last executing test programs: 13m51.164315264s ago: executing program 3 (id=1104): r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) r2 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3}, 0x6a) sendto$auto(r2, 0x0, 0xc, 0xfffffff8, &(0x7f0000000440)=@tipc=@nameseq={0x1d, 0x1, 0x2, {0x2, 0x0, 0x4}}, 0x36) sendmsg$auto_NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="d8000000", @ANYRES16=r1, @ANYBLOB="08002dbd7000ffdbdf25250000000600360009000000b40006007ba421bc82aa4da621c12c0f76c071171a0ccb752c2fd997de89810d830136723545315f1fb906a55703038a4ac79caf28217535b014f49fe0ae6e97017f04165822a30394ddd141d105000000fef6693e7a105ee1327f38acb03768b8fb0b3cdb69eec4625341db7ba09ab5cd3e345ec1fed825f040a7b6a82d4646640948157630d48e44b65d65a19248ecf9e7ff7080c2793197c8b90ae0ae223a9eb796c54cdc4f5bde3237fc34a39bf64b9380051fbc000100000000bf715a83e4a2e2fb0bf83c04715b5e581c23e6ad2e1490a6d896aa1e11897885582a3f4615ce1c4da7f1f8faaa1d8550b1421b7243cf35c2d51dc6007990177192b9b9c306676f243496ac0d1de39a188e2151addaa5c4d216227813ecb6699ae7cb36744595fabaad88ba7d8f2d76a646f64590cce60385ce7cac8fd48e0afe1441846beaaae719abd7f98f1fe9979c9b20b0444f6461d1bf360b59ec2c3b48ca480b4c9d3be0b8bddbd78f5311f6795685e2cf1d90502a4b82ff3bd903097005a65112c7e0259567c37680e1b0ee71e46ae8215852e454"], 0xd8}, 0x1, 0x0, 0x0, 0x40000884}, 0x40008000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r4, 0x11, 0x65, 0x0, 0x8) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a0000000800", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000800), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_GET(r5, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="01002dbd0000020000000000000000000000000000005919acc8573bd4e7d7fb910b4468c3c2401ed0a5a1e095bf20996f984f334b5dce3a363f3d985e49feb9a7fa048df732071d41803a5ad77d547b5c421a423484369f398fd6be05d106a311033d4a75b32df2369cf2f8fa97de7eb1b9381d8ff2d34b62705831c8404761ce49e78d06ede7bd61031006f816dd1dac052d9c579041704a87b5ca0963eebe02dbfd1a69b1334bc441257900785670a0e57af0edac405f226baf4f3219b2fa8f"], 0x1c}}, 0x20040084) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto_SO_OOBINLINE(r0, 0x6, 0xa, &(0x7f00000001c0)='ovs_meter\x00', &(0x7f0000000280)=0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe$auto(0x0) write$auto(0x1, 0x0, 0x80000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 13m49.653623839s ago: executing program 3 (id=1107): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto(0xffffffffffffffff, 0x5609, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x6, 0x0, 0x800000001, 0x0, 0x7, 0xa505}, 0x4}, 0x2, 0x4048) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5}, 0xa) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mseal$auto(0xff7f, 0x7dda, 0x0) madvise$auto(0x0, 0xd3f9, 0x2) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) bpf$auto(0x1, 0x0, 0xf) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) 13m48.559281604s ago: executing program 3 (id=1110): getsockopt$auto_SO_BPF_EXTENSIONS(0xffffffffffffffff, 0x6, 0x30, &(0x7f0000000000)='+-^-*\x00', 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) sysfs$auto(0x2, 0x1e, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) io_uring_setup$auto(0x6, 0x0) futex_waitv$auto(&(0x7f0000000000)={0x0, 0x7e4, 0x2, 0xf400}, 0x1, 0x0, 0x0, 0x623d) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x0, @multicast2}, 0x6b) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x13}}, 0x54) 13m48.401350872s ago: executing program 3 (id=1111): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2) madvise$auto(0x0, 0x20499d, 0x9) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x100, 0x4000000000df, 0x13, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) r0 = socket(0x2, 0x1, 0x106) connect$auto(r0, 0x0, 0x54) ioprio_set$auto(0x3, 0xffffffffffffffff, 0x4b34) socketpair$auto(0x2, 0x5, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prctl$auto(0x23, 0xc, 0x2008, 0x0, 0x0) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000180), 0x1) syz_clone(0x4100000, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7) socket$nl_generic(0x10, 0x3, 0x10) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x1000000, 0xffffffffffff0006, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) munlock$auto(0xf800000000000000, 0x100) 13m45.890502434s ago: executing program 3 (id=1120): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000100)={{@raw=0xb, 0x3, 0xcf, 0x8, "16a0d89bf208384515b5375a677609aa1bc737276563c3d5a2fca999d5797ab7a10a4d2bc341c4bd369ae535", @raw=0x1}, 0x1, @integer=@value=[0x6d, 0x7, 0x0, 0xbb, 0x4, 0x80000000, 0x1, 0x10001, 0x1, 0x400000000009, 0x40000000c4, 0x9, 0x6, 0x4, 0x3, 0x6, 0x1, 0x3, 0x4, 0x401, 0x6, 0x0, 0xa0, 0x5, 0x2, 0x6, 0x5, 0xa, 0x8, 0x1, 0x8, 0x7f, 0xffffffffffffdb75, 0x100000000, 0x3, 0x7, 0x7fffffffffffffff, 0x1, 0x6, 0x1, 0x71, 0x3, 0x8, 0x2, 0x3, 0x3, 0x2d7, 0x1, 0x1, 0x6, 0x2, 0x800000001, 0x6, 0x7, 0x0, 0x6, 0x4, 0x1ff, 0x40a, 0xd, 0xe62, 0x8, 0x7, 0xffff, 0x50ce0883, 0xbd9, 0x5, 0x2, 0xd8f, 0x80000000, 0x0, 0x7, 0xb, 0xa5cf, 0x8, 0x7, 0xc16b, 0x8000, 0x9, 0x6, 0x8000002, 0x6, 0x1, 0x3, 0x7, 0xfffffffffffff16a, 0x6, 0xffffffffffff0001, 0x100000000, 0x4, 0x8, 0x8d61, 0x2, 0x2000000003, 0xfffffffffffffffe, 0x20007cf9, 0x40, 0x2, 0x7, 0x100, 0x14b, 0x2, 0x45f3, 0x0, 0x0, 0x4, 0x0, 0x8001, 0x0, 0xffffffffffffffff, 0x5, 0xcf4, 0x1, 0x3, 0x0, 0x4, 0x7, 0x6, 0x25e2, 0xc9a, 0xd09, 0x40, 0x2, 0xffffffffffffff00, 0x7, 0x9, 0xfffffffffffffff5, 0x8], "f3fadb90a56b67d92a5b28b4b23f332550b1e5454e2027fb1a37efe81bbc27deaf7c3100aab088cdb3b40dad335c9174f18934845ac3152fef1e0f42b42471efc0225a4ebe7e05ce3d4ab429805d5921633ffbce8f1a82ff9dec6c288f431cb7005b85ca8633c55d49bbdf4bd9cac1046064001bca7ba37e4b5eacf1940c9a78"}) write$auto(0xffffffffffffffff, &(0x7f0000000080)='V\x89Zn\xbd\x93\x8e\x91$\x11\xddM\n\xc292\xb6$\xde|\x85\x83R\xe7*\x9bY\xce\xa9\x10\xf6\x8c|\xfb\xd0x\xd8\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa6f\xa8\xe0RV\x91\xd4\x16\xa9\xafWW\xb1\xf4o\x1d \xc6\xef\x9dB\xce\xde\xac\x97v\\n\x00\xc6L\xa8\x01~\xe9\x8d\xc7\x18\xcc\xed\xfe\xe3\xe6!\x9e\x9d\x04\xe9\xfc', 0xdda) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', &(0x7f00000000c0)=&(0x7f0000000080)='$+[-+\x98%(,\x00', &(0x7f0000000200)=&(0x7f00000001c0)=':,\x00') r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r1 = socket(0x15, 0xa, 0x106) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000600)='/$Vva\x88dio1\x00=;d3d&\xda&_d\"\\\x8a\xe5\r\xaeW\x19\xbc\xa3\xf3\xe8\xcctx!\x12\x01\xccx\x1f\xf1\x1c\xdf\xa4\xa4\xf1\xeb\xbd\x93\n\x86A\xd0\xdb\x03\xe7%\xea\x8d\xbf\vY\xab\xfa\x7f\xb0\x88\xb3\xe2\xc0\xea\x90\xf2\xa5I\x97\x7f\x95~\xf4\f\x86\xa6\xde\x9a\xe2\x95G\xe1f\x9b\xfb\xc08\t\xa9\x10T9\xb7c$\x80\xfb6\xe2\t\x00\x1e\xc1\xa5P0\x8b\xd8l\xd4\f\xa7\xf7~\xf8\xa4\n\xb1d\xd0\xc9\xb5\xedJA\x8a\xc5\x8a:xC\xf2\x9b\xba\x1c\xe2\xb9\x8b\x1a\xd5\x91\xaaYf\xc4\xa4\\\xf9\xda\xce\b\xdc\xa5\x16]\xf5o6$x\xdc\x1fs\x8f\x02%\xaa@a\x88R\xf2\x97\xac@\xc7I\x1a\xaa\xdf,\x88O\xd3\xbe\xaf\xb5\x90\x18\x1a+\xfb\xac?\xa6\xa9P)\xa3\x00'/227, 0x100000a3dd) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f00000002c0), 0x80000, 0x0) ioctl$auto_UBI_IOCATT(r2, 0x40186f40, &(0x7f0000000000)={0xffffffff, 0x1, 0xf7d, 0x70, 0x1, 0x1}) sysfs$auto(0x2, 0xd, 0x0) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0) fsconfig$auto_FSCONFIG_SET_BINARY(r3, 0x2, &(0x7f0000000300)='\v\'\bn\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x1e7\xbb\xedO#\x14mC\x97\x06\xd9bZ\xddL\'\x03\x00\xff\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\xc6\xc0\x8b\xc0CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xed<\x86[c4%\xa3\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6\b\xe5\xaaJ+\x02\x9b#\xa9\x9b\x17\x82\xd7\xee\xd1\xbf2\x03\x00\x00\x00\x00\x00\x00\x00B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\x00\x00\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\xb2\x1d\xb3\xef#\xcb}b\x90\xafR\xf5\x8cg\x95A\x89\x8d\x9a\xfcV\x9bm\xd4\x82\x7f9\x12\x98\x1c\x8e\x1f\xdc\xe5Y\x7f\xe8\xe1g%\xb8\xf9b!\xc8\xa0\xf7\x06\xbb\xdf\x1d\xfb\x00\x979\x8e\xd0AP\xbf\x1fM\x1fd~\xeeS^8v\x80\x1b\xb1I\xb1\xa4\x89\xc7\x9d\xf2P\x04\x99N{\x9a\xfa\xf3\xcb\xc3Bx\xb5\xb8*\xa0-\xda\x84\xc5S\xe2\xc6\x92/\xed\xc2\xceK\xad\x00\x00*)Hh\x8d\x06cQ\xf1\x9d\xad\r}\x15e\x18\x06\xe3\xd2\xe4Q', &(0x7f00000000c0)="9ace9853156d346074829a6a60ebf67c475dd49ef8432151f22c27f4b1213b19bff0738d2582d9", 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x401, 0x0) syz_clone(0x519fe2330e8225a8, 0x0, 0x44, 0x0, 0x0, 0x0) r4 = socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0xa, 0x0) timerfd_create$auto_CLOCK_BOOTTIME(0x7, 0x0) clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xc060ff0b, r4) 13m44.744708953s ago: executing program 3 (id=1124): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) read$auto(r0, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/geneve0/disable_policy\x00', 0x40180, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) write$auto(r1, 0x0, 0x5) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fbdbdf250f00000005002e000000000008000300", @ANYRES32=r5, @ANYBLOB="050005b3ad723800000000000500330009000000140007006e65747063693000000000000000000005002f0000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) bind$auto(0xffffffffffffffff, 0x0, 0x9) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40040) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) mmap$auto(0xfffffffffffffffb, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r6 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r6, 0x29, 0x18, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/vxlan/parameters/udp_port\x00', 0x2400, 0x0) read$auto(r7, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) eventfd2$auto(0x7, 0x9) 13m29.119483741s ago: executing program 32 (id=1124): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) read$auto(r0, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/geneve0/disable_policy\x00', 0x40180, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) write$auto(r1, 0x0, 0x5) r3 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010028bd7000fbdbdf250f00000005002e000000000008000300", @ANYRES32=r5, @ANYBLOB="050005b3ad723800000000000500330009000000140007006e65747063693000000000000000000005002f0000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) bind$auto(0xffffffffffffffff, 0x0, 0x9) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4000}, 0x40040) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) mmap$auto(0xfffffffffffffffb, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r6 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r6, 0x29, 0x18, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/vxlan/parameters/udp_port\x00', 0x2400, 0x0) read$auto(r7, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) eventfd2$auto(0x7, 0x9) 9m30.25177224s ago: executing program 2 (id=1692): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xa, 0x8000) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0xfffffffc, 0x2, 0x0, &(0x7f0000000100)=0xd) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/bdi/43:352/strict_limit\x00', 0x100b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x80000000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) bpf$auto(0x4, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0xffff, 0x84, 0xabf, 0x2, 0x36242398, 0xfffff5ae, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x6819a}, 0x6f3) r3 = socket(0x2, 0x5, 0x0) setsockopt$auto_SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000140)='}]\x00', 0x11) rt_tgsigqueueinfo$auto(0x3, 0x96, 0x3, &(0x7f0000000180)={@siginfo_0_0={0x80000000, 0x7, 0x8000, @_kill={0xffffffffffffffff}}}) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc2}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x2, 0x0) read$auto(r2, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) socket(0x2d, 0x4, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb) ioctl$auto_SOUND_PCM_READ_CHANNELS(r4, 0x80045006, &(0x7f0000000240)) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 9m29.261319207s ago: executing program 2 (id=1687): r0 = socket(0x2, 0x2, 0x1) bpf$auto(0x0, &(0x7f0000000000)=@token_create={0x7, r0}, 0x12) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x81, 0x0) write$auto(r1, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d) socket(0x2c, 0x3, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x1cb602, 0x0) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0xfff, 0xeb2, 0xfffffffffffffffb, 0x8000) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x4000007, 0x9, 0x6, 0x8001}, 0x101) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='./cgroup.net/blkio.bfq.io_queued_recursive\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000140), 0xfffffffffffffe0a) socket(0x2a, 0x80002, 0x77) syslog$auto_SYSLOG_ACTION_READ(0x2, &(0x7f0000000100)='$&[*{,\x00', 0x0) bind$auto(0x3, &(0x7f0000000080)=@isdn={0x22, 0x4, 0x0, 0x3, 0xf4}, 0x6d) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/module/sunrpc/parameters/pool_mode\x00', 0x700a00, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, &(0x7f00000001c0)={0x0, 0x10000000008}, 0x106, 0x0, 0x1, 0x3}, 0x800040}, 0x9ae, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/kernel/tainted\x00', 0xc2381, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/discard_max_bytes\x00', 0x10b142, 0x0) sendfile$auto(r3, r4, 0x0, 0x1000200) read$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) 9m28.781323258s ago: executing program 2 (id=1689): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) read$auto(r0, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/vxlan/parameters/udp_port\x00', 0x2400, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x6500}, 0x3) 9m26.596560217s ago: executing program 2 (id=1696): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/module/l1oip/parameters/ip\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)=""/249, 0xf9) mmap$auto(0x0, 0x402000a, 0xc00000000000, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/conf/netdevsim2/arp_evict_nocarrier\x00', 0x14000, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/card1/pcm0p/sub7/info\x00', 0x141400, 0x0) pread64$auto(r1, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) mmap$auto(0x0, 0x110000001, 0xffffffffffffffff, 0x9b91, 0x2, 0x1) r2 = socketpair$auto(0x10005, 0x6, 0x5, 0x0) r3 = pidfd_open$auto(0x1, 0x4) open_by_handle_at$auto(r3, 0x0, 0x800) r4 = fspick$auto(0xffffffffffffff9c, 0x0, 0x1) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x8000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYRESOCT=r4], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x400c004) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x63d800, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2a6300, 0x0) write$auto_proc_uid_map_operations_base(r2, &(0x7f0000000280)="7ee956c5afcd5fcc96bae78316ffe00d83bcd2d47773ccdfa5b13f0f2256697528934b8693fd1e0b503addcb85e207c6e73003d404dfdceb95ed8c634abe1c104c355d3ad4243297d9f5dc3ffe15d663b939d3198cbe44995acb98736454c0986ae1160d96d3a88defeeb6b400800a4b2f112f547626a581101cb7de0618fefcc7be", 0xaf) mmap$auto(0x0, 0x400008, 0xdf, 0x9b74, 0x47, 0x8000) clone$auto(0x200000020003b42, 0x2, 0x0, 0x0, 0x2) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(0xffffffffffffffff, 0x0, 0x40) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x42a81, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x6, 0x0) clone$auto(0x1, 0x3, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x3) close_range$auto(0x2, 0x8, 0x0) 9m26.284449661s ago: executing program 2 (id=1697): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/module/l1oip/parameters/ip\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)=""/249, 0xf9) mmap$auto(0x0, 0x402000a, 0xc00000000000, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/conf/netdevsim2/arp_evict_nocarrier\x00', 0x14000, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/card1/pcm0p/sub7/info\x00', 0x141400, 0x0) pread64$auto(r1, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) mmap$auto(0x0, 0x110000001, 0xffffffffffffffff, 0x9b91, 0x2, 0x1) r2 = socketpair$auto(0x10005, 0x6, 0x5, 0x0) r3 = pidfd_open$auto(0x1, 0x4) open_by_handle_at$auto(r3, 0x0, 0x800) r4 = fspick$auto(0xffffffffffffff9c, 0x0, 0x1) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x8000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_LOCAL(r5, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYRESOCT=r4], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x400c004) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x63d800, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2a6300, 0x0) write$auto_proc_uid_map_operations_base(r2, &(0x7f0000000280)="7ee956c5afcd5fcc96bae78316ffe00d83bcd2d47773ccdfa5b13f0f2256697528934b8693fd1e0b503addcb85e207c6e73003d404dfdceb95ed8c634abe1c104c355d3ad4243297d9f5dc3ffe15d663b939d3198cbe44995acb98736454c0986ae1160d96d3a88defeeb6b400800a4b2f112f547626a581101cb7de0618fefcc7be", 0xaf) mmap$auto(0x0, 0x400008, 0xdf, 0x9b74, 0x47, 0x8000) clone$auto(0x200000020003b42, 0x2, 0x0, 0x0, 0x2) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(0xffffffffffffffff, 0x0, 0x40) mincore$auto(0x1000, 0x8001, 0x0) fcntl$auto(0x8000000000000001, 0x7, 0x8) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x42a81, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x6, 0x0) clone$auto(0x1, 0x3, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x3) close_range$auto(0x2, 0x8, 0x0) 9m25.986801695s ago: executing program 2 (id=1699): r0 = socket(0x28, 0x5, 0x0) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x40, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1d\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"P\x8a\xbbY8@Z5`\xa2\x9aSVd\x1d\xac\xe8\x90e\x9d\x03tm\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7.\xbe\x01\x98\xd7l\x00\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\xf0\xd9\xc0K\x8b\xa3c\x00'/160, 0xa9) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, r2) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x20000054) mmap$auto(0xfffffffc, 0x4, 0xdf, 0x410, r2, 0x8000) unshare$auto(0x40000080) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4c2080, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20004000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r4, 0x8000) setresgid$auto(0x0, 0x0, 0x0) ioctl$auto_NS_GET_TGID_IN_PIDNS(r1, 0x8004b709, 0x0) shmctl$auto_SHM_STAT(0x1, 0xd, 0x0) ioctl$auto_BLKRRPART(r4, 0x125f, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) lseek$auto(r3, 0x2, 0x40001000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000f9dbdf250100000006000000000000000500070010000000080009000101000008000a000200000014001f00fc020000000000000000000000000001"], 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) madvise$auto(0x0, 0x400053, 0x9) connect$auto(r0, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x56) read$auto(r0, &(0x7f0000000380)='\xe5\xf1,G\xc8\x89\xde\n\xd0r\x85\xbb\xeb\xa7\f\xbd]om\xaf\xba\x89@\x1a@:\xa7\x9e\x9b\xb0\tE\xb6\bdM\"\x17\xdaL\x9a\xdf\xbfQ!B\xad.\x8c\xdc\xc4\xf7\x80r\xf65s\xb8\x1c\xa9\xc5\xa8\xb2\xa1bZ\xa6\xa4\xaf\xb7\xe6\xf0\xf3\xc7\x04y\xc6\xac<\x12a\xa2\x94T(b2\xbd\a\v\x83$_\x18@\xa0\x7fs1\xb9\xc7Y\x96S@\xf8\xaaqE\xe1\x10\xdb\xf0\xc9\x14\xee\xe5\b\xd7\x93\xbeJ\xf4\x87aQ\x1e\xfdn7M\xb7\xe5[\b\x82\x9d\x1f[\x99\xcbu\xcby\xe6\xa0{\xf4\x0fK\xa1\xc88\x15\ac\xf0\x99\r\xb1\xe9\xac=\x8c\xc8\xcb1\xd8\x1f\x00\xdc\\n\x1aQAT\xfb\xb5\x1cv\xd9\x19\x81\"&\xb4\x91)\x06\x0f\x15\xfc\xec\x87\xfb\xacp\xdb:\x88\xf9\xba\xd8\xa8\xe7?k\xf3\vdp\v\xe9\xb7\xd4\v1\xf7\xcd\xa2\v(\xc5\x8b\x84\xe0\x19\x06\x93\xe8\xa2\xf9X\x9e\x05\x86', 0xfffffffffffffffc) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) 9m10.029217918s ago: executing program 33 (id=1699): r0 = socket(0x28, 0x5, 0x0) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x40, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1d\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"P\x8a\xbbY8@Z5`\xa2\x9aSVd\x1d\xac\xe8\x90e\x9d\x03tm\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7.\xbe\x01\x98\xd7l\x00\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\xf0\xd9\xc0K\x8b\xa3c\x00'/160, 0xa9) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, r2) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x20000054) mmap$auto(0xfffffffc, 0x4, 0xdf, 0x410, r2, 0x8000) unshare$auto(0x40000080) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4c2080, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20004000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r4, 0x8000) setresgid$auto(0x0, 0x0, 0x0) ioctl$auto_NS_GET_TGID_IN_PIDNS(r1, 0x8004b709, 0x0) shmctl$auto_SHM_STAT(0x1, 0xd, 0x0) ioctl$auto_BLKRRPART(r4, 0x125f, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) lseek$auto(r3, 0x2, 0x40001000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000f9dbdf250100000006000000000000000500070010000000080009000101000008000a000200000014001f00fc020000000000000000000000000001"], 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) madvise$auto(0x0, 0x400053, 0x9) connect$auto(r0, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x56) read$auto(r0, &(0x7f0000000380)='\xe5\xf1,G\xc8\x89\xde\n\xd0r\x85\xbb\xeb\xa7\f\xbd]om\xaf\xba\x89@\x1a@:\xa7\x9e\x9b\xb0\tE\xb6\bdM\"\x17\xdaL\x9a\xdf\xbfQ!B\xad.