last executing test programs: 9.836636017s ago: executing program 1 (id=1223): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0x5, 0x4, 0x3b) connect$auto(r0, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = getpgrp(0x0) r2 = prctl$auto(0x42, 0x1001, r1, 0x1, 0x10004000000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x618000000, 0xffffffffffff0005, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2c, 0x3, 0xfffffffd) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x0, r2, 0x2) r6 = pipe$auto(0x0) pipe$auto(0x0) write$auto(0x3, 0x0, 0xfdf3) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000140), r2) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(r4, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r5, 0x4008ae89, &(0x7f0000000080)={0x9, 0x0, [{0x48, 0x400, 0x1f}]}) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) unshare$auto(0x40000080) sendmsg$auto_NFC_CMD_DISABLE_SE(r2, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYRESDEC=r6, @ANYRES16=0x0, @ANYBLOB="200025bd7000fcdbdf2512000000080015000300000005000b00ac000000080001000000010006001100d7e60000080014002d5e2e28", @ANYRESDEC=r1, @ANYRES16=r0, @ANYBLOB="bea920a65e31ccb2a18de6915e96b0b4922f9e4d6c372a3a447268f6bde75339f11272f2cb2a2d323d5a6846df5036983670f3005c5f51cc5f860b6a630529bbe3b5e2d085d13d51f64d7b2292115bdbd49d9c7d59b82aa55102be25", @ANYRES64=r2, @ANYRESHEX=r2, @ANYRESHEX=r5], 0x3c}, 0x1, 0x0, 0x0, 0x48000}, 0x1800) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048004) 8.500618568s ago: executing program 1 (id=1225): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0x400000000fff, 0x8000000008011, 0x3, 0x8000) r0 = socket(0xa, 0x3, 0x3a) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$auto_PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000080)) close$auto(r0) io_uring_register$auto(r0, 0x5, 0x0, 0x0) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto_SO_CNX_ADVICE(r1, 0x3, 0x35, &(0x7f00000000c0)='/dev/nullb0\x00', 0x3) write$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x7, 0x0) clock_nanosleep$auto(0x8, 0x1, 0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0xab42, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x801, 0x4f46, 0x6) 7.62195788s ago: executing program 0 (id=1227): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_taskstats(0x0, r0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semctl$auto(0x3, 0x7, 0x13, 0x7) r3 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r3, 0x29, 0x20, 0x0, 0x20) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) ioctl$auto_FS_IOC_GETFLAGS(r4, 0x80086601, 0x7fffffffbfffffff) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x40000080) getsockopt$auto(r2, 0x1, 0x2, &(0x7f0000000040)='/dev/cec27\x00', 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto(r5, 0x560e, r5) 5.727944215s ago: executing program 0 (id=1231): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000400)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000080)={0x33c, r1, 0x400, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x16e, 0x1, 0x0, 0x1, [@typed={0x4, 0x19}, @generic="4540e6a0fa777b4b0f107b28027477ba5c02b80e5a00b0dfab9ceb6f5c9ea8354ebed5ea0f0afe09d27d740a7eead0d361beda6a2dae3bdc9a412287db385a1a15854eb4df83ed1d6749c845abdf570c699710498cc4501e398ec806d42a401bb881622dd7f985451fe675c4ca69a5008572569902677ec1b970f38ccbed78fe4610de4f69f13c302c6375b2ba0f260899dcc07c08b9ae365169f0f8598638a4833e96a7e67204cc5737af77175c4dd8b7b038a6b7d7c68a88c8fa0ccc0bdaac745825ed711522aa076344761aca712fe199c0974f106272e96ddc527d5c487f32d4f65895eebb9e07a01e0f48d4123cb610a8f552e8", @typed={0x14, 0xa6, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}, @generic="9b488fcd5c99085f9f78179d7fd1e894036f72b4f2abf5610b43151e114bf3c31b6ee214c605a1cc4bf803636c8cf553869dc802b795a7b066c9bb625e6a9bfc7e432483548bdc7a877a8ab51ccc5c95547a2b98b3014637b92dbb63"]}, @IPVS_CMD_ATTR_DAEMON={0x1b0, 0x3, 0x0, 0x1, [@nested={0x1a3, 0x3d, 0x0, 0x1, [@generic="2f14434e16a33621208fd91f1ea2e33c254b146c3e1b2a71e7bd9cc9a2ab438e57cd3f40c45ce03da55d7a69dc84fb147e8a89e3", @nested={0x4, 0x12}, @nested={0x4, 0xef}, @generic="a75d8ee78eafc14076dbc7b1a646406ae07e052b888a3fa18afa033f5bd0aa4a1acc2d5f2e1df6efabcc0a543154737eb0407419bfe1dad35b568913aae01e26c6c8abc86a6ab95f9a4f116884437a19a501e237d750cba7d2c7387892f967c814ecc5968359c2fc0788163af378001df5ceea6e7683bc5d1d23711e51308e06202b86fba20f977529ad2081835067f71c54e5bce2a433f2c4830b244e0358c6968b05de1e41d450b17ce4a70e01f61765caa6d39ae8d42881dbcdb7d1ae00", @generic="bc3fadfe13217761118b4d3d14fcb8e306c300836f8654a17826c7408ae60af40cd402ac964c2df4f0863222ca871613c31a52b4c9ff45ff155d667b231d9e950b15650abbb0ad67f4ebf93152bf7817501bb27c28c08686ba161a9882709644f3b7e698b0473b66bb7f48157ee09b83bd25b9b4569a72e963b23ba3593fd5e8efec301b2fb38b0c8f30ca82a7a8af8fc3b794764466d3f274feda9966252008455852a1"]}, @typed={0x8, 0x79, 0x0, 0x0, @fd}]}]}, 0x33c}, 0x1, 0x0, 0x0, 0x40}, 0x48000) (async) preadv$auto(r0, &(0x7f0000000540)={&(0x7f0000000440)="c7c3c9c14158cec52fcecc73e289c13e407c8291e0a42daea3d0dd340ad7c6b34543c2656f909d6f0d3a2c83dbf1c65d03430b95a1d2599dfaf9e46e1149350184b1e97918a632fea4deb71b42705efd01b2abd8f6040341c70471bf11d93198011077c6a7f1cc69dcf84279510d4644e7e5f812c2ba5f3eb34a65d3c41f58b3205ee6cf8783c4194ff4a3b43c9c2f1fba44eaf86d77b2e33a2eb3259cc1f6275c0d27780c18fab1f103dcb00247ae9d41d44da278e650122207d526839002e0442450dd035803c9414e063d76526756b6ba419aa41a441a0347a42634cee291434cf58cace3", 0x4}, 0x0, 0x3, 0x0) (async) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000580)='/dev/usbmon37\x00', 0x401, 0x0) (async) write$auto(0xffffffffffffffff, &(0x7f00000005c0)='\x00', 0xffffffffffff0000) (async) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000600), 0x10800, 0x0) ioctl$auto_SNAPSHOT_S2RAM(r3, 0x330b, 0x0) (async) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000640)='/dev/audio1\x00', 0x742, 0x0) (async) msgctl$auto_MSG_INFO(0x0, 0xc, &(0x7f0000000740)={{0x6, 0xee00, 0xee01, 0x0, 0x10e, 0x9, 0xaef5}, &(0x7f00000006c0)=0x81, &(0x7f0000000700), 0x5, 0x0, 0xffffffff00000000, 0xe1a, 0x0, 0x95, 0xe, 0x228, @raw=0x884, @inferred=0x0}) (async) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f00000007c0)={"4b1e5b642b86c03cd3aeb7a8d31d007254dd6f1cea89652be221d6e5df1228ee", 0x1000, 0x6, 0xa31, 0x6, 0x100000000, 0xffffffffffffffff}) sendmsg$auto_IPVS_CMD_GET_CONFIG(r0, &(0x7f0000000dc0)={&(0x7f0000000680), 0xc, &(0x7f0000000d80)={&(0x7f0000000840)={0x508, r1, 0x300, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@typed={0x8, 0x93, 0x0, 0x0, @uid=0xee00}, @typed={0x8, 0xe5, 0x0, 0x0, @uid=r5}, @typed={0x14, 0x110, 0x0, 0x0, @ipv6=@empty}]}, @IPVS_CMD_ATTR_DAEMON={0x110, 0x3, 0x0, 0x1, [@nested={0x10c, 0x24, 0x0, 0x1, [@nested={0x4, 0x2a}, @typed={0xc, 0x5, 0x0, 0x0, @u64=0x4}, @nested={0x4, 0x49}, @generic="29f3ab2ce5929a4e64e35f49aa17fdec0b2401fcadc49dda1248fa5d78fe62992332635a042c016b4874a11dbf12d89f8dd466b7cd231a1ad63a215151e7dc6721767f413b0534992b386e9deb4fa90acba817bd7b8168ad1199e3", @generic="961d5f1c15bf959561ff949cbb1d77c114c88c16d94a2c6da2f3884889d40035af7264a2edf63ec02859d542c2a101f7bec906a5ea232e39fcacb338ed5ff3e4af573c7e7624585c506087c00c2f95860237d2d53a3e3e4c6231dc1992ff26b4f8a21e1f634a132511e3ea8e9fe97dfb2cae2b43047116071b7ef0ea3c1fd71859fb09b3a6211d4a4aa2ed39bafeca6d90aa2bb58cf55673b0"]}]}, @IPVS_CMD_ATTR_SERVICE={0x2be, 0x1, 0x0, 0x1, [@nested={0x31, 0x14a, 0x0, 0x1, [@typed={0x8, 0x105, 0x0, 0x0, @u32=0x4}, @generic="82b860f6a9b10405c4b5ef4f95031bc4f4b2559c0b", @nested={0x4, 0x61}, @nested={0x4, 0xd4}, @generic, @typed={0x8, 0x105, 0x0, 0x0, @pid=r8}]}, @nested={0x194, 0x66, 0x0, 0x1, [@generic="95a58c006c2fcf412265b655e6a9fdd6ab032c4a7d671e9c2e0820a74b958d6b7b0cb62a7b907e564904c54e2636ddeeedcf2a6af97e63fca83b9da41aed9be036e873614895fad52cf69dc401823fd74e78db289dadb8e91db833a0f42d939b71433c9551b774d561c929a633e7629efbd55d8b5b10d36bf8d8d88235468d009f72c54fe3a72dbf1b2cd7d6bc918c5bfd9094a186769d3f9e620d151aa963706c010748", @typed={0x9, 0x4b, 0x0, 