ T1562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1865.534499][ T1562] Call Trace: [ 1865.534505][ T1562] [ 1865.534512][ T1562] dump_stack_lvl+0x100/0x190 [ 1865.534540][ T1562] should_fail_ex.cold+0x5/0xa [ 1865.534555][ T1562] ? prepare_alloc_pages+0x16d/0x5f0 [ 1865.534574][ T1562] should_fail_alloc_page+0xeb/0x140 [ 1865.534591][ T1562] prepare_alloc_pages+0x1f0/0x5f0 [ 1865.534611][ T1562] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1865.534640][ T1562] ? __pfx___might_resched+0x10/0x10 [ 1865.534662][ T1562] ? find_held_lock+0x2b/0x80 [ 1865.534676][ T1562] ? process_measurement+0x4c8/0x2350 [ 1865.534696][ T1562] ? process_measurement+0x4c8/0x2350 [ 1865.534716][ T1562] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1865.534740][ T1562] ? up_write+0x290/0x4f0 [ 1865.534767][ T1562] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 1865.534790][ T1562] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 1865.534815][ T1562] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1865.534842][ T1562] ? policy_nodemask+0xed/0x4f0 [ 1865.534859][ T1562] alloc_pages_mpol+0x1fb/0x550 [ 1865.534875][ T1562] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1865.534897][ T1562] alloc_pages_noprof+0x131/0x390 [ 1865.534913][ T1562] __pmd_alloc+0x3b/0x9c0 [ 1865.534933][ T1562] __handle_mm_fault+0xa99/0x2b60 [ 1865.534956][ T1562] ? mt_find+0x45e/0x8e0 [ 1865.534976][ T1562] ? __pfx___handle_mm_fault+0x10/0x10 [ 1865.534995][ T1562] ? __pfx_mt_find+0x10/0x10 [ 1865.535024][ T1562] ? find_vma+0xbf/0x140 [ 1865.535037][ T1562] ? __pfx_find_vma+0x10/0x10 [ 1865.535054][ T1562] handle_mm_fault+0x36d/0xa20 [ 1865.535077][ T1562] do_user_addr_fault+0x74c/0x12f0 [ 1865.535107][ T1562] exc_page_fault+0x6f/0xd0 [ 1865.535125][ T1562] asm_exc_page_fault+0x26/0x30 [ 1865.535140][ T1562] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 1865.535164][ T1562] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 [ 1865.535178][ T1562] RSP: 0018:ffffc900043c7c58 EFLAGS: 00050202 [ 1865.535191][ T1562] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 1865.535200][ T1562] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc900043c7cf0 [ 1865.535210][ T1562] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52000878f9e [ 1865.535219][ T1562] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 1865.535227][ T1562] R13: ffffc900043c7cf0 R14: 0000000000000000 R15: 0000000000000000 [ 1865.535246][ T1562] _copy_from_user+0x98/0xd0 [ 1865.535272][ T1562] sk_setsockopt+0x2ee/0x5230 [ 1865.535291][ T1562] ? __pfx___might_resched+0x10/0x10 [ 1865.535315][ T1562] ? __pfx_sk_setsockopt+0x10/0x10 [ 1865.535335][ T1562] ? ksys_write+0x190/0x250 [ 1865.535359][ T1562] ? __pfx_aa_sk_perm+0x10/0x10 [ 1865.535384][ T1562] ? find_held_lock+0x2b/0x80 [ 1865.535400][ T1562] ? aa_sock_opt_perm+0xfe/0x1b0 [ 1865.535423][ T1562] do_sock_setsockopt+0x193/0x1d0 [ 1865.535450][ T1562] __sys_setsockopt+0x119/0x190 [ 1865.535471][ T1562] __x64_sys_setsockopt+0xbd/0x160 [ 1865.535488][ T1562] ? do_syscall_64+0x95/0xf80 [ 1865.535504][ T1562] ? lockdep_hardirqs_on+0x78/0x100 [ 1865.535521][ T1562] do_syscall_64+0x106/0xf80 [ 1865.535538][ T1562] ? clear_bhb_loop+0x40/0x90 [ 1865.535557][ T1562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1865.535572][ T1562] RIP: 0033:0x7f5dd959c799 [ 1865.535585][ T1562] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1865.535600][ T1562] RSP: 002b:00007f5dda3f3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1865.535613][ T1562] RAX: ffffffffffffffda RBX: 00007f5dd9815fa0 RCX: 00007f5dd959c799 [ 1865.535623][ T1562] RDX: 000000000000004a RSI: 0000000000000001 RDI: 0000000000000003 [ 1865.535632][ T1562] RBP: 00007f5dda3f3090 R08: 0000000000000009 R09: 0000000000000000 [ 1865.535642][ T1562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1865.535650][ T1562] R13: 00007f5dd9816038 R14: 00007f5dd9815fa0 R15: 00007ffd201ed0e8 [ 1865.535670][ T1562] [ 1867.291033][ T1589] sock: sock_timestamping_bind_phc: sock not bind to device [ 1867.428511][ T1598] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4831'. [ 1868.792469][ T1630] busy [ 1868.829202][ T1637] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4841'. [ 1868.992565][ T1646] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4843'. [ 1869.405410][ T1657] FAULT_INJECTION: forcing a failure. [ 1869.405410][ T1657] name failslab, interval 1, probability 0, space 0, times 0 [ 1869.466999][ T1657] CPU: 0 UID: 0 PID: 1657 Comm: syz.3.4846 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1869.467036][ T1657] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1869.467045][ T1657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1869.467056][ T1657] Call Trace: [ 1869.467062][ T1657] [ 1869.467069][ T1657] dump_stack_lvl+0x100/0x190 [ 1869.467096][ T1657] should_fail_ex.cold+0x5/0xa [ 1869.467116][ T1657] should_failslab+0xc2/0x120 [ 1869.467132][ T1657] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1869.467151][ T1657] ? binder_get_thread+0x201/0x850 [ 1869.467174][ T1657] binder_get_thread+0x201/0x850 [ 1869.467204][ T1657] binder_ioctl+0x26f/0x7610 [ 1869.467226][ T1657] ? tomoyo_path_number_perm+0x28f/0x580 [ 1869.467249][ T1657] ? tomoyo_path_number_perm+0x28f/0x580 [ 1869.467275][ T1657] ? tomoyo_path_number_perm+0x188/0x580 [ 1869.467299][ T1657] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1869.467322][ T1657] ? futex_wait+0x125/0x380 [ 1869.467345][ T1657] ? __pfx_binder_ioctl+0x10/0x10 [ 1869.467368][ T1657] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1869.467392][ T1657] ? do_vfs_ioctl+0x226/0x13e0 [ 1869.467413][ T1657] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1869.467439][ T1657] ? find_held_lock+0x2b/0x80 [ 1869.467453][ T1657] ? __fget_files+0x215/0x3d0 [ 1869.467466][ T1657] ? hook_file_ioctl_common+0x146/0x410 [ 1869.467497][ T1657] ? __fget_files+0x21f/0x3d0 [ 1869.467513][ T1657] ? __pfx_binder_ioctl+0x10/0x10 [ 1869.467534][ T1657] __x64_sys_ioctl+0x18e/0x210 [ 1869.467557][ T1657] do_syscall_64+0x106/0xf80 [ 1869.467575][ T1657] ? clear_bhb_loop+0x40/0x90 [ 1869.467597][ T1657] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1869.467613][ T1657] RIP: 0033:0x7ff001f9c799 [ 1869.467627][ T1657] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1869.467642][ T1657] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1869.467658][ T1657] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1869.467668][ T1657] RDX: 0000000000000000 RSI: 0000000040046207 RDI: 0000000000000002 [ 1869.467678][ T1657] RBP: 00007ff002032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1869.467687][ T1657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1869.467696][ T1657] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1869.467716][ T1657] [ 1869.469718][ T1657] binder: 1656:1657 ioctl 40046207 0 returned -12 [ 1870.601310][ T1672] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4850'. [ 1871.225465][ T1694] Invalid ELF header magic: != ELF [ 1873.767952][ T1757] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4870'. [ 1873.935548][ T1762] FAULT_INJECTION: forcing a failure. [ 1873.935548][ T1762] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1873.986091][ T1762] CPU: 0 UID: 0 PID: 1762 Comm: syz.2.4871 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1873.986128][ T1762] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1873.986137][ T1762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1873.986146][ T1762] Call Trace: [ 1873.986152][ T1762] [ 1873.986159][ T1762] dump_stack_lvl+0x100/0x190 [ 1873.986188][ T1762] should_fail_ex.cold+0x5/0xa [ 1873.986204][ T1762] ? do_fault+0x6a4/0x1950 [ 1873.986222][ T1762] get_futex_key+0x1d2/0x1620 [ 1873.986242][ T1762] ? __pfx_get_futex_key+0x10/0x10 [ 1873.986261][ T1762] ? __lock_acquire+0x4a5/0x2630 [ 1873.986281][ T1762] ? css_rstat_updated+0x1ce/0x5a0 [ 1873.986297][ T1762] ? __pfx___handle_mm_fault+0x10/0x10 [ 1873.986316][ T1762] ? __pfx_mt_find+0x10/0x10 [ 1873.986341][ T1762] futex_wait_setup+0x83/0x510 [ 1873.986369][ T1762] __futex_wait+0x19f/0x300 [ 1873.986394][ T1762] ? __pfx___futex_wait+0x10/0x10 [ 1873.986420][ T1762] ? __pfx_futex_wake_mark+0x10/0x10 [ 1873.986445][ T1762] ? futex_hash+0x2c5/0x380 [ 1873.986470][ T1762] futex_wait+0xed/0x380 [ 1873.986493][ T1762] ? __pfx_futex_wait+0x10/0x10 [ 1873.986518][ T1762] ? __get_user_4+0x14/0x20 [ 1873.986542][ T1762] ? do_vfs_ioctl+0x226/0x13e0 [ 1873.986565][ T1762] do_futex+0x1ef/0x350 [ 1873.986584][ T1762] ? __pfx_do_futex+0x10/0x10 [ 1873.986604][ T1762] ? find_held_lock+0x2b/0x80 [ 1873.986620][ T1762] __x64_sys_futex+0x34f/0x4d0 [ 1873.986641][ T1762] ? __fget_files+0x21f/0x3d0 [ 1873.986655][ T1762] ? __pfx___x64_sys_futex+0x10/0x10 [ 1873.986681][ T1762] do_syscall_64+0x106/0xf80 [ 1873.986698][ T1762] ? clear_bhb_loop+0x40/0x90 [ 1873.986716][ T1762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1873.986732][ T1762] RIP: 0033:0x7f64a519c799 [ 1873.986746][ T1762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1873.986762][ T1762] RSP: 002b:00007f64a60330e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1873.986777][ T1762] RAX: ffffffffffffffda RBX: 00007f64a5416098 RCX: 00007f64a519c799 [ 1873.986787][ T1762] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f64a5416098 [ 1873.986797][ T1762] RBP: 00007f64a5416090 R08: 0000000000000000 R09: 0000000000000000 [ 1873.986806][ T1762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1873.986815][ T1762] R13: 00007f64a5416128 R14: 00007fff666e95e0 R15: 00007fff666e96c8 [ 1873.986834][ T1762] [ 1874.522119][ T1772] zswap: compressor not available [ 1874.748735][ T1782] random: crng reseeded on system resumption [ 1874.776068][ T1764] FAULT_INJECTION: forcing a failure. [ 1874.776068][ T1764] name failslab, interval 1, probability 0, space 0, times 0 [ 1874.861685][ T1764] CPU: 0 UID: 0 PID: 1764 Comm: syz.3.4872 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1874.861720][ T1764] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1874.861736][ T1764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1874.861746][ T1764] Call Trace: [ 1874.861752][ T1764] [ 1874.861758][ T1764] dump_stack_lvl+0x100/0x190 [ 1874.861786][ T1764] should_fail_ex.cold+0x5/0xa [ 1874.861805][ T1764] ? tomoyo_encode2+0xfb/0x3c0 [ 1874.861821][ T1764] should_failslab+0xc2/0x120 [ 1874.861869][ T1764] __kmalloc_noprof+0xe0/0x850 [ 1874.861891][ T1764] ? rcu_is_watching+0x12/0xc0 [ 1874.861917][ T1764] tomoyo_encode2+0xfb/0x3c0 [ 1874.861936][ T1764] tomoyo_encode+0x29/0x50 [ 1874.861951][ T1764] tomoyo_realpath_from_path+0x18c/0x690 [ 1874.861972][ T1764] tomoyo_path_number_perm+0x23c/0x580 [ 1874.861995][ T1764] ? tomoyo_path_number_perm+0x22e/0x580 [ 1874.862019][ T1764] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1874.862061][ T1764] ? find_held_lock+0x2b/0x80 [ 1874.862075][ T1764] ? __fget_files+0x215/0x3d0 [ 1874.862088][ T1764] ? hook_file_ioctl_common+0x146/0x410 [ 1874.862115][ T1764] ? __fget_files+0x21f/0x3d0 [ 1874.862132][ T1764] security_file_ioctl+0xd3/0x230 [ 1874.862156][ T1764] __x64_sys_ioctl+0xb7/0x210 [ 1874.862179][ T1764] do_syscall_64+0x106/0xf80 [ 1874.862196][ T1764] ? clear_bhb_loop+0x40/0x90 [ 1874.862215][ T1764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1874.862230][ T1764] RIP: 0033:0x7ff001f9c799 [ 1874.862244][ T1764] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1874.862259][ T1764] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1874.862274][ T1764] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1874.862289][ T1764] RDX: 0000000000000003 RSI: 0000000000008926 RDI: 0000000000000003 [ 1874.862298][ T1764] RBP: 00007ff0001f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1874.862307][ T1764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1874.862316][ T1764] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1874.862336][ T1764] [ 1874.862351][ T1764] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1876.923415][ T1822] zswap: compressor not available [ 1877.089331][ T1835] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4886'. [ 1879.026779][ T1875] busy [ 1882.230931][ T1946] busy [ 1882.536090][ T1957] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4913'. [ 1883.244039][ T1971] FAULT_INJECTION: forcing a failure. [ 1883.244039][ T1971] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1883.303331][ T1971] CPU: 0 UID: 0 PID: 1971 Comm: syz.4.4917 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1883.303366][ T1971] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1883.303374][ T1971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1883.303384][ T1971] Call Trace: [ 1883.303389][ T1971] [ 1883.303395][ T1971] dump_stack_lvl+0x100/0x190 [ 1883.303422][ T1971] should_fail_ex.cold+0x5/0xa [ 1883.303441][ T1971] _copy_to_user+0x32/0xd0 [ 1883.303466][ T1971] snd_pcm_oss_read2+0x294/0x400 [ 1883.303492][ T1971] ? __pfx_snd_pcm_oss_read2+0x10/0x10 [ 1883.303515][ T1971] ? snd_pcm_kernel_ioctl+0x14a/0x2e0 [ 1883.303534][ T1971] ? snd_pcm_oss_prepare+0x11e/0x240 [ 1883.303558][ T1971] snd_pcm_oss_read+0x5aa/0x730 [ 1883.303580][ T1971] ? __pfx_snd_pcm_oss_read+0x10/0x10 [ 1883.303604][ T1971] vfs_readv+0x5d8/0x8d0 [ 1883.303632][ T1971] ? __pfx_vfs_readv+0x10/0x10 [ 1883.303654][ T1971] ? find_held_lock+0x2b/0x80 [ 1883.303680][ T1971] ? __fget_files+0x21f/0x3d0 [ 1883.303699][ T1971] ? do_readv+0x13e/0x340 [ 1883.303719][ T1971] do_readv+0x13e/0x340 [ 1883.303741][ T1971] ? __pfx_do_readv+0x10/0x10 [ 1883.303767][ T1971] do_syscall_64+0x106/0xf80 [ 1883.303785][ T1971] ? clear_bhb_loop+0x40/0x90 [ 1883.303803][ T1971] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1883.303820][ T1971] RIP: 0033:0x7fccd159c799 [ 1883.303833][ T1971] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1883.303848][ T1971] RSP: 002b:00007fccd238b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 1883.303864][ T1971] RAX: ffffffffffffffda RBX: 00007fccd1815fa0 RCX: 00007fccd159c799 [ 1883.303874][ T1971] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003 [ 1883.303882][ T1971] RBP: 00007fccd238b090 R08: 0000000000000000 R09: 0000000000000000 [ 1883.303891][ T1971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1883.303900][ T1971] R13: 00007fccd1816038 R14: 00007fccd1815fa0 R15: 00007ffe47eb9a28 [ 1883.303920][ T1971] [ 1887.324908][ T2052] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4942'. [ 1887.431590][ T2055] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4941'. [ 1887.546224][ T2058] FAULT_INJECTION: forcing a failure. [ 1887.546224][ T2058] name failslab, interval 1, probability 0, space 0, times 0 [ 1887.606210][ T2058] CPU: 0 UID: 0 PID: 2058 Comm: syz.1.4943 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1887.606271][ T2058] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1887.606287][ T2058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1887.606304][ T2058] Call Trace: [ 1887.606313][ T2058] [ 1887.606325][ T2058] dump_stack_lvl+0x100/0x190 [ 1887.606372][ T2058] should_fail_ex.cold+0x5/0xa [ 1887.606406][ T2058] should_failslab+0xc2/0x120 [ 1887.606436][ T2058] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1887.606476][ T2058] ? skb_clone+0x190/0x400 [ 1887.606517][ T2058] skb_clone+0x190/0x400 [ 1887.606552][ T2058] netlink_deliver_tap+0xaed/0xcc0 [ 1887.606589][ T2058] ? __pfx_rtnl_stats_dump+0x10/0x10 [ 1887.606631][ T2058] netlink_dump+0xa60/0xd30 [ 1887.606669][ T2058] ? __pfx_netlink_dump+0x10/0x10 [ 1887.606727][ T2058] ? skb_copy_datagram_iter+0xa1/0x270 [ 1887.606777][ T2058] netlink_recvmsg+0x7dc/0xa90 [ 1887.606815][ T2058] ? __pfx_netlink_recvmsg+0x10/0x10 [ 1887.606849][ T2058] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1887.606885][ T2058] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1887.606932][ T2058] sock_recvmsg+0x1f9/0x250 [ 1887.606955][ T2058] ____sys_recvmsg+0x218/0x6b0 [ 1887.606980][ T2058] ? __pfx_____sys_recvmsg+0x10/0x10 [ 1887.607009][ T2058] ? __lock_acquire+0x4a5/0x2630 [ 1887.607031][ T2058] ___sys_recvmsg+0x16a/0x1a0 [ 1887.607054][ T2058] ? __pfx____sys_recvmsg+0x10/0x10 [ 1887.607079][ T2058] ? find_held_lock+0x2b/0x80 [ 1887.607104][ T2058] do_recvmmsg+0x301/0x760 [ 1887.607130][ T2058] ? __pfx_do_recvmmsg+0x10/0x10 [ 1887.607151][ T2058] ? ksys_write+0x190/0x250 [ 1887.607173][ T2058] ? ksys_write+0x190/0x250 [ 1887.607199][ T2058] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1887.607224][ T2058] ? __fget_files+0x21f/0x3d0 [ 1887.607243][ T2058] __x64_sys_recvmmsg+0x22a/0x280 [ 1887.607263][ T2058] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1887.607288][ T2058] do_syscall_64+0x106/0xf80 [ 1887.607306][ T2058] ? clear_bhb_loop+0x40/0x90 [ 1887.607328][ T2058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1887.607345][ T2058] RIP: 0033:0x7f5dd959c799 [ 1887.607359][ T2058] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1887.607374][ T2058] RSP: 002b:00007f5dda3f3028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1887.607389][ T2058] RAX: ffffffffffffffda RBX: 00007f5dd9815fa0 RCX: 00007f5dd959c799 [ 1887.607399][ T2058] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000003 [ 1887.607409][ T2058] RBP: 00007f5dda3f3090 R08: 0000000000000000 R09: 0000000000000000 [ 1887.607418][ T2058] R10: 00000000000066a6 R11: 0000000000000246 R12: 0000000000000001 [ 1887.607427][ T2058] R13: 00007f5dd9816038 R14: 00007f5dd9815fa0 R15: 00007ffd201ed0e8 [ 1887.607447][ T2058] [ 1890.317963][ T2098] zswap: compressor not available [ 1890.558209][ T2108] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4955'. [ 1890.818329][ T2118] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4958'. [ 1891.608004][ T2129] random: crng reseeded on system resumption [ 1891.708285][ T2131] FAULT_INJECTION: forcing a failure. [ 1891.708285][ T2131] name failslab, interval 1, probability 0, space 0, times 0 [ 1891.790484][ T2131] CPU: 0 UID: 0 PID: 2131 Comm: syz.2.4961 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1891.790519][ T2131] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1891.790527][ T2131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1891.790537][ T2131] Call Trace: [ 1891.790543][ T2131] [ 1891.790549][ T2131] dump_stack_lvl+0x100/0x190 [ 1891.790664][ T2131] should_fail_ex.cold+0x5/0xa [ 1891.790683][ T2131] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1891.790700][ T2131] should_failslab+0xc2/0x120 [ 1891.790716][ T2131] __kmalloc_noprof+0xe0/0x850 [ 1891.790742][ T2131] tomoyo_realpath_from_path+0xb6/0x690 [ 1891.790764][ T2131] tomoyo_path_number_perm+0x23c/0x580 [ 1891.790786][ T2131] ? tomoyo_path_number_perm+0x22e/0x580 [ 1891.790810][ T2131] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1891.790852][ T2131] ? find_held_lock+0x2b/0x80 [ 1891.790866][ T2131] ? __fget_files+0x215/0x3d0 [ 1891.790880][ T2131] ? hook_file_ioctl_common+0x146/0x410 [ 1891.790907][ T2131] ? __fget_files+0x21f/0x3d0 [ 1891.790924][ T2131] security_file_ioctl+0xd3/0x230 [ 1891.790948][ T2131] __x64_sys_ioctl+0xb7/0x210 [ 1891.790971][ T2131] do_syscall_64+0x106/0xf80 [ 1891.790989][ T2131] ? clear_bhb_loop+0x40/0x90 [ 1891.791008][ T2131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1891.791024][ T2131] RIP: 0033:0x7f64a519c799 [ 1891.791037][ T2131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1891.791052][ T2131] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1891.791068][ T2131] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1891.791078][ T2131] RDX: 0000200000000040 RSI: 0000000000005452 RDI: 0000000000000004 [ 1891.791087][ T2131] RBP: 00007f64a6054090 R08: 0000000000000000 R09: 0000000000000000 [ 1891.791096][ T2131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1891.791104][ T2131] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1891.791124][ T2131] [ 1891.791587][ T2131] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1892.219234][ T2134] zswap: compressor not available [ 1892.465861][ T2146] loop6: detected capacity change from 0 to 8192 [ 1892.634898][ T2149] zswap: compressor not available [ 1893.184671][ T2156] netlink: 234 bytes leftover after parsing attributes in process `syz.2.4966'. [ 1893.400180][ T2171] random: crng reseeded on system resumption [ 1895.143450][ T2202] sp0: Synchronizing with TNC [ 1895.205932][ T2199] zswap: compressor not available [ 1895.548133][ T2214] random: crng reseeded on system resumption [ 1895.790154][ T2220] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4983'. [ 1896.699779][ T2244] netlink: 342 bytes leftover after parsing attributes in process `syz.4.4988'. [ 1897.129769][ T2254] sock: sock_timestamping_bind_phc: sock not bind to device [ 1898.870064][ T2266] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1898.897357][ T2266] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1898.926534][ T2266] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1898.943685][ T2266] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1899.106690][ T2288] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4999'. [ 1899.147417][ T2288] netlink: 'syz.1.4999': attribute type 1 has an invalid length. [ 1899.185235][ T2288] netlink: 'syz.1.4999': attribute type 6 has an invalid length. [ 1899.592233][ T2299] random: crng reseeded on system resumption [ 1899.685904][ T1146] Bluetooth: hci4: command 0x0c1a tx timeout [ 1899.805611][ T2302] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5004'. [ 1900.055713][ T2308] Invalid ELF header magic: != ELF [ 1900.198826][ T2307] netlink: Failed to add  helper -22 [ 1900.971610][ T1146] Bluetooth: hci1: command 0x0c1a tx timeout [ 1900.978387][T27029] Bluetooth: hci3: command 0x0c1a tx timeout [ 1900.984525][T27030] Bluetooth: hci0: command 0x0c1a tx timeout [ 1901.987806][ T2315] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1902.015691][ T2315] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1902.044953][ T2315] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1902.080400][ T2315] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1902.389844][ T2353] FAULT_INJECTION: forcing a failure. [ 1902.389844][ T2353] name failslab, interval 1, probability 0, space 0, times 0 [ 1902.514265][ T2353] CPU: 0 UID: 0 PID: 2353 Comm: syz.4.5016 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1902.514301][ T2353] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1902.514311][ T2353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1902.514322][ T2353] Call Trace: [ 1902.514328][ T2353] [ 1902.514335][ T2353] dump_stack_lvl+0x100/0x190 [ 1902.514364][ T2353] should_fail_ex.cold+0x5/0xa [ 1902.514383][ T2353] ? tomoyo_realpath_from_path+0xb6/0x690 [ 1902.514401][ T2353] should_failslab+0xc2/0x120 [ 1902.514419][ T2353] __kmalloc_noprof+0xe0/0x850 [ 1902.514445][ T2353] tomoyo_realpath_from_path+0xb6/0x690 [ 1902.514468][ T2353] tomoyo_check_open_permission+0x2af/0x3c0 [ 1902.514492][ T2353] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1902.514535][ T2353] ? do_raw_spin_lock+0x128/0x260 [ 1902.514557][ T2353] ? path_get+0x61/0x80 [ 1902.514576][ T2353] tomoyo_file_open+0x6b/0x90 [ 1902.514595][ T2353] security_file_open+0xb5/0x1e0 [ 1902.514612][ T2353] do_dentry_open+0x5aa/0x1660 [ 1902.514628][ T2353] ? security_inode_permission+0xbf/0x250 [ 1902.514660][ T2353] vfs_open+0x82/0x3f0 [ 1902.514682][ T2353] path_openat+0x208c/0x31a0 [ 1902.514708][ T2353] ? __pfx_path_openat+0x10/0x10 [ 1902.514731][ T2353] do_file_open+0x20e/0x430 [ 1902.514749][ T2353] ? __pfx_do_file_open+0x10/0x10 [ 1902.514786][ T2353] ? alloc_fd+0x476/0x790 [ 1902.514804][ T2353] ? do_getname+0x191/0x390 [ 1902.514825][ T2353] do_sys_openat2+0x10d/0x1e0 [ 1902.514845][ T2353] ? __pfx_do_sys_openat2+0x10/0x10 [ 1902.514873][ T2353] __x64_sys_openat+0x12d/0x210 [ 1902.514893][ T2353] ? __pfx___x64_sys_openat+0x10/0x10 [ 1902.514920][ T2353] do_syscall_64+0x106/0xf80 [ 1902.514937][ T2353] ? clear_bhb_loop+0x40/0x90 [ 1902.514956][ T2353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1902.514972][ T2353] RIP: 0033:0x7fccd159c799 [ 1902.514986][ T2353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1902.515002][ T2353] RSP: 002b:00007fcccf7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1902.515017][ T2353] RAX: ffffffffffffffda RBX: 00007fccd1816090 RCX: 00007fccd159c799 [ 1902.515028][ T2353] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 1902.515038][ T2353] RBP: 00007fccd1632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1902.515047][ T2353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1902.515056][ T2353] R13: 00007fccd1816128 R14: 00007fccd1816090 R15: 00007ffe47eb9a28 [ 1902.515078][ T2353] [ 1902.515085][ T2353] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1902.808967][T27029] Bluetooth: hci4: command 0x0c1a tx timeout [ 1903.136235][ T2360] sock: sock_timestamping_bind_phc: sock not bind to device [ 1903.242592][ T2361] zswap: compressor not available [ 1903.510341][ T2348] ima: policy update failed [ 1903.549695][ T30] audit: type=1802 audit(1772649756.586:75): pid=2348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.5016" res=0 errno=0 [ 1904.083774][T27029] Bluetooth: hci1: command 0x0c1a tx timeout [ 1904.089913][ T1146] Bluetooth: hci3: command 0x0c1a tx timeout [ 1904.096030][T27030] Bluetooth: hci0: command 0x0c1a tx timeout [ 1904.120631][ T2385] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5026'. [ 1904.610506][ T2393] zswap: compressor not available [ 1904.743111][ T2403] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5031'. [ 1905.016395][ T2374] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1905.032391][ T2374] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1905.061634][ T2374] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1905.078127][ T2374] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1905.297411][ T2419] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5036'. [ 1905.435581][ T2423] busy [ 1905.763707][T27029] Bluetooth: hci4: command 0x0c1a tx timeout [ 1905.776122][ T2437] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5041'. [ 1906.053687][ T2442] sock: sock_timestamping_bind_phc: sock not bind to device [ 1907.043947][T27029] Bluetooth: hci0: command 0x0c1a tx timeout [ 1907.124110][T27029] Bluetooth: hci1: command 0x0c1a tx timeout [ 1907.130180][T27030] Bluetooth: hci3: command 0x0c1a tx timeout [ 1907.454912][ T2433] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1907.483211][ T2433] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1907.528417][ T2433] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1907.578931][ T2433] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1907.843941][T27029] Bluetooth: hci4: command 0x0c1a tx timeout [ 1907.984216][ T2482] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5046'. [ 1908.184271][ T2488] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5050'. [ 1908.428717][ T2498] sp0: Synchronizing with TNC [ 1909.533710][T27029] Bluetooth: hci0: command 0x0c1a tx timeout [ 1909.605614][T27029] Bluetooth: hci1: command 0x0c1a tx timeout [ 1909.611655][T27029] Bluetooth: hci3: command 0x0c1a tx timeout [ 1911.156662][ T2522] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1911.196280][ T2522] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1911.222679][ T2522] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1911.240088][ T2522] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1911.400761][ T2565] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5063'. [ 1911.534942][ T2567] sock: sock_timestamping_bind_phc: sock not bind to device [ 1912.004399][T27029] Bluetooth: hci4: command 0x0c1a tx timeout [ 1912.156751][ T2586] zswap: compressor not available [ 1912.244670][ T2597] random: crng reseeded on system resumption [ 1913.208868][T27029] Bluetooth: hci0: command 0x0c1a tx timeout [ 1913.283680][T27029] Bluetooth: hci1: command 0x0c1a tx timeout [ 1913.289716][T27030] Bluetooth: hci3: command 0x0c1a tx timeout [ 1913.673238][ T2636] busy [ 1914.189475][ T2643] zswap: compressor not available [ 1914.726977][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1914.735659][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 1915.195236][ T2690] FAULT_INJECTION: forcing a failure. [ 1915.195236][ T2690] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1915.294854][ T2690] CPU: 0 UID: 0 PID: 2690 Comm: syz.3.5090 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1915.294889][ T2690] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1915.294898][ T2690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1915.294907][ T2690] Call Trace: [ 1915.294913][ T2690] [ 1915.294919][ T2690] dump_stack_lvl+0x100/0x190 [ 1915.294954][ T2690] should_fail_ex.cold+0x5/0xa [ 1915.294973][ T2690] _copy_from_user+0x2e/0xd0 [ 1915.294999][ T2690] __sys_bpf+0x243/0x4b90 [ 1915.295018][ T2690] ? __pfx___sys_bpf+0x10/0x10 [ 1915.295033][ T2690] ? proc_fail_nth_write+0x9f/0x220 [ 1915.295052][ T2690] ? find_held_lock+0x2b/0x80 [ 1915.295070][ T2690] ? rcu_read_lock_any_held+0x6a/0xa0 [ 1915.295094][ T2690] ? vfs_write+0x15d/0x1070 [ 1915.295118][ T2690] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1915.295138][ T2690] ? __pfx_vfs_write+0x10/0x10 [ 1915.295159][ T2690] ? do_sys_openat2+0x157/0x1e0 [ 1915.295189][ T2690] ? ksys_write+0x1ac/0x250 [ 1915.295211][ T2690] ? __pfx_ksys_write+0x10/0x10 [ 1915.295236][ T2690] __x64_sys_bpf+0x7b/0xc0 [ 1915.295253][ T2690] ? lockdep_hardirqs_on+0x78/0x100 [ 1915.295271][ T2690] do_syscall_64+0x106/0xf80 [ 1915.295288][ T2690] ? clear_bhb_loop+0x40/0x90 [ 1915.295307][ T2690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1915.295322][ T2690] RIP: 0033:0x7ff001f9c799 [ 1915.295335][ T2690] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1915.295350][ T2690] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1915.295365][ T2690] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1915.295375][ T2690] RDX: 0000000000000009 RSI: 0000200000000040 RDI: 0000000000000010 [ 1915.295384][ T2690] RBP: 00007ff0001f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1915.295393][ T2690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1915.295402][ T2690] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1915.295422][ T2690] [ 1916.145023][ T2705] zswap: compressor not available [ 1917.914906][ T2704] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1918.385522][ T2769] zswap: compressor not available [ 1918.463736][ T2783] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5107'. [ 1918.554798][ T2786] netlink: 93 bytes leftover after parsing attributes in process `syz.3.5108'. [ 1919.906078][ T2829] zswap: compressor not available [ 1920.143034][ T2847] FAULT_INJECTION: forcing a failure. [ 1920.143034][ T2847] name failslab, interval 1, probability 0, space 0, times 0 [ 1920.265173][ T2847] CPU: 0 UID: 0 PID: 2847 Comm: syz.3.5119 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1920.265211][ T2847] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1920.265221][ T2847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1920.265231][ T2847] Call Trace: [ 1920.265239][ T2847] [ 1920.265246][ T2847] dump_stack_lvl+0x100/0x190 [ 1920.265276][ T2847] should_fail_ex.cold+0x5/0xa [ 1920.265295][ T2847] should_failslab+0xc2/0x120 [ 1920.265312][ T2847] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1920.265335][ T2847] ? __d_alloc+0x34/0xa80 [ 1920.265356][ T2847] __d_alloc+0x34/0xa80 [ 1920.265376][ T2847] d_alloc_parallel+0x111/0x14e0 [ 1920.265403][ T2847] ? find_held_lock+0x2b/0x80 [ 1920.265418][ T2847] ? __d_lookup+0x25c/0x4a0 [ 1920.265438][ T2847] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1920.265461][ T2847] ? __d_lookup+0x266/0x4a0 [ 1920.265486][ T2847] lookup_open.isra.0+0x57c/0x11b0 [ 1920.265512][ T2847] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 1920.265544][ T2847] ? mnt_get_write_access+0x1e9/0x2f0 [ 1920.265567][ T2847] path_openat+0xa98/0x31a0 [ 1920.265597][ T2847] ? __pfx_path_openat+0x10/0x10 [ 1920.265621][ T2847] do_file_open+0x20e/0x430 [ 1920.265638][ T2847] ? __pfx_do_file_open+0x10/0x10 [ 1920.265661][ T2847] ? __pfx_kfree_link+0x10/0x10 [ 1920.265688][ T2847] ? alloc_fd+0x476/0x790 [ 1920.265705][ T2847] ? do_getname+0x191/0x390 [ 1920.265725][ T2847] do_sys_openat2+0x10d/0x1e0 [ 1920.265745][ T2847] ? __pfx_do_sys_openat2+0x10/0x10 [ 1920.265766][ T2847] ? ksys_semctl.constprop.0+0x14e/0x2e0 [ 1920.265794][ T2847] __x64_sys_openat+0x12d/0x210 [ 1920.265814][ T2847] ? __pfx___x64_sys_openat+0x10/0x10 [ 1920.265841][ T2847] do_syscall_64+0x106/0xf80 [ 1920.265860][ T2847] ? clear_bhb_loop+0x40/0x90 [ 1920.265878][ T2847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1920.265894][ T2847] RIP: 0033:0x7ff001f5cfce [ 1920.265909][ T2847] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1920.265925][ T2847] RSP: 002b:00007ff0001d4ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1920.265940][ T2847] RAX: ffffffffffffffda RBX: 00007ff0001d56c0 RCX: 00007ff001f5cfce [ 1920.265951][ T2847] RDX: 0000000000000002 RSI: 00007ff0001d4f90 RDI: ffffffffffffff9c [ 1920.265961][ T2847] RBP: 00007ff002032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1920.265970][ T2847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1920.265981][ T2847] R13: 00007ff002216128 R14: 00007ff002216090 R15: 00007ffd7834b568 [ 1920.266002][ T2847] [ 1920.552692][ T2851] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5120'. [ 1920.660273][ T2862] sp0: Synchronizing with TNC [ 1920.979837][ T2854] ksmbd: Unknown IPC event: 14, ignore. [ 1921.108055][ T2870] random: crng reseeded on system resumption [ 1922.191627][ T2899] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5131'. [ 1922.475364][ T2902] sp0: Synchronizing with TNC [ 1922.777262][ T2912] random: crng reseeded on system resumption [ 1923.606931][ T2933] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5140'. [ 1924.022977][ T2947] usb usb15: usbfs: process 2947 (syz.2.5143) did not claim interface 0 before use [ 1924.371291][ T2950] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5145'. [ 1925.821813][ T2982] openvswitch: netlink: Duplicate or invalid key (type 0). [ 1925.861152][ T2984] random: crng reseeded on system resumption [ 1925.921933][ T2976] zswap: compressor not available [ 1926.166221][ T2991] sock: sock_timestamping_bind_phc: sock not bind to device [ 1926.579095][ T3003] sock: sock_timestamping_bind_phc: sock not bind to device [ 1927.213747][ T3017] random: crng reseeded on system resumption [ 1927.261299][ T3020] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5164'. [ 1927.513629][ T3023] sock: sock_timestamping_bind_phc: sock not bind to device [ 1927.852498][ T3036] sp0: Synchronizing with TNC [ 1931.195029][ T3125] netlink: 342 bytes leftover after parsing attributes in process `syz.2.5184'. [ 1931.327383][ T3127] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5183'. [ 1931.522447][ T3138] netlink: 146 bytes leftover after parsing attributes in process `syz.2.5187'. [ 1932.109670][ T3151] kAFS: Invalid Command on /proc/fs/afs/cells file [ 1934.407620][ T3211] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5204'. [ 1934.453204][ T3214] busy [ 1934.513894][ T3211] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5204'. [ 1935.172261][ T3236] sctp: [Deprecated]: syz.1.5211 (pid 3236) Use of int in max_burst socket option. [ 1935.172261][ T3236] Use struct sctp_assoc_value instead [ 1935.591892][ T3253] random: crng reseeded on system resumption [ 1936.305027][ T3276] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5223'. [ 1936.408381][ T3284] FAULT_INJECTION: forcing a failure. [ 1936.408381][ T3284] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1936.511931][ T3284] CPU: 0 UID: 0 PID: 3284 Comm: syz.3.5224 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1936.511967][ T3284] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1936.511975][ T3284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1936.511985][ T3284] Call Trace: [ 1936.511990][ T3284] [ 1936.511997][ T3284] dump_stack_lvl+0x100/0x190 [ 1936.512024][ T3284] should_fail_ex.cold+0x5/0xa [ 1936.512042][ T3284] _copy_from_user+0x2e/0xd0 [ 1936.512068][ T3284] copy_msghdr_from_user+0x9f/0x4f0 [ 1936.512092][ T3284] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1936.512117][ T3284] ? rcu_is_watching+0x12/0xc0 [ 1936.512139][ T3284] ? ___sys_recvmsg+0x177/0x1a0 [ 1936.512160][ T3284] ? kfree+0x2ec/0x6b0 [ 1936.512182][ T3284] ___sys_recvmsg+0xdd/0x1a0 [ 1936.512204][ T3284] ? __pfx____sys_recvmsg+0x10/0x10 [ 1936.512236][ T3284] ? __pfx___might_resched+0x10/0x10 [ 1936.512262][ T3284] do_recvmmsg+0x301/0x760 [ 1936.512287][ T3284] ? __pfx_do_recvmmsg+0x10/0x10 [ 1936.512307][ T3284] ? ksys_write+0x190/0x250 [ 1936.512333][ T3284] ? ksys_write+0x190/0x250 [ 1936.512358][ T3284] ? __mutex_unlock_slowpath+0x15c/0x790 [ 1936.512383][ T3284] ? __fget_files+0x21f/0x3d0 [ 1936.512401][ T3284] __x64_sys_recvmmsg+0x22a/0x280 [ 1936.512428][ T3284] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1936.512453][ T3284] do_syscall_64+0x106/0xf80 [ 1936.512470][ T3284] ? clear_bhb_loop+0x40/0x90 [ 1936.512490][ T3284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1936.512506][ T3284] RIP: 0033:0x7ff001f9c799 [ 1936.512519][ T3284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1936.512535][ T3284] RSP: 002b:00007ff0001d5028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1936.512550][ T3284] RAX: ffffffffffffffda RBX: 00007ff002216090 RCX: 00007ff001f9c799 [ 1936.512560][ T3284] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000003 [ 1936.512570][ T3284] RBP: 00007ff0001d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1936.512579][ T3284] R10: 00000000000066a6 R11: 0000000000000246 R12: 0000000000000001 [ 1936.512588][ T3284] R13: 00007ff002216128 R14: 00007ff002216090 R15: 00007ffd7834b568 [ 1936.512608][ T3284] [ 1936.919868][ T3292] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 1936.947639][ T3294] random: crng reseeded on system resumption [ 1937.137595][ T3289] zswap: compressor not available [ 1937.190311][ T3302] sp0: Synchronizing with TNC [ 1937.409601][ T3313] busy [ 1937.500195][ T3315] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5234'. [ 1937.634392][ T3322] Invalid ELF header magic: != ELF [ 1937.694569][ T3327] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5237'. [ 1937.848399][ T3333] random: crng reseeded on system resumption [ 1937.856923][ T3332] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5240'. [ 1938.512326][ T3380] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5246'. [ 1938.617301][ T3385] netlink: 342 bytes leftover after parsing attributes in process `syz.3.5248'. [ 1938.668615][ T3384] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5249'. [ 1938.835647][ T3401] sp0: Synchronizing with TNC [ 1939.148606][ T3405] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5253'. [ 1939.236100][ T3405] Invalid ELF header magic: != ELF [ 1939.250232][ T3407] FAULT_INJECTION: forcing a failure. [ 1939.250232][ T3407] name failslab, interval 1, probability 0, space 0, times 0 [ 1939.277924][ T3407] CPU: 0 UID: 0 PID: 3407 Comm: syz.1.5254 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1939.277960][ T3407] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1939.277969][ T3407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1939.277979][ T3407] Call Trace: [ 1939.277986][ T3407] [ 1939.277993][ T3407] dump_stack_lvl+0x100/0x190 [ 1939.278020][ T3407] should_fail_ex.cold+0x5/0xa [ 1939.278039][ T3407] should_failslab+0xc2/0x120 [ 1939.278055][ T3407] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1939.278075][ T3407] ? binder_get_thread+0x201/0x850 [ 1939.278099][ T3407] binder_get_thread+0x201/0x850 [ 1939.278121][ T3407] binder_ioctl+0x26f/0x7610 [ 1939.278142][ T3407] ? tomoyo_path_number_perm+0x28f/0x580 [ 1939.278171][ T3407] ? tomoyo_path_number_perm+0x28f/0x580 [ 1939.278198][ T3407] ? tomoyo_path_number_perm+0x188/0x580 [ 1939.278223][ T3407] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1939.278245][ T3407] ? futex_wait+0x125/0x380 [ 1939.278270][ T3407] ? __pfx_binder_ioctl+0x10/0x10 [ 1939.278299][ T3407] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1939.278325][ T3407] ? do_vfs_ioctl+0x226/0x13e0 [ 1939.278347][ T3407] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1939.278374][ T3407] ? find_held_lock+0x2b/0x80 [ 1939.278389][ T3407] ? __fget_files+0x215/0x3d0 [ 1939.278404][ T3407] ? hook_file_ioctl_common+0x146/0x410 [ 1939.278431][ T3407] ? __fget_files+0x21f/0x3d0 [ 1939.278448][ T3407] ? __pfx_binder_ioctl+0x10/0x10 [ 1939.278469][ T3407] __x64_sys_ioctl+0x18e/0x210 [ 1939.278491][ T3407] do_syscall_64+0x106/0xf80 [ 1939.278508][ T3407] ? clear_bhb_loop+0x40/0x90 [ 1939.278528][ T3407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1939.278544][ T3407] RIP: 0033:0x7f5dd959c799 [ 1939.278558][ T3407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1939.278573][ T3407] RSP: 002b:00007f5dda3f3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1939.278589][ T3407] RAX: ffffffffffffffda RBX: 00007f5dd9815fa0 RCX: 00007f5dd959c799 [ 1939.278599][ T3407] RDX: 0000000000000000 RSI: 0000000040046207 RDI: 0000000000000002 [ 1939.278608][ T3407] RBP: 00007f5dd9632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1939.278618][ T3407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1939.278627][ T3407] R13: 00007f5dd9816038 R14: 00007f5dd9815fa0 R15: 00007ffd201ed0e8 [ 1939.278646][ T3407] [ 1939.278654][ T3407] binder: 3406:3407 ioctl 40046207 0 returned -12 [ 1939.863507][ T3423] FAULT_INJECTION: forcing a failure. [ 1939.863507][ T3423] name failslab, interval 1, probability 0, space 0, times 0 [ 1939.881942][ T3423] CPU: 0 UID: 0 PID: 3423 Comm: syz.2.5258 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1939.881976][ T3423] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1939.881984][ T3423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1939.881996][ T3423] Call Trace: [ 1939.882002][ T3423] [ 1939.882008][ T3423] dump_stack_lvl+0x100/0x190 [ 1939.882036][ T3423] should_fail_ex.cold+0x5/0xa [ 1939.882054][ T3423] ? tomoyo_encode2+0xfb/0x3c0 [ 1939.882070][ T3423] should_failslab+0xc2/0x120 [ 1939.882092][ T3423] __kmalloc_noprof+0xe0/0x850 [ 1939.882113][ T3423] ? d_absolute_path+0x136/0x1b0 [ 1939.882136][ T3423] tomoyo_encode2+0xfb/0x3c0 [ 1939.882166][ T3423] tomoyo_encode+0x29/0x50 [ 1939.882181][ T3423] tomoyo_realpath_from_path+0x18c/0x690 [ 1939.882202][ T3423] tomoyo_path_number_perm+0x23c/0x580 [ 1939.882225][ T3423] ? tomoyo_path_number_perm+0x22e/0x580 [ 1939.882249][ T3423] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1939.882290][ T3423] ? find_held_lock+0x2b/0x80 [ 1939.882304][ T3423] ? __fget_files+0x215/0x3d0 [ 1939.882317][ T3423] ? hook_file_ioctl_common+0x146/0x410 [ 1939.882345][ T3423] ? __fget_files+0x21f/0x3d0 [ 1939.882361][ T3423] security_file_ioctl+0xd3/0x230 [ 1939.882385][ T3423] __x64_sys_ioctl+0xb7/0x210 [ 1939.882408][ T3423] do_syscall_64+0x106/0xf80 [ 1939.882425][ T3423] ? clear_bhb_loop+0x40/0x90 [ 1939.882444][ T3423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1939.882459][ T3423] RIP: 0033:0x7f64a519c799 [ 1939.882473][ T3423] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1939.882488][ T3423] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1939.882503][ T3423] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1939.882513][ T3423] RDX: 0000200000000040 RSI: 0000000000005452 RDI: 0000000000000004 [ 1939.882523][ T3423] RBP: 00007f64a6054090 R08: 0000000000000000 R09: 0000000000000000 [ 1939.882532][ T3423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1939.882541][ T3423] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1939.882561][ T3423] [ 1939.882579][ T3423] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1940.342567][ T3429] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5259'. [ 1940.632817][ T3417] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1940.675302][ T3417] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1940.707271][ T3417] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1940.737030][ T3417] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1940.768953][ T3441] busy [ 1941.092952][ T3447] sock: sock_timestamping_bind_phc: sock not bind to device [ 1941.424048][ T3457] FAULT_INJECTION: forcing a failure. [ 1941.424048][ T3457] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1941.506617][ T3457] CPU: 0 UID: 0 PID: 3457 Comm: syz.2.5266 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1941.506650][ T3457] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1941.506659][ T3457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1941.506669][ T3457] Call Trace: [ 1941.506674][ T3457] [ 1941.506680][ T3457] dump_stack_lvl+0x100/0x190 [ 1941.506708][ T3457] should_fail_ex.cold+0x5/0xa [ 1941.506727][ T3457] _copy_from_user+0x2e/0xd0 [ 1941.506751][ T3457] get_timespec64+0x8b/0x1b0 [ 1941.506769][ T3457] ? __pfx_get_timespec64+0x10/0x10 [ 1941.506790][ T3457] __x64_sys_nanosleep+0xbe/0x2a0 [ 1941.506812][ T3457] ? __pfx___x64_sys_nanosleep+0x10/0x10 [ 1941.506840][ T3457] do_syscall_64+0x106/0xf80 [ 1941.506858][ T3457] ? clear_bhb_loop+0x40/0x90 [ 1941.506877][ T3457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1941.506892][ T3457] RIP: 0033:0x7f64a519c799 [ 1941.506905][ T3457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1941.506920][ T3457] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000023 [ 1941.506935][ T3457] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1941.506946][ T3457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1941.506955][ T3457] RBP: 00007f64a6054090 R08: 0000000000000000 R09: 0000000000000000 [ 1941.506964][ T3457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1941.506973][ T3457] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1941.506993][ T3457] [ 1941.937165][ T3465] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5269'. [ 1941.949550][T27029] Bluetooth: hci4: command 0x0c1a tx timeout [ 1941.958697][ T3466] FAULT_INJECTION: forcing a failure. [ 1941.958697][ T3466] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1941.993739][ T3466] CPU: 0 UID: 0 PID: 3466 Comm: syz.4.5267 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1941.993775][ T3466] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1941.993783][ T3466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1941.993792][ T3466] Call Trace: [ 1941.993797][ T3466] [ 1941.993803][ T3466] dump_stack_lvl+0x100/0x190 [ 1941.993830][ T3466] should_fail_ex.cold+0x5/0xa [ 1941.993849][ T3466] _copy_from_user+0x2e/0xd0 [ 1941.993874][ T3466] copy_mnt_id_req+0x108/0x350 [ 1941.993896][ T3466] __do_sys_listmount+0x184/0xee0 [ 1941.993922][ T3466] ? __fget_files+0x21f/0x3d0 [ 1941.993936][ T3466] ? __pfx___do_sys_listmount+0x10/0x10 [ 1941.993960][ T3466] ? fput+0x79/0x100 [ 1941.993985][ T3466] do_syscall_64+0x106/0xf80 [ 1941.994008][ T3466] ? clear_bhb_loop+0x40/0x90 [ 1941.994027][ T3466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1941.994042][ T3466] RIP: 0033:0x7fccd159c799 [ 1941.994056][ T3466] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1941.994071][ T3466] RSP: 002b:00007fcccf7f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1941.994085][ T3466] RAX: ffffffffffffffda RBX: 00007fccd1816090 RCX: 00007fccd159c799 [ 1941.994096][ T3466] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 1941.994105][ T3466] RBP: 00007fcccf7f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1941.994114][ T3466] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 1941.994123][ T3466] R13: 00007fccd1816128 R14: 00007fccd1816090 R15: 00007ffe47eb9a28 [ 1941.994142][ T3466] [ 1942.315592][ T3476] sctp: [Deprecated]: syz.3.5272 (pid 3476) Use of int in max_burst socket option. [ 1942.315592][ T3476] Use struct sctp_assoc_value instead [ 1942.509269][ T3479] FAULT_INJECTION: forcing a failure. [ 1942.509269][ T3479] name failslab, interval 1, probability 0, space 0, times 0 [ 1942.586372][ T3479] CPU: 0 UID: 0 PID: 3479 Comm: syz.2.5273 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1942.586408][ T3479] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1942.586416][ T3479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1942.586426][ T3479] Call Trace: [ 1942.586432][ T3479] [ 1942.586438][ T3479] dump_stack_lvl+0x100/0x190 [ 1942.586467][ T3479] should_fail_ex.cold+0x5/0xa [ 1942.586485][ T3479] ? iter_file_splice_write+0x1d8/0x10a0 [ 1942.586499][ T3479] should_failslab+0xc2/0x120 [ 1942.586515][ T3479] __kmalloc_noprof+0xe0/0x850 [ 1942.586541][ T3479] iter_file_splice_write+0x1d8/0x10a0 [ 1942.586555][ T3479] ? lockdep_hardirqs_on+0x78/0x100 [ 1942.586576][ T3479] ? copy_splice_read+0x734/0xb90 [ 1942.586599][ T3479] ? kfree+0x1f6/0x6b0 [ 1942.586622][ T3479] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1942.586637][ T3479] ? __lock_acquire+0x4a5/0x2630 [ 1942.586658][ T3479] ? __pfx_copy_splice_read+0x10/0x10 [ 1942.586691][ T3479] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1942.586708][ T3479] direct_splice_actor+0x192/0x6c0 [ 1942.586733][ T3479] splice_direct_to_actor+0x345/0xa30 [ 1942.586759][ T3479] ? __pfx_direct_splice_actor+0x10/0x10 [ 1942.586786][ T3479] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1942.586815][ T3479] do_splice_direct+0x174/0x240 [ 1942.586830][ T3479] ? __pfx_do_splice_direct+0x10/0x10 [ 1942.586855][ T3479] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1942.586881][ T3479] ? rw_verify_area+0xce/0x6d0 [ 1942.586904][ T3479] do_sendfile+0xadc/0xe20 [ 1942.586930][ T3479] ? __pfx_do_sendfile+0x10/0x10 [ 1942.586952][ T3479] ? __fget_files+0x21f/0x3d0 [ 1942.586971][ T3479] __x64_sys_sendfile64+0x1d8/0x220 [ 1942.586988][ T3479] ? ksys_write+0x1ac/0x250 [ 1942.587009][ T3479] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1942.587032][ T3479] do_syscall_64+0x106/0xf80 [ 1942.587055][ T3479] ? clear_bhb_loop+0x40/0x90 [ 1942.587074][ T3479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1942.587090][ T3479] RIP: 0033:0x7f64a519c799 [ 1942.587103][ T3479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1942.587117][ T3479] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1942.587132][ T3479] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1942.587142][ T3479] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1942.587151][ T3479] RBP: 00007f64a6054090 R08: 0000000000000000 R09: 0000000000000000 [ 1942.587161][ T3479] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 1942.587170][ T3479] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1942.587190][ T3479] [ 1942.918894][T27029] Bluetooth: hci3: command 0x0c1a tx timeout [ 1942.925624][T27029] Bluetooth: hci0: command 0x0c1a tx timeout [ 1942.931798][T27029] Bluetooth: hci1: command 0x0c1a tx timeout [ 1943.941338][ T3481] FAULT_INJECTION: forcing a failure. [ 1943.941338][ T3481] name failslab, interval 1, probability 0, space 0, times 0 [ 1944.015950][ T3481] CPU: 0 UID: 0 PID: 3481 Comm: syz.3.5274 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1944.015985][ T3481] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1944.015994][ T3481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1944.016003][ T3481] Call Trace: [ 1944.016009][ T3481] [ 1944.016015][ T3481] dump_stack_lvl+0x100/0x190 [ 1944.016044][ T3481] should_fail_ex.cold+0x5/0xa [ 1944.016063][ T3481] ? tomoyo_encode2+0xfb/0x3c0 [ 1944.016079][ T3481] should_failslab+0xc2/0x120 [ 1944.016095][ T3481] __kmalloc_noprof+0xe0/0x850 [ 1944.016121][ T3481] tomoyo_encode2+0xfb/0x3c0 [ 1944.016140][ T3481] tomoyo_encode+0x29/0x50 [ 1944.016155][ T3481] tomoyo_realpath_from_path+0x18c/0x690 [ 1944.016176][ T3481] tomoyo_path_number_perm+0x23c/0x580 [ 1944.016199][ T3481] ? tomoyo_path_number_perm+0x22e/0x580 [ 1944.016223][ T3481] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1944.016264][ T3481] ? find_held_lock+0x2b/0x80 [ 1944.016278][ T3481] ? __fget_files+0x215/0x3d0 [ 1944.016291][ T3481] ? hook_file_ioctl_common+0x146/0x410 [ 1944.016319][ T3481] ? __fget_files+0x21f/0x3d0 [ 1944.016336][ T3481] security_file_ioctl+0xd3/0x230 [ 1944.016360][ T3481] __x64_sys_ioctl+0xb7/0x210 [ 1944.016383][ T3481] do_syscall_64+0x106/0xf80 [ 1944.016400][ T3481] ? clear_bhb_loop+0x40/0x90 [ 1944.016419][ T3481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1944.016436][ T3481] RIP: 0033:0x7ff001f9c799 [ 1944.016449][ T3481] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1944.016463][ T3481] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1944.016479][ T3481] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1944.016489][ T3481] RDX: 0000000000000008 RSI: 0000000000008941 RDI: 0000000000000004 [ 1944.016498][ T3481] RBP: 00007ff0001f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1944.016507][ T3481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1944.016516][ T3481] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1944.016536][ T3481] [ 1944.016550][ T3481] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1944.297181][ T3503] netlink: 206 bytes leftover after parsing attributes in process `syz.2.5280'. [ 1944.382394][ T3505] sock: sock_timestamping_bind_phc: sock not bind to device [ 1944.873059][ T3517] zswap: compressor not available [ 1945.131326][ T3507] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1945.158535][ T3507] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1945.200807][ T3507] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1945.233883][ T3507] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1946.354665][ T3560] FAULT_INJECTION: forcing a failure. [ 1946.354665][ T3560] name failslab, interval 1, probability 0, space 0, times 0 [ 1946.405014][T27029] Bluetooth: hci4: command 0x0c1a tx timeout [ 1946.426180][ T3560] CPU: 0 UID: 0 PID: 3560 Comm: syz.3.5292 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1946.426214][ T3560] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1946.426223][ T3560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1946.426232][ T3560] Call Trace: [ 1946.426238][ T3560] [ 1946.426244][ T3560] dump_stack_lvl+0x100/0x190 [ 1946.426272][ T3560] should_fail_ex.cold+0x5/0xa [ 1946.426290][ T3560] should_failslab+0xc2/0x120 [ 1946.426307][ T3560] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1946.426332][ T3560] ? copy_process+0x48b/0x7a10 [ 1946.426350][ T3560] ? rcu_is_watching+0x12/0xc0 [ 1946.426375][ T3560] copy_process+0x48b/0x7a10 [ 1946.426392][ T3560] ? __lock_acquire+0x4a5/0x2630 [ 1946.426419][ T3560] ? __pfx_copy_process+0x10/0x10 [ 1946.426436][ T3560] ? find_held_lock+0x2b/0x80 [ 1946.426458][ T3560] kernel_clone+0xfc/0x9a0 [ 1946.426473][ T3560] ? find_held_lock+0x2b/0x80 [ 1946.426488][ T3560] ? __pfx_kernel_clone+0x10/0x10 [ 1946.426515][ T3560] __do_sys_clone+0xd9/0x120 [ 1946.426533][ T3560] ? __pfx___do_sys_clone+0x10/0x10 [ 1946.426557][ T3560] ? ksys_write+0x1ac/0x250 [ 1946.426580][ T3560] ? __pfx_ksys_write+0x10/0x10 [ 1946.426608][ T3560] do_syscall_64+0x106/0xf80 [ 1946.426626][ T3560] ? clear_bhb_loop+0x40/0x90 [ 1946.426644][ T3560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1946.426660][ T3560] RIP: 0033:0x7ff001f9c799 [ 1946.426674][ T3560] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1946.426689][ T3560] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1946.426704][ T3560] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1946.426715][ T3560] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000df00 [ 1946.426724][ T3560] RBP: 00007ff0001f6090 R08: 0000000000000042 R09: 0000000000000000 [ 1946.426733][ T3560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1946.426742][ T3560] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1946.426762][ T3560] [ 1946.986119][ T3580] .