\x8c\xdc\xc4\xf7\x80r\xf65s\xb8\x1c\xa9\xc5\xa8\xb2\xa1bZ\xa6\xa4\xaf\xb7\xe6\xf0\xf3\xc7\x04y\xc6\xac<\x12a\xa2\x94T(b2\xbd\a\v\x83$_\x18@\xa0\x7fs1\xb9\xc7Y\x96S@\xf8\xaaqE\xe1\x10\xdb\xf0\xc9\x14\xee\xe5\b\xd7\x93\xbeJ\xf4\x87aQ\x1e\xfdn7M\xb7\xe5[\b\x82\x9d\x1f[\x99\xcbu\xcby\xe6\xa0{\xf4\x0fK\xa1\xc88\x15\ac\xf0\x99\r\xb1\xe9\xac=\x8c\xc8\xcb1\xd8\x1f\x00\xdc\\n\x1aQAT\xfb\xb5\x1cv\xd9\x19\x81\"&\xb4\x91)\x06\x0f\x15\xfc\xec\x87\xfb\xacp\xdb:\x88\xf9\xba\xd8\xa8\xe7?k\xf3\vdp\v\xe9\xb7\xd4\v1\xf7\xcd\xa2\v(\xc5\x8b\x84\xe0\x19\x06\x93\xe8\xa2\xf9X\x9e\x05\x86', 0xfffffffffffffffc) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) 3m4.881710582s ago: executing program 5 (id=2668): rseq$auto(&(0x7f0000000080)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2}, 0x8000, 0xfffffffd, 0x8000009) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) listmount$auto(&(0x7f0000000100)={0x20, @raw, 0xffffffffffffffff, 0x0, 0x3f00}, 0x0, 0xf423c, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000540), 0x20000, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000580)={0x80000006, 0x0, 0xd12b, 0xfffffffd, 0x200a}) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/ip_unprivileged_port_start\x00', 0x80000, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD(r1, 0x19f, &(0x7f0000000000)={@_si_pad}, 0x1) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x4000) 3m4.199327503s ago: executing program 5 (id=2671): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x2) madvise$auto(0x0, 0x20499d, 0x9) r0 = open(0x0, 0x161342, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_register$auto_IORING_REGISTER_MEM_REGION(r0, 0x22, &(0x7f0000000000)="2463668791aa1735ef1349a8503371fcd1766cbd1c143b185e3ec530cd", 0x8) 3m1.580711303s ago: executing program 5 (id=2677): rseq$auto(&(0x7f0000000080)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2}, 0x8000, 0x0, 0x8000006) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) listmount$auto(&(0x7f0000000100)={0x20, @raw, 0xffffffffffffffff, 0x20000000000000}, 0x0, 0xf423c, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x4000) 3m0.9665368s ago: executing program 5 (id=2678): syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000180), 0xffffffffffffffff) fcntl$auto_F_GETOWN(0xffffffffffffffff, 0x9, 0xd) getpid() syz_clone3(0x0, 0x0) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) setsockopt$auto_SO_DEVMEM_DONTNEED(r0, 0x3, 0x50, &(0x7f00000000c0)='IPVS\x00', 0x8001) socket(0xa, 0x3, 0xf2) sendto$auto(0xffffffffffffffff, 0x0, 0x402, 0x436, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x460982, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x7, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlock$auto(0xfbe8, 0x4) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/xfs/xqmstat\x00', 0x18b202, 0x0) syz_clone3(0x0, 0x0) 3m0.609519442s ago: executing program 5 (id=2679): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, r1, 0x8000) (async) getcwd$auto(0x0, 0xffffffffffffffff) (async) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) (async) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x80, 0x0) read$auto(r2, 0x0, 0x20) (async) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async) r4 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, 0x0, 0x1030c1, 0x0) writev$auto(r4, 0x0, 0x5) (async) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe8c2f4fcd31add88, 0x0) (async) r6 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) ioctl$auto(r6, 0x900064b0, 0x2000000000000c38) (async) bind$auto(r5, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0xf42f) (async) mmap$auto(0x0, 0x9, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) (async) r7 = socket(0xa, 0x1, 0x84) getsockopt$auto(r7, 0x84, 0x8, 0x0, &(0x7f0000000000)=0x9b) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)='1', 0x1) 2m59.451238886s ago: executing program 5 (id=2685): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40380, 0x0) pread64$auto(r2, 0x0, 0x10001, 0x2000000000830) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0x104, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0xe5, 0x4, 'nfs\x81\x9b\xb6$\x10\x16\xfb:\xb3\x15Y\x90\xf9\xc0\xc0\x88.!s\x1f\xe9\x1d\'&Hvn\xb1\x88\xbf\x15<\xa6e\xbc\xa1\xfa\xbeG\t*_kW_m\x1b:,\xc6\xa6\xfd\xba\xcd\xbe\xbe=\xc3\xbf\xd3f2!\xc4\x05EA\xac\x04\x83\xf1\x99\xa05\xfb\xf3\xf4?(\x9c\x8b\x9d\xdcV\xc5\x00\tm\xdez\xc9\xdbn\xb1\t\n\xe7\x8cd\xca\xd89\r\x1a@\xe1_\xb1_\xf8\xf3\xb1]\xad\xaf\xd9\xd0\xa8:\xd4<\x8d\xbc\rg[\x1d\x98\xb2r\xac\x83\xf8s\xafh@\x8c\xa7\xcd\xb3+Qy\"\xe8\x8ah,\xca|\xd9\xb3?Ha\xdb\xa3F\nGU&7\x15\x19\xeb\x9b\x9eU\xab\x86\x10\x9d\xaf>\xda(R\xcb\xe6\xf7\x8c\xf8\xb1\xdf\xe4t\xe6\x9f\x81\xb3\xbb\xc3\xbf\x8e\xd9VC\xa7\x03rJ.\xf6L\x94b\xc5\x03\xea\x84u\x92\xc0\xcd\x16\xfb<\x03\x00\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x104}}, 0x4000) openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) 2m45.407278722s ago: executing program 4 (id=2713): mmap$auto(0x5, 0x9, 0xdf, 0x9b73, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r0, 0x0, 0x4) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x4}, 0x5) unshare$auto(0x40000080) 2m44.233903311s ago: executing program 34 (id=2685): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40380, 0x0) pread64$auto(r2, 0x0, 0x10001, 0x2000000000830) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)={0x104, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0xe5, 0x4, 'nfs\x81\x9b\xb6$\x10\x16\xfb:\xb3\x15Y\x90\xf9\xc0\xc0\x88.!s\x1f\xe9\x1d\'&Hvn\xb1\x88\xbf\x15<\xa6e\xbc\xa1\xfa\xbeG\t*_kW_m\x1b:,\xc6\xa6\xfd\xba\xcd\xbe\xbe=\xc3\xbf\xd3f2!\xc4\x05EA\xac\x04\x83\xf1\x99\xa05\xfb\xf3\xf4?(\x9c\x8b\x9d\xdcV\xc5\x00\tm\xdez\xc9\xdbn\xb1\t\n\xe7\x8cd\xca\xd89\r\x1a@\xe1_\xb1_\xf8\xf3\xb1]\xad\xaf\xd9\xd0\xa8:\xd4<\x8d\xbc\rg[\x1d\x98\xb2r\xac\x83\xf8s\xafh@\x8c\xa7\xcd\xb3+Qy\"\xe8\x8ah,\xca|\xd9\xb3?Ha\xdb\xa3F\nGU&7\x15\x19\xeb\x9b\x9eU\xab\x86\x10\x9d\xaf>\xda(R\xcb\xe6\xf7\x8c\xf8\xb1\xdf\xe4t\xe6\x9f\x81\xb3\xbb\xc3\xbf\x8e\xd9VC\xa7\x03rJ.\xf6L\x94b\xc5\x03\xea\x84u\x92\xc0\xcd\x16\xfb<\x03\x00\x00'}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0x104}}, 0x4000) openat$auto_gpiolib_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) 2m43.054895864s ago: executing program 4 (id=2716): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/driver/serial\x00', 0x20000, 0x0) pread64$auto(r0, &(0x7f00000000c0)='\x04\xefr\tbgc/\xd0\xe1\xf7$/tg/,s\b\xf5\xf7\x0f\x03\xd5\xef\xbf\xf6j\xe2\xed\x7f0\b\xff^\xe3th\xd2\x1bA\xba&\xba\xd0\xbb\xca\xb0\xa1\t\x00\x00\r(\xccF\xeeg\n\x00\x00\xa9l\x9cd\xcf\xff\x97=\xf4\xa1\xca\x82j\xf2\x17\t\x00\x00\x00\x00\x01\x00\x000\xf76\xb96\xd1\xb9\xde\xe2\x167\xc5\x94\x00A[B\xd9\x82\xaa\xc5\xfcoB\xfe\'\xfbI\xc9\xcb\xc3\xc1\x1e6~\x81\xb9\x0ff\x8e\xd3\x06\xba;yX\x966\x97#\xfb\x8d!F\xfc\x99\x86\x1d\xbb\xaf(\x92\x887\x01Z\xa7\xe3Y\x17\xd2#\x8aO\xef\r\xfa\xe0\x18IiI\xaek\xa9R\x02N;+@\x12>\'\x1a\xa6i\x93\x8c\x16BO@ \xb5\xd9\xd0\xb6S\xfc\x17\xe4\x8a\x00\x00$\xean\xa1|D\xbbV%\xde\x87\xd1@\x00\x8cM\xfdr\xc9\x86\xbaq\xf5\x9eP\xfcd\xd93\x9f%\r\x80/:\x87\xc3\x1c:;g\x18\xe5\xdeU#\xd2\xa8\x9a\xd8Yeo\xd9\x8f\xea\x12M#\x824\xa7\x95B\xc6\xb0\xf82\xf0Rp\x1b i\xa4p\xa7\xec\t\xc7}_\xd0\x8dy\x9b\xe1\x98\t\x9f\x90\xe4', 0x100003ffd, 0x6) 2m42.355779942s ago: executing program 4 (id=2718): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x10004010) rt_sigqueueinfo$auto(0x0, 0xffff7b6f, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x1, @_sigpoll={0xd}}}) (async) r0 = socket(0x11, 0xa, 0x9) pwrite64$auto(0xc8, &(0x7f0000000200)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\x00^\x0fo\x97\xfc\x89\v\xea\xc2\x95\xafQ;C>\x15L\x90\xad\xa4\x1648W\t\x00\x00\x001\x00\x00\x00@X\xb9_\xdd\xa6\xa2E\xd8?\'\x8dg\x81h*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&%`_[\xde\x7f\xde8\xf7\xc1\x94\xf2\xc1\"\xact\xee\xc9\x00\x00\x00\x00\x00\x00\x00\x00\xee\xa9\x0eX\x01\xa3g\xba\x9cc\x90\xe3\xae\xa9\xde\x00\x00\x00B\xb4\xf2&\x00\xe2\xead\xd0\"\x16\x84v\n\xcdN\xb6\xa4\xe0\xb7e\x97 ?\xb5\xa1E=t\x96\xbd\xfd\xc5\xebn\xb7\n\xc2\xbc\xa2\xa8\x04#\x84\xa7R|\xed\x8f\x03\x01\x10wLT\vay\x12\xb63\x9e\a\x8e\xbd\x18y<\xb3\v\x14\x82\x97&\xfcm\x86\x10o\xdc\xf3x\xfd\x06\x87t\xb9$\x94,f\x9b0\xcd\xd3\r\xb1e\'\x19\xc1\xe7>*\xad\xa5+\xa8\x1c\x88\xa1\x0e[\x99\xb6LKZ\x9e\r\xd0r\xe2Ct\xc1\x99\x1b/\xc5P.aUdq\x97\x94\xb9\xa8qU\xae*g\x86\xc9\xa4\xe7\n\vh-v\"o.\xbf6\x13\tFK\x8e\xc6&&\x13\x81\x00\x8c7PS\x9c\xa3\xfb\x1d\xa9\x98\xd47\n\xa7\xd1\x10\xb3i\xd2\xa8\x18f\xb3K\x9b\x9b\x8c\xe8\x84\xa3,5-\xd6\xae\xbd\x1d\xf2o\x99\x02\x1azw9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\bl\x042\x935\x9e\xeeH\x87\xda\x10\x8f^1\x89L`\xf4[\x06\xf6\xc7\xd0#\xdb\xb1\\\xc3\xb1\xb8\xe8\xde2\xbb\xf8I\x9c\x17KI\x8c\f\x1d\xaa\xa0\xdb\xc7\x9e\x81\x90CTe\xfa\x8dq&\x17\x908\xc9T\xffm\x930\x1d\x91\xf8|t\xfd\x18\xd5\xb0\xcbH\xa7\xb6T\n\x11%\xba\x16o\r\xf6\x90k\xfb\a\xa1\x15\x0e\xe1\xce0Q\xd0\x00\xc1\x1a\x1f\xaa8\xfbo)rtYK\"c\xe2c\xbeM\x9bT\x05\xf3\xccC\x8c\x00\xdf\x8c\x1b+\xca\x80', 0x84, 0xe83) (async) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x35}, 0x5, 0x0, 0x5, 0xe}, 0x5}, 0x2, 0x100) (async) socket(0x10, 0x2, 0x14) (async) sendmsg$auto_CGROUPSTATS_CMD_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="250025bd7000fedbdf2504000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x400c9d0}, 0x4080) (async) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="7201000032b32c9c233859beae15823f7a61cf84e875facfbe27c7016e6d7588b0b3b4a11f8885ec85fd6ec5f8cac71da0c44783ef3b2146e29df008566532b179f897a8821e2ba2fbba9ee694d15d4fb0cda577e9de52117a411cd9db9d92c873505b52f45f883c9ed95e00f6c97ec52faa7dcb3a13ae8a4c79637aadbeb51a1494141dfd26beaa2e6262ec8cc0dd6ba689653ad6af4c3a878fe0035e627afbb54500934c728f3e80030aa65a9b4f738f4dd64f88af56db53acc3a298b29bd7c6e872d4a980d08004"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2m41.551061926s ago: executing program 4 (id=2721): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/route/flush\x00', 0x80401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) settimeofday$auto(&(0x7f0000000080)={0x7fffffff, 0x5}, 0x0) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) select$auto(0xfffffffb, &(0x7f0000000340)={[0x6, 0xd, 0x800, 0x6, 0x965, 0x0, 0x5, 0x6, 0xffffffffffffffff, 0x100, 0x0, 0xd7, 0xffffffffffffffff, 0xffffffffffffffff, 0x100000000, 0x1000]}, &(0x7f00000003c0)={[0x0, 0x1, 0x100000000, 0xd, 0x3, 0xffffffffffff21b6, 0x80, 0x7f, 0x1, 0x2, 0x1, 0x1, 0xc5, 0x0, 0x10, 0x6]}, &(0x7f0000000440)={[0x7, 0x8, 0xc, 0x7, 0xfffffffffffff5cf, 0x1, 0xfffffffffffffffe, 0x1, 0x6, 0xffffffff, 0x6, 0x5, 0x66c7, 0xe8bb, 0x7, 0x6]}, &(0x7f00000004c0)={0x10, 0x100000001}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socketpair$auto(0x10001, 0x6, 0x9, &(0x7f0000000300)=0x9) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd700002dcdf2503000000040008000400080014000180100010800c000b00080001"], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000280)={&(0x7f0000000540)={0x94, r4, 0x8, 0x4070bd2c, 0x25dfdffd, {}, [@NL80211_ATTR_PEER_AID={0x6, 0xb5, 0xb}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6}, @NL80211_ATTR_SUPPORTED_SELECTORS={0x52, 0x14e, "6213a7daf4d3a630a49398683fb8f8a4b520ccb8b9b30b39fb6c22d478d10632f3022470a4fdffa3c50858a9c11ef1f000cfb68f793d5a62d7400e72bbeef1d9955854de1afaa5ea1bb411b1280b"}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x1a, 0x13, "e01d9d389fdd5451686651a9e8132d66e4ad537271a8"}]}, 0x94}, 0x1, 0x0, 0x0, 0x2040040}, 0x20008095) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000500), r2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) r5 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x110) r6 = fcntl$auto(r5, 0xb, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r6, 0x40087543, &(0x7f00000001c0)={0xffffffff, 0x0, [{r5, 0x0, 0x7fff, 0x2}, {r0, 0x0, 0x1000000, 0xffff}, {0xffffffffffffffff, 0x0, 0x7fffffffffffffff, 0xd}, {0xffffffffffffffff, 0x0, 0x400, 0x1}, {r3, 0x0, 0x3, 0x7}, {r2, 0x0, 0x7ff, 0x7}]}) ioctl$auto_SOUND_MIXER_READ_RECMASK2(r7, 0x80044dfd, &(0x7f0000000600)="63e0a2fcd97f278f54b1aab907beb3603d473e2a86b703d90aa3ef5890abbc5a894235535edb9eb5ee4dbb1393f4cec3bc42dc833125a82844be2abf4823002a306a4cfdd120bbb4efcc7c4214e3f2f8a5aafbb029e43a32710f1245a2b7020659b58c7478c63188fbc522fd834ab813a2f11596591718c6898693e20a5e523fe40b695e7e4e772dec0cc29a67af88dd6c724335f654b47453effad880d6b796cd4698c134a5b6f83efe6fb1ffcc9e9026ae4b06cb82abbc4fcc92994ba0bddb3255fdb065599c41f7e969597c97542ac5e3dadf2b83e374") openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3) madvise$auto(0x0, 0xffffffffffff0005, 0x19) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) msync$auto(0x100000000, 0x0, 0x3) 2m37.310474627s ago: executing program 4 (id=2728): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0xa, 0x2, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x204101, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) mmap$auto(0xfd01000000000000, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6b) io_uring_setup$auto(0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000000)='/dev/loop6\x00', 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fuse\x00', 0x501, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) ioctl$auto_FUSE_DEV_IOC_CLONE(r3, 0x8004e500, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x20008800) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000006c0)={{0x0, 0x101, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x2, 0x0, 0x5, 0x1}, 0x5}, 0xd, 0x100) close_range$auto(0x2, 0x8, 0x0) fanotify_init$auto(0x65, 0x2) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) 2m35.24559808s ago: executing program 4 (id=2732): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) preadv$auto(r0, &(0x7f00000002c0)={0x0, 0x8010000}, 0x5, 0xfb, 0x8100000001) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000a00), 0xffffffffffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/acpi/parameters/ec_event_clearing\x00', 0x129882, 0x0) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x111080, 0x0) mmap$auto_vmwgfx_driver_fops_vmwgfx_drv(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x6, 0x40010, r4, 0x2) sendfile$auto(r3, r3, 0x0, 0x8) sendmsg$auto_NFSD_CMD_LISTENER_GET(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a40)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0xe00000000000000, 0x0, 0xc800}, 0x20004080) 2m20.037714038s ago: executing program 35 (id=2732): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) preadv$auto(r0, &(0x7f00000002c0)={0x0, 0x8010000}, 0x5, 0xfb, 0x8100000001) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000a00), 0xffffffffffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/acpi/parameters/ec_event_clearing\x00', 0x129882, 0x0) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x111080, 0x0) mmap$auto_vmwgfx_driver_fops_vmwgfx_drv(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0x6, 0x40010, r4, 0x2) sendfile$auto(r3, r3, 0x0, 0x8) sendmsg$auto_NFSD_CMD_LISTENER_GET(r1, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000a40)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0xe00000000000000, 0x0, 0xc800}, 0x20004080) 10.429250653s ago: executing program 6 (id=3077): openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000080)='/proc/cpuinfo\x00', 0x682, 0x0) socket$nl_generic(0x10, 0x3, 0x10) preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x10) 10.23236819s ago: executing program 6 (id=3078): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) newfstatat$auto(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x5) openat$auto_ecryptfs_dir_fops_ecryptfs_kernel(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x40, 0x0) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/usbmon28\x00', 0xa0000, 0x0) ioctl$auto_MON_IOCQ_URB_LEN(r0, 0x9201, 0x0) capget$auto(0x0, 0xfffffffffffffffe) unshare$auto(0x40000080) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0) write$auto(r1, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x17) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001540)={'netdevsim0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'pimreg1\x00'}) sendmsg$auto_ETHTOOL_MSG_TSCONFIG_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4004000) ioctl$auto_XFS_IOC_ERROR_CLEARALL(0xffffffffffffffff, 0x40085875, &(0x7f0000000240)={0xffffffffffffffff, 0x7ff}) mmap$auto(0x0, 0x400008, 0xdf, 0x14, 0x2, 0x8000) r2 = socket(0x2, 0x1, 0x106) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 6.995891094s ago: executing program 1 (id=3090): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendto$auto(0x3, 0x0, 0x7, 0x101, 0x0, 0x6) sendmsg$auto_NL80211_CMD_STOP_NAN(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)={0x14, 0x0, 0x100, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x1100, 0x8010}, 0x841) 6.79690531s ago: executing program 0 (id=3091): write$auto(0x3, 0x0, 0xdfd5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x16, &(0x7f0000000040), 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) getrandom$auto(0x0, 0xa, 0x3) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) ioctl$auto(r0, 0x4b67, 0x1) 6.346203514s ago: executing program 1 (id=3092): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/devices/system/cpu/vulnerabilities/spectre_v2\x00', 0x40780, 0x0) read$auto(r0, 0x0, 0x400006) r1 = pidfd_open$auto(0x1, 0x0) setns(r1, 0x60020000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x24044010}, 0xc0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x2003}}, 0x0) sysfs$auto(0x2, 0x1f, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0xffffb89f, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x101d0, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY_NETNS(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8881}, 0x40) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/loop1/queue/discard_max_bytes\x00', 0x808882, 0x0) mmap$auto(0x40000000000000, 0xe983, 0xf, 0x11, r3, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_none\x00', 0x183042, 0x0) read$auto(r5, 0x0, 0x9) write$auto(r4, 0x0, 0xfdef) getsockopt$auto_SO_DOMAIN(r4, 0x2000, 0x27, &(0x7f0000000080)='/dev/ttyq2\x00', &(0x7f0000000140)=0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r6 = socket(0x23, 0x80805, 0x0) getsockopt$auto(r6, 0x40000000113, 0x9, 0xfffffffffffffffc, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyq2\x00', 0x149d03, 0x0) 6.024356824s ago: executing program 6 (id=3094): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/driver/serial\x00', 0x20000, 0x0) pread64$auto(r0, &(0x7f00000000c0)='\x04\xefr\tbgc/\xd0\xe1\xf7$/tg/,s\b\xf5\xf7\x0f\x03\xd5\xef\xbf\xf6j\xe2\xed\x7f0\b\xff^\xe3th\xd2\x1bA\xba&\xba\xd0\xbb\xca\xb0\xa1\t\x00\x00\r(\xccF\xeeg\n\x00\x00\xa9l\x9cd\xcf\xff\x97=\xf4\xa1\xca\x82j\xf2\x17\t\x00\x00\x00\x00\x00\x00\x050\xf76\xb96\xd1\xb9\xde\xe2\x167\xc5\x94\x00A[B\xd9\x82\xaa\xc5\xfcoB\xfe\'\xfbI\xc9\xcb\xc3\xc1\x1e6~\x81\xb9\x0ff\x8e\xd3\x06\xba;yX\x966\x97#\xfb\x8d!F\xfc\x99\x86\x1d\xbb\xaf(\x92\x887\x01Z\xa7\xe3Y\x17\xd2#\x8aO\xef\r\xfa\xe0\x18IiI\xaek\xa9R\x02N;+@\x12>\'\x1a\xa6i\x93\x8c\x16BO@ \xb5\xd9\xd0\xb6S\xfc\x17\xe4\x8a\x00\x00$\xean\xa1|D\xbbV%\xde\x87\xd1@\x00\x8cM\xfdr\xc9\x86\xbaq\xf5\x9eP\xfcd\xd93\x9f%\r\x80/:\x87\xc3\x1c:;g\x18\xe5\xdeU#\xd2\xa8\x9a\xd8Yeo\xd9\x8f\xea\x12M#\x824\xa7\x95B\xc6\xb0\xf82\xf0Rp\x1b i\xa4p\xa7\xec\t\xc7}_\xd0\x8dy\x9b\xe1\x98\t\x9f\x90\xe4', 0x100003ffd, 0x6) 5.907240043s ago: executing program 7 (id=3095): prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x6, 0x8001, 0x8, 0x9) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x3ff, 0x7, 0x0, 0x1) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x5c8, 0x9, 0xffffffff, 0x1) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x3, 0x3, 0x401, 0x7fffffffffffffff) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x0, 0x0, 0x7fff, 0x3) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x5, 0x5, 0x8, 0x6) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0xb7, 0x278, 0xff, 0x95) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0xfffffffffffffff8, 0x6, 0x4, 0x73) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x9, 0x200, 0x9, 0x3b6) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0xfffffffffffffff7, 0x1, 0x6, 0x10000) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x1, 0x4, 0x4, 0x9) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x7, 0xf65, 0x3, 0x10001) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x6, 0xf81, 0x8, 0x10) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x0, 0x100000000, 0xfffffffffffffffb, 0x6) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x7, 0xffffffff7fffffff, 0x6, 0x3) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x1, 0x8d, 0xdc6, 0x8) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x6, 0x4, 0x56b, 0x7) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x6, 0x9bb, 0x5, 0xebe) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0xa, 0x200, 0x3a6d, 0x8) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x2, 0x0, 0x0, 0x8e) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x1, 0xa09, 0x100000000, 0xf) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x81, 0x3, 0x4, 0xffffffff) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x1, 0x4, 0x6, 0xfffffffffffffffa) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x7, 0x3, 0x0, 0x2) r0 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy16/hwsim/ps\x00', 0xa00, 0x0) read$auto_hwsim_fops_ps_(r0, &(0x7f0000000040)=""/78, 0x4e) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x1, 0x3, 0x6, 0x879a) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x7fff, 0x1, 0x1, 0x401) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x100000000, 0xb, 0x6e, 0x1) prctl$auto_PR_SET_MEMORY_MERGE(0x43, 0x2, 0x0, 0xa06, 0xc0b) 5.736087606s ago: executing program 6 (id=3096): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/controlC2\x00', 0x141000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_CARD_INFO(r2, 0x81785501, &(0x7f00000004c0)={0x937, 0x0, "bf8476b8309a34743b6326913a54a2aa", "78e15863b201874dae0900", "6f19188afbfe9dc537060f5cf32260030f97fb6b566f420775e5f39c3ebe1d58", "ee646e9852568b2ba92326520511725385f3abff35c331416dc542f7debafc83ef74d2b9c2f05ed2d4290b23559a69817b5adb3e5dd7a32b57976091946b3bcdc17ddb00", "fdd1d13b2b145f86eeb5386bc206f9ad", "eab6f9b2ea024fdcb7bf9601f213bce57f3c6700ee955a819133996b2bcd25f9d509b8c9505f9223b7ff59e6252def464e40c8f07950a595a715894d2a791476da814b008e0a2c4cd0f06f1ad81a426c", "eaa93dcbd7cee2e8ee642d0075e9c612a0311c2b2cb983bfb79953eae69c8f3020bd8e77e844b457825b5b50de9bf1242fa2d304af08c8e63d3fac93c3732283391a5ee998bedf02b170c1d45b5b611e4123be0d24eb9f0438686b1245f88b980d2250887cdfca6f2d113961151732ead75d66b2ccaf0689aaadeed4de5ef933"}) write$auto(r1, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x6, 0x4000000000df, 0x40eb1, r1, 0x9) write$auto(0xffffffffffffffff, &(0x7f00000001c0)='\x00\xb6\xc6\xa4\xcd\xb9$\x1bI\x00\x00\xca\xd6+\xe5\xcc{\x7f\xceOj<\x10\x00\x00\x00\x00\x00\x00\x00\x00', 0x62) r3 = socket(0xa, 0x1, 0x8) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, r3, 0x40000008000) socket(0x29, 0x3, 0x1) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) close_range$auto(r0, 0xffffffffffffffff, 0x4) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x23, &(0x7f0000000080), 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = ioctl$auto_SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f00000000c0)=0x8) close_range$auto(r5, r2, 0x2) mmap$auto(0x3143, 0x20009, 0x8, 0x7ff, r0, 0x8003) socket$nl_generic(0x10, 0x3, 0x10) r6 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r6, 0x0, 0x3fc) clone$auto(0x101000020003b49, 0x80000000002, 0x0, 0x0, 0x10001) r7 = socket$nl_generic(0x10, 0x3, 0x10) landlock_add_rule$auto(r7, 0x1, 0x0, 0x0) landlock_restrict_self$auto(r4, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0xffffffffffffffff) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/hugepages/hugepages-2048kB/surplus_hugepages\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r8, &(0x7f0000001100)=""/4105, 0x1009) 5.698284985s ago: executing program 7 (id=3097): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}}) io_uring_enter$auto(r1, 0x9, 0x820e, 0x6, 0x0, 0x18) ioctl$auto_EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0x0, r0, 0x2, 0x2, 0x1, 0x2}) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) r4 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) ioctl$auto_RNDGETENTCNT(r2, 0x80045200, &(0x7f0000000240)=0x5) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), r4) sendmsg$auto_NL80211_CMD_SET_STATION(r0, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x110000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x5c, r5, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_PREV_BSSID={0x27, 0x4f, "83525630bf34d4ac4064fc0816a384d376b2f1a1684ff38f52c034365a9c41d7f939ee"}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x8}, @NL80211_ATTR_AP_SETTINGS_FLAGS={0x8, 0x135, 0x3}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}, @NL80211_ATTR_KEY_IDX={0x5, 0x8, 0x4}]}, 0x5c}, 0x1, 0x0, 0x0, 0x8000}, 0x40080c0) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) getsockopt$auto_SO_RCVMARK(r3, 0x0, 0x4b, &(0x7f0000000000)='}\'.