0x0, @str='IPVS\x00'}, @generic="4a81f4885dea1a41ffb023f148bf1d3166b50fa9beef1cf8053cf1bb1a34793f7f98ca755baae3a9384d97e6003500a09b4c23c1a61c885a74a37c15ea8b896a0eca7443aace7044cc23382cd6b662c8bfd0a2db159a718b6146882ed589412f05f094ca5943dce8beff04d86e0c1f68155bf70ec6926ec4c76827bfef18", @generic="05a04044c44a8e3a3e4d56eb762813eaffdf0d73de592be84368c48cf348bbaecdcf15bd274c9565e832626ac8862ab415cce476a465439bb6f03427d1718f8d2e5cd3dc4d5504ade89dc3974559da40fca3048d0f2a9d01b025757430644c495881"]}, @typed={0x8, 0x5, 0x0, 0x0, @u32=0xc}, @generic="9480f5dcbf904ef1882a713503909bd20c8e76a0bb4d73fdd7909334699ab19465e707340f99fb742aa5d189170562017a2123451c014763ba39f2d988b55bdbb14b1721562be858ab214ed07407be42f72141f1d7a7c572f6fb03e6a11ffc74f7552d480a3f38dbba2c40407d936147259b56c322fc9358d4be6bc677f5e779c8ca3b2457c2820b59fcdaa585a993cbb9cfebc48c0edb469359f1f3fc0cc7d377489c3d75e5ee39fea035d1d2fdc18ecf6830bbc389de148324fb6725234069147ce0d1e62358bc35732f0b32d1", @typed={0x14, 0x10e, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @typed={0x8, 0x2a, 0x0, 0x0, @fd=r0}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x63, 0x0, 0x0, @ipv4=@empty}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_DEST={0xcf, 0x2, 0x0, 0x1, [@generic="5d5898a18b703097e9867426454cd659c5d9c2693a2459b5cbaf61ceb5284c006262167203f2951ca79ae35b9fa970", @generic="3df8215ce3f95f91ed8f531c212f20d9a69025fd2394c0ca6f2229b9fa53e51e27a0cf1f663f154b7a71f54785791c5c3982cf52023fcfd003a1945dce30694f70af427f5fc9003bc4f30fa6ccff1862fff94c0fe1a45a742e9bd94f893d276137c82f00ff4efffe0534b59014133ba75c34434abda4f272ebc87a72dedd68d84fe32244428388ff3afc7e50cbfc059ed0f939e5665c338a3bb2cd79"]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}]}, 0x508}, 0x1, 0x0, 0x0, 0x90}, 0x0) (async) openat$auto_hwsim_simulate_radar_(0xffffffffffffff9c, &(0x7f0000000e00)='/sys/kernel/debug/ieee80211/phy1/hwsim/dfs_simulate_radar\x00', 0x101000, 0x0) io_uring_register$auto_IORING_REGISTER_PERSONALITY(r4, 0x9, &(0x7f0000000e40)="3dddc34decf77db35d458a2933c7dc4361b422e8506368ef76c41a5f99cee52ffbab2737543717192c13adcf834f089762aefdc7063c51d1302ac7b5ddd9d61f223b80", 0x6) syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000ec0), r0) (async) r9 = syz_clone3(&(0x7f0000001140)={0x0, &(0x7f0000000f00)=0xffffffffffffffff, &(0x7f0000000f40), &(0x7f0000000f80), {0x40}, &(0x7f0000000fc0)=""/131, 0x83, &(0x7f0000001080)=""/116, &(0x7f0000001100)=[r7, r8, r8, r7, r8, r7, r8], 0x7}, 0x58) process_madvise$auto_MADV_RANDOM(r10, &(0x7f00000021c0)={&(0x7f00000011c0)="b55120c09816f861d2c42b6b516938f9896f3cf4ca17cd5303c0def87568221ea4df6c3e90a3ed8b6d511a939d42258bc7b752a3d8ea16242697569f86fa573c1114ea4a0b166fb7f8e60aa8f650c19e31efdd8699e431bc306fde13fa4aae3ee658d70f6974eb1e7d82a46ea74589c4c3b0b6ac704932d290563466e9365ad2deaf8627b414549b0ca4ecfcc5f5b293c87521a9a25d2ff5590f674bb8f3fd8fe9d21cd4f39a9e32204fb918a6658f19671cc0694771f5761feb5d47ea25296eed2a09d7e6bac96deae8f5761d8fbb5fd7f1ec055445ac082330ab4c695054a3656b78107b338594e9d9b08d3b0b117fa9b6e46cb603dcef7f9a99148f10b6bdb410b86cd4d263d4d76508a0849372a69810c64f5c7166819ef926633480693847886e42287fa8e1663f683b2db8b3dfc3965158070a16cb68d52a6a77c087670f4fb78d9f573be1202c352698c0e0be99449e25fcd98f41f0682bac0d7890949db1d4071aef47bcc956e785a648855cef615f9de870bc41d2eafca62a1e8f6145806548055efb9a1cfd0c7116b92cbf05d9f2c4057862409289574a41501fe65ba5b9825ec5468059c2fede0fd253975ecf02187f1ad2f3693769e62c543412686fb323174539fbb270bd8e71b1db0648c44a2b13679610014e0b5fb881c147f90c6d04e87345f696ab7e64259f845b11d88f5d87605372ebec0d122abf5585a52ea1b6b7bb5274b1898c9ee01a0481349e671e19208d2bf0a7f2735ec0d6a3c92d42e2426a41b10ec3c2a79771a6bf65de92ac8038f06635baf8a3faaa2199f32baac0d7285948160cb5f8a1d4ab97e4b730794aa72f8887c1b77d8a5eb39610b905373cf53a61051bd37c1546721904daa59f1fe7424a7ca84f5ceec8662a3c5ca0f041d5fc2992ec7d99e94fa9561998233d331b822131739c926c6df63dd3ef24feda742f5a269d324e9a03ee51d5382c52678f8276ef38d5f828bd113aef36df6c8d6b384f750da6102bb618f8c31f1b236c4a17c951e7d6a7c5cc84bab5cfebfe406702a3b5ed4bd1556a1489bd1bb5106118699f05fef73658232f6e2e2ead82f7259374c2a505b378b9d9bca16697e928ac3272600ed076c40989f2ab3d764dd9e38e7814e61d10031920ae94b5339627ef7364e1ba0f2cf7ec150b2bddef0de005cdd940e64833af0b29cb4fd89761c3b418d9e3af21450857915fa79c23044cae7c06ee8f623b10fd044ba6d60861a9a276d95b2b7f07fc7f7ebaa2721cce1fc7c8a989e4e37d14a1a82ac08db4a7fa57a164ffbc57f55a71b6b8a6d026c3946efda24d679a35534d2c8f82721421d76ab620c2524940c72b988c02aa3f4642ae4b4bccd6be7c41ad1a019b4fd3c7dd4aac0a3a72b4d02fbb175e782968218267e434c65d59ec60f18c8993a893f176a2a7952c0d388d2174516f2f769d14d5a798c36104dc0609abba8d3d30462d9dca18fcab2b8c3107accc422c5589af2e61a7e5e21d9d42289f10d2b7f5698ab570f38fc71f45d692c4601aba02b91c0a6de60a10601f35cc7c4726e4ba3a766e3478b8c64df972f30591cefaf18f4f1d1628c9626f4e015f0dd8c6fe0ebb3d24d9da6caee103c0fce7a0ce79e8b84bcbea53859c1ed31779a33fe499341e9c060f2efe648288dd27363b9b556b4d8bcf54a0b771b5b5f8c905089a6fd64a706ac3f7846405e4249306e33c4987a9501611cbbc3c96ce5f8639459c66a8495e2d84f8c8f41b32ad45a8d8565d3c3f149dd9743ff7b80c9e1fd91231f69b679b3d048916a762f0c55a562f6078b7a76e65a6fdce325f5bd2910fc526a85bc904a4571d88fb36fd04c41ae5aac31c9dd498d6198e0a523cb8e720a490614778f5f9462af8cdb9c4620fac59c6a1a3f4a9f1b713a97d12f09a41a64e1d3570121b34740cec0807967758fbea7654913d329c01a83a5ecb00722cccc2333491dbb7fb4f8889d833e6120be9008404755c9420b251ee52cbf106d91d953583ac7fe03b3e4e353fab4bca038eaf6ac28842ffa2d4e96ee5acb637e950018a74edcc113fe82e836792fabe505b65af3793db971fe6cae514c641f5229852891352e952f38ceb27e8bb9ecbde05f4e70f82766926f62e82acd798474eedd298e411e33a6c3f3d73fc4fad660fd591b8021c5ffb0a3ba7d77d4298431286e6b1d28dd87ed81cc6c0207c9f22fe299bc8d1e8a10bb3efa3e95ebab33eb2de1b81f996e47a1e45e15300be226b73ff7f1db9c969fa5dde7af15626a625549c35ed6e35946a4c994d40b6b5a0110f92167d94d385e8c2cd376df0e50da023128828a79bbedbfcb4fd5466eafc081ff90eee88be410a19a2346ba675760fb11cbbb87a6eff11041442180e98a283ca3a3750373dc98a4d21485f955fe017474bb59324fcffb0331a8cafbbdf1fa93d7a1ffb7c033ce92868b190f3b5945acb292263bef3d10070fa5378c717873ddcc366cc71cc9eb53c47128746bbd2176e1de98d1c2e1f7d7855f4920435b5bf7d8a892804329db38f0cf7ae29b147766c1870018f4c8dc9bf01bf0bdc62672b4af5c32f397cddee90a4d80256efdb255c43c602701b47cf90abb897059167f8e78a3579bd38ab82549285d80b0d5c4144853075b92065a7ffe7f4215446eb007c83fcaea415a3fa1149687f9f11883121d5b9bfd95dd8293fdf5533a4edead2bb09bc4b45446f57b1164308a6a3a2e429c489703601b43b50449b02246bd885bb0be25c5b6e18f1c917bdbf2bff33e32a19586dc04a58fefe5a0d51662cd7381331c10a25622f9bb2dc55eb7abc514c76ffad548d57ba3739b1f18ac3d9c7a043ccad26d91a87f1b2c2e9a644b91d605b71f8ea79f1acd9f38b7c52339186d5a61d88ab165e2dc15161c3da3fba6d9f107f14fd15d143dd9bbd8f5e41236f98d2d1c7a8956be3adb08ae7d4d21d5789c39c7ed68223ced17b7bccc0bef4baba2a512ad584e7846ec5be2e646f9dd8b5e5ba23198aa17217c192068228b9736c17d63e3292181c6fe2a6bf7164ec89fe876234cf3b7d947b16d80988fc3e34865abc9d8aa77b698b18e3c9b4ed572c9db1d78bb5e229bf8e9d926944c6c80f16e4a8e1423aa0fc1219ca35f228ca902c21f1f85191f0d9648b16587475cb1142754197ec4046321bcb35c8fe3674ccfa4b9b5a68a6e43e2c50b030bcd577c5714585ed3512cf61d4da6e1c98003ae879bcff842894d92c8c06f4dbf73ee63de89b92c23027427bfafb3cea11b114a9cd205cb1ada8160f61dbde107eba5e64aa192f7b900052bb6c454d4d8214d57d3bc1f434869b666b54a70302aeeb595b344c2a68f0a220d80b188e03127b900c29d814df4703a464fcc3ba51339a255d56406fe2284b27540224b8412f347030df8488d8ce7f20e2db71a2b29cd4cb18d4f34b926e4b196c2520eedb5f78d76491c921bf0da6ef4bf937d17bce4554501428e65048ee8dac1320226b7551230a549c151e9a639f47fbfa0eec8a3814cb0caf1e9f9d6735eaebadf396f786fdfc32172e00704a196f72fa21686dec2046870407e79fad163bef4294b8d75f785cee35cef52437c70bb11876704004d8c0a4859f5ce096accaf6a4c4b406f771ca6701f300837b80407955098d503d884dbcffe266d60fd8b2c13d31c98a3b0cabdaaac78309e8bb89f51d37d8115cdc75c1086e1b0ea123581d1790a9476709bab6a54514e2e24ffacb9694e036a40166b24660c0f5a53065b65e869590ee07c46dd6546cf8f98f04f0bfb4178252a40802b04c306e3963ce9266587685ba2b54dc707221149119eae8a1ecaf995432928ee2f4f644f42b5d10b86636ea6c1d0a35ce4bffdae961a56da526a5932ec490212bda48b1b27f0f2aa2b9805076c212536fe4edda1bfbb100c3b67c9335ba8357efb5b9a8ecb4a48855c4d656c518bef75e8fbdcac96da4d982acd87f9f6f8e4097161130c433d9257b4e68980b9505e2967df0edd07010560dfc3829d208b43fa999e040c9ad9b0caf1d07c4c509839858594b0cba4d0402726eed9f01007df05f97fc96d84990646339d0d84c455532c08c96afe7cdaf5e12f288e82da4f2564967763c245d4af50881a6914b4dce870ff80d680cb59241946e054fef52b2dd9c51e56d4ab5fb4a3e0d372b58d0dfc9f7e5d2ccd5a4b87696680762df155fa106d963c43569250276a4ff2a2a615b6aa3c13bf9e8592720cb0999d010c9744aa4b0744b023e63c926e755d9035ea414a903a9c8d2955b80cc5555541b8f96059e015239f48721d1ef9e16f46a994b4d78aec2609737addb59d0931baa152ce6deaed8ac577580c4fbee2229a3a9c32a56b6b174cf0b2ed33368d8a1acd7a1b400351b5723ba5bbe4aa4f3be26cf3bcc6eaa092b5a381f962d188bf3e50c9188a03ff9f822f63d47972a454d175eefb2be55bb335de3faa8dad37ad4b10ceadbd11c6c2d5cb2c45322c7f98059f70cf44a49eaf1bc64d79ffe95d2e31a9809cd6975ce1d40be77d0725ef9415b9a2d5ca4205bcd29d3aa1882161f9307ce92e73812f374ef2dc2cf073fb06f6c9acc05e61bbb45132f35bb9757dba32c9014a2cb63b7e12a4e0f85a7619a88d8d4364a9f11a86edb072e237d3e69a87d0c615561da72e32ba027c1d943db0f80706b0778c016e452de70c2be9e386b27fd282e416ef2b78bf54866418fbbff39b44bfb31de89c10efde326eba08250ee33cbee059e6764f3df35d18cb3b84f63bf2b1199ee103653d4bb1f74c7372978aa262b812852f6dffec0755a046e500ca303ef175e09c365c7cfc0f36faae4bca59e87c8d0858067370976f6426c8669b6ee8058c20a3c9e6d08d1505bf0cc890e37b58d2a8ab39e577086bd055a97ed9e316227b482896b44c1e93e60fdfb41d88a8df4a1b63317b9380d5252ee6bd95d005274cfc2db429e8cd5c29028de145ef0166d5c57e0a25d243d3d3de926f0fb18239ad8cbc396bd8fa4f4adb089db8ab2d29c847ff223d6526d31b469c1795cd5583a34a64787e417bd2ae1a6ba25e01171e1db844b4d78e1e666bdc962cc8367cbef7d68db11b3151370db5fcbc8aefff0aba6298b0072c70a0d417a85af924874f2ae6639f94f600227e208d4defac5ca13ec2705bd74a6aabd8bbca2c2c4f89eda4488ea2d8dda1946ed2018653889e19eef0b6138e68bcbae15984d8e7fcff43d7944558b960a3cdecee3195e0b6beeb673192df7f92b52754319179bc4daa6609755e4ecbeed9e9f48f93fa37e26d2a220ada47fa88c581484ad1459318b49e3b0d51417116112e1cc26a078c338d26fe1fc1e8d06f2af9cbc1081d620533b60584d134479fd22d30f2103bffac9829869f60c810e8d0203edee0c2308e757f2f752a8c6ceefd4835048718f0b440d6a2ea895754ab41efdda501355f2e6f88d9d20977b8233783d4260f5f3e025332fa75e93292039bd740a6337a0fef89e01541404922f95454877eaf79110e7a94f649192da20103a4602f2884549023d8a29d07ae32e366448f6f6e39febf33a0dcdfc13df75f31ca802ed59cdb033bbbf27b1195f1c0d776c30668681596dd593a4dd3835c16797f0971d47d8891c04ddc7aa6d02b218a01aac6c92c2c1f05cceb28d34e3ac3348a20d9905e3a76e3e30ace3136b4f687fc7be6969baf7b8531968303c4b208858554d539056664391947a1e9a8c95d7420a8d8899900dd6e165eb0cec6bb500ba282da70ea2f15cf0361bf2615143f8cc6300e830e5ae96dcf8a92b69", 0x92}, 0x8, 0x1, 0x0) (async) sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f00000022c0)={&(0x7f0000002200)={0x10, 0x0, 0x0, 0x404400}, 0xc, &(0x7f0000002280)={&(0x7f0000002240)={0x1c, r1, 0x201, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000010}, 0x20004090) (async) io_uring_register$auto_IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000002300)="b18b26271bb8e6b61619c9ce6084faded78795c38e7af86cfc429e532ff004cc68e2a85dd62bd64e2f56ba60cba0579dbbc1bdc57a36c226fe3d6c890c2e3c0d1cf9f71a1795600bf7e98aecf5cd5ebebcd2555d66263967b19bc155f905aea81594b7e84c8623a5235e6ab43778bbd0f8aa5953a003216d4a8dc9c3fe11e4c0720add9b0c501115416170f8798ccebd437bc312bd0e4d1234e40762cd9ad94b97f126b0bd32bea78e85c58169aca2f7c13c", 0x7) shmctl$auto_IPC_SET(0x7ad, 0x1, &(0x7f0000002500)={{0x2, r5, r6, 0x101, 0x1, 0x4, 0x8e}, 0x80000000, 0x7fff, 0x5, 0x4, @inferred=r9, @raw=0x705b, 0x1000, 0x0, &(0x7f00000023c0)="0a916c81b14544dbdd59c17eb096180ca5cd21b9ed1b49f46d989d6b7d30b5d96e7c231cf4af71284933df556d39076f8647fce78d51575f809aab96f37d3aed4dfe4481403bb7c632c1af1caac8ad5802f9f2b567e54ec783ea06f0b3a5dea1f6ad9c2650f1fc08f4aaf5f72cc1735d63cab97acf391ac312e2bc0b0864031b670b61dd689a2899f748b874d72dc868bb4bbb57379c5ca6e754b88f63763dacebc027e6cd19a8abc5b71c64582ffcaa1fc903881766de86a26eb7df8b0de10ce092d364f359cc5251ff5b71bf2384", &(0x7f00000024c0)="ce"}) (async) io_uring_register$auto_IORING_REGISTER_PBUF_RING(r3, 0x16, &(0x7f0000002580)="f47a48d3f859a74d46e1f40c598cf32d1c23029a02c086958e237badc92a7de86522cb0631af8f235113712f04abd5d4ebf74e84ea090127f4eccfdf7075abb62eb726e420f5d22cace341aa3272b919d1764ada25c150518932e691e1936022286cfe12005620b7e37a79821e8841c967456a40c3de8ee7b6378d17fe52258383d847220c22451968da87c1b2716a58d8b9d49b64bd7b", 0x6) r11 = socketpair$auto(0x63e, 0xfffffffa, 0x3, &(0x7f0000002640)=0x9426) read$auto_output_bpc_fops_(r11, &(0x7f0000002680)=""/177, 0xb1) (async) mmap$auto(0x8, 0xde, 0x7fff, 0x17, r10, 0x2) r12 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002780), r11) sendmsg$auto_NL802154_CMD_SEND_BEACONS(r11, &(0x7f0000002840)={&(0x7f0000002740)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000002800)={&(0x7f00000027c0)={0x24, r12, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_ACKREQ_DEFAULT={0x5, 0x1a, 0x89}, @NL802154_ATTR_CCA_OPT={0x8, 0xd, 0x7fff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x804) (async) mprotect$auto(0x0, 0x253f5bc8, 0x8000) (async) connect$auto(r11, &(0x7f0000002880)=@isdn={0x22, 0xff, 0x7, 0xfe, 0x7}, 0x5) (async) pwritev$auto(r4, &(0x7f00000029c0)={&(0x7f00000028c0)="e5c43c1685254bf99362d1eeaa6303bbb8a6aa3d0793f6194b0f688622b24e30f022e34ec29b96b5e7180fe19458c4046ad47d2592d856195ec08b4c347e64719fd051b2a1a451e1932ed3b5abae7e044b7139cf7c345e5e6b87aa7c0b0da27194b3e2a59f221f2b4e8f8c90d5e1fab4ddc1d108d78836763a3fb43fb3728ac75eadfc94ad41110ce268864cfe6c20c0330cb9d9e3d89695a0c52fd20c39ed411d7662cf495eb618d279b3b92a69b9a3dcfd77a62a2d50e02ea879dd84b8cd2ffb769aacce45a0cc6041db89c8b87815bbba1700adea", 0x3}, 0xd, 0x10001, 0x3) (async) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000002a00)='/proc/thread-self/oom_adj\x00', 0x501000, 0x0) 5.590640227s ago: executing program 1 (id=1232): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vhci_hcd.5/power/runtime_status\x00', 0x20341, 0x0) sendfile$auto(r0, r0, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x3) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x400284, 0x0) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x5c}, 0x1, 0x0, 0x0, 0x44000}, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x10540, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) ioctl$auto(0xc8, 0x400454cb, 0xffffffffffffffff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r1, 0x810c5701, &(0x7f0000000040)={0x1, 0x4, 0x81, 0x8, 0x9, "8eabeb663b572a9f43298902518f2a438dbd8855e8529542d4517e62e6d3a8a4a5da485f77dd72ed364947a535dd13d01f2d605a9d4048ac958301f504720278", "16fa2d25729a89d38d43d0cf8adeb82aeee33ae39a462f1da4601effe99e3a7f97ca3c5f0b8cfca710b40c925fdda35afe70e310dc02ee15e5f91a3cd9ac0e6d9472360408d0033b8b04dae0ca88793f", "5792826c61c347bf4c2da10c8f236869d0a90f79fcc9659c2102aa3d294011d7", 0x2, 0x968f, 0x3, "abdc4185287359f85b748e2057d6212e6ba06742678a6f406df6659a51580f3089ecb0145b4337bc70fbbf69872df3c6c683085797fa76e5c6639de9"}) r2 = open(&(0x7f0000000080)='./file0\x00', 0x261c2, 0x84) r3 = socket(0xa, 0x2, 0x88) r4 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r2, r4, 0x4, 0x302f, r3, @relative_id=0x13, 0xe600}, 0xf) listmount$auto(&(0x7f0000000180)={0x101, @raw=0x101, 0x10007f, 0x1, 0x8}, &(0x7f00000001c0)=0xfffffffffffffff7, 0x8000000000005, 0x2a76) 5.40204229s ago: executing program 0 (id=1233): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xfff, 0x9b7f, 0xffffffffffffffff, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0xb858cee1f114a07f, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0xffffffffffffffff) shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, 0xee00, 0xca6d, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8000000000000000, 0x1, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000140)="4f0d6995e943b6bc1919", &(0x7f0000000200)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f32645dd597a3ae1b46e8d8c7e03ae6b8aaa49f6bf64"}) mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x8, 0x8000) r0 = socket(0x15, 0x5, 0x0) getsockopt$auto(r0, 0x114, 0x271c, 0xfffffffffffffffc, 0x0) process_mrelease$auto(0xffffffffffffffff, 