^: entered promiscuous mode [ 1947.244638][T27029] Bluetooth: hci3: command 0x0c1a tx timeout [ 1947.251880][T27029] Bluetooth: hci0: command 0x0c1a tx timeout [ 1947.325471][T27030] Bluetooth: hci1: command 0x0c1a tx timeout [ 1947.677707][ T3582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 1947.692136][ T3582] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1947.764567][ T3582] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1947.772160][ T3582] page_type: f5(slab) [ 1947.861949][ T3582] raw: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122 [ 1947.938037][ T3582] raw: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 1947.983271][ T3603] sp0: Synchronizing with TNC [ 1948.014757][ T3582] head: 00fff00000000040 ffff88813fe3d140 dead000000000100 dead000000000122 [ 1948.081477][ T3582] head: 0000000000000000 0000000800040004 00000000f5000000 0000000000000000 [ 1948.126092][ T3582] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 1948.180028][ T3582] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1948.238518][ T3582] page dumped because: unmovable page [ 1948.275116][ T3582] page_owner tracks the page as allocated [ 1948.325876][ T3582] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2341, tgid 2340 (syz.1.5014), ts 1901915268016, free_ts 1901840252463 [ 1948.449436][ T3582] post_alloc_hook+0x153/0x170 [ 1948.472093][ T3582] get_page_from_freelist+0x111d/0x3140 [ 1948.499436][ T3582] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 1948.528213][ T3582] new_slab+0xa6/0x6d0 [ 1948.549994][ T3582] refill_objects+0x26b/0x400 [ 1948.586794][ T3582] __pcs_replace_empty_main+0x19f/0x600 [ 1948.603648][ T3582] __kvmalloc_node_noprof+0x7da/0xa00 [ 1948.629217][ T3582] bucket_table_alloc.isra.0+0x88/0x460 [ 1948.658006][ T3582] rhashtable_init_noprof+0x43b/0x7d0 [ 1948.684990][ T3582] tipc_init_net+0x309/0x430 [ 1948.699374][ T3582] ops_init+0x1e2/0x5f0 [ 1948.715004][ T3582] setup_net+0x118/0x3a0 [ 1948.734996][ T3582] copy_net_ns+0x46f/0x7c0 [ 1948.749887][ T3582] create_new_namespaces+0x3ea/0xac0 [ 1948.772097][ T3582] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1948.790809][ T3582] ksys_unshare+0x473/0xad0 [ 1948.801443][ T3582] page last free pid 5812 tgid 5812 stack trace: [ 1948.816161][ T3607] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1948.823673][ T3582] __free_frozen_pages+0x7e1/0x10d0 [ 1948.829361][ T3582] __folio_put+0x3b4/0x540 [ 1948.846311][ T3607] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1948.852987][ T3582] skb_release_data+0x667/0x9d0 [ 1948.863110][ T3607] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1948.873228][ T3582] __kfree_skb+0x4f/0x70 [ 1948.879930][ T3607] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1948.889852][ T3582] tcp_ack+0x2072/0x74f0 [ 1948.900247][ T3582] tcp_rcv_established+0x1175/0x3980 [ 1948.909915][ T3582] tcp_v4_do_rcv+0xc64/0x10a0 [ 1948.920084][ T3582] __release_sock+0x35a/0x440 [ 1948.930238][ T3582] release_sock+0x5a/0x220 [ 1948.940401][ T3582] tcp_sendmsg+0x38/0x50 [ 1948.949233][ T3582] inet_sendmsg+0xb9/0x140 [ 1948.964916][ T3582] sock_write_iter+0x509/0x610 [ 1948.969778][ T3582] vfs_write+0x6ac/0x1070 [ 1948.983671][ T3582] ksys_write+0x1f8/0x250 [ 1948.989985][ T3582] do_syscall_64+0x106/0xf80 [ 1949.000108][ T3582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1950.243808][T27030] Bluetooth: hci4: command 0x0c1a tx timeout [ 1950.545191][ T3643] random: crng reseeded on system resumption [ 1950.886009][T27030] Bluetooth: hci1: command 0x0c1a tx timeout [ 1950.892349][T27030] Bluetooth: hci3: command 0x0c1a tx timeout [ 1950.901371][T27029] Bluetooth: hci0: command 0x0c1a tx timeout [ 1951.857074][ T3675] FAULT_INJECTION: forcing a failure. [ 1951.857074][ T3675] name failslab, interval 1, probability 0, space 0, times 0 [ 1951.905049][ T3675] CPU: 0 UID: 0 PID: 3675 Comm: syz.3.5321 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1951.905087][ T3675] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1951.905096][ T3675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1951.905106][ T3675] Call Trace: [ 1951.905112][ T3675] [ 1951.905119][ T3675] dump_stack_lvl+0x100/0x190 [ 1951.905147][ T3675] should_fail_ex.cold+0x5/0xa [ 1951.905177][ T3675] should_failslab+0xc2/0x120 [ 1951.905194][ T3675] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1951.905216][ T3675] ? mas_alloc_nodes+0x280/0x390 [ 1951.905235][ T3675] mas_alloc_nodes+0x280/0x390 [ 1951.905252][ T3675] mas_preallocate+0x39c/0xf10 [ 1951.905271][ T3675] ? __memcg_slab_post_alloc_hook+0x420/0x9a0 [ 1951.905292][ T3675] ? __pfx_mas_preallocate+0x10/0x10 [ 1951.905317][ T3675] ? anon_vma_name+0x5a/0x250 [ 1951.905341][ T3675] __split_vma+0x33d/0xd90 [ 1951.905372][ T3675] ? __pfx___split_vma+0x10/0x10 [ 1951.905396][ T3675] ? finish_task_switch.isra.0+0x200/0xb80 [ 1951.905419][ T3675] vma_modify+0x1121/0x2250 [ 1951.905443][ T3675] ? __schedule+0x1000/0x6120 [ 1951.905460][ T3675] ? __pfx_vma_modify+0x10/0x10 [ 1951.905486][ T3675] vma_modify_flags+0x257/0x3d0 [ 1951.905508][ T3675] ? __pfx_vma_modify_flags+0x10/0x10 [ 1951.905528][ T3675] ? __pfx___schedule+0x10/0x10 [ 1951.905551][ T3675] ? mtree_range_walk+0x6ce/0xcd0 [ 1951.905572][ T3675] mlock_fixup+0x302/0xf00 [ 1951.905595][ T3675] ? __pfx_mlock_fixup+0x10/0x10 [ 1951.905621][ T3675] apply_vma_lock_flags+0x256/0x370 [ 1951.905644][ T3675] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 1951.905665][ T3675] ? __pfx___might_resched+0x10/0x10 [ 1951.905692][ T3675] ? __pfx_down_write_killable+0x10/0x10 [ 1951.905714][ T3675] ? do_futex+0x192/0x350 [ 1951.905735][ T3675] do_mlock+0x261/0x7f0 [ 1951.905758][ T3675] ? __pfx_do_mlock+0x10/0x10 [ 1951.905777][ T3675] ? __x64_sys_futex+0x34f/0x4d0 [ 1951.905795][ T3675] ? __x64_sys_futex+0x358/0x4d0 [ 1951.905813][ T3675] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1951.905829][ T3675] ? xfd_validate_state+0x129/0x190 [ 1951.905856][ T3675] __x64_sys_mlock+0x59/0x80 [ 1951.905878][ T3675] do_syscall_64+0x106/0xf80 [ 1951.905895][ T3675] ? clear_bhb_loop+0x40/0x90 [ 1951.905913][ T3675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1951.905929][ T3675] RIP: 0033:0x7ff001f9c799 [ 1951.905944][ T3675] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1951.905958][ T3675] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 1951.905974][ T3675] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1951.905985][ T3675] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000fbe8 [ 1951.905994][ T3675] RBP: 00007ff002032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1951.906004][ T3675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1951.906013][ T3675] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1951.906034][ T3675] [ 1952.235436][ T3675] block2mtd: parameter too long [ 1953.331963][ T3704] sp0: Synchronizing with TNC [ 1953.900602][ T3713] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1954.317808][ T3723] netlink: 93 bytes leftover after parsing attributes in process `syz.1.5336'. [ 1955.026000][ T3737] sock: sock_timestamping_bind_phc: sock not bind to device [ 1955.096199][ T3741] FAULT_INJECTION: forcing a failure. [ 1955.096199][ T3741] name failslab, interval 1, probability 0, space 0, times 0 [ 1955.144588][ T3741] CPU: 0 UID: 0 PID: 3741 Comm: syz.2.5342 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1955.144629][ T3741] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1955.144639][ T3741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1955.144648][ T3741] Call Trace: [ 1955.144654][ T3741] [ 1955.144661][ T3741] dump_stack_lvl+0x100/0x190 [ 1955.144689][ T3741] should_fail_ex.cold+0x5/0xa [ 1955.144707][ T3741] should_failslab+0xc2/0x120 [ 1955.144723][ T3741] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1955.144743][ T3741] ? snd_pcm_oss_change_params_locked+0x211/0x39f0 [ 1955.144777][ T3741] snd_pcm_oss_change_params_locked+0x211/0x39f0 [ 1955.144802][ T3741] ? rcu_is_watching+0x12/0xc0 [ 1955.144825][ T3741] ? trace_contention_end+0x140/0x180 [ 1955.144849][ T3741] ? snd_pcm_oss_write+0x49a/0xa30 [ 1955.144873][ T3741] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1955.144899][ T3741] ? __pfx___mutex_lock+0x10/0x10 [ 1955.144929][ T3741] ? __pfx___might_resched+0x10/0x10 [ 1955.144951][ T3741] ? get_pid_task+0xfc/0x250 [ 1955.144971][ T3741] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1955.144996][ T3741] snd_pcm_oss_write+0x4bb/0xa30 [ 1955.145020][ T3741] ? bpf_lsm_file_permission+0x9/0x10 [ 1955.145043][ T3741] ? security_file_permission+0x76/0x210 [ 1955.145064][ T3741] vfs_write+0x2aa/0x1070 [ 1955.145087][ T3741] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 1955.145112][ T3741] ? __pfx_vfs_write+0x10/0x10 [ 1955.145138][ T3741] ? find_held_lock+0x2b/0x80 [ 1955.145152][ T3741] ? __fget_files+0x215/0x3d0 [ 1955.145165][ T3741] ? __fget_files+0x215/0x3d0 [ 1955.145182][ T3741] ? __fget_files+0x21f/0x3d0 [ 1955.145201][ T3741] ksys_write+0x12a/0x250 [ 1955.145223][ T3741] ? __pfx_ksys_write+0x10/0x10 [ 1955.145256][ T3741] do_syscall_64+0x106/0xf80 [ 1955.145274][ T3741] ? clear_bhb_loop+0x40/0x90 [ 1955.145292][ T3741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1955.145309][ T3741] RIP: 0033:0x7f64a519c799 [ 1955.145322][ T3741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1955.145336][ T3741] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1955.145351][ T3741] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1955.145361][ T3741] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1955.145370][ T3741] RBP: 00007f64a6054090 R08: 0000000000000000 R09: 0000000000000000 [ 1955.145379][ T3741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1955.145388][ T3741] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1955.145408][ T3741] [ 1955.454879][ T3743] sock: sock_timestamping_bind_phc: sock not bind to device [ 1955.830197][ T3757] FAULT_INJECTION: forcing a failure. [ 1955.830197][ T3757] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1955.870565][ T3757] CPU: 0 UID: 0 PID: 3757 Comm: syz.3.5348 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1955.870600][ T3757] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1955.870609][ T3757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1955.870618][ T3757] Call Trace: [ 1955.870624][ T3757] [ 1955.870630][ T3757] dump_stack_lvl+0x100/0x190 [ 1955.870658][ T3757] should_fail_ex.cold+0x5/0xa [ 1955.870677][ T3757] _copy_from_user+0x2e/0xd0 [ 1955.870702][ T3757] kstrtouint_from_user+0xd6/0x1d0 [ 1955.870722][ T3757] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 1955.870740][ T3757] ? __lock_acquire+0x4a5/0x2630 [ 1955.870761][ T3757] ? lock_acquire+0x1cf/0x380 [ 1955.870784][ T3757] proc_fail_nth_write+0x83/0x220 [ 1955.870803][ T3757] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1955.870827][ T3757] vfs_write+0x2aa/0x1070 [ 1955.870851][ T3757] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1955.870871][ T3757] ? __pfx_vfs_write+0x10/0x10 [ 1955.870893][ T3757] ? __fget_files+0x215/0x3d0 [ 1955.870911][ T3757] ? __fget_files+0x21f/0x3d0 [ 1955.870930][ T3757] ksys_write+0x12a/0x250 [ 1955.870952][ T3757] ? __pfx_ksys_write+0x10/0x10 [ 1955.870985][ T3757] do_syscall_64+0x106/0xf80 [ 1955.871003][ T3757] ? clear_bhb_loop+0x40/0x90 [ 1955.871022][ T3757] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1955.871038][ T3757] RIP: 0033:0x7ff001f5cfce [ 1955.871058][ T3757] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1955.871072][ T3757] RSP: 002b:00007ff0001d4fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1955.871087][ T3757] RAX: ffffffffffffffda RBX: 00007ff0001d56c0 RCX: 00007ff001f5cfce [ 1955.871097][ T3757] RDX: 0000000000000001 RSI: 00007ff0001d50a0 RDI: 0000000000000006 [ 1955.871107][ T3757] RBP: 00007ff0001d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1955.871115][ T3757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1955.871124][ T3757] R13: 00007ff002216128 R14: 00007ff002216090 R15: 00007ffd7834b568 [ 1955.871145][ T3757] [ 1956.366895][ T3763] FAULT_INJECTION: forcing a failure. [ 1956.366895][ T3763] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1956.415189][ T3763] CPU: 0 UID: 0 PID: 3763 Comm: syz.2.5350 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1956.415224][ T3763] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1956.415232][ T3763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1956.415242][ T3763] Call Trace: [ 1956.415247][ T3763] [ 1956.415254][ T3763] dump_stack_lvl+0x100/0x190 [ 1956.415282][ T3763] should_fail_ex.cold+0x5/0xa [ 1956.415298][ T3763] ? prepare_alloc_pages+0x16d/0x5f0 [ 1956.415318][ T3763] should_fail_alloc_page+0xeb/0x140 [ 1956.415335][ T3763] prepare_alloc_pages+0x1f0/0x5f0 [ 1956.415355][ T3763] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1956.415380][ T3763] ? stack_trace_save+0x8e/0xc0 [ 1956.415395][ T3763] ? __pfx_stack_trace_save+0x10/0x10 [ 1956.415411][ T3763] ? stack_depot_save_flags+0x27/0x9d0 [ 1956.415431][ T3763] ? kasan_save_stack+0x3f/0x50 [ 1956.415453][ T3763] ? kasan_save_stack+0x30/0x50 [ 1956.415474][ T3763] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1956.415496][ T3763] ? __pmd_alloc+0xbf/0x9c0 [ 1956.415511][ T3763] ? __handle_mm_fault+0xa99/0x2b60 [ 1956.415530][ T3763] ? handle_mm_fault+0x36d/0xa20 [ 1956.415548][ T3763] ? exc_page_fault+0x6f/0xd0 [ 1956.415565][ T3763] ? rep_movs_alternative+0xf/0x90 [ 1956.415586][ T3763] ? _copy_from_user+0x98/0xd0 [ 1956.415608][ T3763] ? sk_setsockopt+0x2ee/0x5230 [ 1956.415626][ T3763] ? do_sock_setsockopt+0x193/0x1d0 [ 1956.415646][ T3763] ? __sys_setsockopt+0x119/0x190 [ 1956.415661][ T3763] ? __x64_sys_setsockopt+0xbd/0x160 [ 1956.415677][ T3763] ? do_syscall_64+0x106/0xf80 [ 1956.415693][ T3763] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1956.415717][ T3763] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1956.415743][ T3763] ? policy_nodemask+0xed/0x4f0 [ 1956.415761][ T3763] alloc_pages_mpol+0x1fb/0x550 [ 1956.415785][ T3763] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1956.415806][ T3763] alloc_pages_noprof+0x131/0x390 [ 1956.415823][ T3763] pte_alloc_one+0x1e/0x3e0 [ 1956.415840][ T3763] do_fault+0x8cc/0x1950 [ 1956.415857][ T3763] ? __pmd_alloc+0x6aa/0x9c0 [ 1956.415875][ T3763] __handle_mm_fault+0x180f/0x2b60 [ 1956.415898][ T3763] ? mt_find+0x45e/0x8e0 [ 1956.415917][ T3763] ? __pfx___handle_mm_fault+0x10/0x10 [ 1956.415936][ T3763] ? __pfx_mt_find+0x10/0x10 [ 1956.415965][ T3763] ? find_vma+0xbf/0x140 [ 1956.415978][ T3763] ? __pfx_find_vma+0x10/0x10 [ 1956.415994][ T3763] handle_mm_fault+0x36d/0xa20 [ 1956.416022][ T3763] do_user_addr_fault+0x74c/0x12f0 [ 1956.416051][ T3763] exc_page_fault+0x6f/0xd0 [ 1956.416069][ T3763] asm_exc_page_fault+0x26/0x30 [ 1956.416085][ T3763] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 1956.416108][ T3763] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 [ 1956.416123][ T3763] RSP: 0018:ffffc90004447c58 EFLAGS: 00050202 [ 1956.416136][ T3763] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 1956.416145][ T3763] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90004447cf0 [ 1956.416155][ T3763] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52000888f9e [ 1956.416167][ T3763] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 1956.416176][ T3763] R13: ffffc90004447cf0 R14: 0000000000000000 R15: 0000000000000000 [ 1956.416195][ T3763] _copy_from_user+0x98/0xd0 [ 1956.416219][ T3763] sk_setsockopt+0x2ee/0x5230 [ 1956.416238][ T3763] ? __pfx___might_resched+0x10/0x10 [ 1956.416266][ T3763] ? __pfx_sk_setsockopt+0x10/0x10 [ 1956.416294][ T3763] ? ksys_write+0x190/0x250 [ 1956.416317][ T3763] ? preempt_schedule_irq+0x7b/0x90 [ 1956.416334][ T3763] ? __pfx_aa_sk_perm+0x10/0x10 [ 1956.416357][ T3763] ? irqentry_exit+0x180/0x670 [ 1956.416378][ T3763] ? aa_sock_opt_perm+0xfe/0x1b0 [ 1956.416400][ T3763] do_sock_setsockopt+0x193/0x1d0 [ 1956.416424][ T3763] __sys_setsockopt+0x119/0x190 [ 1956.416444][ T3763] __x64_sys_setsockopt+0xbd/0x160 [ 1956.416460][ T3763] ? do_syscall_64+0x95/0xf80 [ 1956.416477][ T3763] ? lockdep_hardirqs_on+0x78/0x100 [ 1956.416494][ T3763] do_syscall_64+0x106/0xf80 [ 1956.416510][ T3763] ? clear_bhb_loop+0x40/0x90 [ 1956.416529][ T3763] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1956.416544][ T3763] RIP: 0033:0x7f64a519c799 [ 1956.416557][ T3763] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1956.416571][ T3763] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1956.416584][ T3763] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1956.416594][ T3763] RDX: 000000000000004a RSI: 0000000000000001 RDI: 0000000000000003 [ 1956.416603][ T3763] RBP: 00007f64a6054090 R08: 0000000000000009 R09: 0000000000000000 [ 1956.416612][ T3763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1956.416621][ T3763] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1956.416641][ T3763] [ 1956.906543][ T3753] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1956.912619][ T3753] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1956.918665][ T3753] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1956.924657][ T3753] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1957.556937][ T3771] FAULT_INJECTION: forcing a failure. [ 1957.556937][ T3771] name failslab, interval 1, probability 0, space 0, times 0 [ 1957.603758][ T3771] CPU: 0 UID: 0 PID: 3771 Comm: syz.1.5351 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1957.603801][ T3771] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1957.603811][ T3771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1957.603820][ T3771] Call Trace: [ 1957.603826][ T3771] [ 1957.603833][ T3771] dump_stack_lvl+0x100/0x190 [ 1957.603861][ T3771] should_fail_ex.cold+0x5/0xa [ 1957.603879][ T3771] should_failslab+0xc2/0x120 [ 1957.603896][ T3771] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1957.603919][ T3771] ? __alloc_skb+0x140/0x710 [ 1957.603939][ T3771] __alloc_skb+0x140/0x710 [ 1957.603954][ T3771] ? __alloc_skb+0x5b7/0x710 [ 1957.603969][ T3771] ? __pfx___alloc_skb+0x10/0x10 [ 1957.603991][ T3771] netlink_alloc_large_skb+0x69/0x150 [ 1957.604013][ T3771] netlink_sendmsg+0x680/0xda0 [ 1957.604036][ T3771] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1957.604054][ T3771] ? __import_iovec+0x1d2/0x640 [ 1957.604070][ T3771] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1957.604094][ T3771] ____sys_sendmsg+0xa54/0xc30 [ 1957.604118][ T3771] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1957.604148][ T3771] ___sys_sendmsg+0x190/0x1e0 [ 1957.604172][ T3771] ? __pfx____sys_sendmsg+0x10/0x10 [ 1957.604221][ T3771] __sys_sendmsg+0x170/0x220 [ 1957.604240][ T3771] ? __pfx___sys_sendmsg+0x10/0x10 [ 1957.604270][ T3771] do_syscall_64+0x106/0xf80 [ 1957.604287][ T3771] ? clear_bhb_loop+0x40/0x90 [ 1957.604306][ T3771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1957.604322][ T3771] RIP: 0033:0x7f5dd959c799 [ 1957.604335][ T3771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1957.604350][ T3771] RSP: 002b:00007f5dda3f3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1957.604366][ T3771] RAX: ffffffffffffffda RBX: 00007f5dd9815fa0 RCX: 00007f5dd959c799 [ 1957.604376][ T3771] RDX: 0000000010004010 RSI: 0000200000000100 RDI: 0000000000000003 [ 1957.604385][ T3771] RBP: 00007f5dda3f3090 R08: 0000000000000000 R09: 0000000000000000 [ 1957.604394][ T3771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1957.604403][ T3771] R13: 00007f5dd9816038 R14: 00007f5dd9815fa0 R15: 00007ffd201ed0e8 [ 1957.604423][ T3771] [ 1958.194729][ T3778] busy [ 1958.279458][ T1146] Bluetooth: hci4: command 0x0c1a tx timeout [ 1958.874153][ T3791] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 1959.087933][ T3798] pim6reg: entered allmulticast mode [ 1959.382615][ T3805] busy [ 1959.527346][T27030] Bluetooth: hci1: command 0x0c1a tx timeout [ 1959.533807][ T1146] Bluetooth: hci3: command 0x0c1a tx timeout [ 1959.539848][T27029] Bluetooth: hci0: command 0x0c1a tx timeout [ 1959.598189][ T3806] zswap: compressor not available [ 1960.574045][ T3832] sock: sock_timestamping_bind_phc: sock not bind to device [ 1961.237289][ T3841] FAULT_INJECTION: forcing a failure. [ 1961.237289][ T3841] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1961.290887][ T3841] CPU: 0 UID: 0 PID: 3841 Comm: syz.3.5373 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1961.290923][ T3841] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1961.290932][ T3841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1961.290942][ T3841] Call Trace: [ 1961.290950][ T3841] [ 1961.290956][ T3841] dump_stack_lvl+0x100/0x190 [ 1961.290985][ T3841] should_fail_ex.cold+0x5/0xa [ 1961.291004][ T3841] _copy_from_user+0x2e/0xd0 [ 1961.291029][ T3841] write_gssp+0x155/0x380 [ 1961.291044][ T3841] ? __pfx_write_gssp+0x10/0x10 [ 1961.291066][ T3841] ? __pfx_write_gssp+0x10/0x10 [ 1961.291081][ T3841] proc_reg_write+0x240/0x330 [ 1961.291105][ T3841] vfs_write+0x2aa/0x1070 [ 1961.291130][ T3841] ? __pfx_proc_reg_write+0x10/0x10 [ 1961.291154][ T3841] ? __pfx_vfs_write+0x10/0x10 [ 1961.291176][ T3841] ? __fget_files+0x215/0x3d0 [ 1961.291195][ T3841] ? __fget_files+0x21f/0x3d0 [ 1961.291214][ T3841] ksys_write+0x12a/0x250 [ 1961.291237][ T3841] ? __pfx_ksys_write+0x10/0x10 [ 1961.291265][ T3841] do_syscall_64+0x106/0xf80 [ 1961.291283][ T3841] ? clear_bhb_loop+0x40/0x90 [ 1961.291302][ T3841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1961.291317][ T3841] RIP: 0033:0x7ff001f9c799 [ 1961.291330][ T3841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1961.291345][ T3841] RSP: 002b:00007ff0001f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1961.291360][ T3841] RAX: ffffffffffffffda RBX: 00007ff002215fa0 RCX: 00007ff001f9c799 [ 1961.291370][ T3841] RDX: 0000000000000006 RSI: 0000000000000000 RDI: 0000000000000004 [ 1961.291379][ T3841] RBP: 00007ff0001f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1961.291388][ T3841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1961.291397][ T3841] R13: 00007ff002216038 R14: 00007ff002215fa0 R15: 00007ffd7834b568 [ 1961.291417][ T3841] [ 1962.004434][ T3857] sp0: Synchronizing with TNC [ 1962.133196][ T3847] zswap: compressor not available [ 1962.395601][ T3844] busy [ 1962.728423][ T3870] sock: sock_timestamping_bind_phc: sock not bind to device [ 1963.068934][ T3864] can: request_module (can-proto-0) failed. [ 1963.909346][ T3905] FAULT_INJECTION: forcing a failure. [ 1963.909346][ T3905] name failslab, interval 1, probability 0, space 0, times 0 [ 1963.967525][ T3905] CPU: 0 UID: 0 PID: 3905 Comm: syz.2.5387 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1963.967563][ T3905] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1963.967572][ T3905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1963.967586][ T3905] Call Trace: [ 1963.967592][ T3905] [ 1963.967598][ T3905] dump_stack_lvl+0x100/0x190 [ 1963.967627][ T3905] should_fail_ex.cold+0x5/0xa [ 1963.967646][ T3905] should_failslab+0xc2/0x120 [ 1963.967663][ T3905] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1963.967683][ T3905] ? binder_get_thread+0x201/0x850 [ 1963.967706][ T3905] binder_get_thread+0x201/0x850 [ 1963.967727][ T3905] binder_ioctl+0x26f/0x7610 [ 1963.967749][ T3905] ? tomoyo_path_number_perm+0x28f/0x580 [ 1963.967772][ T3905] ? tomoyo_path_number_perm+0x28f/0x580 [ 1963.967798][ T3905] ? tomoyo_path_number_perm+0x188/0x580 [ 1963.967822][ T3905] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1963.967844][ T3905] ? futex_wait+0x125/0x380 [ 1963.967869][ T3905] ? __pfx_binder_ioctl+0x10/0x10 [ 1963.967892][ T3905] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1963.967917][ T3905] ? do_vfs_ioctl+0x226/0x13e0 [ 1963.967938][ T3905] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1963.967964][ T3905] ? find_held_lock+0x2b/0x80 [ 1963.967978][ T3905] ? __fget_files+0x215/0x3d0 [ 1963.967991][ T3905] ? hook_file_ioctl_common+0x146/0x410 [ 1963.968018][ T3905] ? __fget_files+0x21f/0x3d0 [ 1963.968034][ T3905] ? __pfx_binder_ioctl+0x10/0x10 [ 1963.968055][ T3905] __x64_sys_ioctl+0x18e/0x210 [ 1963.968077][ T3905] do_syscall_64+0x106/0xf80 [ 1963.968094][ T3905] ? clear_bhb_loop+0x40/0x90 [ 1963.968112][ T3905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1963.968128][ T3905] RIP: 0033:0x7f64a519c799 [ 1963.968142][ T3905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1963.968156][ T3905] RSP: 002b:00007f64a6054028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1963.968172][ T3905] RAX: ffffffffffffffda RBX: 00007f64a5415fa0 RCX: 00007f64a519c799 [ 1963.968182][ T3905] RDX: 0000000000000000 RSI: 0000000040046207 RDI: 0000000000000002 [ 1963.968192][ T3905] RBP: 00007f64a5232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1963.968201][ T3905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1963.968210][ T3905] R13: 00007f64a5416038 R14: 00007f64a5415fa0 R15: 00007fff666e96c8 [ 1963.968231][ T3905] [ 1963.968238][ T3905] binder: 3902:3905 ioctl 40046207 0 returned -12 [ 1964.323715][ T3899] zswap: compressor not available [ 1966.081014][ T3935] [ 1966.083402][ T3935] ====================================================== [ 1966.090401][ T3935] WARNING: possible circular locking dependency detected [ 1966.097406][ T3935] syzkaller #0 Tainted: G U W L XTNJ [ 1966.103818][ T3935] ------------------------------------------------------ [ 1966.110901][ T3935] syz.3.5394/3935 is trying to acquire lock: [ 1966.116858][ T3935] ffff88802cbd5568 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0 [ 1966.128607][ T3935] [ 1966.128607][ T3935] but task is already holding lock: [ 1966.135986][ T3935] ffff88802cbd0260 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1966.144937][ T3935] [ 1966.144937][ T3935] which lock already depends on the new lock. [ 1966.144937][ T3935] [ 1966.155489][ T3935] [ 1966.155489][ T3935] the existing dependency chain (in reverse order) is: [ 1966.164476][ T3935] [ 1966.164476][ T3935] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 1966.172195][ T3935] lock_sock_nested+0x41/0xf0 [ 1966.177394][ T3935] smc_listen_out+0x1f5/0x4b0 [ 1966.182748][ T3935] smc_listen_work+0x4c2/0x50e0 [ 1966.188224][ T3935] process_one_work+0x9d7/0x1920 [ 1966.193674][ T3935] worker_thread+0x5da/0xe40 [ 1966.198770][ T3935] kthread+0x370/0x450 [ 1966.203347][ T3935] ret_from_fork+0x754/0xd80 [ 1966.208459][ T3935] ret_from_fork_asm+0x1a/0x30 [ 1966.213726][ T3935] [ 1966.213726][ T3935] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 1966.223870][ T3935] __lock_acquire+0x14b8/0x2630 [ 1966.229350][ T3935] lock_acquire+0x1cf/0x380 [ 1966.234378][ T3935] __flush_work+0x4de/0xcb0 [ 1966.239618][ T3935] cancel_work_sync+0xd1/0xf0 [ 1966.244819][ T3935] smc_clcsock_release+0x5f/0xe0 [ 1966.250279][ T3935] __smc_release+0x5c2/0x880 [ 1966.255493][ T3935] smc_close_non_accepted+0xda/0x200 [ 1966.261652][ T3935] smc_close_active+0x4ff/0x1070 [ 1966.267105][ T3935] __smc_release+0x634/0x880 [ 1966.272208][ T3935] smc_release+0x1fc/0x620 [ 1966.277225][ T3935] __sock_release+0xb3/0x260 [ 1966.282329][ T3935] sock_close+0x1c/0x30 [ 1966.286994][ T3935] __fput+0x3ff/0xb40 [ 1966.291487][ T3935] task_work_run+0x150/0x240 [ 1966.296595][ T3935] exit_to_user_mode_loop+0x100/0x4a0 [ 1966.302527][ T3935] do_syscall_64+0x668/0xf80 [ 1966.307725][ T3935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1966.314398][ T3935] [ 1966.314398][ T3935] other info that might help us debug this: [ 1966.314398][ T3935] [ 1966.324613][ T3935] Possible unsafe locking scenario: [ 1966.324613][ T3935] [ 1966.332424][ T3935] CPU0 CPU1 [ 1966.337781][ T3935] ---- ---- [ 1966.343129][ T3935] lock(sk_lock-AF_SMC/1); [ 1966.347622][ T3935] lock((work_completion)(&new_smc->smc_listen_work)); [ 1966.357056][ T3935] lock(sk_lock-AF_SMC/1); [ 1966.364076][ T3935] lock((work_completion)(&new_smc->smc_listen_work)); [ 1966.371010][ T3935] [ 1966.371010][ T3935] *** DEADLOCK *** [ 1966.371010][ T3935] [ 1966.379229][ T3935] 3 locks held by syz.3.5394/3935: [ 1966.384407][ T3935] #0: ffff88805b7935c8 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 1966.394931][ T3935] #1: ffff88802cbd0260 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1966.404325][ T3935] #2: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0 [ 1966.413537][ T3935] [ 1966.413537][ T3935] stack backtrace: [ 1966.419422][ T3935] CPU: 0 UID: 0 PID: 3935 Comm: syz.3.5394 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1966.419456][ T3935] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1966.419464][ T3935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1966.419474][ T3935] Call Trace: [ 1966.419482][ T3935] [ 1966.419489][ T3935] dump_stack_lvl+0x100/0x190 [ 1966.419514][ T3935] print_circular_bug.cold+0x178/0x1c7 [ 1966.419538][ T3935] check_noncircular+0x146/0x160 [ 1966.419559][ T3935] __lock_acquire+0x14b8/0x2630 [ 1966.419579][ T3935] lock_acquire+0x1cf/0x380 [ 1966.419596][ T3935] ? __flush_work+0x4ca/0xcb0 [ 1966.419619][ T3935] ? __flush_work+0x4ca/0xcb0 [ 1966.419639][ T3935] __flush_work+0x4de/0xcb0 [ 1966.419658][ T3935] ? __flush_work+0x4ca/0xcb0 [ 1966.419680][ T3935] ? __pfx___flush_work+0x10/0x10 [ 1966.419701][ T3935] ? __pfx_wq_barrier_func+0x10/0x10 [ 1966.419720][ T3935] ? __pfx___might_resched+0x10/0x10 [ 1966.419742][ T3935] cancel_work_sync+0xd1/0xf0 [ 1966.419757][ T3935] smc_clcsock_release+0x5f/0xe0 [ 1966.419772][ T3935] __smc_release+0x5c2/0x880 [ 1966.419795][ T3935] ? __pfx_sock_def_readable+0x10/0x10 [ 1966.419810][ T3935] smc_close_non_accepted+0xda/0x200 [ 1966.419826][ T3935] smc_close_active+0x4ff/0x1070 [ 1966.419842][ T3935] __smc_release+0x634/0x880 [ 1966.419870][ T3935] smc_release+0x1fc/0x620 [ 1966.419892][ T3935] __sock_release+0xb3/0x260 [ 1966.419909][ T3935] ? __pfx_sock_close+0x10/0x10 [ 1966.419926][ T3935] sock_close+0x1c/0x30 [ 1966.419942][ T3935] __fput+0x3ff/0xb40 [ 1966.419959][ T3935] ? _raw_spin_unlock_irq+0x23/0x50 [ 1966.419975][ T3935] task_work_run+0x150/0x240 [ 1966.419995][ T3935] ? __pfx_task_work_run+0x10/0x10 [ 1966.420017][ T3935] exit_to_user_mode_loop+0x100/0x4a0 [ 1966.420036][ T3935] do_syscall_64+0x668/0xf80 [ 1966.420053][ T3935] ? clear_bhb_loop+0x40/0x90 [ 1966.420069][ T3935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1966.420084][ T3935] RIP: 0033:0x7ff001f9c799 [ 1966.420098][ T3935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1966.420113][ T3935] RSP: 002b:00007ffd7834b6c8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1966.420128][ T3935] RAX: 0000000000000000 RBX: 00007ff002217da0 RCX: 00007ff001f9c799 [ 1966.420138][ T3935] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 1966.420146][ T3935] RBP: 00007ff002217da0 R08: 00007ff002216038 R09: 0000000000000000 [ 1966.420156][ T3935] R10: 00000000005cb0b4 R11: 0000000000000246 R12: 00000000001e0114 [ 1966.420165][ T3935] R13: 00007ff00221609c R14: 00000000001dff7d R15: 00007ff002216090 [ 1966.420178][ T3935]