^\x00', 0x0) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mlockall$auto(0x7) migrate_pages$auto(0x0, 0xa, &(0x7f0000000000)=0x5, &(0x7f0000000140)=0x2) r6 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtd0\x00', 0x20000, 0x0) ioctl$auto_ECCGETSTATS(r6, 0x80104d12, &(0x7f0000000100)={0x8001, 0x8, 0x7ff, 0x4}) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 5.534868198s ago: executing program 0 (id=3098): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) preadv$auto(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f00000001c0)="522e68880b66e736e04b92f674ada7760ea80e37bb469357500e017f29e7eb2c5ebfee7548efd523ae6199e3f6caa510b91366e1748c71e2d79dbbb4e58f96d122c3685ce6b3fda30b6a3d7de0adf1b3094034bd55236900b4729261d5600a6434b9ba8948be7ac19251ce944fc54c9f7ac11b4e82d8291daf1f9f58cd41df5c0530fbcfcb3b56df2bf719c93f18577a1173804afe51a9d1dcac", 0xff}, 0x5, 0x0, 0x4) socket(0x2, 0x1, 0x106) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) ioctl$auto(0xffffffffffffffff, 0x4008550d, 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) r1 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000bc0)='/sys/kernel/tracing/dynamic_events\x00', 0x1, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r1, &(0x7f0000000000)=' ', 0x1) write$auto(r0, &(0x7f0000000000)='3\xc7\xff\xff\xff\xdd\x00\b(Ks\x0f\x87|P\x11\xd1li0\x89\x85\x90QM\xd6wfF\xf1x\xb3;c\tP\x03\x84\x97\x99\x83\x97\x81:\xf3\xa3o5\xc5\x86\xed\xa4\x18]\xa3\xc9\x0f\xff\xdak\xb0m\xe1U\xb3\xa2\xee\xdcTJQO\x98\xc8w\x8c\xe7\x00\x00\x00\x1dj\x1e\xebQT\xdd\x9b\x00\xff\xdd\x00'/101, 0x9) r2 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) writev$auto(r2, &(0x7f0000000300)={0x0, 0x10001}, 0xc) 5.242228439s ago: executing program 6 (id=3099): unshare$auto(0x800000000000009) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x22, 0x2, 0x1) fstat$auto(r1, 0x0) r2 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) ioctl$auto(r2, 0x3b87, 0x38) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r3 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00\'', @ANYRESHEX], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xfff0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa504}, 0x800}, 0x8, 0x0) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYBLOB="14010400", @ANYRES16=r3, @ANYBLOB="010031bd7000fddbdf250c000000"], 0x14}}, 0x24048084) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x1, 0x0) semctl$auto(0x7, 0x2, 0x13, 0x5) r4 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x40, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x2584, 0x0) ioctl$auto(0x3, 0x40045542, r4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) 5.144363959s ago: executing program 1 (id=3100): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1b0026bd7000fddbdf2503000000040008001400038010000c800c00058008000600", @ANYRES32=0x0, @ANYBLOB="12000100898771f1c19f17790481008286dd0000040002"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0xc800) 4.52098831s ago: executing program 1 (id=3101): syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x80000, 0x3b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sync_file_range$auto(0xffffffffffffffff, 0x1, 0xa31e, 0x7) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) timer_create$auto(0x80000006, 0x0, 0x0) r1 = socket(0x15, 0x5, 0x0) getsockopt$auto(r1, 0x114, 0x2713, 0xfffffffffffffffc, 0x0) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0x100082) r2 = socket(0x1a, 0x801, 0x7ff) bind$auto(0x3, 0x0, 0x6a) getsockopt$auto(r2, 0x6, 0x2, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000002dc0)='/dev/adsp1\x00', 0x2401, 0x0) mmap$auto(0xfe, 0x1, 0xfffffffffffffffd, 0x800000012, 0xffffffffffffffff, 0x4000800008003) sysfs$auto(0x2, 0x23, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=ANY=[@ANYRES16=0x0, @ANYRES16, @ANYBLOB="010527bd7000fbdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="1800"], 0x34}, 0x1, 0x0, 0x0, 0x4028811}, 0x4080) ioctl$auto(0x3, 0x541b, 0x10000000000402) sendmsg$auto_L2TP_CMD_TUNNEL_DELETE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1400", @ANYRES16=0x0, @ANYBLOB="210028b6b600fedbdf250200000018b61f4df9bd4693fdc0480c60fa0f308cc215ec742f20e82944f2b89319327d7c868b996cba469942fb842952c61f9e5d9eb3a3224a2b06407ed7b43be0636e395b14d50000"], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x40010) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1e"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) signalfd4$auto(r0, 0x0, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyze\x00', 0x200000, 0x0) r3 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000200)='/dev/mixer2\x00', 0x1, 0x0) ioctl$auto_SOUND_MIXER_READ_RECSRC(r3, 0x80044dff, &(0x7f0000000480)="1018106d0ad733953eb3d2edf59f372d272bcaef78e8e9415452669fab5bd85fb87c25bedb5312ccf74ab3fd4c8a896a311efe1fe13042ea77f8c39b5850f5f7784bc87dcb84485aa8e337cd8a1536ebfb57594721ce52ee7a1abdc58dc755568490") read$auto_l2cap_debugfs_fops_(0xffffffffffffffff, &(0x7f0000000240)=""/177, 0xb1) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) 4.434557472s ago: executing program 0 (id=3102): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, 0x0, 0x0) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x400000000000004}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x9}]}, 0x30}, 0x1, 0xffffffffffffffe4, 0x0, 0x40080}, 0x20040000) 4.268593257s ago: executing program 7 (id=3103): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0) setresuid$auto(0x0, 0x0, 0x0) ioctl$auto_BLKALIGNOFF(r0, 0x127a, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x579981, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mtd/mtd0/bitflip_threshold\x00', 0x2062, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf250a000000100003800c0001000180000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x0) r5 = syz_clone(0x20000000, &(0x7f00000001c0), 0x0, &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300)="2918758169251555183442853a27ba37074b62633f338d1a7b74c6ff4c91676d9a5e0078ab1db0f30dc404f23fd5820a80ed88704e31ac2c5f3169cb36f22141f45b35a2e04fe71bc918ec46671bf5d28d8d26ce4970c811a8b669c7011c3e9ff8b2109640c07450f5b7b624fde03bb975adc229120a3b8750efcf8a90044854f04b55f429540f9fc390d24df293299b9c4395aed65212fdd9a1597ffcfaf9b3008f77bcc5a593486eb61127560aa974af592514e14d7d") r6 = waitid$auto_P_PID(0x1, 0xffffffffffffffff, &(0x7f00000003c0)={@_si_pad}, 0x1ecc, &(0x7f0000000440)={{0xffffffff, 0x2}, {0x7, 0x19}, 0x9, 0x80000000, 0x4, 0x5, 0x8000000000000001, 0x6, 0x6, 0x0, 0x9, 0x0, 0x0, 0x1000, 0x0, 0x4}) set_tid_address$auto(&(0x7f0000000500)=0x5) r7 = getpgid$auto(0x0) r8 = socket(0x2, 0x801, 0x106) setsockopt$auto(r8, 0x6, 0x12, 0x0, 0xa1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x6, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) connect$auto(0x3, 0x0, 0x0) sendmsg$auto_IPVS_CMD_SET_SERVICE(r2, &(0x7f0000000ac0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000a80)={&(0x7f0000000540)=ANY=[@ANYBLOB="3405", @ANYRES16=r4, @ANYBLOB="000226bd7000fbdbdf25020000000800050007000000080006000300000008000400050000001001028075ff83876574dcf7444c53b88992e69a471bfa58053dc94ad66d0953fb1b9cb401c147df5f31671dfc0f9284424129a2c5ce70c649ade9aae6d814619bf71bbd80efe680cd9bc3e7aa59478b4e3e4d0ce05691deebfebdb666888d6f5549d48d92470028f2ccb239e0e683f1107459a18b09a092829949129087a8c782cb94fd36de9315f583a56ceee0e6023fa204fdb92ada8640c18311479406aa31ba39687f786747f4eaef95", @ANYRES32=0x0, @ANYBLOB="19e833e93fdf0b102a18ee6b8436634483ed5729eb26e2267dcf5d3a2eaf51db79c25d370c37cf662d480e08f268f1743cd215589548d9cb71", @ANYRES32=r5, @ANYBLOB="1800fd80040086807290395bf5dd39680400b5800400098021011a800400", @ANYRES32=r6, @ANYRES32=r2, @ANYBLOB="490f786928777dc08e0861d26a194926ce9dc2c2fcb0dd40666bd041f1c1ee6c8800c408008000", @ANYRES16=r2, @ANYRES32=r7, @ANYBLOB="000000ee968d5052b0e0f2196c460f01434708245537f143dc4384af9837fea50bf521c579ff834a5ed1c1e6034df0f5bacbd53be3ce3c3e11151e7e046f1a20b063f556dd605058895c42c61f7cbddbc10b242a5a738ed4925f36651c46e50a10e3065cbfd14c6d680882eea21f09c1fb05e49ebea60fe074be9ff53f2371db538e3b904d4125447b2ec296620ad6f05699789cb40d0d191f5745629ab3ad228cd7c17833cf5fff08fc5fab07e2e8c6e2b0b24eb518001c8014003300ff020000000000000000000000000001d30156801117bdf4445113f39c791ee0c0df9a945c9704ed3564100ded9310d0e1a1a308201c5d5c4bc90e929324ef82db20fbf98ece5e1da4786fc3109cd2a18337ac61083404e8c4cb2dd63f3070ed5802c193b26b8ba4d7730df46f8326578d73f47f26bc6834abab5d54c6281e65f411ce93de1aed2b9ab2"], 0x534}, 0x1, 0x0, 0x0, 0x28014044}, 0x4004041) r9 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x8203, 0x0) ioctl$auto(r9, 0x80046f45, 0x38) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) r10 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r10, &(0x7f0000000100)="0a1b9a3c3e3e006e163bb154d7", 0xd) 4.003821879s ago: executing program 0 (id=3104): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x400000000000004}]}, 0x24}, 0x1, 0xfdffffff, 0x0, 0x40080}, 0x20040000) (fail_nth: 1) 2.749818953s ago: executing program 7 (id=3105): write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x3, 0x202000a, 0x10000000fffffffc, 0xdc, 0xfffffffffffffffa, 0x5) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048084) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r2, &(0x7f0000000200)='\x03W\x96l\x15\x0f\xeb\x00\x0eX\x00\x00\x00\a\x00\x00\x00\x05\x00\x00\x00 \x00', 0x100000002, 0x100000001) mq_notify$auto(0xffffffffffffffff, &(0x7f0000000180)={@sival_ptr=0x0, @inferred, 0x0, @_sigev_thread={0x0, 0x0}}) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto(0x3, 0x0, 0x5c8) ioctl$auto_BLKTRACESETUP32(r1, 0xc0401273, &(0x7f00000002c0)={"a49d980a059fa15ab42d150000000000000007002a7e12417113edfa3556973a", 0xb, 0x7, 0x90c, 0x9, 0xffe, 0x0}) kcmp$auto_KCMP_SIGHAND(0xffffffffffffffff, r4, 0x4, 0x9, 0x5) 1.999453302s ago: executing program 0 (id=3106): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendto$auto(0x3, 0x0, 0x7, 0x101, 0x0, 0x6) sendmsg$auto_NL80211_CMD_STOP_NAN(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)={0x14, 0x0, 0x100, 0x70bd26, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x1400, 0x8010}, 0x841) 1.7286227s ago: executing program 0 (id=3107): mlock$auto(0xfff, 0xde7f) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x5ea01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x1ff, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x1, 0x0) ioctl$auto_EVIOCGKEYCODE(r0, 0x80084504, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000003400), 0x582, 0x0) read$auto_check_wx_fops_(r1, &(0x7f0000000000)=""/113, 0x71) shmctl$auto_SHM_STAT(0x6, 0xd, 0x0) fchown$auto(0xffffffffffffffff, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x12, 0x0, 0x4) madvise$auto(0x0, 0x400053, 0x9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x6, 0x0) 1.173714849s ago: executing program 6 (id=3108): rseq$auto(&(0x7f0000000080)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2}, 0x8000, 0x0, 0x8000006) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) listmount$auto(&(0x7f0000000100)={0x20, @raw, 0xffffffffffffffff, 0x0, 0xe0117a00}, 0x0, 0xf423c, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x4000) 627.401156ms ago: executing program 1 (id=3109): mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001140)='/proc/sys/net/ipv6/conf/wg1/drop_unicast_in_l2_multicast\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x20002, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) fremovexattr$auto(0xffffffffffffffff, 0x0) acct$auto(0x0) mmap$auto(0xfffffffffffffffd, 0x2020006, 0x800000, 0x17, r0, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/scsi/drivers/st/fixed_buffer_size\x00', 0x40, 0x0) pread64$auto(r2, 0x0, 0x2, 0x3) read$auto_v4l2_fops_v4l2_dev(0xffffffffffffffff, 0x0, 0x0) read$auto(r0, 0x0, 0x84) r3 = openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2401, 0x0) r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r4, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x3, 0x7, 0x9}) write$auto(r3, 0x0, 0x40) 525.714876ms ago: executing program 7 (id=3110): rseq$auto(&(0x7f0000000080)={0xe, 0x401, 0x0, 0x806, 0xffffffff, 0x2}, 0x8000, 0xfffffffd, 0x8000009) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) listmount$auto(&(0x7f0000000100)={0x20, @raw, 0xffffffffffffffff}, 0x0, 0xf423c, 0x7a11e0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000540), 0x20000, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000580)={0x80000006, 0x0, 0xd12b, 0xfffffffd, 0x200a}) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/ip_unprivileged_port_start\x00', 0x80000, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD(r1, 0x19f, &(0x7f0000000000)={@_si_pad}, 0x1) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0x4000) 21.903562ms ago: executing program 7 (id=3111): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x4004550c, r0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) mlock$auto(0xfbea, 0x7fffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) madvise$auto(0x0, 0x22, 0xa) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) madvise$auto(0x0, 0x2003f0, 0x11) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x222c0, 0x20) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty18\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x4b71, r1) madvise$auto(0x1, 0x1000, 0x10000) personality$auto(0xfffffffc) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) (async) ioctl$auto(r0, 0x4004550c, r0) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) (async) mlock$auto(0xfbea, 0x7fffffffffffffff) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) madvise$auto(0x0, 0x22, 0xa) (async) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) (async) madvise$auto(0x0, 0x2003f0, 0x11) (async) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) open(&(0x7f0000000000)='./file0\x00', 0x222c0, 0x20) (async) close_range$auto(0x2, 0x8, 0x0) (async) io_uring_setup$auto(0x20, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty18\x00', 0x40001, 0x0) (async) write$auto(0x3, 0x0, 0xfdef) (async) ioctl$auto(0x3, 0x4b71, r1) (async) madvise$auto(0x1, 0x1000, 0x10000) (async) personality$auto(0xfffffffc) (async) 0s ago: executing program 1 (id=3112): setuid$auto(0xe) (async) socket(0x2, 0x80002, 0x73) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) ioctl$auto(0x3, 0x800005411, 0x38) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x80000000000000a, 0x2, 0x0) (async) socket(0xa, 0x801, 0x84) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x90) (async) bpf$auto(0x5, &(0x7f0000001100)=@bpf_attr_7={@start_id=0x1, 0x4, 0xf}, 0x8) kernel console output (not intermixed with test programs): AULT_INJECTION: forcing a failure. [ 1123.861464][T17655] name failslab, interval 1, probability 0, space 0, times 0 [ 1123.913676][T17655] CPU: 0 UID: 0 PID: 17655 Comm: syz.1.2457 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1123.913722][T17655] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1123.913735][T17655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1123.913750][T17655] Call Trace: [ 1123.913759][T17655] [ 1123.913769][T17655] dump_stack_lvl+0x100/0x190 [ 1123.913813][T17655] should_fail_ex.cold+0x5/0xa [ 1123.913843][T17655] should_failslab+0xc2/0x120 [ 1123.913869][T17655] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1123.913906][T17655] ? vm_area_dup+0x27/0x8e0 [ 1123.913937][T17655] ? __vma_start_write+0x17f/0x280 [ 1123.913974][T17655] vm_area_dup+0x27/0x8e0 [ 1123.914009][T17655] dup_mmap+0x6f6/0x2180 [ 1123.914050][T17655] ? __pfx_dup_mmap+0x10/0x10 [ 1123.914078][T17655] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1123.914120][T17655] ? __lock_acquire+0x4a5/0x2630 [ 1123.914154][T17655] ? find_held_lock+0x2b/0x80 [ 1123.914177][T17655] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 1123.914242][T17655] copy_process+0x73d7/0x7a10 [ 1123.914270][T17655] ? futex_unqueue+0x133/0x2c0 [ 1123.914315][T17655] ? __pfx_copy_process+0x10/0x10 [ 1123.914352][T17655] ? _copy_from_user+0x59/0xd0 [ 1123.914396][T17655] kernel_clone+0xfc/0x9a0 [ 1123.914427][T17655] ? __pfx_kernel_clone+0x10/0x10 [ 1123.914463][T17655] ? __pfx_futex_wait+0x10/0x10 [ 1123.914508][T17655] __do_sys_clone3+0x214/0x290 [ 1123.914537][T17655] ? __pfx___do_sys_clone3+0x10/0x10 [ 1123.914607][T17655] do_syscall_64+0x106/0xf80 [ 1123.914636][T17655] ? clear_bhb_loop+0x40/0x90 [ 1123.914667][T17655] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1123.914692][T17655] RIP: 0033:0x7f17b599c799 [ 1123.914712][T17655] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1123.914737][T17655] RSP: 002b:00007f17b67c1ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1123.914760][T17655] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f17b599c799 [ 1123.914777][T17655] RDX: 00007f17b67c1f10 RSI: 0000000000000058 RDI: 00007f17b67c1f10 [ 1123.914792][T17655] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000058 [ 1123.914808][T17655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1123.914823][T17655] R13: 00007f17b5c16038 R14: 00007f17b5c15fa0 R15: 00007ffd80d8a298 [ 1123.914854][T17655] [ 1124.777093][T17665] random: crng reseeded on system resumption [ 1125.749101][T17676] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 1126.192237][T17682] FAULT_INJECTION: forcing a failure. [ 1126.192237][T17682] name failslab, interval 1, probability 0, space 0, times 0 [ 1126.313762][T17682] CPU: 0 UID: 0 PID: 17682 Comm: syz.0.2463 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1126.313808][T17682] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1126.313821][T17682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1126.313838][T17682] Call Trace: [ 1126.313847][T17682] [ 1126.313857][T17682] dump_stack_lvl+0x100/0x190 [ 1126.313901][T17682] should_fail_ex.cold+0x5/0xa [ 1126.313937][T17682] should_failslab+0xc2/0x120 [ 1126.313964][T17682] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1126.314017][T17682] ? __pmd_alloc+0xbf/0x9c0 [ 1126.314061][T17682] __pmd_alloc+0xbf/0x9c0 [ 1126.314093][T17682] __handle_mm_fault+0xa99/0x2b60 [ 1126.314131][T17682] ? mt_find+0x45e/0x8e0 [ 1126.314165][T17682] ? __pfx___handle_mm_fault+0x10/0x10 [ 1126.314196][T17682] ? __pfx_mt_find+0x10/0x10 [ 1126.314246][T17682] ? find_vma+0xbf/0x140 [ 1126.314269][T17682] ? __pfx_find_vma+0x10/0x10 [ 1126.314295][T17682] handle_mm_fault+0x36d/0xa20 [ 1126.314334][T17682] do_user_addr_fault+0x74c/0x12f0 [ 1126.314399][T17682] exc_page_fault+0x6f/0xd0 [ 1126.314429][T17682] asm_exc_page_fault+0x26/0x30 [ 1126.314466][T17682] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 1126.314504][T17682] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 [ 1126.314528][T17682] RSP: 0018:ffffc90003b27ab8 EFLAGS: 00050202 [ 1126.314548][T17682] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000007 [ 1126.314563][T17682] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc90003b27b18 [ 1126.314579][T17682] RBP: 0000000000000007 R08: 0000000000000001 R09: fffff52000764f63 [ 1126.314594][T17682] R10: ffffc90003b27b1e R11: 0000000000000000 R12: 0000000000000000 [ 1126.314609][T17682] R13: ffffc90003b27b18 R14: ffffc90003b27be0 R15: ffffc90003b27b18 [ 1126.314641][T17682] _copy_from_user+0x98/0xd0 [ 1126.314683][T17682] kstrtouint_from_user+0xd6/0x1d0 [ 1126.314727][T17682] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 1126.314770][T17682] ? __lock_acquire+0x4a5/0x2630 [ 1126.314824][T17682] ? iovec_from_user+0xda/0x140 [ 1126.314854][T17682] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1126.314883][T17682] proc_fail_nth_write+0x83/0x220 [ 1126.314913][T17682] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 1126.314957][T17682] vfs_writev+0x5ea/0xe10 [ 1126.314994][T17682] ? rcu_is_watching+0x12/0xc0 [ 1126.315039][T17682] ? __pfx_vfs_writev+0x10/0x10 [ 1126.315074][T17682] ? fdget_pos+0x2aa/0x380 [ 1126.315121][T17682] ? __fget_files+0x21f/0x3d0 [ 1126.315150][T17682] ? do_writev+0x13e/0x340 [ 1126.315185][T17682] do_writev+0x13e/0x340 [ 1126.315222][T17682] ? __pfx_do_writev+0x10/0x10 [ 1126.315268][T17682] do_syscall_64+0x106/0xf80 [ 1126.315296][T17682] ? clear_bhb_loop+0x40/0x90 [ 1126.315326][T17682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1126.315352][T17682] RIP: 0033:0x7fe64099c799 [ 