0xa) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) add_key$auto_KEY_SPEC_USER_KEYRING(&(0x7f0000001c80)='\\\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffc) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r3, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010025bd7000fedbdf2502000000040002000800010003000000b9d6cb3efcef1fdd0e07007f3f53d73a750b757bb95ceb556d903e1a8c493a168ede8b0cefa2f3e84d11cfdd1a31156da22dfc597b10e5a5dc6fad7c189621ad3531c5524bbb3ca047b7f2f0acc2edb6cfdbc85be7311657714dfd32212817642dc3a7f21754341d61695f7ada822ac9229356c8b0bfbbe2ed364cfef47bbd2aa4f24c35f71529ca867ccd067530a8f62bd1b468843e48a9b6d3c327f5784471e6d37b11e218b02d3200a33fca2a5335a210c278361b922be812403a0f2f281942ffb0e588b07f978bb780"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) mkdir$auto(&(0x7f0000000100)='./file0\x00', 0xff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x4a42, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) mmap$auto(0x1000000000, 0x100000400008, 0x1000000000000df, 0x4000009b73, r2, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x40080, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x7ffffffffffffffb, 0xfffffffffffffffd, 0x4, 0x3, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x7, 0x6d3c, 0x8001, 0xffffffff, 0x8000000000000006]}, 0x0) close_range$auto(0x2, 0x8, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x400}, 0x7f) 5.066245443s ago: executing program 2 (id=1234): mmap$auto(0x0, 0x477, 0xdf, 0x9b72, 0x2, 0x8000) futex_waitv$auto(0x0, 0x1, 0x0, &(0x7f0000000340)={0x1, 0x1}, 0x4) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ipvlan1\x00'}) r0 = socket(0x2, 0xa, 0xa) sendmmsg$auto(r0, &(0x7f0000000300)={{&(0x7f0000000140), 0x12, &(0x7f0000000280)={0x0, 0x4e}, 0x7, 0x0, 0x3, 0x1}, 0x3}, 0x8, 0x7fff) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14be02, 0x0) r2 = fsopen$auto(0x0, 0x0) fsconfig$auto(r2, 0x6, 0x0, 0x0, 0x0) timerfd_create$auto_CLOCK_MONOTONIC(0x1, 0x4) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) writev$auto(r1, &(0x7f0000000040)={&(0x7f00000002c0), 0x4e}, 0x4) 4.498518325s ago: executing program 2 (id=1235): mmap$auto(0x2, 0x2020009, 0x3, 0x20000000000eb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000082, 0x402, 0xc0}]}) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x52) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x5, 0x4, 0x4, 0x200000005, 0x400000000c) kill$auto(0x0, 0x11) open(0x0, 0x161342, 0x100) clone$auto(0x8ffe, 0xbbf, 0xffffffffffffffff, 0xfffffffffffffffc, 0xfffffffffffffff9) setdomainname$auto(0x0, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x200000000000, 0x40000000004, 0xdc98, 0x3, 0x100000000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00') bpf$auto(0x0, &(0x7f00000001c0)=@info={r3, 0xfffffff6, 0x14}, 0x10) bpf$auto(0x16, 0x0, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r4, &(0x7f0000000180)='\x05\x00\x00\x00', 0x80000005) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 4.161752157s ago: executing program 3 (id=1236): openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) msync$auto(0x5, 0x5, 0x3) landlock_create_ruleset$auto(&(0x7f0000000000)={0xd1d, 0x3, 0x7}, 0x0, 0x10000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5) 4.031766496s ago: executing program 0 (id=1237): mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram4\x00', 0x14be02, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0x3, 0x2) openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000040), 0x101400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = socket(0x2d, 0x2, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), r1) ioctl$auto_VFIO_IOMMU_MAP_DMA(r0, 0x3b71, 0x0) socket(0x2c, 0x3, 0x0) socket(0x11, 0x2, 0x73) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) fanotify_init$auto(0x5, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x2, 0x1, 0x0) r3 = getsockopt$auto(r2, 0x6, 0x1d, 0x0, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x40401, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) ioctl$auto_TCFLSH2(r4, 0x400455c8, 0x0) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) read$auto_proc_pid_maps_operations_internal(r3, &(0x7f0000000000)=""/5, 0x5) 3.516754245s ago: executing program 2 (id=1238): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mincore$auto(0x1000, 0x4000000, 0x0) mmap$auto(0xfffffffffffffffe, 0x810004, 0x400000000ffb, 0x8000000008011, r0, 0x4) mmap$auto(0xffffffffffffffff, 0x6, 0xdf, 0xc978, 0x40000000000a5, 0x8000) removexattr$auto(&(0x7f00000003c0)='./cgroup\x00', &(0x7f0000000400)='/dev\x89mtdblock0\x00') r1 = socket(0xa, 0x3, 0x3a) close$auto(r1) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r1, 0x8, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x7, 0x7) sigaltstack$auto(&(0x7f00000000c0)={&(0x7f0000000180)="f038afe10105ff42e782ea31d34fd7bead1778c91029c17ebfc96bb68ab0b20380c0985c7702041eb7a604d8a298cd7b", 0x0, 0x7fffffff}, &(0x7f00000001c0)={0x0, 0x76, 0x20}) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x2, 0x0) pwritev$auto(r2, 0x0, 0x2000000003, 0xe, 0x3) capset$auto(&(0x7f0000000100)={0x4, 0xffffffffffffffff}, &(0x7f0000000140)={0xff, 0xd3c1, 0x3}) prctl$auto(0x3e, 0x4, r3, 0xfffffffffffffffe, 0xfffffffffffffffd) setgroups$auto(0xe32, 0x0) msync$auto(0x4, 0x180000000000000, 0x400000004) r4 = open(0x0, 0x0, 0x408) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x78, 0x0, 0x4) getdents$auto(r4, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) 3.363652584s ago: executing program 3 (id=1239): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/domainname\x00', 0x1c9442, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, 0x0}) write$auto(r0, 0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) semctl$auto(0x4000001ff, 0xffffffffffffffff, 0x13, 0x3) setsockopt$auto(0x200000000000003, 0x1, 0x29, 0x0, 0x300) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x121041, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(r2, 0x0, 0x4) select$auto(0x8, 0x0, 0x0, &(0x7f0000000040)={[0xc, 0x5, 0xd, 0x4008fd6, 0x948b, 0xfffffffffffffffc, 0x15f4da0a, 0x3, 0x3, 0x6, 0x80000001, 0x7, 0x4, 0x8, 0x1, 0x1]}, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20904, 0x0) select$auto(0x4, 0x0, &(0x7f0000000100)={[0x9, 0x7, 0xfffffffffffffff9, 0x9, 0x7ff, 0x3, 0x6, 0x2, 0x9, 0xffff, 0x1ff, 0xd, 0x3, 0x200000201, 0x7, 0x6]}, 0x0, 0x0) write$auto_console_fops_tty_io(r2, 0x0, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x501, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x700, 0x0) socket(0xa, 0x2, 0x3a) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'veth1_to_bond\x00'}) read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto(r5, 0x5608, 0x1) r6 = fanotify_init$auto(0x1f53, 0x2000000000002) fcntl$auto(r6, 0x403, 0x3) 3.098301316s ago: executing program 1 (id=1240): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) (async) r0 = bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x301483, 0x0) (async) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x301483, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x3, 0x3b) (async) r2 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r2, 0x29, 0x16, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x703001, 0x0) (async) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x703001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) msgctl$auto_IPC_INFO(0x7fffffff, 0x3, &(0x7f0000000440)={{0x0, 0xee00, 0xffffffffffffffff, 0x240, 0x6, 0x2000, 0x8001}, &(0x7f0000000080)=0x6, &(0x7f0000000380)=0x7f, 0xffffffff, 0x7, 0x9, 0x8000000000000000, 0x8, 0x0, 0x983, 0x8000, @raw=0xfffefffd, @inferred=0xffffffffffffffff}) openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim4/fib/nexthop_bucket_activity\x00', 0x20000, 0x0) fstat$auto(r0, &(0x7f00000004c0)={0x1, 0x0, 0x8, 0x0, 0x0, r5, 0x0, 0x4, 0x8, 0x79df, 0x7251, 0x205, 0x4, 0xffffffffffffffff, 0x39, 0x6, 0x8000}) mmap$auto(0x100000000000, 0x400008, 0xdf, 0x14, r1, 0x0) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x8) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mremap$auto(0x8, 0x7ff, 0x841, 0x3, 0x2) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) fsopen$auto(0x0, 0x1) (async) fsopen$auto(0x0, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) shutdown$auto(0x200000003, 