1126.315372][T17682] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1126.315396][T17682] RSP: 002b:00007fe6417f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1126.315419][T17682] RAX: ffffffffffffffda RBX: 00007fe640c15fa0 RCX: 00007fe64099c799 [ 1126.315438][T17682] RDX: 0000000000000003 RSI: 0000200000000200 RDI: 0000000000000008 [ 1126.315454][T17682] RBP: 00007fe640a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1126.315469][T17682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1126.315484][T17682] R13: 00007fe640c16038 R14: 00007fe640c15fa0 R15: 00007ffca35541f8 [ 1126.315516][T17682] [ 1127.377662][ T29] audit: type=1326 audit(4294968545.952:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17695 comm="syz.4.2469" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc6b9d9c799 code=0x0 [ 1129.502036][T17732] FAULT_INJECTION: forcing a failure. [ 1129.502036][T17732] name failslab, interval 1, probability 0, space 0, times 0 [ 1129.582813][T17732] CPU: 0 UID: 0 PID: 17732 Comm: syz.1.2475 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1129.582862][T17732] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1129.582875][T17732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1129.582892][T17732] Call Trace: [ 1129.582902][T17732] [ 1129.582912][T17732] dump_stack_lvl+0x100/0x190 [ 1129.582957][T17732] should_fail_ex.cold+0x5/0xa [ 1129.582987][T17732] should_failslab+0xc2/0x120 [ 1129.583014][T17732] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1129.583061][T17732] ? __kernfs_new_node+0xd2/0x960 [ 1129.583106][T17732] __kernfs_new_node+0xd2/0x960 [ 1129.583145][T17732] ? __pfx___kernfs_new_node+0x10/0x10 [ 1129.583189][T17732] ? find_held_lock+0x2b/0x80 [ 1129.583212][T17732] ? kernfs_root+0xee/0x2a0 [ 1129.583245][T17732] ? kernfs_root+0xee/0x2a0 [ 1129.583287][T17732] kernfs_new_node+0x11b/0x1a0 [ 1129.583331][T17732] __kernfs_create_file+0x53/0x350 [ 1129.583364][T17732] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1129.583405][T17732] internal_create_group+0x593/0xf40 [ 1129.583450][T17732] ? __pfx_internal_create_group+0x10/0x10 [ 1129.583499][T17732] sysfs_slab_add+0x1a4/0x1f0 [ 1129.583526][T17732] do_kmem_cache_create+0x472/0x540 [ 1129.583557][T17732] __kmem_cache_create_args+0x386/0x420 [ 1129.583597][T17732] mon_text_open+0x333/0x510 [ 1129.583634][T17732] ? __pfx_mon_text_open+0x10/0x10 [ 1129.583672][T17732] ? __pfx_mon_text_ctor+0x10/0x10 [ 1129.583706][T17732] ? find_held_lock+0x2b/0x80 [ 1129.583729][T17732] ? __pfx_apparmor_file_open+0x10/0x10 [ 1129.583765][T17732] ? lockdown_is_locked_down+0x3d/0x140 [ 1129.583797][T17732] ? bpf_lsm_locked_down+0x9/0x10 [ 1129.583827][T17732] ? __pfx_mon_text_open+0x10/0x10 [ 1129.583861][T17732] full_proxy_open_regular+0x1b6/0x370 [ 1129.583898][T17732] do_dentry_open+0x6d8/0x1660 [ 1129.583922][T17732] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1129.583965][T17732] vfs_open+0x82/0x3f0 [ 1129.584000][T17732] path_openat+0x208c/0x31a0 [ 1129.584036][T17732] ? __pfx_path_openat+0x10/0x10 [ 1129.584078][T17732] do_file_open+0x20e/0x430 [ 1129.584107][T17732] ? __pfx_do_file_open+0x10/0x10 [ 1129.584155][T17732] ? alloc_fd+0x476/0x790 [ 1129.584183][T17732] ? do_getname+0x191/0x390 [ 1129.584218][T17732] do_sys_openat2+0x10d/0x1e0 [ 1129.584252][T17732] ? __pfx_do_sys_openat2+0x10/0x10 [ 1129.584297][T17732] __x64_sys_openat+0x12d/0x210 [ 1129.584332][T17732] ? __pfx___x64_sys_openat+0x10/0x10 [ 1129.584378][T17732] do_syscall_64+0x106/0xf80 [ 1129.584408][T17732] ? clear_bhb_loop+0x40/0x90 [ 1129.584440][T17732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1129.584467][T17732] RIP: 0033:0x7f17b599c799 [ 1129.584489][T17732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1129.584515][T17732] RSP: 002b:00007f17b67c2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1129.584539][T17732] RAX: ffffffffffffffda RBX: 00007f17b5c15fa0 RCX: 00007f17b599c799 [ 1129.584557][T17732] RDX: 0000000000022202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1129.584574][T17732] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1129.584590][T17732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1129.584606][T17732] R13: 00007f17b5c16038 R14: 00007f17b5c15fa0 R15: 00007ffd80d8a298 [ 1129.584639][T17732] [ 1130.446615][T17737] netlink: zone id is out of range [ 1130.608620][T17734] FAULT_INJECTION: forcing a failure. [ 1130.608620][T17734] name failslab, interval 1, probability 0, space 0, times 0 [ 1130.751500][T17734] CPU: 0 UID: 0 PID: 17734 Comm: syz.0.2474 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1130.751552][T17734] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1130.751564][T17734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1130.751579][T17734] Call Trace: [ 1130.751588][T17734] [ 1130.751599][T17734] dump_stack_lvl+0x100/0x190 [ 1130.751646][T17734] should_fail_ex.cold+0x5/0xa [ 1130.751676][T17734] should_failslab+0xc2/0x120 [ 1130.751703][T17734] __kvmalloc_node_noprof+0xfa/0xa00 [ 1130.751743][T17734] ? alloc_fdtable+0x110/0x2d0 [ 1130.751791][T17734] alloc_fdtable+0x110/0x2d0 [ 1130.751832][T17734] dup_fd+0x995/0xd10 [ 1130.751876][T17734] ? fd_statfs+0xdd/0x120 [ 1130.751921][T17734] ksys_unshare+0x7ad/0xad0 [ 1130.751957][T17734] ? __pfx_ksys_unshare+0x10/0x10 [ 1130.752002][T17734] __x64_sys_unshare+0x31/0x40 [ 1130.752044][T17734] do_syscall_64+0x106/0xf80 [ 1130.752076][T17734] ? clear_bhb_loop+0x40/0x90 [ 1130.752109][T17734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1130.752137][T17734] RIP: 0033:0x7fe64099c799 [ 1130.752160][T17734] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1130.752186][T17734] RSP: 002b:00007fe6417b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1130.752212][T17734] RAX: ffffffffffffffda RBX: 00007fe640c16180 RCX: 00007fe64099c799 [ 1130.752230][T17734] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1130.752245][T17734] RBP: 00007fe640a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1130.752262][T17734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1130.752278][T17734] R13: 00007fe640c16218 R14: 00007fe640c16180 R15: 00007ffca35541f8 [ 1130.752312][T17734] [ 1131.524628][T17732] SLUB: Unable to add cache mon_text_ffff888026f1e400 to sysfs [ 1131.655308][T17744] Invalid ELF header magic: != ELF [ 1131.919624][T17747] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 1133.268174][T17771] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2484'. [ 1135.022316][T17790] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2487'. [ 1135.048261][ T5837] Bluetooth: hci2: unexpected event 0x01 length: 124 > 1 [ 1135.056737][T17798] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 1135.429262][ T13] netdevsim netdevsim100 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1136.021981][ T5837] Bluetooth: hci0: unexpected subevent 0x03 length: 253 > 9 [ 1137.091697][T17817] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1137.761910][T17820] netlink: Failed to add  helper -22 [ 1140.640503][T17854] blktrace: Concurrent blktraces are not allowed on loop2 [ 1141.254088][T17860] ubi0: attaching mtd0 [ 1141.309587][T17860] ubi0: scanning is finished [ 1141.353348][T17860] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1141.708635][T17860] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1142.045217][T17878] random: crng reseeded on system resumption [ 1146.784257][T17942] vivid-007: ================= START STATUS ================= [ 1146.851186][T17941] Invalid ELF header magic: != ELF [ 1146.882873][T17942] vivid-007: Enable Output Cropping: true [ 1146.986672][T17942] vivid-007: Enable Output Composing: true [ 1147.032520][T17942] vivid-007: Enable Output Scaler: true [ 1147.059804][T17942] vivid-007: Tx RGB Quantization Range: Automatic [ 1147.098638][T17942] vivid-007: Transmit Mode: HDMI [ 1147.117172][T17942] vivid-007: Hotplug Present: 0x00000000 [ 1147.145743][T17942] vivid-007: RxSense Present: 0x00000000 [ 1147.181790][T17942] vivid-007: EDID Present: 0x00000000 [ 1147.210106][T17942] vivid-007: ================== END STATUS ================== [ 1147.577571][T17959] random: crng reseeded on system resumption [ 1148.990029][T17983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2529'. [ 1149.479571][T17987] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2531'. [ 1149.535032][T17987] veth1_macvtap: left promiscuous mode [ 1149.925118][T17980] FAULT_INJECTION: forcing a failure. [ 1149.925118][T17980] name failslab, interval 1, probability 0, space 0, times 0 [ 1150.245135][T17980] CPU: 0 UID: 0 PID: 17980 Comm: syz.5.2522 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1150.245181][T17980] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1150.245194][T17980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1150.245209][T17980] Call Trace: [ 1150.245217][T17980] [ 1150.245227][T17980] dump_stack_lvl+0x100/0x190 [ 1150.245270][T17980] should_fail_ex.cold+0x5/0xa [ 1150.245299][T17980] should_failslab+0xc2/0x120 [ 1150.245325][T17980] __kvmalloc_node_noprof+0xfa/0xa00 [ 1150.245363][T17980] ? alloc_fdtable+0x110/0x2d0 [ 1150.245408][T17980] alloc_fdtable+0x110/0x2d0 [ 1150.245448][T17980] dup_fd+0x995/0xd10 [ 1150.245473][T17980] ? fd_statfs+0xdd/0x120 [ 1150.245513][T17980] ksys_unshare+0x7ad/0xad0 [ 1150.245546][T17980] ? __pfx_ksys_unshare+0x10/0x10 [ 1150.245587][T17980] __x64_sys_unshare+0x31/0x40 [ 1150.245618][T17980] do_syscall_64+0x106/0xf80 [ 1150.245647][T17980] ? clear_bhb_loop+0x40/0x90 [ 1150.245677][T17980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1150.245703][T17980] RIP: 0033:0x7fc3bc59c799 [ 1150.245723][T17980] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1150.245747][T17980] RSP: 002b:00007fc3bd42a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1150.245780][T17980] RAX: ffffffffffffffda RBX: 00007fc3bc816270 RCX: 00007fc3bc59c799 [ 1150.245797][T17980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1150.245812][T17980] RBP: 00007fc3bc632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1150.245828][T17980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1150.245843][T17980] R13: 00007fc3bc816308 R14: 00007fc3bc816270 R15: 00007ffe6a301a88 [ 1150.245874][T17980] [ 1150.754268][T17991] FAULT_INJECTION: forcing a failure. [ 1150.754268][T17991] name failslab, interval 1, probability 0, space 0, times 0 [ 1150.797364][T17991] CPU: 0 UID: 0 PID: 17991 Comm: syz.1.2532 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1150.797408][T17991] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1150.797420][T17991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1150.797434][T17991] Call Trace: [ 1150.797443][T17991] [ 1150.797452][T17991] dump_stack_lvl+0x100/0x190 [ 1150.797493][T17991] should_fail_ex.cold+0x5/0xa [ 1150.797521][T17991] should_failslab+0xc2/0x120 [ 1150.797546][T17991] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1150.797591][T17991] ? __alloc_skb+0x140/0x710 [ 1150.797623][T17991] __alloc_skb+0x140/0x710 [ 1150.797649][T17991] ? __pfx___alloc_skb+0x10/0x10 [ 1150.797676][T17991] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 1150.797715][T17991] ? __lock_acquire+0x4a5/0x2630 [ 1150.797749][T17991] tcp_stream_alloc_skb+0x34/0x660 [ 1150.797871][T17991] tcp_sendmsg_locked+0x133b/0x45f0 [ 1150.797921][T17991] ? is_bpf_text_address+0x8a/0x1a0 [ 1150.797960][T17991] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 1150.797999][T17991] ? do_raw_spin_lock+0x128/0x260 [ 1150.798034][T17991] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1150.798076][T17991] ? __local_bh_enable_ip+0x9e/0x120 [ 1150.798105][T17991] tcp_sendmsg+0x2e/0x50 [ 1150.798138][T17991] ? __pfx_tcp_sendmsg+0x10/0x10 [ 1150.798173][T17991] inet_sendmsg+0xb9/0x140 [ 1150.798210][T17991] sock_write_iter+0x509/0x610 [ 1150.798246][T17991] ? __pfx_sock_write_iter+0x10/0x10 [ 1150.798300][T17991] do_iter_readv_writev+0x6ee/0x920 [ 1150.798339][T17991] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1150.798379][T17991] ? bpf_lsm_file_permission+0x9/0x10 [ 1150.798417][T17991] ? security_file_permission+0x76/0x210 [ 1150.798442][T17991] ? rw_verify_area+0xce/0x6d0 [ 1150.798478][T17991] vfs_writev+0x360/0xe10 [ 1150.798520][T17991] ? __pfx_vfs_writev+0x10/0x10 [ 1150.798561][T17991] ? find_held_lock+0x2b/0x80 [ 1150.798601][T17991] ? __fget_files+0x21f/0x3d0 [ 1150.798629][T17991] ? do_writev+0x28a/0x340 [ 1150.798662][T17991] do_writev+0x28a/0x340 [ 1150.798698][T17991] ? __pfx_do_writev+0x10/0x10 [ 1150.798740][T17991] do_syscall_64+0x106/0xf80 [ 1150.798768][T17991] ? clear_bhb_loop+0x40/0x90 [ 1150.798797][T17991] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1150.798821][T17991] RIP: 0033:0x7f17b599c799 [ 1150.798841][T17991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1150.798865][T17991] RSP: 002b:00007f17b67a1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1150.798888][T17991] RAX: ffffffffffffffda RBX: 00007f17b5c16090 RCX: 00007f17b599c799 [ 1150.798904][T17991] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1150.798919][T17991] RBP: 00007f17b67a1090 R08: 0000000000000000 R09: 0000000000000000 [ 1150.798934][T17991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1150.798948][T17991] R13: 00007f17b5c16128 R14: 00007f17b5c16090 R15: 00007ffd80d8a298 [ 1150.798979][T17991] [ 1151.399447][T18003] netlink: 186 bytes leftover after parsing attributes in process `syz.5.2535'. [ 1152.497983][T18014] random: crng reseeded on system resumption [ 1153.543290][T18026] FAULT_INJECTION: forcing a failure. [ 1153.543290][T18026] name failslab, interval 1, probability 0, space 0, times 0 [ 1153.647693][T18026] CPU: 0 UID: 0 PID: 18026 Comm: syz.1.2540 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1153.647744][T18026] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1153.647757][T18026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1153.647773][T18026] Call Trace: [ 1153.647783][T18026] [ 1153.647793][T18026] dump_stack_lvl+0x100/0x190 [ 1153.647836][T18026] should_fail_ex.cold+0x5/0xa [ 1153.647866][T18026] should_failslab+0xc2/0x120 [ 1153.647893][T18026] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1153.647935][T18026] ? vm_area_dup+0x27/0x8e0 [ 1153.647966][T18026] ? __vma_start_write+0x17f/0x280 [ 1153.648004][T18026] vm_area_dup+0x27/0x8e0 [ 1153.648039][T18026] dup_mmap+0x6f6/0x2180 [ 1153.648079][T18026] ? __pfx_dup_mmap+0x10/0x10 [ 1153.648107][T18026] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1153.648141][T18026] ? __lock_acquire+0x4a5/0x2630 [ 1153.648174][T18026] ? find_held_lock+0x2b/0x80 [ 1153.648196][T18026] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 1153.648260][T18026] copy_process+0x73d7/0x7a10 [ 1153.648289][T18026] ? __pfx___schedule+0x10/0x10 [ 1153.648328][T18026] ? __pfx_copy_process+0x10/0x10 [ 1153.648364][T18026] ? _copy_from_user+0x59/0xd0 [ 1153.648408][T18026] kernel_clone+0xfc/0x9a0 [ 1153.648439][T18026] ? __pfx_kernel_clone+0x10/0x10 [ 1153.648466][T18026] ? futex_private_hash_put+0x107/0x1c0 [ 1153.648504][T18026] ? __pfx_futex_wake+0x10/0x10 [ 1153.648546][T18026] __do_sys_clone3+0x214/0x290 [ 1153.648575][T18026] ? __pfx___do_sys_clone3+0x10/0x10 [ 1153.648642][T18026] do_syscall_64+0x106/0xf80 [ 1153.648670][T18026] ? clear_bhb_loop+0x40/0x90 [ 1153.648700][T18026] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1153.648726][T18026] RIP: 0033:0x7f17b599c799 [ 1153.648746][T18026] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1153.648770][T18026] RSP: 002b:00007f17b67c1ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1153.648794][T18026] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f17b599c799 [ 1153.648810][T18026] RDX: 00007f17b67c1f10 RSI: 0000000000000058 RDI: 00007f17b67c1f10 [ 1153.648826][T18026] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000058 [ 1153.648842][T18026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1153.648856][T18026] R13: 00007f17b5c16038 R14: 00007f17b5c15fa0 R15: 00007ffd80d8a298 [ 1153.648888][T18026] [ 1154.174726][T18040] FAULT_INJECTION: forcing a failure. [ 1154.174726][T18040] name failslab, interval 1, probability 0, space 0, times 0 [ 1154.215989][T18040] CPU: 0 UID: 0 PID: 18040 Comm: syz.0.2542 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1154.216037][T18040] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1154.216049][T18040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1154.216065][T18040] Call Trace: [ 1154.216074][T18040] [ 1154.216083][T18040] dump_stack_lvl+0x100/0x190 [ 1154.216129][T18040] should_fail_ex.cold+0x5/0xa [ 1154.216159][T18040] should_failslab+0xc2/0x120 [ 1154.216186][T18040] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1154.216224][T18040] ? __kernfs_new_node+0xd2/0x960 [ 1154.216266][T18040] __kernfs_new_node+0xd2/0x960 [ 1154.216306][T18040] ? __pfx___kernfs_new_node+0x10/0x10 [ 1154.216358][T18040] ? find_held_lock+0x2b/0x80 [ 1154.216390][T18040] ? kernfs_root+0xee/0x2a0 [ 1154.216433][T18040] ? kernfs_root+0xee/0x2a0 [ 1154.216475][T18040] kernfs_new_node+0x11b/0x1a0 [ 1154.216521][T18040] __kernfs_create_file+0x53/0x350 [ 1154.216554][T18040] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1154.216597][T18040] internal_create_group+0x593/0xf40 [ 1154.216642][T18040] ? __pfx_internal_create_group+0x10/0x10 [ 1154.216692][T18040] sysfs_slab_add+0x1a4/0x1f0 [ 1154.216719][T18040] do_kmem_cache_create+0x472/0x540 [ 1154.216750][T18040] __kmem_cache_create_args+0x386/0x420 [ 1154.216804][T18040] mon_text_open+0x333/0x510 [ 1154.216840][T18040] ? __pfx_mon_text_open+0x10/0x10 [ 1154.216876][T18040] ? __pfx_mon_text_ctor+0x10/0x10 [ 1154.216909][T18040] ? find_held_lock+0x2b/0x80 [ 1154.216932][T18040] ? __pfx_apparmor_file_open+0x10/0x10 [ 1154.216966][T18040] ? lockdown_is_locked_down+0x3d/0x140 [ 1154.216998][T18040] ? bpf_lsm_locked_down+0x9/0x10 [ 1154.217028][T18040] ? __pfx_mon_text_open+0x10/0x10 [ 1154.217061][T18040] full_proxy_open_regular+0x1b6/0x370 [ 1154.217099][T18040] do_dentry_open+0x6d8/0x1660 [ 1154.217122][T18040] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1154.217163][T18040] vfs_open+0x82/0x3f0 [ 1154.217196][T18040] path_openat+0x208c/0x31a0 [ 1154.217231][T18040] ? __pfx_path_openat+0x10/0x10 [ 1154.217267][T18040] do_file_open+0x20e/0x430 [ 1154.217293][T18040] ? __pfx_do_file_open+0x10/0x10 [ 1154.217346][T18040] ? alloc_fd+0x476/0x790 [ 1154.217373][T18040] ? do_getname+0x191/0x390 [ 1154.217406][T18040] do_sys_openat2+0x10d/0x1e0 [ 1154.217438][T18040] ? __pfx_do_sys_openat2+0x10/0x10 [ 1154.217482][T18040] __x64_sys_openat+0x12d/0x210 [ 1154.217515][T18040] ? __pfx___x64_sys_openat+0x10/0x10 [ 1154.217560][T18040] do_syscall_64+0x106/0xf80 [ 1154.217589][T18040] ? clear_bhb_loop+0x40/0x90 [ 1154.217620][T18040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1154.217645][T18040] RIP: 0033:0x7fe64099c799 [ 1154.217667][T18040] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1154.217691][T18040] RSP: 002b:00007fe6417f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1154.217714][T18040] RAX: ffffffffffffffda RBX: 00007fe640c15fa0 RCX: 00007fe64099c799 [ 1154.217731][T18040] RDX: 0000000000022202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1154.217747][T18040] RBP: 00007fe640a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1154.217762][T18040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1154.217777][T18040] R13: 00007fe640c16038 R14: 00007fe640c15fa0 R15: 00007ffca35541f8 [ 1154.217810][T18040] [ 1154.218415][T18040] SLUB: Unable to add cache mon_text_ffff88805ed6a000 to sysfs [ 1154.886620][T18047] netlink: 'syz.5.2545': attribute type 1 has an invalid length. [ 1155.739951][T18065] random: crng reseeded on system resumption [ 1155.958527][T18069] netlink: 'syz.4.2550': attribute type 1 has an invalid length. [ 1156.965235][T18082] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2553'. [ 1157.191998][T18082] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1157.275045][T18082] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1157.405222][T18082] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1157.509421][T18082] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1157.714010][T18090] nbd: must specify at least one socket [ 1158.343003][T18093] FAULT_INJECTION: forcing a failure. [ 1158.343003][T18093] name failslab, interval 1, probability 0, space 0, times 0 [ 1158.402775][T18093] CPU: 0 UID: 0 PID: 18093 Comm: syz.1.2556 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1158.402823][T18093] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1158.402835][T18093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1158.402850][T18093] Call Trace: [ 1158.402858][T18093] [ 1158.402868][T18093] dump_stack_lvl+0x100/0x190 [ 1158.402916][T18093] should_fail_ex.cold+0x5/0xa [ 1158.402946][T18093] ? snd_pcm_plugin_build+0x434/0x650 [ 1158.402972][T18093] should_failslab+0xc2/0x120 [ 1158.403000][T18093] __kmalloc_noprof+0xe0/0x850 [ 1158.403043][T18093] snd_pcm_plugin_build+0x434/0x650 [ 1158.403072][T18093] snd_pcm_plugin_build_mulaw+0x280/0x760 [ 1158.403102][T18093] ? __pfx_mulaw_decode+0x10/0x10 [ 1158.403128][T18093] ? __pfx_snd_pcm_plugin_build_mulaw+0x10/0x10 [ 1158.403161][T18093] ? snd_pcm_hw_params+0x262/0x1cb0 [ 1158.403193][T18093] snd_pcm_plug_format_plugins+0xbdd/0x1430 [ 1158.403224][T18093] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 1158.403256][T18093] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1158.403306][T18093] snd_pcm_oss_change_params_locked+0x2e3c/0x39f0 [ 1158.403360][T18093] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1158.403400][T18093] ? task_work_add+0x201/0x3b0 [ 1158.403437][T18093] ? __pfx___mutex_lock+0x10/0x10 [ 1158.403485][T18093] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1158.403527][T18093] snd_pcm_oss_sync+0x265/0x840 [ 1158.403572][T18093] snd_pcm_oss_release+0x238/0x300 [ 1158.403612][T18093] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1158.403652][T18093] __fput+0x3ff/0xb40 [ 1158.403688][T18093] task_work_run+0x150/0x240 [ 1158.403724][T18093] ? __pfx_task_work_run+0x10/0x10 [ 1158.403767][T18093] exit_to_user_mode_loop+0x100/0x4a0 [ 1158.403803][T18093] do_syscall_64+0x668/0xf80 [ 1158.403830][T18093] ? clear_bhb_loop+0x40/0x90 [ 1158.403860][T18093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1158.403885][T18093] RIP: 0033:0x7f17b599c799 [ 1158.403910][T18093] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1158.403935][T18093] RSP: 002b:00007f17b67c2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1158.403959][T18093] RAX: 0000000000000000 RBX: 00007f17b5c15fa0 RCX: 00007f17b599c799 [ 1158.403976][T18093] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1158.403991][T18093] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1158.404007][T18093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1158.404022][T18093] R13: 00007f17b5c16038 R14: 00007f17b5c15fa0 R15: 00007ffd80d8a298 [ 1158.404054][T18093] [ 1159.522644][T18107] netlink: 'syz.0.2560': attribute type 1 has an invalid length. [ 1165.744892][T18158] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 1167.070855][T18190] misc userio: Invalid payload size [ 1170.525871][T18222] block2mtd: parameter too long [ 1170.875150][T18225] netlink: 222 bytes leftover after parsing attributes in process `syz.5.2582'. [ 1172.238124][T18239] netlink: 'syz.1.2585': attribute type 1 has an invalid length. [ 1174.050497][T18262] loop6: detected capacity change from 0 to 8 [ 1175.683662][T18278] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2595'. [ 1178.641186][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1178.650161][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1178.739679][T18321] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2604'. [ 1180.711302][T16229] Bluetooth: hci2: command 0x0406 tx timeout [ 1181.390504][T18354] misc userio: Invalid payload size [ 1181.875307][T18358] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2613'. [ 1182.397709][T18369] blktrace: Concurrent blktraces are not allowed on loop2 [ 1182.842373][T18374] netlink: zone id is out of range [ 1182.930585][T18372] sp0: Synchronizing with TNC [ 1187.163909][T18433] FAULT_INJECTION: forcing a failure. [ 1187.163909][T18433] name failslab, interval 1, probability 0, space 0, times 0 [ 1187.295094][T18433] CPU: 0 UID: 0 PID: 18433 Comm: syz.5.2635 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1187.295144][T18433] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1187.295157][T18433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1187.295174][T18433] Call Trace: [ 1187.295183][T18433] [ 1187.295193][T18433] dump_stack_lvl+0x100/0x190 [ 1187.295239][T18433] should_fail_ex.cold+0x5/0xa [ 1187.295274][T18433] should_failslab+0xc2/0x120 [ 1187.295302][T18433] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1187.295341][T18433] ? vm_area_dup+0x27/0x8e0 [ 1187.295374][T18433] ? __vma_start_write+0x17f/0x280 [ 1187.295412][T18433] vm_area_dup+0x27/0x8e0 [ 1187.295449][T18433] dup_mmap+0x6f6/0x2180 [ 1187.295491][T18433] ? __pfx_dup_mmap+0x10/0x10 [ 1187.295520][T18433] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1187.295555][T18433] ? __lock_acquire+0x4a5/0x2630 [ 1187.295590][T18433] ? find_held_lock+0x2b/0x80 [ 1187.295612][T18433] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 1187.295680][T18433] copy_process+0x73d7/0x7a10 [ 1187.295711][T18433] ? __pfx___schedule+0x10/0x10 [ 1187.295751][T18433] ? __pfx_copy_process+0x10/0x10 [ 1187.295789][T18433] ? _copy_from_user+0x59/0xd0 [ 1187.295835][T18433] kernel_clone+0xfc/0x9a0 [ 1187.295867][T18433] ? __pfx_kernel_clone+0x10/0x10 [ 1187.295895][T18433] ? futex_private_hash_put+0x107/0x1c0 [ 1187.295945][T18433] ? __pfx_futex_wake+0x10/0x10 [ 1187.295989][T18433] __do_sys_clone3+0x214/0x290 [ 1187.296019][T18433] ? __pfx___do_sys_clone3+0x10/0x10 [ 1187.296091][T18433] do_syscall_64+0x106/0xf80 [ 1187.296122][T18433] ? clear_bhb_loop+0x40/0x90 [ 1187.296154][T18433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1187.296181][T18433] RIP: 0033:0x7fc3bc59c799 [ 1187.296203][T18433] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1187.296229][T18433] RSP: 002b:00007fc3bd48cef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 1187.296254][T18433] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fc3bc59c799 [ 1187.296271][T18433] RDX: 00007fc3bd48cf10 RSI: 0000000000000058 RDI: 00007fc3bd48cf10 [ 1187.296287][T18433] RBP: 00007fc3bc632bd9 R08: 0000000000000000 R09: 0000000000000058 [ 1187.296304][T18433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1187.296319][T18433] R13: 00007fc3bc816038 R14: 00007fc3bc815fa0 R15: 00007ffe6a301a88 [ 1187.296353][T18433] [ 1188.224807][T18438] netlink: zone id is out of range [ 1189.580856][T18457] FAULT_INJECTION: forcing a failure. [ 1189.580856][T18457] name failslab, interval 1, probability 0, space 0, times 0 [ 1189.595889][T18457] CPU: 0 UID: 0 PID: 18457 Comm: syz.0.2641 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1189.595939][T18457] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1189.595952][T18457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1189.595969][T18457] Call Trace: [ 1189.595982][T18457] [ 1189.596006][T18457] dump_stack_lvl+0x100/0x190 [ 1189.596057][T18457] should_fail_ex.cold+0x5/0xa [ 1189.596089][T18457] should_failslab+0xc2/0x120 [ 1189.596116][T18457] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1189.596150][T18457] ? snd_ctl_notify.part.0+0x337/0x650 [ 1189.596189][T18457] snd_ctl_notify.part.0+0x337/0x650 [ 1189.596230][T18457] snd_ctl_notify_one+0x2a4/0x300 [ 1189.596262][T18457] ? __pfx_snd_ctl_notify_one+0x10/0x10 [ 1189.596300][T18457] ? mark_held_locks+0x40/0x70 [ 1189.596336][T18457] __snd_ctl_add_replace+0x60b/0x840 [ 1189.596376][T18457] ? __pfx___snd_ctl_add_replace+0x10/0x10 [ 1189.596415][T18457] ? __kmalloc_noprof+0x320/0x850 [ 1189.596451][T18457] ? snd_ctl_new+0x13c/0x1a0 [ 1189.596485][T18457] snd_ctl_elem_add+0x832/0x1370 [ 1189.596527][T18457] ? __might_fault+0xc5/0x140 [ 1189.596713][T18457] ? __might_fault+0xc5/0x140 [ 1189.596749][T18457] ? __pfx_snd_ctl_elem_add+0x10/0x10 [ 1189.596794][T18457] snd_ctl_elem_add_user+0xc5/0x170 [ 1189.596830][T18457] ? __pfx_snd_ctl_elem_add_user+0x10/0x10 [ 1189.596864][T18457] ? find_held_lock+0x2b/0x80 [ 1189.596913][T18457] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1189.596956][T18457] ? do_vfs_ioctl+0x226/0x13e0 [ 1189.596994][T18457] snd_ctl_ioctl+0xbdf/0x1330 [ 1189.597028][T18457] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1189.597074][T18457] ? find_held_lock+0x2b/0x80 [ 1189.597096][T18457] ? __fget_files+0x215/0x3d0 [ 1189.597118][T18457] ? hook_file_ioctl_common+0x146/0x410 [ 1189.597165][T18457] ? __fget_files+0x21f/0x3d0 [ 1189.597191][T18457] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1189.597228][T18457] __x64_sys_ioctl+0x18e/0x210 [ 1189.597266][T18457] do_syscall_64+0x106/0xf80 [ 1189.597297][T18457] ? clear_bhb_loop+0x40/0x90 [ 1189.597330][T18457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1189.597357][T18457] RIP: 0033:0x7fe64099c799 [ 1189.597380][T18457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1189.597405][T18457] RSP: 002b:00007fe6417d8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1189.597430][T18457] RAX: ffffffffffffffda RBX: 00007fe640c16090 RCX: 00007fe64099c799 [ 1189.597447][T18457] RDX: 0000200000000580 RSI: 00000000c1105517 RDI: 0000000000000007 [ 1189.597465][T18457] RBP: 00007fe640a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1189.597481][T18457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1189.597497][T18457] R13: 00007fe640c16128 R14: 00007fe640c16090 R15: 00007ffca35541f8 [ 1189.597529][T18457] [ 1189.597629][T18457] snd_virmidi snd_virmidi.0: No memory available to allocate event [ 1190.613788][T18473] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2646'. [ 1191.060629][T18482] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2648'. [ 1192.597433][T18495] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 1193.604612][T18509] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2655'. [ 1194.969654][T18522] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2658'. [ 1198.203257][T18561] misc userio: Invalid payload size [ 1198.424454][T18566] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2670'. [ 1200.515757][T18584] netlink: 'syz.0.2673': attribute type 1 has an invalid length. [ 1203.117791][T18616] netlink: zone id is out of range [ 1204.727544][T18637] Invalid ELF header magic: != ELF [ 1206.832338][T18648] program syz.1.2689 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1206.972401][T18648] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 1210.901357][T18687] netlink: zone id is out of range [ 1215.345133][T18724] netlink: 'syz.1.2710': attribute type 1 has an invalid length. [ 1215.547872][T18722] FAULT_INJECTION: forcing a failure. [ 1215.547872][T18722] name failslab, interval 1, probability 0, space 0, times 0 [ 1215.856402][T18722] CPU: 0 UID: 0 PID: 18722 Comm: syz.0.2706 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1215.856450][T18722] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1215.856462][T18722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1215.856761][T18722] Call Trace: [ 1215.856772][T18722] [ 1215.856783][T18722] dump_stack_lvl+0x100/0x190 [ 1215.856910][T18722] should_fail_ex.cold+0x5/0xa [ 1215.856942][T18722] should_failslab+0xc2/0x120 [ 1215.856971][T18722] __kvmalloc_node_noprof+0xfa/0xa00 [ 1215.857012][T18722] ? alloc_fdtable+0x110/0x2d0 [ 1215.857058][T18722] alloc_fdtable+0x110/0x2d0 [ 1215.857097][T18722] dup_fd+0x995/0xd10 [ 1215.857122][T18722] ? fd_statfs+0xdd/0x120 [ 1215.857186][T18722] ksys_unshare+0x7ad/0xad0 [ 1215.857221][T18722] ? __pfx_ksys_unshare+0x10/0x10 [ 1215.857299][T18722] __x64_sys_unshare+0x31/0x40 [ 1215.857330][T18722] do_syscall_64+0x106/0xf80 [ 1215.857364][T18722] ? clear_bhb_loop+0x40/0x90 [ 1215.857397][T18722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1215.857432][T18722] RIP: 0033:0x7fe64099c799 [ 1215.857455][T18722] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1215.857479][T18722] RSP: 002b:00007fe641796028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1215.857503][T18722] RAX: ffffffffffffffda RBX: 00007fe640c16270 RCX: 00007fe64099c799 [ 1215.857521][T18722] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1215.857536][T18722] RBP: 00007fe640a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1215.857551][T18722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1215.857567][T18722] R13: 00007fe640c16308 R14: 00007fe640c16270 R15: 00007ffca35541f8 [ 1215.857599][T18722] [ 1216.610422][T18728] udevd[18728]: inotify_add_watch(7, /dev/nbd10, 10) failed: No such file or directory [ 1219.560471][T16229] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1219.572409][T16229] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1219.584526][T16229] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1219.594597][T16229] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1219.603872][T16229] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1221.258837][T18749] chnl_net:caif_netlink_parms(): no params data found [ 1221.689474][ T5837] Bluetooth: hci1: command tx timeout [ 1223.113725][T18749] bridge0: port 1(bridge_slave_0) entered blocking state [ 1223.162737][T18749] bridge0: port 1(bridge_slave_0) entered disabled state [ 1223.194545][T18749] bridge_slave_0: entered allmulticast mode [ 1223.234411][T18749] bridge_slave_0: entered promiscuous mode [ 1223.269204][T18749] bridge0: port 2(bridge_slave_1) entered blocking state [ 1223.305100][T18749] bridge0: port 2(bridge_slave_1) entered disabled state [ 1223.344053][T18749] bridge_slave_1: entered allmulticast mode [ 1223.380331][T18749] bridge_slave_1: entered promiscuous mode [ 1223.513768][T18749] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1223.572383][T18749] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1223.773984][ T5837] Bluetooth: hci1: command tx timeout [ 1223.783544][T18749] team0: Port device team_slave_0 added [ 1223.818874][T18749] team0: Port device team_slave_1 added [ 1223.971880][T18749] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1223.978880][T18749] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1224.124659][T18749] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1224.400661][T18749] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1224.433173][T18749] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1224.544571][T18749] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1224.759116][T18749] hsr_slave_0: entered promiscuous mode [ 1224.782729][T18749] hsr_slave_1: entered promiscuous mode [ 1224.824276][T18749] debugfs: 'hsr0' already exists in 'hsr' [ 1224.854305][T18749] Cannot create hsr debugfs directory [ 1225.624964][T18800] Invalid ELF header magic: != ELF [ 1225.820801][T18749] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1225.858793][ T5837] Bluetooth: hci1: command tx timeout [ 1225.975731][T18749] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1226.039735][T18749] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1226.204918][T18749] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1226.522511][T18818] netlink: zone id is out of range [ 1226.869646][T18749] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1227.194626][T18749] 8021q: adding VLAN 0 to HW filter on device team0 [ 1227.263926][T15837] bridge0: port 1(bridge_slave_0) entered blocking state [ 1227.273938][T15837] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1227.467760][T15837] bridge0: port 2(bridge_slave_1) entered blocking state [ 1227.475612][T15837] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1227.933799][ T5837] Bluetooth: hci1: command tx timeout [ 1229.171548][T18749] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1230.606933][T18749] veth0_vlan: entered promiscuous mode [ 1230.644562][T18845] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2734'. [ 1230.695384][T18749] veth1_vlan: entered promiscuous mode [ 1230.852276][T18845] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2734'. [ 1230.916706][T18749] veth0_macvtap: entered promiscuous mode [ 1230.970569][T18749] veth1_macvtap: entered promiscuous mode [ 1231.041563][T18749] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1231.097880][T18749] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1231.156050][ T1094] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1231.194939][ T1094] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1231.239469][ T1094] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1231.349231][ T1094] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1231.645797][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1231.653701][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1231.805290][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1231.844341][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1231.937721][T16229] Bluetooth: hci0: command 0x0406 tx timeout [ 1236.697661][T18884] vivid-007: ================= START STATUS ================= [ 1236.740999][T18882] Invalid ELF header magic: != ELF [ 1236.792520][T18884] vivid-007: Enable Output Cropping: true [ 1236.844873][T18884] vivid-007: Enable Output Composing: true [ 1236.926899][T18884] vivid-007: Enable Output Scaler: true [ 1236.949369][T18884] vivid-007: Tx RGB Quantization Range: Automatic [ 1236.956139][T18884] vivid-007: Transmit Mode: HDMI [ 1237.080171][T18884] vivid-007: Hotplug Present: 0x00000000 [ 1237.086004][T18884] vivid-007: RxSense Present: 0x00000000 [ 1237.142119][T18884] vivid-007: EDID Present: 0x00000000 [ 1237.168178][T18884] vivid-007: ================== END STATUS ================== [ 1237.987585][T18892] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 1238.915315][T18912] misc userio: Invalid payload size [ 1240.125497][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1240.132052][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1241.436123][T18938] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2758'. [ 1241.509235][T18940] __vm_enough_memory: pid: 18940, comm: syz.1.2758, bytes: 4398046511104 not enough memory for the allocation [ 1242.823437][T18955] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1243.415715][T18961] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2764'. [ 1243.455566][T16229] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1243.470380][T16229] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1243.479417][T16229] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1243.491941][T16229] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1243.499471][T16229] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1244.986618][T18962] chnl_net:caif_netlink_parms(): no params data found [ 1245.474698][ T29] audit: type=1800 audit(2147483668.919:19): pid=18984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2768" name="features" dev="configfs" ino=72666 res=0 errno=0 [ 1245.543563][T16229] Bluetooth: hci5: command tx timeout [ 1245.663233][T18962] bridge0: port 1(bridge_slave_0) entered blocking state [ 1245.722042][T18962] bridge0: port 1(bridge_slave_0) entered disabled state [ 1245.770900][T18962] bridge_slave_0: entered allmulticast mode [ 1245.820163][T18962] bridge_slave_0: entered promiscuous mode [ 1245.867390][T18962] bridge0: port 2(bridge_slave_1) entered blocking state [ 1245.925676][T18987] FAULT_INJECTION: forcing a failure. [ 1245.925676][T18987] name failslab, interval 1, probability 0, space 0, times 0 [ 1245.938623][T18962] bridge0: port 2(bridge_slave_1) entered disabled state [ 1245.988221][T18962] bridge_slave_1: entered allmulticast mode [ 1246.034878][T18962] bridge_slave_1: entered promiscuous mode [ 1246.243393][T18987] CPU: 0 UID: 0 PID: 18987 Comm: syz.1.2768 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1246.243440][T18987] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1246.243451][T18987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1246.243468][T18987] Call Trace: [ 1246.243475][T18987] [ 1246.243486][T18987] dump_stack_lvl+0x100/0x190 [ 1246.243539][T18987] should_fail_ex.cold+0x5/0xa [ 1246.243568][T18987] should_failslab+0xc2/0x120 [ 1246.243593][T18987] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1246.243630][T18987] ? sk_prot_alloc+0x60/0x2a0 [ 1246.243673][T18987] sk_prot_alloc+0x60/0x2a0 [ 1246.243709][T18987] sk_alloc+0x36/0xe80 [ 1246.243764][T18987] qrtr_create+0x84/0x1d0 [ 1246.243866][T18987] __sock_create+0x339/0x860 [ 1246.243909][T18987] __sys_socket+0x14d/0x260 [ 1246.243949][T18987] ? __pfx___sys_socket+0x10/0x10 [ 1246.243998][T18987] __x64_sys_socket+0x72/0xb0 [ 1246.244035][T18987] ? lockdep_hardirqs_on+0x78/0x100 [ 1246.244064][T18987] do_syscall_64+0x106/0xf80 [ 1246.244092][T18987] ? clear_bhb_loop+0x40/0x90 [ 1246.244122][T18987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1246.244198][T18987] RIP: 0033:0x7f17b599c799 [ 1246.244223][T18987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1246.244248][T18987] RSP: 002b:00007f17b6780028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1246.244272][T18987] RAX: ffffffffffffffda RBX: 00007f17b5c16180 RCX: 00007f17b599c799 [ 1246.244289][T18987] RDX: 0000000000000001 RSI: 0000000000000002 RDI: 000000000000002a [ 1246.244305][T18987] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1246.244320][T18987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1246.244335][T18987] R13: 00007f17b5c16218 R14: 00007f17b5c16180 R15: 00007ffd80d8a298 [ 1246.244367][T18987] [ 1246.643884][T18962] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1246.705247][T18962] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1247.193941][T18986] FAULT_INJECTION: forcing a failure. [ 1247.193941][T18986] name failslab, interval 1, probability 0, space 0, times 0 [ 1247.381444][T18986] CPU: 0 UID: 0 PID: 18986 Comm: syz.6.2766 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1247.381490][T18986] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1247.381502][T18986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1247.381517][T18986] Call Trace: [ 1247.381524][T18986] [ 1247.381535][T18986] dump_stack_lvl+0x100/0x190 [ 1247.381578][T18986] should_fail_ex.cold+0x5/0xa [ 1247.381607][T18986] should_failslab+0xc2/0x120 [ 1247.381633][T18986] __kvmalloc_node_noprof+0xfa/0xa00 [ 1247.381671][T18986] ? alloc_fdtable+0x110/0x2d0 [ 1247.381717][T18986] alloc_fdtable+0x110/0x2d0 [ 1247.381764][T18986] dup_fd+0x995/0xd10 [ 1247.381789][T18986] ? fd_statfs+0xdd/0x120 [ 1247.381830][T18986] ksys_unshare+0x7ad/0xad0 [ 1247.381863][T18986] ? __pfx_ksys_unshare+0x10/0x10 [ 1247.381905][T18986] __x64_sys_unshare+0x31/0x40 [ 1247.381939][T18986] do_syscall_64+0x106/0xf80 [ 1247.381968][T18986] ? clear_bhb_loop+0x40/0x90 [ 1247.381998][T18986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1247.382024][T18986] RIP: 0033:0x7f313a39c799 [ 1247.382044][T18986] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1247.382069][T18986] RSP: 002b:00007f313b16e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1247.382093][T18986] RAX: ffffffffffffffda RBX: 00007f313a616270 RCX: 00007f313a39c799 [ 1247.382110][T18986] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1247.382132][T18986] RBP: 00007f313a432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1247.382148][T18986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1247.382163][T18986] R13: 00007f313a616308 R14: 00007f313a616270 R15: 00007ffe17f17c48 [ 1247.382194][T18986] [ 1247.866544][T16229] Bluetooth: hci5: command tx timeout [ 1248.085478][T19002] FAULT_INJECTION: forcing a failure. [ 1248.085478][T19002] name failslab, interval 1, probability 0, space 0, times 0 [ 1248.098226][T19002] CPU: 0 UID: 0 PID: 19002 Comm: syz.1.2770 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1248.098270][T19002] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1248.098282][T19002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1248.098297][T19002] Call Trace: [ 1248.098306][T19002] [ 1248.098315][T19002] dump_stack_lvl+0x100/0x190 [ 1248.098358][T19002] should_fail_ex.cold+0x5/0xa [ 1248.098387][T19002] should_failslab+0xc2/0x120 [ 1248.098439][T19002] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1248.098473][T19002] ? snd_ctl_notify.part.0+0x337/0x650 [ 1248.098513][T19002] snd_ctl_notify.part.0+0x337/0x650 [ 1248.098554][T19002] snd_ctl_notify_one+0x2a4/0x300 [ 1248.098585][T19002] ? __pfx_snd_ctl_notify_one+0x10/0x10 [ 1248.098623][T19002] ? mark_held_locks+0x40/0x70 [ 1248.098660][T19002] __snd_ctl_add_replace+0x60b/0x840 [ 1248.098699][T19002] ? __pfx___snd_ctl_add_replace+0x10/0x10 [ 1248.098739][T19002] ? __kmalloc_noprof+0x320/0x850 [ 1248.098775][T19002] ? snd_ctl_new+0x13c/0x1a0 [ 1248.098816][T19002] snd_ctl_elem_add+0x832/0x1370 [ 1248.098855][T19002] ? __might_fault+0xc5/0x140 [ 1248.098890][T19002] ? __might_fault+0xc5/0x140 [ 1248.098925][T19002] ? __pfx_snd_ctl_elem_add+0x10/0x10 [ 1248.098968][T19002] snd_ctl_elem_add_user+0xc5/0x170 [ 1248.099010][T19002] ? __pfx_snd_ctl_elem_add_user+0x10/0x10 [ 1248.099045][T19002] ? find_held_lock+0x2b/0x80 [ 1248.099092][T19002] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1248.099139][T19002] ? do_vfs_ioctl+0x226/0x13e0 [ 1248.099178][T19002] snd_ctl_ioctl+0xbdf/0x1330 [ 1248.099212][T19002] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1248.099250][T19002] ? find_held_lock+0x2b/0x80 [ 1248.099272][T19002] ? __fget_files+0x215/0x3d0 [ 1248.099294][T19002] ? hook_file_ioctl_common+0x146/0x410 [ 1248.099343][T19002] ? __fget_files+0x21f/0x3d0 [ 1248.099369][T19002] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1248.099405][T19002] __x64_sys_ioctl+0x18e/0x210 [ 1248.099442][T19002] do_syscall_64+0x106/0xf80 [ 1248.099471][T19002] ? clear_bhb_loop+0x40/0x90 [ 1248.099502][T19002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1248.099529][T19002] RIP: 0033:0x7f17b599c799 [ 1248.099550][T19002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1248.099574][T19002] RSP: 002b:00007f17b67a1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1248.099597][T19002] RAX: ffffffffffffffda RBX: 00007f17b5c16090 RCX: 00007f17b599c799 [ 1248.099614][T19002] RDX: 0000200000000580 RSI: 00000000c1105517 RDI: 0000000000000007 [ 1248.099630][T19002] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1248.099645][T19002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1248.099660][T19002] R13: 00007f17b5c16128 R14: 00007f17b5c16090 R15: 00007ffd80d8a298 [ 1248.099692][T19002] [ 1248.099708][T19002] snd_virmidi snd_virmidi.0: No memory available to allocate event [ 1248.921194][T18962] team0: Port device team_slave_0 added [ 1248.944175][T18962] team0: Port device team_slave_1 added [ 1249.037280][T18962] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1249.063561][T18962] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1249.194432][T18962] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1249.237811][T18962] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1249.273069][T18962] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1249.410715][T18962] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1249.632224][T18962] hsr_slave_0: entered promiscuous mode [ 1249.688508][T18962] hsr_slave_1: entered promiscuous mode [ 1249.724312][T18962] debugfs: 'hsr0' already exists in 'hsr' [ 1249.751503][T18962] Cannot create hsr debugfs directory [ 1249.952229][T16229] Bluetooth: hci5: command tx timeout [ 1250.788798][T18962] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1250.994738][T18962] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1251.040581][T18962] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1251.161604][T18962] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1251.643680][T18962] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1251.735230][T18962] 8021q: adding VLAN 0 to HW filter on device team0 [ 1251.786976][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 1251.794320][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1251.887265][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 1251.894512][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1252.026700][T16229] Bluetooth: hci5: command tx timeout [ 1253.057431][T19057] FAULT_INJECTION: forcing a failure. [ 1253.057431][T19057] name failslab, interval 1, probability 0, space 0, times 0 [ 1253.220783][T19057] CPU: 0 UID: 0 PID: 19057 Comm: syz.1.2782 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1253.220829][T19057] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1253.220842][T19057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1253.220857][T19057] Call Trace: [ 1253.220866][T19057] [ 1253.220875][T19057] dump_stack_lvl+0x100/0x190 [ 1253.220919][T19057] should_fail_ex.cold+0x5/0xa [ 1253.220948][T19057] should_failslab+0xc2/0x120 [ 1253.220973][T19057] __kvmalloc_node_noprof+0xfa/0xa00 [ 1253.221012][T19057] ? alloc_fdtable+0x110/0x2d0 [ 1253.221057][T19057] alloc_fdtable+0x110/0x2d0 [ 1253.221097][T19057] dup_fd+0x995/0xd10 [ 1253.221123][T19057] ? fd_statfs+0xdd/0x120 [ 1253.221163][T19057] ksys_unshare+0x7ad/0xad0 [ 1253.221196][T19057] ? __pfx_ksys_unshare+0x10/0x10 [ 1253.221238][T19057] __x64_sys_unshare+0x31/0x40 [ 1253.221268][T19057] do_syscall_64+0x106/0xf80 [ 1253.221297][T19057] ? clear_bhb_loop+0x40/0x90 [ 1253.221327][T19057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1253.221352][T19057] RIP: 0033:0x7f17b599c799 [ 1253.221373][T19057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1253.221397][T19057] RSP: 002b:00007f17b37f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1253.221421][T19057] RAX: ffffffffffffffda RBX: 00007f17b5c16270 RCX: 00007f17b599c799 [ 1253.221437][T19057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1253.221453][T19057] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1253.221468][T19057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1253.221483][T19057] R13: 00007f17b5c16308 R14: 00007f17b5c16270 R15: 00007ffd80d8a298 [ 1253.221515][T19057] [ 1255.764490][T18962] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1256.999196][T18962] veth0_vlan: entered promiscuous mode [ 1257.082404][T18962] veth1_vlan: entered promiscuous mode [ 1257.199695][T18962] veth0_macvtap: entered promiscuous mode [ 1257.262506][T18962] veth1_macvtap: entered promiscuous mode [ 1257.351166][T18962] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1257.419350][T18962] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1257.501567][ T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1257.541133][ T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1257.592490][ T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1257.643496][ T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1258.111169][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1258.166961][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1258.320980][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1258.379060][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1259.098939][T19114] FAULT_INJECTION: forcing a failure. [ 1259.098939][T19114] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1259.171090][T19114] CPU: 0 UID: 0 PID: 19114 Comm: syz.7.2763 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1259.171137][T19114] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1259.171149][T19114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1259.171165][T19114] Call Trace: [ 1259.171174][T19114] [ 1259.171184][T19114] dump_stack_lvl+0x100/0x190 [ 1259.171227][T19114] should_fail_ex.cold+0x5/0xa [ 1259.171252][T19114] ? prepare_alloc_pages+0x16d/0x5f0 [ 1259.171283][T19114] should_fail_alloc_page+0xeb/0x140 [ 1259.171311][T19114] prepare_alloc_pages+0x1f0/0x5f0 [ 1259.171344][T19114] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1259.171384][T19114] ? __pfx_stack_trace_save+0x10/0x10 [ 1259.171411][T19114] ? stack_depot_save_flags+0x27/0x9d0 [ 1259.171451][T19114] ? kasan_save_stack+0x3f/0x50 [ 1259.171490][T19114] ? kasan_save_stack+0x30/0x50 [ 1259.171528][T19114] ? kasan_save_track+0x14/0x30 [ 1259.171568][T19114] ? __kasan_slab_alloc+0x89/0x90 [ 1259.171596][T19114] ? kasan_save_stack+0x3f/0x50 [ 1259.171638][T19114] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1259.171683][T19114] ? __lock_acquire+0x4a5/0x2630 [ 1259.171714][T19114] ? look_up_lock_class+0x55/0x120 [ 1259.171753][T19114] ? lock_acquire+0x1cf/0x380 [ 1259.171786][T19114] ? find_held_lock+0x2b/0x80 [ 1259.171809][T19114] ? page_table_check_set+0x49a/0xa10 [ 1259.171851][T19114] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1259.171896][T19114] ? policy_nodemask+0xed/0x4f0 [ 1259.171925][T19114] alloc_pages_mpol+0x1fb/0x550 [ 1259.171954][T19114] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1259.171989][T19114] folio_alloc_mpol_noprof+0x36/0x340 [ 1259.172025][T19114] vma_alloc_folio_noprof+0xed/0x1d0 [ 1259.172057][T19114] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1259.172109][T19114] do_anonymous_page+0xb3a/0x1fb0 [ 1259.172155][T19114] __handle_mm_fault+0x1d42/0x2b60 [ 1259.172198][T19114] ? __pfx___handle_mm_fault+0x10/0x10 [ 1259.172234][T19114] ? pte_offset_map_lock+0x174/0x320 [ 1259.172260][T19114] ? find_held_lock+0x2b/0x80 [ 1259.172292][T19114] ? follow_page_pte+0x5b3/0x1400 [ 1259.172326][T19114] handle_mm_fault+0x36d/0xa20 [ 1259.172366][T19114] __get_user_pages+0xf9c/0x34d0 [ 1259.172405][T19114] ? __pfx___get_user_pages+0x10/0x10 [ 1259.172442][T19114] populate_vma_page_range+0x267/0x3f0 [ 1259.172475][T19114] ? __pfx_populate_vma_page_range+0x10/0x10 [ 1259.172505][T19114] ? __pfx_find_vma_intersection+0x10/0x10 [ 1259.172533][T19114] ? do_mmap+0x93f/0x12f0 [ 1259.172566][T19114] __mm_populate+0x107/0x3a0 [ 1259.172597][T19114] ? __pfx___mm_populate+0x10/0x10 [ 1259.172629][T19114] ? up_write+0x290/0x4f0 [ 1259.172668][T19114] vm_mmap_pgoff+0x37f/0x470 [ 1259.172700][T19114] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1259.172731][T19114] ? do_futex+0x192/0x350 [ 1259.172764][T19114] ? __pfx_do_futex+0x10/0x10 [ 1259.172802][T19114] ksys_mmap_pgoff+0xe1/0x650 [ 1259.172828][T19114] ? __x64_sys_futex+0x34f/0x4d0 [ 1259.172859][T19114] ? __x64_sys_futex+0x358/0x4d0 [ 1259.172893][T19114] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1259.172919][T19114] ? xfd_validate_state+0x129/0x190 [ 1259.172963][T19114] __x64_sys_mmap+0x125/0x190 [ 1259.173004][T19114] do_syscall_64+0x106/0xf80 [ 1259.173036][T19114] ? clear_bhb_loop+0x40/0x90 [ 1259.173077][T19114] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1259.173104][T19114] RIP: 0033:0x7f1c65f9c799 [ 1259.173126][T19114] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1259.173152][T19114] RSP: 002b:00007f1c66dde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1259.173177][T19114] RAX: ffffffffffffffda RBX: 00007f1c66215fa0 RCX: 00007f1c65f9c799 [ 1259.173195][T19114] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 1259.173212][T19114] RBP: 00007f1c66032bd9 R08: 0000000000000007 R09: 0000000000028000 [ 1259.173228][T19114] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1259.173244][T19114] R13: 00007f1c66216038 R14: 00007f1c66215fa0 R15: 00007fff24f429c8 [ 1259.173278][T19114]  ./file0ethtool 4[ 1261.930509][T19135] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1262.958707][T19133] netlink: 'syz.0.2796': attribute type 1 has an invalid length. [ 1263.838796][T19141] FAULT_INJECTION: forcing a failure. [ 1263.838796][T19141] name failslab, interval 1, probability 0, space 0, times 0 [ 1264.109183][T19141] CPU: 0 UID: 0 PID: 19141 Comm: syz.6.2799 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1264.109230][T19141] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1264.109242][T19141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1264.109258][T19141] Call Trace: [ 1264.109266][T19141] [ 1264.109276][T19141] dump_stack_lvl+0x100/0x190 [ 1264.109319][T19141] should_fail_ex.cold+0x5/0xa [ 1264.109348][T19141] should_failslab+0xc2/0x120 [ 1264.109374][T19141] __kvmalloc_node_noprof+0xfa/0xa00 [ 1264.109412][T19141] ? alloc_fdtable+0x110/0x2d0 [ 1264.109458][T19141] alloc_fdtable+0x110/0x2d0 [ 1264.109498][T19141] dup_fd+0x995/0xd10 [ 1264.109523][T19141] ? fd_statfs+0xdd/0x120 [ 1264.109563][T19141] ksys_unshare+0x7ad/0xad0 [ 1264.109599][T19141] ? __pfx_ksys_unshare+0x10/0x10 [ 1264.109641][T19141] __x64_sys_unshare+0x31/0x40 [ 1264.109672][T19141] do_syscall_64+0x106/0xf80 [ 1264.109701][T19141] ? clear_bhb_loop+0x40/0x90 [ 1264.109732][T19141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1264.109757][T19141] RIP: 0033:0x7f313a39c799 [ 1264.109778][T19141] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1264.109802][T19141] RSP: 002b:00007f313b16e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1264.109825][T19141] RAX: ffffffffffffffda RBX: 00007f313a616270 RCX: 00007f313a39c799 [ 1264.109842][T19141] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1264.109857][T19141] RBP: 00007f313a432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1264.109872][T19141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1264.109887][T19141] R13: 00007f313a616308 R14: 00007f313a616270 R15: 00007ffe17f17c48 [ 1264.109918][T19141] [ 1266.987064][T19194] netlink: 'syz.1.2816': attribute type 1 has an invalid length. [ 1268.735199][T19213] misc userio: Invalid payload size [ 1276.081696][T19287] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1276.106696][T19287] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1276.149557][T19287] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1276.182406][T19287] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1276.238511][T19287] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1276.356592][T19294] netlink: zone id is out of range [ 1276.366239][T19287] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1276.400612][T19287] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1276.542533][T19287] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1276.575901][T19287] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1276.678629][T19287] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1276.725273][T19287] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1276.753526][T19287] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 1276.890093][T19287] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 1278.118474][T16229] Bluetooth: hci3: command 0x0406 tx timeout [ 1278.124561][ T5837] Bluetooth: hci4: command 0x0406 tx timeout [ 1278.197685][T16229] Bluetooth: hci2: command 0x0406 tx timeout [ 1278.438282][T16229] Bluetooth: hci0: command 0x0406 tx timeout [ 1278.598678][T16229] Bluetooth: hci1: command 0x0c1a tx timeout [ 1278.757696][T16229] Bluetooth: hci5: command 0x0c1a tx timeout [ 1280.204169][T16229] Bluetooth: hci3: command 0x0406 tx timeout [ 1280.279136][T16229] Bluetooth: hci2: command 0x0406 tx timeout [ 1280.518584][T16229] Bluetooth: hci0: command 0x0406 tx timeout [ 1280.681042][T16229] Bluetooth: hci1: command 0x0c1a tx timeout [ 1280.838867][T16229] Bluetooth: hci5: command 0x0c1a tx timeout [ 1281.824881][T19353] misc userio: Invalid payload size [ 1282.760242][T16229] Bluetooth: hci1: command 0x0c1a tx timeout [ 1282.921054][T16229] Bluetooth: hci5: command 0x0c1a tx timeout [ 1283.512848][T19363] zram: Added device: zram1 [ 1287.392487][T19411] netlink: 'syz.1.2874': attribute type 1 has an invalid length. [ 1287.502393][T19415] random: crng reseeded on system resumption [ 1289.732120][T19434] Invalid ELF header magic: != ELF [ 1289.996118][T19440] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2882'. [ 1291.063159][ T29] audit: type=1800 audit(2147483714.476:20): pid=19450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2884" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 1293.309605][T19462] FAULT_INJECTION: forcing a failure. [ 1293.309605][T19462] name failslab, interval 1, probability 0, space 0, times 0 [ 1293.563381][T19462] CPU: 0 UID: 0 PID: 19462 Comm: syz.7.2888 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1293.563426][T19462] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1293.563438][T19462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1293.563453][T19462] Call Trace: [ 1293.563463][T19462] [ 1293.563473][T19462] dump_stack_lvl+0x100/0x190 [ 1293.563519][T19462] should_fail_ex.cold+0x5/0xa [ 1293.563549][T19462] ? argv_split+0x173/0x420 [ 1293.563653][T19462] should_failslab+0xc2/0x120 [ 1293.563679][T19462] __kmalloc_noprof+0xe0/0x850 [ 1293.563717][T19462] ? __asan_memcpy+0x3c/0x60 [ 1293.563756][T19462] argv_split+0x173/0x420 [ 1293.563782][T19462] ? __pfx___trace_eprobe_create+0x10/0x10 [ 1293.563817][T19462] trace_probe_create+0x7d/0x100 [ 1293.563855][T19462] ? __pfx_trace_probe_create+0x10/0x10 [ 1293.563901][T19462] create_dyn_event+0xee/0x1d0 [ 1293.563933][T19462] trace_parse_run_command+0x1ab/0x3b0 [ 1293.563971][T19462] ? __pfx_create_dyn_event+0x10/0x10 [ 1293.564007][T19462] vfs_write+0x2aa/0x1070 [ 1293.564054][T19462] ? __pfx_dyn_event_write+0x10/0x10 [ 1293.564088][T19462] ? __pfx_vfs_write+0x10/0x10 [ 1293.564126][T19462] ? __fget_files+0x215/0x3d0 [ 1293.564155][T19462] ? __fget_files+0x21f/0x3d0 [ 1293.564186][T19462] ksys_write+0x12a/0x250 [ 1293.564225][T19462] ? __pfx_ksys_write+0x10/0x10 [ 1293.564273][T19462] do_syscall_64+0x106/0xf80 [ 1293.564301][T19462] ? clear_bhb_loop+0x40/0x90 [ 1293.564332][T19462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1293.564357][T19462] RIP: 0033:0x7f1c65f9c799 [ 1293.564386][T19462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1293.564415][T19462] RSP: 002b:00007f1c66dde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1293.564438][T19462] RAX: ffffffffffffffda RBX: 00007f1c66215fa0 RCX: 00007f1c65f9c799 [ 1293.564455][T19462] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000009 [ 1293.564471][T19462] RBP: 00007f1c66032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1293.564486][T19462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1293.564501][T19462] R13: 00007f1c66216038 R14: 00007f1c66215fa0 R15: 00007fff24f429c8 [ 1293.564536][T19462] [ 1294.126540][T19464] FAULT_INJECTION: forcing a failure. [ 1294.126540][T19464] name failslab, interval 1, probability 0, space 0, times 0 [ 1294.335570][T19464] CPU: 0 UID: 0 PID: 19464 Comm: syz.1.2886 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1294.335616][T19464] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1294.335628][T19464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1294.335644][T19464] Call Trace: [ 1294.335653][T19464] [ 1294.335663][T19464] dump_stack_lvl+0x100/0x190 [ 1294.335706][T19464] should_fail_ex.cold+0x5/0xa [ 1294.335736][T19464] should_failslab+0xc2/0x120 [ 1294.335761][T19464] __kvmalloc_node_noprof+0xfa/0xa00 [ 1294.335800][T19464] ? alloc_fdtable+0x110/0x2d0 [ 1294.335845][T19464] alloc_fdtable+0x110/0x2d0 [ 1294.335886][T19464] dup_fd+0x995/0xd10 [ 1294.335919][T19464] ? fd_statfs+0xdd/0x120 [ 1294.335960][T19464] ksys_unshare+0x7ad/0xad0 [ 1294.335993][T19464] ? __pfx_ksys_unshare+0x10/0x10 [ 1294.336035][T19464] __x64_sys_unshare+0x31/0x40 [ 1294.336065][T19464] do_syscall_64+0x106/0xf80 [ 1294.336094][T19464] ? clear_bhb_loop+0x40/0x90 [ 1294.336125][T19464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1294.336150][T19464] RIP: 0033:0x7f17b599c799 [ 1294.336171][T19464] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1294.336196][T19464] RSP: 002b:00007f17b37f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1294.336220][T19464] RAX: ffffffffffffffda RBX: 00007f17b5c16270 RCX: 00007f17b599c799 [ 1294.336237][T19464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1294.336253][T19464] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1294.336268][T19464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1294.336283][T19464] R13: 00007f17b5c16308 R14: 00007f17b5c16270 R15: 00007ffd80d8a298 [ 1294.336314][T19464] [ 1297.911422][T19495] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2899'. [ 1298.487163][T19499] syz.6.2901 (19499): /proc/19499/oom_adj is deprecated, please use /proc/19499/oom_score_adj instead. [ 1300.591712][T19515] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2905'. [ 1301.575064][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1301.582547][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1302.102978][T19529] FAULT_INJECTION: forcing a failure. [ 1302.102978][T19529] name failslab, interval 1, probability 0, space 0, times 0 [ 1302.337269][T19529] CPU: 0 UID: 0 PID: 19529 Comm: syz.7.2903 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1302.337314][T19529] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1302.337326][T19529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1302.337341][T19529] Call Trace: [ 1302.337349][T19529] [ 1302.337359][T19529] dump_stack_lvl+0x100/0x190 [ 1302.337401][T19529] should_fail_ex.cold+0x5/0xa [ 1302.337430][T19529] should_failslab+0xc2/0x120 [ 1302.337456][T19529] __kvmalloc_node_noprof+0xfa/0xa00 [ 1302.337495][T19529] ? alloc_fdtable+0x110/0x2d0 [ 1302.337540][T19529] alloc_fdtable+0x110/0x2d0 [ 1302.337581][T19529] dup_fd+0x995/0xd10 [ 1302.337606][T19529] ? fd_statfs+0xdd/0x120 [ 1302.337646][T19529] ksys_unshare+0x7ad/0xad0 [ 1302.337679][T19529] ? __pfx_ksys_unshare+0x10/0x10 [ 1302.337720][T19529] __x64_sys_unshare+0x31/0x40 [ 1302.337750][T19529] do_syscall_64+0x106/0xf80 [ 1302.337780][T19529] ? clear_bhb_loop+0x40/0x90 [ 1302.337810][T19529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1302.337836][T19529] RIP: 0033:0x7f1c65f9c799 [ 1302.337856][T19529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1302.337881][T19529] RSP: 002b:00007f1c66d7b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1302.337905][T19529] RAX: ffffffffffffffda RBX: 00007f1c66216270 RCX: 00007f1c65f9c799 [ 1302.337922][T19529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1302.337937][T19529] RBP: 00007f1c66032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1302.337956][T19529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1302.337971][T19529] R13: 00007f1c66216308 R14: 00007f1c66216270 R15: 00007fff24f429c8 [ 1302.338001][T19529] [ 1303.912328][T19538] netlink: 504 bytes leftover after parsing attributes in process `syz.6.2911'. [ 1303.933252][T19537] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2910'. [ 1304.082161][T19538] netlink: 350 bytes leftover after parsing attributes in process `syz.6.2911'. [ 