0x2) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r4) mmap$auto(0x2, 0xffffffbffffffffd, 0x4000000000df, 0x1c, r4, 0x300000000000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r6, r6, 0x0, 0x3) 2.933092932s ago: executing program 3 (id=1241): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES16=r1, @ANYBLOB="010004001900000000000600000000000000758bbfe612e0b34a6add3adb92ba19c8660a4446f93d53b1fcca1f2d428a17df7c9e94df130e79cc53e24b7998c83b2ebc0345ed2014a008b2c4b8b291db547229d236dcf83b7dacf3a988e9"], 0x18}, 0x1, 0x0, 0x0, 0x240088d0}, 0x8c0) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0xa, 0x80002, 0x73) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/reset\x00', 0x82, 0x0) lseek$auto(0x3, 0x2, 0x4) sendmmsg$auto(r2, &(0x7f0000000200)={{&(0x7f0000000000), 0x3ff, 0x0, 0x9, 0x0, 0x4, 0x24000000}, 0x5}, 0x2, 0x2) 2.150866848s ago: executing program 3 (id=1242): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0xa0942, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) ioprio_set$auto(0x2, 0x800000000, 0x8) r1 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x189002, 0x0) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dri/card0\x00', 0x28102, 0x0) ioctl$auto(r2, 0x921064ab, 0x8) syz_clone3(&(0x7f0000000380)={0x0, &(0x7f00000000c0), &(0x7f0000000180), &(0x7f00000001c0)=0x0, {0xec2}, &(0x7f0000000200), 0x0, &(0x7f0000000240)=""/249, &(0x7f0000000340)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff], 0x4}, 0x58) ptrace$auto(0x5, r3, 0xffffffffffffffff, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'tunl0\x00', 0x0}) sendto$auto(0x3, 0x0, 0x20000000013, 0xfffffff8, &(0x7f0000000440)=@vsock={0x28, 0x0, 0xffffffff, @host}, 0x22) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/cpu/cpu0/topology/thread_siblings_list\x00', 0x80500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000001480)=""/4078, 0xfee) bpf$auto_BPF_MAP_GET_NEXT_KEY(0x4, &(0x7f0000000000)=@bpf_attr_0={0xfffffffb, 0x8001, 0x3, 0x54, 0x261, r1, 0x4, "a7c93355ef3af286ffe45730e41b15b1", r5, r0, 0x8, 0x5, 0xb, 0x2, 0xffffffffffffffff, r6}, 0x4) 1.912011306s ago: executing program 3 (id=1243): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = memfd_create$auto(0x0, 0x0) fallocate$auto(r0, 0x0, 0x9, 0x4cbd5d) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x40000, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 1.805707086s ago: executing program 1 (id=1244): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async, rerun: 32) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) (async, rerun: 32) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) socket(0x15, 0x5, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async, rerun: 32) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (rerun: 32) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) unshare$auto(0x40000080) r1 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r1, 0x0, 0x7, 0x4cbd5d) (async) write$auto(r1, &(0x7f0000000040)='\x00', 0x1) (async) semctl$auto_SETVAL(0x2, 0x5, 0x10, 0x81) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x112) close_range$auto(0x2, 0x8, 0x0) (async) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r2, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105}) (async) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) socket(0x10, 0x2, 0x4) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, 0x0, 0xd0d58b333228212f, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x4000000) (async) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYBLOB="01"], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) 1.712414085s ago: executing program 2 (id=1245): r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_PROTOCOL(r0, 0x1, 0x26, &(0x7f0000000140)='/dev/ram0\x00', 0x9) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd8\x00', 0x511080, 0x0) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) madvise$auto(0x0, 0xff7fffffffff0001, 0x15) (async) close_range$auto(r1, 0x8, 0x0) 1.628442267s ago: executing program 1 (id=1246): r0 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) write$auto(r0, 0x0, 0xfffffdf1) fsetxattr$auto(r0, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) (async, rerun: 64) write$auto(r0, &(0x7f0000000040)='./cgroup/cgroup.threads\x00', 0x7fffffffffffffff) (async, rerun: 64) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async, rerun: 32) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (rerun: 32) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x3, 0x1000000000001, 0x8000000008011, 0x3, 0x0) (rerun: 64) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) ioctl$auto(0x3, 0x8905, 0x38) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x240007, 0x19) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0x2003f2, 0x15) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) (async, rerun: 32) madvise$auto(0x0, 0x200007, 0x19) (rerun: 32) userfaultfd$auto(0x1) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc0400, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) (async, rerun: 32) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) (rerun: 32) close_range$auto(0x2, 0x8, 0x0) 1.460206301s ago: executing program 0 (id=1247): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0xfffffffd, &(0x7f0000000080)={0x0, 0x1}, 0xa, 0x0, 0x4, 0x401}, 0xed7138c}, 0xfffffffd, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x14, r1, 0x301, 0x70bd27, 0x25dfdc03}, 0x14}, 0x1, 0x0, 0x0, 0x2000001c}, 0x20000800) r2 = openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/saved_tgids\x00', 0x189000, 0x0) bpf$auto_BPF_OBJ_PIN(0x6, &(0x7f0000000080)=@prog_bind_map={r0, r2, 0x9}, 0xe) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) io_uring_setup$auto(0x4, 0x0) ioctl$auto(0xffffffffffffffff, 0xc0c0128e, 0xffffffffffffffff) 1.083651047s ago: executing program 0 (id=1248): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x20004884) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000480)={&(0x7f0000000240)='L\fX\x00\x00\x00\x00\x00\t', 0x49}, 0x146, 0x0, 0x5, 0x8}, 0x5}, 0x2, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x8000) sendmsg$auto_IEEE802154_LLSEC_ADD_DEVKEY(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) r2 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000003b80)='/dev/snd/pcmC0D0c\x00', 0x8100, 0x0) setresuid$auto(0x8, 0x8, 0x0) r3 = setfsuid$auto(0x0) setuid$auto(r3) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101000, 0x0) cachestat$auto(r4, &(0x7f00000000c0)={0x401, 0x428a}, &(0x7f0000000140)={0x400000008, 0x3, 0x18, 0x5, 0x4}, 0x0) write$auto_cpu_latency_qos_fops_qos(0xffffffffffffffff, 0x0, 0x0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000100)={0x0, 0x4efe}, 0x2, &(0x7f0000000040)={&(0x7f0000000080)="246bce307a8c42fa693966d81b64062109ebe93e031db0405820210c683f48fa72ca006031e2747df6bf55985f6861a711e7a709", 0x40000000001243}, 0xed, 0x8000010000000000) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r2, 0xc2604110, 0x0) setresuid$auto(r3, r3, r3) madvise$auto(0x0, 0xffffffffffff0005, 0x18) epoll_pwait2$auto(0xffffffffffffffff, 0x0, 0xb3b6, 0x0, 0x0, 0x8) 994.442665ms ago: executing program 2 (id=1249): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0xfc000000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x15, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) waitid$auto_P_PID(0x1, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0xff) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) bpf$auto(0x9, &(0x7f00000000c0)=@batch={0xffffffffffff3c77, 0x40000000037, 0x2, 0x5, 0x9, 0x1, 0x6, 0x5852}, 0x18) prctl$auto(0xc8f, 0x1, 0xffffffffffffffff, 0x10000000000003, 0x7) setgroups$auto(0xe32, 0x0) 150.684228ms ago: executing program 3 (id=1250): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv6/neigh/lo/retrans_time_ms\x00', 0x1d9c42, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x100, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket(0x2, 0x2, 0x1) r3 = bpf$auto(0x0, &(0x7f0000000000)=@bpf_attr_4={0x1b, r2, 0x10000, 0xffffffffffffffff}, 0x10) poll$auto(&(0x7f00000000c0)={r3, 0x3, 0xb}, 0x4, 0x0) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, 0x0}) write$auto(r0, 0x0, 0x1) r5 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, r4, 0x8000000000007ffe) semctl$auto(0x4000001ff, 0xffffffffffffffff, 0x13, 0x3) setsockopt$auto(0x200000000000003, 0x1, 0x29, 0x0, 0x300) r6 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x121041, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r7 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000140), r5) sendmsg$auto_IEEE802154_LLSEC_DEL_DEVKEY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b5b4e11d6726328866c7cd947493237a4fd083b5a7134e1b67a3ccc31cd210ab27cc5156c20c99c76c04a74492e5cd89feeb4547922a520ebc720cb68a81447f51317368516ead55d59783797b8eb282ac44eb789853faa9b0e3e2a2f8b417", @ANYRES16=r7, @ANYBLOB="08002dbd7000fedbdf252e00000008002c0001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8800}, 0x1) write$auto(r6, 0x0, 0x4) select$auto(0x8, 0x0, 0x0, &(0x7f0000000040)={[0xc, 0x5, 0xd, 0x4008fd6, 0x948b, 0xfffffffffffffffc, 0x15f4da0a, 0x3, 0x3, 0x6, 0x80000001, 0x7, 0x4, 0x8, 0x1, 0x1]}, 0x0) write$auto(0x3, 0x0, 0xfdef) write$auto_console_fops_tty_io(r6, 0x0, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, 0x0, 0x501, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x700, 0x0) socket(0xa, 0x2, 0x3a) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'veth1_to_bond\x00'}) read$auto_kernfs_file_fops_kernfs_internal(r8, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) 0s ago: executing program 2 (id=1251): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/vulnerabilities/srbds\x00', 0x0, 0x0) socket(0x2, 0x3, 0x1) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000100)='/dev/usbmon29\x00', 0x0, 0x0) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000001ec0), 0x40000, 0x0) readv$auto(r2, &(0x7f0000000140)={&(0x7f0000000280), 0xfdef}, 0x2) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/ati_remote2/parameters/mode_mask\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000140)=""/33, 0x21) mmap$auto(0x0, 0x10000, 0xde, 0x11, 0xffffffffffffffff, 0x28000) madvise$auto(0x0, 0x2000040080000004, 0xe) r4 = socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) poll$auto(&(0x7f0000000040)={0x3, 0x0, 0xa}, 0x5, 0x108) sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r4, 0x0, 0x20044025) connect$auto(0x3, 0x0, 0x55) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000080), 0xffffffffffffffff) clone3$auto(&(0x7f0000000180)={0x9, 0x80, 0x8, 0x2, 0x7, 0x4, 0xffffffffffffffff, 0xfffffffffffffff7, 0x9, 0xf, 0x1}, 0xde) ioperm$auto(0x7, 0x6, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) listen$auto(0x3, 0x81) ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f0000000200)={0x5b8, @inferred=r1, @inferred, 0x0, 0x80000000, '\x00', {0x1, 0x2, 0x6, 0xffffffffffffffff, 0xee00, 0xfff, 0x1, 0xac, {0x5, 0xfff}, {0x1, 0x6e614b88}, {0x6c, 0x3}, 0x3, 0x7, 0x7, 0x2, 0x7, 0x2, 0x8, 0x2, 0x1, 0x8001, '\x00', 0xd, 0x3, 0xfffc, 0x9be6}}) kill$auto(0x0, 0x11) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0x91f5}, 0x800000001, &(0x7f0000001080)={&(0x7f00000010c0), 0x1ffffffff}, 0x2, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) setreuid$auto(0x0, 0x20000000004) ioctl$auto(0x3, 0x8916, 0x91) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003940)=""/207, 0xcf) kernel console output (not intermixed with test programs): 172.574613][ T7392] misc_open+0x26d/0x450 [ 172.574663][ T7392] ? __pfx_misc_open+0x10/0x10 [ 172.574703][ T7392] chrdev_open+0x234/0x6a0 [ 172.574742][ T7392] ? __pfx_apparmor_file_open+0x10/0x10 [ 172.574775][ T7392] ? __pfx_chrdev_open+0x10/0x10 [ 172.574809][ T7392] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 172.574851][ T7392] do_dentry_open+0x6d8/0x1660 [ 172.574884][ T7392] ? __pfx_chrdev_open+0x10/0x10 [ 172.574927][ T7392] vfs_open+0x82/0x3f0 [ 172.574973][ T7392] path_openat+0x208c/0x31a0 [ 172.575022][ T7392] ? __pfx_path_openat+0x10/0x10 [ 172.575074][ T7392] do_file_open+0x20e/0x430 [ 172.575113][ T7392] ? __pfx_do_file_open+0x10/0x10 [ 172.575178][ T7392] ? alloc_fd+0x476/0x790 [ 172.575216][ T7392] ? do_getname+0x191/0x390 [ 172.575262][ T7392] do_sys_openat2+0x10d/0x1e0 [ 172.575305][ T7392] ? __pfx_do_sys_openat2+0x10/0x10 [ 172.575351][ T7392] ? __fget_files+0x21f/0x3d0 [ 172.575393][ T7392] __x64_sys_openat+0x12d/0x210 [ 172.575438][ T7392] ? __pfx___x64_sys_openat+0x10/0x10 [ 172.575498][ T7392] do_syscall_64+0x106/0xf80 [ 172.575530][ T7392] ? clear_bhb_loop+0x40/0x90 [ 172.575569][ T7392] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.575600][ T7392] RIP: 0033:0x7eff33f9c819 [ 172.575628][ T7392] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 172.575665][ T7392] RSP: 002b:00007eff34d88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 172.575696][ T7392] RAX: ffffffffffffffda RBX: 00007eff34215fa0 RCX: 00007eff33f9c819 [ 172.575717][ T7392] RDX: 0000000000000000 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 172.575736][ T7392] RBP: 00007eff34032c91 R08: 0000000000000000 R09: 0000000000000000 [ 172.575754][ T7392] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 172.575772][ T7392] R13: 00007eff34216038 R14: 00007eff34215fa0 R15: 00007ffc286fb088 [ 172.575815][ T7392] [ 174.535272][ T7422] futex_wake_op: syz.0.347 tries to shift op by -2048; fix this program [ 174.535580][ T7422] futex_wake_op: syz.0.347 tries to shift op by -2048; fix this program [ 174.668649][ T7425] input: f¬ as /devices/virtual/input/input7 [ 174.991879][ T7413] zswap: compressor not available [ 176.169450][ T7441] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 176.182327][ T7441] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 176.230674][ T7441] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 176.276794][ T7441] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 176.304814][ T7441] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 176.401774][ T7441] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 176.429332][ T7441] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 176.479775][ T7441] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 176.541758][ T7441] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 176.576621][ T7441] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 176.590187][ T7441] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 176.617013][ T7441] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 177.730609][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout [ 178.299673][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 178.462804][ T5142] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.609697][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 179.295124][ T7492] ubi0: attaching mtd0 [ 179.306487][ T7492] ubi0: scanning is finished [ 179.321630][ T7492] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 179.615520][ T7492] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 179.809934][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout [ 180.369770][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 180.413063][ T7518] FAULT_INJECTION: forcing a failure. [ 180.413063][ T7518] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 180.413146][ T7518] CPU: 1 UID: 0 PID: 7518 Comm: syz.1.365 Tainted: G L syzkaller #0 PREEMPT(full) [ 180.413186][ T7518] Tainted: [L]=SOFTLOCKUP [ 180.413195][ T7518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 180.413211][ T7518] Call Trace: [ 180.413221][ T7518] [ 180.413232][ T7518] dump_stack_lvl+0x100/0x190 [ 180.413283][ T7518] should_fail_ex.cold+0x5/0xa [ 180.413320][ T7518] _copy_from_user+0x2e/0xd0 [ 180.413384][ T7518] mtdchar_ioctl+0x1826/0x1fd0 [ 180.413429][ T7518] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 180.413477][ T7518] ? rcu_is_watching+0x12/0xc0 [ 180.413523][ T7518] ? trace_contention_end+0x140/0x180 [ 180.413572][ T7518] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 180.413609][ T7518] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 180.413656][ T7518] ? __pfx___mutex_lock+0x10/0x10 [ 