1309.389133][T19589] FAULT_INJECTION: forcing a failure. [ 1309.389133][T19589] name failslab, interval 1, probability 0, space 0, times 0 [ 1309.531687][T19589] CPU: 0 UID: 0 PID: 19589 Comm: syz.6.2922 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1309.531734][T19589] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1309.531746][T19589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1309.531761][T19589] Call Trace: [ 1309.531769][T19589] [ 1309.531778][T19589] dump_stack_lvl+0x100/0x190 [ 1309.531821][T19589] should_fail_ex.cold+0x5/0xa [ 1309.531851][T19589] should_failslab+0xc2/0x120 [ 1309.531876][T19589] __kvmalloc_node_noprof+0xfa/0xa00 [ 1309.531915][T19589] ? alloc_fdtable+0x110/0x2d0 [ 1309.531960][T19589] alloc_fdtable+0x110/0x2d0 [ 1309.532000][T19589] dup_fd+0x995/0xd10 [ 1309.532025][T19589] ? fd_statfs+0xdd/0x120 [ 1309.532072][T19589] ksys_unshare+0x7ad/0xad0 [ 1309.532106][T19589] ? __pfx_ksys_unshare+0x10/0x10 [ 1309.532148][T19589] __x64_sys_unshare+0x31/0x40 [ 1309.532178][T19589] do_syscall_64+0x106/0xf80 [ 1309.532207][T19589] ? clear_bhb_loop+0x40/0x90 [ 1309.532238][T19589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1309.532265][T19589] RIP: 0033:0x7f313a39c799 [ 1309.532285][T19589] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1309.532310][T19589] RSP: 002b:00007f313b16e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1309.532334][T19589] RAX: ffffffffffffffda RBX: 00007f313a616270 RCX: 00007f313a39c799 [ 1309.532351][T19589] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1309.532367][T19589] RBP: 00007f313a432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1309.532382][T19589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1309.532396][T19589] R13: 00007f313a616308 R14: 00007f313a616270 R15: 00007ffe17f17c48 [ 1309.532428][T19589] [ 1310.731487][T19602] HFR: entered promiscuous mode [ 1310.752360][T16229] Bluetooth: hci1: unexpected event 0x32 length: 727 > 9 [ 1310.776379][T19602] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2925'. [ 1310.881461][T19605] netlink: zone id is out of range [ 1310.919010][T19601] netlink: set zone limit has 8 unknown bytes [ 1311.010440][T19605] netlink: zone id is out of range [ 1311.034448][T19605] netlink: zone id is out of range [ 1311.039637][T19605] netlink: zone id is out of range [ 1311.162481][T19605] netlink: zone id is out of range [ 1311.193646][T19605] netlink: zone id is out of range [ 1311.303999][T19605] netlink: zone id is out of range [ 1311.364501][T19605] netlink: zone id is out of range [ 1311.364517][T19605] netlink: zone id is out of range [ 1312.324492][T19604] FAULT_INJECTION: forcing a failure. [ 1312.324492][T19604] name failslab, interval 1, probability 0, space 0, times 0 [ 1312.556411][T19604] CPU: 0 UID: 0 PID: 19604 Comm: syz.7.2928 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1312.556457][T19604] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1312.556469][T19604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1312.556485][T19604] Call Trace: [ 1312.556496][T19604] [ 1312.556506][T19604] dump_stack_lvl+0x100/0x190 [ 1312.556551][T19604] should_fail_ex.cold+0x5/0xa [ 1312.556581][T19604] should_failslab+0xc2/0x120 [ 1312.556609][T19604] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1312.556646][T19604] ? vm_area_dup+0x27/0x8e0 [ 1312.556684][T19604] vm_area_dup+0x27/0x8e0 [ 1312.556719][T19604] __split_vma+0x18c/0xd90 [ 1312.556757][T19604] ? __pfx___split_vma+0x10/0x10 [ 1312.556797][T19604] ? __pfx_mas_prev+0x10/0x10 [ 1312.556840][T19604] vms_gather_munmap_vmas+0x39f/0x1500 [ 1312.556882][T19604] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1312.556922][T19604] ? mas_walk+0x6ef/0x9b0 [ 1312.556957][T19604] __mmap_region+0x492/0x29e0 [ 1312.556994][T19604] ? update_cfs_rq_load_avg+0x51/0x550 [ 1312.557024][T19604] ? __pfx___mmap_region+0x10/0x10 [ 1312.557066][T19604] ? set_next_entity+0x11e/0x9c0 [ 1312.557105][T19604] ? __lock_acquire+0x4a5/0x2630 [ 1312.557136][T19604] ? update_cfs_rq_load_avg+0x51/0x550 [ 1312.557172][T19604] ? lock_acquire+0x1cf/0x380 [ 1312.557202][T19604] ? find_held_lock+0x2b/0x80 [ 1312.557224][T19604] ? finish_task_switch.isra.0+0x200/0xb80 [ 1312.557250][T19604] ? finish_task_switch.isra.0+0x200/0xb80 [ 1312.557287][T19604] ? trace_sched_exit_tp+0x13a/0x180 [ 1312.557323][T19604] ? __schedule+0x1000/0x6120 [ 1312.557387][T19604] ? rcu_is_watching+0x12/0xc0 [ 1312.557427][T19604] ? cap_capable+0x107/0x460 [ 1312.557468][T19604] mmap_region+0x180/0x3e0 [ 1312.557510][T19604] do_mmap+0xc63/0x12f0 [ 1312.557542][T19604] ? __pfx_do_mmap+0x10/0x10 [ 1312.557568][T19604] ? __pfx_down_write_killable+0x10/0x10 [ 1312.557608][T19604] vm_mmap_pgoff+0x29e/0x470 [ 1312.557641][T19604] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1312.557670][T19604] ? do_futex+0x192/0x350 [ 1312.557702][T19604] ? __pfx_do_futex+0x10/0x10 [ 1312.557732][T19604] ? __do_sys_clone+0xd9/0x120 [ 1312.557766][T19604] ksys_mmap_pgoff+0xe1/0x650 [ 1312.557797][T19604] ? __x64_sys_futex+0x34f/0x4d0 [ 1312.557828][T19604] ? __x64_sys_futex+0x358/0x4d0 [ 1312.557860][T19604] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1312.557886][T19604] ? xfd_validate_state+0x129/0x190 [ 1312.557928][T19604] __x64_sys_mmap+0x125/0x190 [ 1312.557968][T19604] do_syscall_64+0x106/0xf80 [ 1312.557996][T19604] ? clear_bhb_loop+0x40/0x90 [ 1312.558027][T19604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1312.558052][T19604] RIP: 0033:0x7f1c65f9c799 [ 1312.558072][T19604] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1312.558097][T19604] RSP: 002b:00007f1c66dde028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1312.558121][T19604] RAX: ffffffffffffffda RBX: 00007f1c66215fa0 RCX: 00007f1c65f9c799 [ 1312.558137][T19604] RDX: 00000000000000df RSI: 0000000000000008 RDI: 0000000000000000 [ 1312.558153][T19604] RBP: 00007f1c66032bd9 R08: 0000000000000002 R09: 0000000000008000 [ 1312.558168][T19604] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1312.558183][T19604] R13: 00007f1c66216038 R14: 00007f1c66215fa0 R15: 00007fff24f429c8 [ 1312.558215][T19604] [ 1313.382681][T19637] FAULT_INJECTION: forcing a failure. [ 1313.382681][T19637] name failslab, interval 1, probability 0, space 0, times 0 [ 1313.675191][T19637] CPU: 0 UID: 0 PID: 19637 Comm: syz.0.2933 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1313.675237][T19637] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1313.675249][T19637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1313.675264][T19637] Call Trace: [ 1313.675272][T19637] [ 1313.675281][T19637] dump_stack_lvl+0x100/0x190 [ 1313.675324][T19637] should_fail_ex.cold+0x5/0xa [ 1313.675353][T19637] should_failslab+0xc2/0x120 [ 1313.675379][T19637] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1313.675417][T19637] ? __d_alloc+0x34/0xa80 [ 1313.675444][T19637] ? lockdep_init_map_type+0x5c/0x250 [ 1313.675481][T19637] __d_alloc+0x34/0xa80 [ 1313.675511][T19637] d_alloc_pseudo+0x1c/0xc0 [ 1313.675547][T19637] alloc_file_pseudo+0xcf/0x230 [ 1313.675579][T19637] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1313.675610][T19637] ? alloc_fd+0x476/0x790 [ 1313.675639][T19637] sock_alloc_file+0x50/0x210 [ 1313.675675][T19637] __sys_socket+0x1c0/0x260 [ 1313.675714][T19637] ? __pfx___sys_socket+0x10/0x10 [ 1313.675762][T19637] __x64_sys_socket+0x72/0xb0 [ 1313.675799][T19637] ? lockdep_hardirqs_on+0x78/0x100 [ 1313.675829][T19637] do_syscall_64+0x106/0xf80 [ 1313.675858][T19637] ? clear_bhb_loop+0x40/0x90 [ 1313.675888][T19637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1313.675914][T19637] RIP: 0033:0x7fe64099c799 [ 1313.675934][T19637] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1313.675959][T19637] RSP: 002b:00007fe6417f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1313.675981][T19637] RAX: ffffffffffffffda RBX: 00007fe640c15fa0 RCX: 00007fe64099c799 [ 1313.675998][T19637] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1313.676013][T19637] RBP: 00007fe640a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1313.676029][T19637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1313.676043][T19637] R13: 00007fe640c16038 R14: 00007fe640c15fa0 R15: 00007ffca35541f8 [ 1313.676075][T19637] [ 1317.460607][T19677] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2942'. [ 1317.970130][T19677] veth1_macvtap: left promiscuous mode [ 1319.419171][T19692] netlink: 'syz.1.2943': attribute type 1 has an invalid length. [ 1321.109842][T19718] random: crng reseeded on system resumption [ 1322.670104][T19736] misc userio: Invalid payload size [ 1323.480772][T19744] netlink: 'syz.7.2958': attribute type 1 has an invalid length. [ 1325.197682][T19766] net_ratelimit: 5 callbacks suppressed [ 1325.197705][T19766] netlink: Failed to add  helper -22 [ 1325.907098][T19775] FAULT_INJECTION: forcing a failure. [ 1325.907098][T19775] name failslab, interval 1, probability 0, space 0, times 0 [ 1325.919748][T19775] CPU: 0 UID: 0 PID: 19775 Comm: syz.1.2966 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1325.919792][T19775] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1325.919804][T19775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1325.919819][T19775] Call Trace: [ 1325.919828][T19775] [ 1325.919838][T19775] dump_stack_lvl+0x100/0x190 [ 1325.919880][T19775] should_fail_ex.cold+0x5/0xa [ 1325.919909][T19775] should_failslab+0xc2/0x120 [ 1325.919935][T19775] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1325.919968][T19775] ? snd_ctl_notify.part.0+0x337/0x650 [ 1325.920007][T19775] snd_ctl_notify.part.0+0x337/0x650 [ 1325.920048][T19775] snd_ctl_notify_one+0x2a4/0x300 [ 1325.920079][T19775] ? __pfx_snd_ctl_notify_one+0x10/0x10 [ 1325.920118][T19775] ? mark_held_locks+0x40/0x70 [ 1325.920154][T19775] __snd_ctl_add_replace+0x60b/0x840 [ 1325.920193][T19775] ? __pfx___snd_ctl_add_replace+0x10/0x10 [ 1325.920231][T19775] ? __kmalloc_noprof+0x320/0x850 [ 1325.920266][T19775] ? snd_ctl_new+0x13c/0x1a0 [ 1325.920298][T19775] snd_ctl_elem_add+0x832/0x1370 [ 1325.920337][T19775] ? __might_fault+0xc5/0x140 [ 1325.920369][T19775] ? __might_fault+0xc5/0x140 [ 1325.920403][T19775] ? __pfx_snd_ctl_elem_add+0x10/0x10 [ 1325.920445][T19775] snd_ctl_elem_add_user+0xc5/0x170 [ 1325.920478][T19775] ? __pfx_snd_ctl_elem_add_user+0x10/0x10 [ 1325.920511][T19775] ? find_held_lock+0x2b/0x80 [ 1325.920557][T19775] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1325.920599][T19775] ? do_vfs_ioctl+0x226/0x13e0 [ 1325.920641][T19775] snd_ctl_ioctl+0xbdf/0x1330 [ 1325.920674][T19775] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1325.920711][T19775] ? find_held_lock+0x2b/0x80 [ 1325.920732][T19775] ? __fget_files+0x215/0x3d0 [ 1325.920753][T19775] ? hook_file_ioctl_common+0x146/0x410 [ 1325.920800][T19775] ? __fget_files+0x21f/0x3d0 [ 1325.920826][T19775] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1325.920860][T19775] __x64_sys_ioctl+0x18e/0x210 [ 1325.920897][T19775] do_syscall_64+0x106/0xf80 [ 1325.920925][T19775] ? clear_bhb_loop+0x40/0x90 [ 1325.920955][T19775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1325.920980][T19775] RIP: 0033:0x7f17b599c799 [ 1325.921002][T19775] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1325.921025][T19775] RSP: 002b:00007f17b67a1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1325.921048][T19775] RAX: ffffffffffffffda RBX: 00007f17b5c16090 RCX: 00007f17b599c799 [ 1325.921064][T19775] RDX: 0000200000000580 RSI: 00000000c1105517 RDI: 0000000000000007 [ 1325.921079][T19775] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1325.921094][T19775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1325.921109][T19775] R13: 00007f17b5c16128 R14: 00007f17b5c16090 R15: 00007ffd80d8a298 [ 1325.921140][T19775] [ 1325.921155][T19775] snd_virmidi snd_virmidi.0: No memory available to allocate event [ 1326.603330][T19786] misc userio: Invalid payload size [ 1327.260950][T19791] netlink: Failed to add  helper -22 [ 1329.103636][T19809] netlink: Failed to add  helper -22 [ 1329.665151][T19818] random: crng reseeded on system resumption [ 1331.640438][T19844] FAULT_INJECTION: forcing a failure. [ 1331.640438][T19844] name failslab, interval 1, probability 0, space 0, times 0 [ 1331.840596][T19844] CPU: 0 UID: 0 PID: 19844 Comm: syz.7.2982 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1331.840643][T19844] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1331.840655][T19844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1331.840679][T19844] Call Trace: [ 1331.840687][T19844] [ 1331.840697][T19844] dump_stack_lvl+0x100/0x190 [ 1331.840740][T19844] should_fail_ex.cold+0x5/0xa [ 1331.840769][T19844] should_failslab+0xc2/0x120 [ 1331.840795][T19844] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1331.840831][T19844] ? do_getname+0x35/0x390 [ 1331.840867][T19844] do_getname+0x35/0x390 [ 1331.840900][T19844] do_sys_openat2+0xc5/0x1e0 [ 1331.840932][T19844] ? __pfx_do_sys_openat2+0x10/0x10 [ 1331.840975][T19844] __x64_sys_openat+0x12d/0x210 [ 1331.841008][T19844] ? __pfx___x64_sys_openat+0x10/0x10 [ 1331.841051][T19844] do_syscall_64+0x106/0xf80 [ 1331.841080][T19844] ? clear_bhb_loop+0x40/0x90 [ 1331.841109][T19844] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1331.841135][T19844] RIP: 0033:0x7f1c65f5cfce [ 1331.841155][T19844] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1331.841180][T19844] RSP: 002b:00007f1c66dbcec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1331.841204][T19844] RAX: ffffffffffffffda RBX: 00007f1c66dbd6c0 RCX: 00007f1c65f5cfce [ 1331.841221][T19844] RDX: 0000000000000002 RSI: 00007f1c66dbcf90 RDI: ffffffffffffff9c [ 1331.841237][T19844] RBP: 00007f1c66032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1331.841253][T19844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1331.841268][T19844] R13: 00007f1c66216128 R14: 00007f1c66216090 R15: 00007fff24f429c8 [ 1331.841299][T19844] [ 1332.713265][T19853] netlink: Failed to add  helper -22 [ 1333.525516][T19874] random: crng reseeded on system resumption [ 1334.870564][T19889] netlink: 'syz.1.2992': attribute type 1 has an invalid length. [ 1336.507497][T19906] FAULT_INJECTION: forcing a failure. [ 1336.507497][T19906] name failslab, interval 1, probability 0, space 0, times 0 [ 1336.520346][T19906] CPU: 0 UID: 0 PID: 19906 Comm: syz.7.2995 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1336.520391][T19906] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1336.520403][T19906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1336.520419][T19906] Call Trace: [ 1336.520430][T19906] [ 1336.520441][T19906] dump_stack_lvl+0x100/0x190 [ 1336.520483][T19906] should_fail_ex.cold+0x5/0xa [ 1336.520513][T19906] should_failslab+0xc2/0x120 [ 1336.520539][T19906] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1336.520571][T19906] ? snd_ctl_notify.part.0+0x337/0x650 [ 1336.520612][T19906] snd_ctl_notify.part.0+0x337/0x650 [ 1336.520652][T19906] snd_ctl_notify_one+0x2a4/0x300 [ 1336.520683][T19906] ? __pfx_snd_ctl_notify_one+0x10/0x10 [ 1336.520722][T19906] ? mark_held_locks+0x40/0x70 [ 1336.520758][T19906] __snd_ctl_add_replace+0x60b/0x840 [ 1336.520797][T19906] ? __pfx___snd_ctl_add_replace+0x10/0x10 [ 1336.520837][T19906] ? __kmalloc_noprof+0x320/0x850 [ 1336.520873][T19906] ? snd_ctl_new+0x13c/0x1a0 [ 1336.520906][T19906] snd_ctl_elem_add+0x832/0x1370 [ 1336.520946][T19906] ? __might_fault+0xc5/0x140 [ 1336.520980][T19906] ? __might_fault+0xc5/0x140 [ 1336.521015][T19906] ? __pfx_snd_ctl_elem_add+0x10/0x10 [ 1336.521057][T19906] snd_ctl_elem_add_user+0xc5/0x170 [ 1336.521096][T19906] ? __pfx_snd_ctl_elem_add_user+0x10/0x10 [ 1336.521131][T19906] ? find_held_lock+0x2b/0x80 [ 1336.521178][T19906] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1336.521221][T19906] ? do_vfs_ioctl+0x226/0x13e0 [ 1336.521259][T19906] snd_ctl_ioctl+0xbdf/0x1330 [ 1336.521293][T19906] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1336.521331][T19906] ? find_held_lock+0x2b/0x80 [ 1336.521352][T19906] ? __fget_files+0x215/0x3d0 [ 1336.521373][T19906] ? hook_file_ioctl_common+0x146/0x410 [ 1336.521419][T19906] ? __fget_files+0x21f/0x3d0 [ 1336.521445][T19906] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1336.521481][T19906] __x64_sys_ioctl+0x18e/0x210 [ 1336.521518][T19906] do_syscall_64+0x106/0xf80 [ 1336.521548][T19906] ? clear_bhb_loop+0x40/0x90 [ 1336.521578][T19906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1336.521607][T19906] RIP: 0033:0x7f1c65f9c799 [ 1336.521628][T19906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1336.521652][T19906] RSP: 002b:00007f1c66dbd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1336.521675][T19906] RAX: ffffffffffffffda RBX: 00007f1c66216090 RCX: 00007f1c65f9c799 [ 1336.521692][T19906] RDX: 0000200000000580 RSI: 00000000c1105517 RDI: 0000000000000007 [ 1336.521707][T19906] RBP: 00007f1c66032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1336.521722][T19906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1336.521737][T19906] R13: 00007f1c66216128 R14: 00007f1c66216090 R15: 00007fff24f429c8 [ 1336.521768][T19906] [ 1336.521784][T19906] snd_virmidi snd_virmidi.0: No memory available to allocate event [ 1336.848381][T19905] misc userio: Invalid payload size [ 1337.963451][T19913] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2998'. [ 1338.057915][T19921] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2998'. [ 1339.138534][T19937] nbd: must specify at least one socket [ 1340.077842][T19947] random: crng reseeded on system resumption [ 1343.011616][T19960] FAULT_INJECTION: forcing a failure. [ 1343.011616][T19960] name failslab, interval 1, probability 0, space 0, times 0 [ 1343.343935][T19960] CPU: 0 UID: 0 PID: 19960 Comm: syz.1.3006 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1343.343980][T19960] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1343.343992][T19960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1343.344007][T19960] Call Trace: [ 1343.344015][T19960] [ 1343.344025][T19960] dump_stack_lvl+0x100/0x190 [ 1343.344077][T19960] should_fail_ex.cold+0x5/0xa [ 1343.344106][T19960] should_failslab+0xc2/0x120 [ 1343.344132][T19960] __kvmalloc_node_noprof+0xfa/0xa00 [ 1343.344170][T19960] ? alloc_fdtable+0x110/0x2d0 [ 1343.344215][T19960] alloc_fdtable+0x110/0x2d0 [ 1343.344255][T19960] dup_fd+0x995/0xd10 [ 1343.344280][T19960] ? fd_statfs+0xdd/0x120 [ 1343.344321][T19960] ksys_unshare+0x7ad/0xad0 [ 1343.344354][T19960] ? __pfx_ksys_unshare+0x10/0x10 [ 1343.344396][T19960] __x64_sys_unshare+0x31/0x40 [ 1343.344426][T19960] do_syscall_64+0x106/0xf80 [ 1343.344455][T19960] ? clear_bhb_loop+0x40/0x90 [ 1343.344485][T19960] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1343.344511][T19960] RIP: 0033:0x7f17b599c799 [ 1343.344532][T19960] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1343.344557][T19960] RSP: 002b:00007f17b37f4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1343.344580][T19960] RAX: ffffffffffffffda RBX: 00007f17b5c16270 RCX: 00007f17b599c799 [ 1343.344597][T19960] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000400 [ 1343.344612][T19960] RBP: 00007f17b5a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1343.344627][T19960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1343.344642][T19960] R13: 00007f17b5c16308 R14: 00007f17b5c16270 R15: 00007ffd80d8a298 [ 1343.344674][T19960] [ 1345.130945][T19982] nbd: must specify at least one socket [ 1348.035761][T19996] [U] 0="/ [ 1348.035839][T19996] [U] [ 1348.035851][T19996] [U] EeQ@ [ 1348.064286][T19996] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3018'. [ 1348.073243][T19995] [U]  [ 1348.831612][T19998] Invalid ELF header magic: != ELF [ 1348.931729][T20004] netlink: 13 bytes leftover after parsing attributes in process `syz.1.3019'. [ 1349.488429][T20011] nbd: must specify at least one socket [ 1350.854766][T20026] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3025'. [ 1351.586655][T20034] netlink: 'syz.1.3026': attribute type 1 has an invalid length. [ 1354.240704][T20057] random: crng reseeded on system resumption [ 1355.603628][T20071] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3032'. [ 1355.762162][T20071] vlan1: entered promiscuous mode [ 1355.979490][T20071] vlan1: entered allmulticast mode [ 1356.035513][T20071] veth0_vlan: entered allmulticast mode [ 1357.335795][T20001] udevd[20001]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 1357.418206][T20087] udevd[20087]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 1357.544191][T20091] FAULT_INJECTION: forcing a failure. [ 1357.544191][T20091] name failslab, interval 1, probability 0, space 0, times 0 [ 1357.556839][T20091] CPU: 0 UID: 0 PID: 20091 Comm: syz.7.3038 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1357.556888][T20091] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1357.556900][T20091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1357.556915][T20091] Call Trace: [ 1357.556925][T20091] [ 1357.556935][T20091] dump_stack_lvl+0x100/0x190 [ 1357.556980][T20091] should_fail_ex.cold+0x5/0xa [ 1357.557010][T20091] should_failslab+0xc2/0x120 [ 1357.557035][T20091] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1357.557068][T20091] ? snd_ctl_notify.part.0+0x337/0x650 [ 1357.557107][T20091] snd_ctl_notify.part.0+0x337/0x650 [ 1357.557147][T20091] snd_ctl_notify_one+0x2a4/0x300 [ 1357.557177][T20091] ? __pfx_snd_ctl_notify_one+0x10/0x10 [ 1357.557215][T20091] ? mark_held_locks+0x40/0x70 [ 1357.557250][T20091] __snd_ctl_add_replace+0x60b/0x840 [ 1357.557289][T20091] ? __pfx___snd_ctl_add_replace+0x10/0x10 [ 1357.557328][T20091] ? __kmalloc_noprof+0x320/0x850 [ 1357.557364][T20091] ? snd_ctl_new+0x13c/0x1a0 [ 1357.557397][T20091] snd_ctl_elem_add+0x832/0x1370 [ 1357.557437][T20091] ? __might_fault+0xc5/0x140 [ 1357.557471][T20091] ? __might_fault+0xc5/0x140 [ 1357.557506][T20091] ? __pfx_snd_ctl_elem_add+0x10/0x10 [ 1357.557549][T20091] snd_ctl_elem_add_user+0xc5/0x170 [ 1357.557583][T20091] ? __pfx_snd_ctl_elem_add_user+0x10/0x10 [ 1357.557617][T20091] ? find_held_lock+0x2b/0x80 [ 1357.557663][T20091] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1357.557706][T20091] ? do_vfs_ioctl+0x226/0x13e0 [ 1357.557744][T20091] snd_ctl_ioctl+0xbdf/0x1330 [ 1357.557778][T20091] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1357.557820][T20091] ? find_held_lock+0x2b/0x80 [ 1357.557841][T20091] ? __fget_files+0x215/0x3d0 [ 1357.557862][T20091] ? hook_file_ioctl_common+0x146/0x410 [ 1357.557916][T20091] ? __fget_files+0x21f/0x3d0 [ 1357.557942][T20091] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 1357.557977][T20091] __x64_sys_ioctl+0x18e/0x210 [ 1357.558015][T20091] do_syscall_64+0x106/0xf80 [ 1357.558044][T20091] ? clear_bhb_loop+0x40/0x90 [ 1357.558074][T20091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1357.558100][T20091] RIP: 0033:0x7f1c65f9c799 [ 1357.558122][T20091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1357.558146][T20091] RSP: 002b:00007f1c66dbd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1357.558172][T20091] RAX: ffffffffffffffda RBX: 00007f1c66216090 RCX: 00007f1c65f9c799 [ 1357.558189][T20091] RDX: 0000200000000580 RSI: 00000000c1105517 RDI: 0000000000000007 [ 1357.558204][T20091] RBP: 00007f1c66032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1357.558220][T20091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1357.558234][T20091] R13: 00007f1c66216128 R14: 00007f1c66216090 R15: 00007fff24f429c8 [ 1357.558266][T20091] [ 1357.558281][T20091] snd_virmidi snd_virmidi.0: No memory available to allocate event [ 1357.877512][T20093] random: crng reseeded on system resumption [ 1362.613182][T20128] misc userio: Invalid payload size [ 1362.717769][T20130] netlink: 'syz.7.3045': attribute type 1 has an invalid length. [ 1363.060451][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1363.067457][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1364.064441][T20140] nbd: must specify a size in bytes for the device [ 1364.200629][T20125] nvme_fabrics: missing parameter 'transport=%s' [ 1364.310489][T20125] nvme_fabrics: missing parameter 'nqn=%s' [ 1365.504984][T20160] FAULT_INJECTION: forcing a failure. [ 1365.504984][T20160] name failslab, interval 1, probability 0, space 0, times 0 [ 1365.767081][T20160] CPU: 0 UID: 0 PID: 20160 Comm: syz.7.3051 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1365.767128][T20160] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1365.767140][T20160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1365.767155][T20160] Call Trace: [ 1365.767164][T20160] [ 1365.767175][T20160] dump_stack_lvl+0x100/0x190 [ 1365.767217][T20160] should_fail_ex.cold+0x5/0xa [ 1365.767246][T20160] should_failslab+0xc2/0x120 [ 1365.767272][T20160] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1365.767308][T20160] ? security_inode_alloc+0x3b/0x2c0 [ 1365.767346][T20160] ? lockdep_init_map_type+0x5c/0x250 [ 1365.767383][T20160] security_inode_alloc+0x3b/0x2c0 [ 1365.767422][T20160] inode_init_always_gfp+0xced/0x1040 [ 1365.767451][T20160] alloc_inode+0x8e/0x250 [ 1365.767484][T20160] new_inode+0x22/0x1c0 [ 1365.767517][T20160] shmem_get_inode+0x212/0x1040 [ 1365.767582][T20160] ? __pfx_shmem_get_inode+0x10/0x10 [ 1365.767614][T20160] ? rcu_is_watching+0x12/0xc0 [ 1365.767651][T20160] ? percpu_counter_add_batch+0xb9/0x230 [ 1365.767701][T20160] __shmem_file_setup+0x3ac/0x490 [ 1365.767735][T20160] ? __pfx___shmem_file_setup+0x10/0x10 [ 1365.767774][T20160] ? vm_area_alloc+0x1f/0x160 [ 1365.767812][T20160] shmem_zero_setup+0x96/0x1b0 [ 1365.767854][T20160] __mmap_region+0x2198/0x29e0 [ 1365.767894][T20160] ? __pfx___mmap_region+0x10/0x10 [ 1365.767936][T20160] ? set_next_entity+0x11e/0x9c0 [ 1365.767977][T20160] ? __lock_acquire+0x4a5/0x2630 [ 1365.768007][T20160] ? update_cfs_rq_load_avg+0x51/0x550 [ 1365.768046][T20160] ? find_held_lock+0x2b/0x80 [ 1365.768068][T20160] ? finish_task_switch.isra.0+0x200/0xb80 [ 1365.768094][T20160] ? finish_task_switch.isra.0+0x200/0xb80 [ 1365.768132][T20160] ? trace_sched_exit_tp+0x13a/0x180 [ 1365.768161][T20160] ? __schedule+0x1000/0x6120 [ 1365.768225][T20160] ? rcu_is_watching+0x12/0xc0 [ 1365.768262][T20160] ? cap_capable+0x107/0x460 [ 1365.768300][T20160] mmap_region+0x180/0x3e0 [ 1365.768342][T20160] do_mmap+0xc63/0x12f0 [ 1365.768374][T20160] ? __pfx_do_mmap+0x10/0x10 [ 1365.768400][T20160] ? __pfx_down_write_killable+0x10/0x10 [ 1365.768440][T20160] vm_mmap_pgoff+0x29e/0x470 [ 1365.768473][T20160] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1365.768501][T20160] ? do_futex+0x192/0x350 [ 1365.768534][T20160] ? __pfx_do_futex+0x10/0x10 [ 1365.768576][T20160] ksys_mmap_pgoff+0xe1/0x650 [ 1365.768602][T20160] ? __x64_sys_futex+0x34f/0x4d0 [ 1365.768633][T20160] ? __x64_sys_futex+0x358/0x4d0 [ 1365.768666][T20160] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1365.768692][T20160] ? xfd_validate_state+0x129/0x190 [ 1365.768733][T20160] __x64_sys_mmap+0x125/0x190 [ 1365.768773][T20160] do_syscall_64+0x106/0xf80 [ 1365.768801][T20160] ? clear_bhb_loop+0x40/0x90 [ 1365.768831][T20160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1365.768858][T20160] RIP: 0033:0x7f1c65f9c799 [ 1365.768879][T20160] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1365.768904][T20160] RSP: 002b:00007f1c66dbd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1365.768928][T20160] RAX: ffffffffffffffda RBX: 00007f1c66216090 RCX: 00007f1c65f9c799 [ 1365.768944][T20160] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1365.768959][T20160] RBP: 00007f1c66032bd9 R08: fffffffffffffffa R09: 0000000000008000 [ 1365.768976][T20160] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1365.768992][T20160] R13: 00007f1c66216128 R14: 00007f1c66216090 R15: 00007fff24f429c8 [ 1365.769024][T20160] [ 1366.550045][T20160] openvswitch: netlink: Key type 261 is out of range max 32 [ 1366.970849][T20166] Invalid ELF header magic: != ELF [ 1368.352875][T20181] nbd: must specify at least one socket [ 1369.344562][T20192] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3061'. [ 1369.766330][T19973] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 1369.989325][T20205] FAULT_INJECTION: forcing a failure. [ 1369.989325][T20205] name failslab, interval 1, probability 0, space 0, times 0 [ 1370.037983][T20205] CPU: 0 UID: 0 PID: 20205 Comm: syz.1.3065 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1370.038031][T20205] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1370.038043][T20205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1370.038058][T20205] Call Trace: [ 1370.038066][T20205] [ 1370.038076][T20205] dump_stack_lvl+0x100/0x190 [ 1370.038119][T20205] should_fail_ex.cold+0x5/0xa [ 1370.038149][T20205] should_failslab+0xc2/0x120 [ 1370.038175][T20205] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1370.038218][T20205] ? __mpol_dup+0x74/0x370 [ 1370.038253][T20205] __mpol_dup+0x74/0x370 [ 1370.038280][T20205] ? __pfx___mpol_dup+0x10/0x10 [ 1370.038308][T20205] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 1370.038345][T20205] ? sp_alloc+0x27/0x160 [ 1370.038378][T20205] sp_alloc+0x4d/0x160 [ 1370.038408][T20205] mpol_set_shared_policy+0xa5/0x8a0 [ 1370.038445][T20205] ? __pfx_shmem_set_policy+0x10/0x10 [ 1370.038472][T20205] mbind_range+0x339/0x550 [ 1370.038506][T20205] do_mbind+0x7de/0xfd0 [ 1370.038542][T20205] ? __might_fault+0xc5/0x140 [ 1370.038576][T20205] ? __pfx_do_mbind+0x10/0x10 [ 1370.038612][T20205] ? _copy_from_user+0x59/0xd0 [ 1370.038660][T20205] ? __pfx_get_nodes+0x10/0x10 [ 1370.038706][T20205] kernel_mbind+0x1b7/0x200 [ 1370.038739][T20205] ? __pfx_kernel_mbind+0x10/0x10 [ 1370.038777][T20205] do_syscall_64+0x106/0xf80 [ 1370.038806][T20205] ? clear_bhb_loop+0x40/0x90 [ 1370.038836][T20205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1370.038861][T20205] RIP: 0033:0x7f17b599c799 [ 1370.038882][T20205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1370.038906][T20205] RSP: 002b:00007f17b67c2028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1370.038930][T20205] RAX: ffffffffffffffda RBX: 00007f17b5c15fa0 RCX: 00007f17b599c799 [ 1370.038946][T20205] RDX: 0000000000008003 RSI: 0000000000800605 RDI: 0000000000000000 [ 1370.038962][T20205] RBP: 00007f17b5a32bd9 R08: 0000000000000003 R09: 0000000000000003 [ 1370.038977][T20205] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000000 [ 1370.038993][T20205] R13: 00007f17b5c16038 R14: 00007f17b5c15fa0 R15: 00007ffd80d8a298 [ 1370.039025][T20205] [ 1370.890109][T20211] nbd: must specify at least one socket [ 1371.498993][T20203] pim6reg: entered allmulticast mode [ 1372.458439][T20239] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3075'. [ 1373.020717][T20251] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 1373.218335][T20167] udevd[20167]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 1373.331135][T20257] FAULT_INJECTION: forcing a failure. [ 1373.331135][T20257] name failslab, interval 1, probability 0, space 0, times 0 [ 1373.509502][T20257] CPU: 0 UID: 0 PID: 20257 Comm: syz.0.3080 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1373.509547][T20257] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1373.509559][T20257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1373.509574][T20257] Call Trace: [ 1373.509583][T20257] [ 1373.509592][T20257] dump_stack_lvl+0x100/0x190 [ 1373.509635][T20257] should_fail_ex.cold+0x5/0xa [ 1373.509663][T20257] ? __register_sysctl_table+0xac/0x1650 [ 1373.509704][T20257] should_failslab+0xc2/0x120 [ 1373.509730][T20257] __kmalloc_noprof+0xe0/0x850 [ 1373.509771][T20257] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 1373.509805][T20257] __register_sysctl_table+0xac/0x1650 [ 1373.509844][T20257] ? is_module_address+0x5f/0xf0 [ 1373.509881][T20257] ? __pfx___register_sysctl_table+0x10/0x10 [ 1373.509928][T20257] ? is_module_address+0x69/0xf0 [ 1373.509958][T20257] ? register_net_sysctl_sz+0x222/0x430 [ 1373.509996][T20257] ? __asan_memcpy+0x3c/0x60 [ 1373.510032][T20257] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 1373.510062][T20257] nf_lwtunnel_net_init+0x60/0xf0 [ 1373.510093][T20257] ops_init+0x1e2/0x5f0 [ 1373.510129][T20257] setup_net+0x118/0x3a0 [ 1373.510161][T20257] ? __pfx_setup_net+0x10/0x10 [ 1373.510190][T20257] ? lockdep_init_map_type+0x5c/0x250 [ 1373.510223][T20257] ? mutex_init_lockep+0x110/0x150 [ 1373.510262][T20257] copy_net_ns+0x46f/0x7c0 [ 1373.510299][T20257] create_new_namespaces+0x3ea/0xac0 [ 1373.510332][T20257] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1373.510362][T20257] ksys_unshare+0x473/0xad0 [ 1373.510395][T20257] ? __pfx_ksys_unshare+0x10/0x10 [ 1373.510437][T20257] __x64_sys_unshare+0x31/0x40 [ 1373.510467][T20257] do_syscall_64+0x106/0xf80 [ 1373.510496][T20257] ? clear_bhb_loop+0x40/0x90 [ 1373.510527][T20257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1373.510552][T20257] RIP: 0033:0x7fe64099c799 [ 1373.510573][T20257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1373.510598][T20257] RSP: 002b:00007fe6417f9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1373.510622][T20257] RAX: ffffffffffffffda RBX: 00007fe640c15fa0 RCX: 00007fe64099c799 [ 1373.510639][T20257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1373.510654][T20257] RBP: 00007fe640a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1373.510670][T20257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1373.510686][T20257] R13: 00007fe640c16038 R14: 00007fe640c15fa0 R15: 00007ffca35541f8 [ 1373.510718][T20257] [ 1375.266564][T20292] random: crng reseeded on system resumption [ 1375.314806][T20286] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3087'. [ 1376.357241][T20167] udevd[20167]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 1377.738537][T20341] misc userio: Invalid payload size [ 1378.040039][T20346] netlink: Failed to add  helper -22 [ 1378.611931][T20359] random: crng reseeded on system resumption [ 1378.707158][T20362] netlink: 'syz.7.3103': attribute type 1 has an invalid length. [ 1378.958490][T20368] FAULT_INJECTION: forcing a failure. [ 1378.958490][T20368] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1379.050985][T20368] CPU: 0 UID: 0 PID: 20368 Comm: syz.0.3104 Tainted: P U L syzkaller #0 PREEMPT(full) [ 1379.051028][T20368] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1379.051039][T20368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1379.051053][T20368] Call Trace: [ 1379.051061][T20368] [ 1379.051071][T20368] dump_stack_lvl+0x100/0x190 [ 1379.051111][T20368] should_fail_ex.cold+0x5/0xa [ 1379.051140][T20368] _copy_from_user+0x2e/0xd0 [ 1379.051179][T20368] copy_msghdr_from_user+0x9f/0x4f0 [ 1379.051218][T20368] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1379.051269][T20368] ___sys_sendmsg+0x106/0x1e0 [ 1379.051306][T20368] ? __pfx____sys_sendmsg+0x10/0x10 [ 1379.051376][T20368] __sys_sendmsg+0x170/0x220 [ 1379.051405][T20368] ? __pfx___sys_sendmsg+0x10/0x10 [ 1379.051457][T20368] do_syscall_64+0x106/0xf80 [ 1379.051485][T20368] ? clear_bhb_loop+0x40/0x90 [ 1379.051514][T20368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1379.051538][T20368] RIP: 0033:0x7fe64099c799 [ 1379.051558][T20368] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1379.051581][T20368] RSP: 002b:00007fe6417f9028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1379.051604][T20368] RAX: ffffffffffffffda RBX: 00007fe640c15fa0 RCX: 00007fe64099c799 [ 1379.051620][T20368] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000003 [ 1379.051635][T20368] RBP: 00007fe6417f9090 R08: 0000000000000000 R09: 0000000000000000 [ 1379.051650][T20368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1379.051664][T20368] R13: 00007fe640c16038 R14: 00007fe640c15fa0 R15: 00007ffca35541f8 [ 1379.051695][T20368] [ 1379.523006][T20167] udevd[20167]: inotify_add_watch(7, /dev/nbd0, 10) failed: No such file or directory [ 1382.889870][ T30] INFO: task syz.4.2732:18827 blocked for more than 143 seconds. [ 1382.897925][ T30] Tainted: P U L syzkaller #0 [ 1382.954131][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1383.001461][ T30] task:syz.4.2732 state:D stack:27464 pid:18827 tgid:18826 ppid:11229 task_flags:0x400040 flags:0x00080002 [ 1383.076053][ T30] Call Trace: [ 1383.094819][ T30] [ 1383.113824][ T30] __schedule+0xfee/0x6120 [ 1383.142632][ T30] ? __lock_acquire+0x4a5/0x2630 [ 1383.171196][ T30] ? __pfx___schedule+0x10/0x10 [ 1383.198776][ T30] ? find_held_lock+0x2b/0x80 [ 1383.227202][ T30] ? schedule+0x2bf/0x390 [ 1383.260932][ T30] schedule+0xdd/0x390 [ 1383.284571][ T30] schedule_preempt_disabled+0x13/0x30 [ 1383.317897][ T30] __mutex_lock+0xc9a/0x1b90 [ 1383.352148][ T30] ? rcu_is_watching+0x12/0xc0 [ 1383.377247][ T30] ? trace_kmalloc+0x101/0x130 [ 1383.404249][ T30] ? nfsd_nl_listener_get_doit+0x13e/0x7b0 [ 1383.436265][ T30] ? __kmalloc_node_track_caller_noprof+0x321/0x850 [ 1383.481668][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1383.517917][ T30] ? kmalloc_reserve+0xf9/0x350 [ 1383.552051][ T30] ? skb_put+0x138/0x180 [ 1383.587798][ T30] ? __nlmsg_put+0x152/0x1c0 [ 1383.617118][ T30] ? nfsd_nl_listener_get_doit+0x13e/0x7b0 [ 1383.658502][ T30] nfsd_nl_listener_get_doit+0x13e/0x7b0 [ 1383.709765][ T30] ? kfree_skbmem+0x19a/0x210 [ 1383.736523][ T30] ? kmem_cache_free+0x124/0x6a0 [ 1383.774960][ T30] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 1383.828301][ T30] genl_family_rcv_msg_doit+0x214/0x300 [ 1383.867470][ T30] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1383.909272][ T30] ? genl_get_cmd+0x3ef/0x720 [ 1383.940282][ T30] ? __dev_queue_xmit+0x5af/0x4800 [ 1383.982726][ T30] ? __radix_tree_lookup+0x217/0x2b0 [ 1384.014395][ T30] genl_rcv_msg+0x560/0x800 [ 1384.048140][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1384.084393][ T30] ? __pfx_nfsd_nl_listener_get_doit+0x10/0x10 [ 1384.132870][ T30] netlink_rcv_skb+0x159/0x420 [ 1384.181510][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1384.199822][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1384.199884][ T30] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1384.199924][ T30] genl_rcv+0x28/0x40 [ 1384.199959][ T30] netlink_unicast+0x5aa/0x870 [ 1384.199996][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 1384.200040][ T30] netlink_sendmsg+0x8b0/0xda0 [ 1384.200078][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1384.200110][ T30] ? __import_iovec+0x1d2/0x640 [ 1384.200138][ T30] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1384.200177][ T30] ____sys_sendmsg+0xa54/0xc30 [ 1384.200218][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1384.200260][ T30] ? __pfx_futex_wake_mark+0x10/0x10 [ 1384.202035][ T30] ___sys_sendmsg+0x190/0x1e0 [ 1384.202081][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 1384.202155][ T30] __sys_sendmsg+0x170/0x220 [ 1384.202187][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 1384.202217][ T30] ? __x64_sys_futex+0x34f/0x4d0 [ 1384.202266][ T30] do_syscall_64+0x106/0xf80 [ 1384.202303][ T30] ? clear_bhb_loop+0x40/0x90 [ 1384.202335][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1384.202361][ T30] RIP: 0033:0x7fc6b9d9c799 [ 1384.202382][ T30] RSP: 002b:00007fc6bac26028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1384.202409][ T30] RAX: ffffffffffffffda RBX: 00007fc6ba015fa0 RCX: 00007fc6b9d9c799 [ 1384.202426][ T30] RDX: 0000000020004080 RSI: 0000200000000ac0 RDI: 0000000000000003 [ 1384.202444][ T30] RBP: 00007fc6b9e32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1384.202461][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1384.202478][ T30] R13: 00007fc6ba016038 R14: 00007fc6ba015fa0 R15: 00007ffc7394b568 [ 1384.202511][ T30] [ 1384.218358][ T30] [ 1384.218358][ T30] Showing all locks held in the system: [ 1384.218379][ T30] 1 lock held by khungtaskd/30: [ 1384.218396][ T30] #0: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 1384.218488][ T30] 3 locks held by kworker/0:2/1211: [ 1384.218519][ T30] 3 locks held by kworker/0:5/5917: [ 1384.218534][ T30] #0: ffff88813fe63548 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 1384.218607][ T30] #1: ffffc900043d7d08 ((fqdir_free_work).work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 1384.218678][ T30] #2: ffffffff8e7f4d00 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6d0 [ 1384.218743][ T30] 2 locks held by getty/6596: [ 1384.218757][ T30] #0: ffff888034c930a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1384.218820][ T30] #1: ffffc900056fe2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 1384.218901][ T30] 2 locks held by syz.5.2685/18625: [ 1384.218923][ T30] #0: ffffffff906bfd30 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1384.218993][ T30] #1: ffffffff8ec59468 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x6c1/0xc00 [ 1384.219056][ T30] 2 locks held by syz.4.2732/18827: [ 1384.219071][ T30] #0: ffffffff906bfd30 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1384.219138][ T30] #1: ffffffff8ec59468 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_get_doit+0x13e/0x7b0 [ 1384.219200][ T30] 3 locks held by syz.1.3083/20280: [ 1384.219215][ T30] 3 locks held by syz.6.3096/20338: [ 1384.219229][ T30] 2 locks held by syz.7.3103/20369: [ 1384.219244][ T30] 4 locks held by syz.0.3107/20384: [ 1384.219258][ T30] 1 lock held by syz.0.3107/20386: [ 1384.219273][ T30] 2 locks held by syz.7.3111/20396: [ 1384.219287][ T30] 5 locks held by syz.7.3111/20404: [ 1384.219302][ T30] 2 locks held by syz.7.3111/20406: [ 1384.219317][ T30] [ 1384.219323][ T30] ============================================= [ 1384.219323][ T30] [ 1384.219338][ T30] NMI backtrace for cpu 0 [ 1384.219356][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: P U L syzkaller #0 PREEMPT(full) [ 1384.219397][ T30] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1384.219408][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1384.219425][ T30] Call Trace: [ 1384.219433][ T30] [ 1384.219442][ T30] dump_stack_lvl+0x100/0x190 [ 1384.219479][ T30] nmi_cpu_backtrace.cold+0x12d/0x151 [ 1384.219518][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1384.219554][ T30] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 1384.219596][ T30] sys_info+0x141/0x190 [ 1384.219627][ T30] watchdog+0xd25/0x1050 [ 1384.219657][ T30] ? __pfx_watchdog+0x10/0x10 [ 1384.219681][ T30] ? __kthread_parkme+0x18c/0x230 [ 1384.219711][ T30] ? kthread+0x13a/0x450 [ 1384.219739][ T30] ? __pfx_watchdog+0x10/0x10 [ 1384.219759][ T30] kthread+0x370/0x450 [ 1384.219788][ T30] ? __pfx_kthread+0x10/0x10 [ 1384.219821][ T30] ret_from_fork+0x754/0xd80 [ 1384.219857][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1384.219894][ T30] ? __switch_to+0x7b4/0x1120 [ 1384.219925][ T30] ? __pfx_kthread+0x10/0x10 [ 1384.219958][ T30] ret_from_fork_asm+0x1a/0x30 [ 1384.219997][ T30] [ 1384.245511][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1384.245538][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: P U L syzkaller #0 PREEMPT(full) [ 1384.245579][ T30] Tainted: [P]=PROPRIETARY_MODULE, [U]=USER, [L]=SOFTLOCKUP [ 1384.245591][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1384.245607][ T30] Call Trace: [ 1384.245616][ T30] [ 1384.245626][ T30] dump_stack_lvl+0x100/0x190 [ 1384.245668][ T30] vpanic+0x552/0x970 [ 1384.245692][ T30] ? __pfx_vpanic+0x10/0x10 [ 1384.245718][ T30] ? rcu_is_watching+0x12/0xc0 [ 1384.245759][ T30] panic+0xd1/0xe0 [ 1384.245781][ T30] ? __pfx_panic+0x10/0x10 [ 1384.245815][ T30] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 1384.245854][ T30] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 1384.245892][ T30] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 1384.245931][ T30] ? watchdog.cold+0x198/0x1ca [ 1384.245959][ T30] ? watchdog+0xd35/0x1050 [ 1384.245983][ T30] watchdog.cold+0x1a9/0x1ca [ 1384.246020][ T30] ? __pfx_watchdog+0x10/0x10 [ 1384.246044][ T30] ? __kthread_parkme+0x18c/0x230 [ 1384.246075][ T30] ? kthread+0x13a/0x450 [ 1384.246105][ T30] ? __pfx_watchdog+0x10/0x10 [ 1384.246126][ T30] kthread+0x370/0x450 [ 1384.246157][ T30] ? __pfx_kthread+0x10/0x10 [ 1384.246190][ T30] ret_from_fork+0x754/0xd80 [ 1384.246227][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1384.246265][ T30] ? __switch_to+0x7b4/0x1120 [ 1384.246292][ T30] ? __pfx_kthread+0x10/0x10 [ 1384.246325][ T30] ret_from_fork_asm+0x1a/0x30 [ 1384.246365][ T30] [ 1384.246437][ T30] Kernel Offset: disabled