180.413696][ T7518] ? find_held_lock+0x2b/0x80 [ 180.413746][ T7518] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 180.413782][ T7518] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 180.413822][ T7518] __x64_sys_ioctl+0x18e/0x210 [ 180.413878][ T7518] do_syscall_64+0x106/0xf80 [ 180.413906][ T7518] ? clear_bhb_loop+0x40/0x90 [ 180.413940][ T7518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.413970][ T7518] RIP: 0033:0x7f1f9119c819 [ 180.413994][ T7518] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 180.414020][ T7518] RSP: 002b:00007f1f9204b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.414049][ T7518] RAX: ffffffffffffffda RBX: 00007f1f91416090 RCX: 00007f1f9119c819 [ 180.414067][ T7518] RDX: 0000000000000003 RSI: 0000000040084d02 RDI: 0000000000000003 [ 180.414093][ T7518] RBP: 00007f1f9204b090 R08: 0000000000000000 R09: 0000000000000000 [ 180.414110][ T7518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 180.414127][ T7518] R13: 00007f1f91416128 R14: 00007f1f91416090 R15: 00007ffd1bf3af28 [ 180.414167][ T7518] [ 180.534495][ T5142] Bluetooth: hci2: command 0x0c1a tx timeout [ 180.709625][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 180.981674][ T7523] FAULT_INJECTION: forcing a failure. [ 180.981674][ T7523] name failslab, interval 1, probability 0, space 0, times 0 [ 180.981723][ T7523] CPU: 1 UID: 0 PID: 7523 Comm: syz.1.368 Tainted: G L syzkaller #0 PREEMPT(full) [ 180.981762][ T7523] Tainted: [L]=SOFTLOCKUP [ 180.981772][ T7523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 180.981787][ T7523] Call Trace: [ 180.981797][ T7523] [ 180.981808][ T7523] dump_stack_lvl+0x100/0x190 [ 180.981856][ T7523] should_fail_ex.cold+0x5/0xa [ 180.981901][ T7523] ? lsm_blob_alloc+0x68/0x90 [ 180.981943][ T7523] should_failslab+0xc2/0x120 [ 180.981977][ T7523] __kmalloc_noprof+0xe0/0x850 [ 180.982021][ T7523] ? trace_kmalloc+0x101/0x130 [ 180.982059][ T7523] lsm_blob_alloc+0x68/0x90 [ 180.982104][ T7523] security_sk_alloc+0x2d/0x290 [ 180.982139][ T7523] sk_prot_alloc+0x12a/0x2a0 [ 180.982177][ T7523] sk_alloc+0x36/0xe80 [ 180.982222][ T7523] packet_create+0x127/0x8e0 [ 180.982265][ T7523] __sock_create+0x339/0x860 [ 180.982310][ T7523] __sys_socket+0x14d/0x260 [ 180.982349][ T7523] ? __pfx___sys_socket+0x10/0x10 [ 180.982400][ T7523] __x64_sys_socket+0x72/0xb0 [ 180.982437][ T7523] ? lockdep_hardirqs_on+0x78/0x100 [ 180.982469][ T7523] do_syscall_64+0x106/0xf80 [ 180.982498][ T7523] ? clear_bhb_loop+0x40/0x90 [ 180.982535][ T7523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.982565][ T7523] RIP: 0033:0x7f1f9119c819 [ 180.982590][ T7523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 180.982617][ T7523] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 180.982655][ T7523] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 180.982673][ T7523] RDX: 0000000000000000 RSI: 0000000000080003 RDI: 0000000000000011 [ 180.982690][ T7523] RBP: 00007f1f91232c91 R08: 0000000000000000 R09: 0000000000000000 [ 180.982707][ T7523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.982723][ T7523] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 180.982762][ T7523] [ 181.217387][ T7544] random: crng reseeded on system resumption [ 181.246610][ T7544] Restarting kernel threads ... [ 181.614352][ T7544] Done restarting kernel threads. [ 181.660290][ T7552] FAULT_INJECTION: forcing a failure. [ 181.660290][ T7552] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 181.660338][ T7552] CPU: 1 UID: 0 PID: 7552 Comm: syz.0.372 Tainted: G L syzkaller #0 PREEMPT(full) [ 181.660377][ T7552] Tainted: [L]=SOFTLOCKUP [ 181.660387][ T7552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 181.660403][ T7552] Call Trace: [ 181.660411][ T7552] [ 181.660421][ T7552] dump_stack_lvl+0x100/0x190 [ 181.660470][ T7552] should_fail_ex.cold+0x5/0xa [ 181.660506][ T7552] _copy_from_user+0x2e/0xd0 [ 181.660564][ T7552] ucma_write+0x128/0x330 [ 181.660609][ T7552] ? __pfx_ucma_write+0x10/0x10 [ 181.660658][ T7552] ? bpf_lsm_file_permission+0x9/0x10 [ 181.660686][ T7552] ? security_file_permission+0x76/0x210 [ 181.660725][ T7552] ? rw_verify_area+0xce/0x6d0 [ 181.660772][ T7552] vfs_write+0x2aa/0x1070 [ 181.660801][ T7552] ? __pfx_ucma_write+0x10/0x10 [ 181.660847][ T7552] ? __pfx_vfs_write+0x10/0x10 [ 181.660870][ T7552] ? find_held_lock+0x2b/0x80 [ 181.660895][ T7552] ? __fget_files+0x215/0x3d0 [ 181.660922][ T7552] ? __fget_files+0x215/0x3d0 [ 181.660957][ T7552] ? __fget_files+0x21f/0x3d0 [ 181.660996][ T7552] ksys_write+0x1f8/0x250 [ 181.661024][ T7552] ? __pfx_ksys_write+0x10/0x10 [ 181.661062][ T7552] do_syscall_64+0x106/0xf80 [ 181.661091][ T7552] ? clear_bhb_loop+0x40/0x90 [ 181.661126][ T7552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.661153][ T7552] RIP: 0033:0x7eff33f9c819 [ 181.661177][ T7552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 181.661201][ T7552] RSP: 002b:00007eff34d88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 181.661228][ T7552] RAX: ffffffffffffffda RBX: 00007eff34215fa0 RCX: 00007eff33f9c819 [ 181.661247][ T7552] RDX: 00000000000000c3 RSI: 0000000000000000 RDI: 0000000000000019 [ 181.661263][ T7552] RBP: 00007eff34d88090 R08: 0000000000000000 R09: 0000000000000000 [ 181.661279][ T7552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 181.661294][ T7552] R13: 00007eff34216038 R14: 00007eff34215fa0 R15: 00007ffc286fb088 [ 181.661333][ T7552] [ 181.903714][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout [ 182.420345][ T7565] FAULT_INJECTION: forcing a failure. [ 182.420345][ T7565] name failslab, interval 1, probability 0, space 0, times 0 [ 182.459345][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 182.465768][ T7565] CPU: 1 UID: 0 PID: 7565 Comm: syz.1.375 Tainted: G L syzkaller #0 PREEMPT(full) [ 182.465833][ T7565] Tainted: [L]=SOFTLOCKUP [ 182.465843][ T7565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 182.465859][ T7565] Call Trace: [ 182.465868][ T7565] [ 182.465880][ T7565] dump_stack_lvl+0x100/0x190 [ 182.465930][ T7565] should_fail_ex.cold+0x5/0xa [ 182.465974][ T7565] ? tomoyo_realpath_from_path+0xb6/0x690 [ 182.466018][ T7565] should_failslab+0xc2/0x120 [ 182.466054][ T7565] __kmalloc_noprof+0xe0/0x850 [ 182.466108][ T7565] tomoyo_realpath_from_path+0xb6/0x690 [ 182.466161][ T7565] tomoyo_path_perm+0x276/0x460 [ 182.466193][ T7565] ? tomoyo_path_perm+0x262/0x460 [ 182.466239][ T7565] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 182.466280][ T7565] ? do_raw_spin_lock+0x128/0x260 [ 182.466336][ T7565] ? do_raw_spin_unlock+0x145/0x1e0 [ 182.466404][ T7565] ? __pfx_current_check_access_path+0x10/0x10 [ 182.466448][ T7565] ? simple_lookup+0x105/0x1d0 [ 182.466487][ T7565] ? lookup_one_qstr_excl+0xb3/0x250 [ 182.466532][ T7565] tomoyo_path_symlink+0x97/0xe0 [ 182.466577][ T7565] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 182.466633][ T7565] security_path_symlink+0x152/0x2d0 [ 182.466672][ T7565] filename_symlinkat+0x122/0x560 [ 182.466714][ T7565] ? __pfx_filename_symlinkat+0x10/0x10 [ 182.466752][ T7565] ? strncpy_from_user+0x19d/0x2d0 [ 182.466803][ T7565] ? do_getname+0x191/0x390 [ 182.466848][ T7565] __x64_sys_symlink+0x79/0xb0 [ 182.466885][ T7565] do_syscall_64+0x106/0xf80 [ 182.466916][ T7565] ? clear_bhb_loop+0x40/0x90 [ 182.466952][ T7565] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.466988][ T7565] RIP: 0033:0x7f1f9119c819 [ 182.467014][ T7565] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 182.467038][ T7565] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 182.467068][ T7565] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 182.467088][ T7565] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 182.467106][ T7565] RBP: 00007f1f91232c91 R08: 0000000000000000 R09: 0000000000000000 [ 182.467124][ T7565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.467142][ T7565] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 182.467185][ T7565] [ 182.467198][ T7565] ERROR: Out of memory at tomoyo_realpath_from_path. [ 182.610285][ T5142] Bluetooth: hci2: command 0x0c1a tx timeout [ 182.776165][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 186.511044][ T7618] FAULT_INJECTION: forcing a failure. [ 186.511044][ T7618] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 186.666370][ T7618] CPU: 1 UID: 0 PID: 7618 Comm: syz.0.386 Tainted: G L syzkaller #0 PREEMPT(full) [ 186.666417][ T7618] Tainted: [L]=SOFTLOCKUP [ 186.666427][ T7618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 186.666443][ T7618] Call Trace: [ 186.666453][ T7618] [ 186.666464][ T7618] dump_stack_lvl+0x100/0x190 [ 186.666514][ T7618] should_fail_ex.cold+0x5/0xa [ 186.666560][ T7618] _copy_from_user+0x2e/0xd0 [ 186.666601][ T7618] ucma_join_multicast+0xa2/0x160 [ 186.666634][ T7618] ? __pfx_ucma_join_multicast+0x10/0x10 [ 186.666694][ T7618] ? __pfx_ucma_join_multicast+0x10/0x10 [ 186.666727][ T7618] ucma_write+0x1fb/0x330 [ 186.666772][ T7618] ? __pfx_ucma_write+0x10/0x10 [ 186.666813][ T7618] ? bpf_lsm_file_permission+0x9/0x10 [ 186.666841][ T7618] ? security_file_permission+0x76/0x210 [ 186.666882][ T7618] ? rw_verify_area+0xce/0x6d0 [ 186.666930][ T7618] vfs_write+0x2aa/0x1070 [ 186.666961][ T7618] ? __pfx_ucma_write+0x10/0x10 [ 186.667006][ T7618] ? __pfx_vfs_write+0x10/0x10 [ 186.667032][ T7618] ? find_held_lock+0x2b/0x80 [ 186.667061][ T7618] ? __fget_files+0x215/0x3d0 [ 186.667090][ T7618] ? __fget_files+0x215/0x3d0 [ 186.667125][ T7618] ? __fget_files+0x21f/0x3d0 [ 186.667165][ T7618] ksys_write+0x1f8/0x250 [ 186.667194][ T7618] ? __pfx_ksys_write+0x10/0x10 [ 186.667234][ T7618] do_syscall_64+0x106/0xf80 [ 186.667265][ T7618] ? clear_bhb_loop+0x40/0x90 [ 186.667301][ T7618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.667331][ T7618] RIP: 0033:0x7eff33f9c819 [ 186.667355][ T7618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.667387][ T7618] RSP: 002b:00007eff34d88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 186.667416][ T7618] RAX: ffffffffffffffda RBX: 00007eff34215fa0 RCX: 00007eff33f9c819 [ 186.667435][ T7618] RDX: 00000000000000c3 RSI: 0000000000000000 RDI: 0000000000000018 [ 186.667452][ T7618] RBP: 00007eff34d88090 R08: 0000000000000000 R09: 0000000000000000 [ 186.667470][ T7618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 186.667486][ T7618] R13: 00007eff34216038 R14: 00007eff34215fa0 R15: 00007ffc286fb088 [ 186.667525][ T7618] [ 188.234015][ T7653] FAULT_INJECTION: forcing a failure. [ 188.234015][ T7653] name failslab, interval 1, probability 0, space 0, times 0 [ 188.289891][ T7653] CPU: 1 UID: 0 PID: 7653 Comm: syz.3.392 Tainted: G L syzkaller #0 PREEMPT(full) [ 188.289941][ T7653] Tainted: [L]=SOFTLOCKUP [ 188.289952][ T7653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 188.289968][ T7653] Call Trace: [ 188.289978][ T7653] [ 188.289988][ T7653] dump_stack_lvl+0x100/0x190 [ 188.290042][ T7653] should_fail_ex.cold+0x5/0xa [ 188.290080][ T7653] should_failslab+0xc2/0x120 [ 188.290115][ T7653] __kmalloc_cache_noprof+0x7a/0x6f0 [ 188.290156][ T7653] ? snd_seq_prioq_new+0x3f/0x110 [ 188.290205][ T7653] ? lockdep_init_map_type+0x5c/0x250 [ 188.290253][ T7653] snd_seq_prioq_new+0x3f/0x110 [ 188.290301][ T7653] snd_seq_queue_alloc+0x153/0x590 [ 188.290352][ T7653] snd_seq_ioctl_create_queue+0xa9/0x370 [ 188.290390][ T7653] call_seq_client_ctl+0xa3/0x130 [ 188.290430][ T7653] snd_seq_kernel_client_ctl+0x77/0xd0 [ 188.290468][ T7653] alloc_seq_queue+0xdb/0x180 [ 188.290506][ T7653] ? __pfx_alloc_seq_queue+0x10/0x10 [ 188.290564][ T7653] ? mark_held_locks+0x40/0x70 [ 188.290602][ T7653] ? _raw_spin_unlock_irq+0x23/0x50 [ 188.290648][ T7653] ? lockdep_hardirqs_on+0x78/0x100 [ 188.290685][ T7653] snd_seq_oss_open+0x2b2/0xa10 [ 188.290731][ T7653] odev_open+0x79/0xc0 [ 188.290763][ T7653] ? __pfx_odev_open+0x10/0x10 [ 188.290805][ T7653] soundcore_open+0x2e3/0x5a0 [ 188.290846][ T7653] ? __pfx_soundcore_open+0x10/0x10 [ 188.290882][ T7653] chrdev_open+0x234/0x6a0 [ 188.290914][ T7653] ? __pfx_apparmor_file_open+0x10/0x10 [ 188.290949][ T7653] ? __pfx_chrdev_open+0x10/0x10 [ 188.290985][ T7653] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 188.291028][ T7653] do_dentry_open+0x6d8/0x1660 [ 188.291060][ T7653] ? __pfx_chrdev_open+0x10/0x10 [ 188.291104][ T7653] vfs_open+0x82/0x3f0 [ 188.291150][ T7653] path_openat+0x208c/0x31a0 [ 188.291198][ T7653] ? __pfx_path_openat+0x10/0x10 [ 188.291249][ T7653] do_file_open+0x20e/0x430 [ 188.291286][ T7653] ? __pfx_do_file_open+0x10/0x10 [ 188.291351][ T7653] ? alloc_fd+0x476/0x790 [ 188.291388][ T7653] ? do_getname+0x191/0x390 [ 188.291432][ T7653] do_sys_openat2+0x10d/0x1e0 [ 188.291474][ T7653] ? __pfx_do_sys_openat2+0x10/0x10 [ 188.291531][ T7653] __x64_sys_openat+0x12d/0x210 [ 188.291575][ T7653] ? __pfx___x64_sys_openat+0x10/0x10 [ 188.291635][ T7653] do_syscall_64+0x106/0xf80 [ 188.291665][ T7653] ? clear_bhb_loop+0x40/0x90 [ 188.291704][ T7653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.291734][ T7653] RIP: 0033:0x7f20e079c819 [ 188.291762][ T7653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 188.291797][ T7653] RSP: 002b:00007f20e15d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 188.291827][ T7653] RAX: ffffffffffffffda RBX: 00007f20e0a15fa0 RCX: 00007f20e079c819 [ 188.291846][ T7653] RDX: 0000000000020c00 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 188.291865][ T7653] RBP: 00007f20e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 188.291882][ T7653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 188.291899][ T7653] R13: 00007f20e0a16038 R14: 00007f20e0a15fa0 R15: 00007ffe60533ae8 [ 188.291934][ T7653] [ 189.260839][ T7665] netlink: 330 bytes leftover after parsing attributes in process `syz.0.394'. [ 189.997107][ T7683] FAULT_INJECTION: forcing a failure. [ 189.997107][ T7683] name failslab, interval 1, probability 0, space 0, times 0 [ 190.043397][ T7683] CPU: 1 UID: 0 PID: 7683 Comm: syz.0.399 Tainted: G L syzkaller #0 PREEMPT(full) [ 190.043443][ T7683] Tainted: [L]=SOFTLOCKUP [ 190.043453][ T7683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 190.043468][ T7683] Call Trace: [ 190.043487][ T7683] [ 190.043498][ T7683] dump_stack_lvl+0x100/0x190 [ 190.043558][ T7683] should_fail_ex.cold+0x5/0xa [ 190.043593][ T7683] should_failslab+0xc2/0x120 [ 190.043626][ T7683] __kmalloc_cache_noprof+0x7a/0x6f0 [ 190.043665][ T7683] ? __do_sys_fanotify_init+0x5cf/0xe50 [ 190.043709][ T7683] ? get_mem_cgroup_from_mm+0x88/0x600 [ 190.043751][ T7683] ? get_mem_cgroup_from_mm+0x132/0x600 [ 190.043815][ T7683] __do_sys_fanotify_init+0x5cf/0xe50 [ 190.043867][ T7683] do_syscall_64+0x106/0xf80 [ 190.043896][ T7683] ? clear_bhb_loop+0x40/0x90 [ 190.043931][ T7683] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.043961][ T7683] RIP: 0033:0x7eff33f9c819 [ 190.043986][ T7683] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 190.044011][ T7683] RSP: 002b:00007eff34d88028 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 190.044038][ T7683] RAX: ffffffffffffffda RBX: 00007eff34215fa0 RCX: 00007eff33f9c819 [ 190.044056][ T7683] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000008 [ 190.044072][ T7683] RBP: 00007eff34032c91 R08: 0000000000000000 R09: 0000000000000000 [ 190.044089][ T7683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.044104][ T7683] R13: 00007eff34216038 R14: 00007eff34215fa0 R15: 00007ffc286fb088 [ 190.044143][ T7683] [ 190.641305][ T7698] FAULT_INJECTION: forcing a failure. [ 190.641305][ T7698] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 190.708863][ T7694] zswap: compressor not available [ 190.710822][ T7698] CPU: 1 UID: 0 PID: 7698 Comm: syz.1.400 Tainted: G L syzkaller #0 PREEMPT(full) [ 190.710862][ T7698] Tainted: [L]=SOFTLOCKUP [ 190.710870][ T7698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 190.710884][ T7698] Call Trace: [ 190.710892][ T7698] [ 190.710901][ T7698] dump_stack_lvl+0x100/0x190 [ 190.710945][ T7698] should_fail_ex.cold+0x5/0xa [ 190.710970][ T7698] ? prepare_alloc_pages+0x16d/0x5f0 [ 190.711004][ T7698] should_fail_alloc_page+0xeb/0x140 [ 190.711035][ T7698] prepare_alloc_pages+0x1f0/0x5f0 [ 190.711071][ T7698] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 190.711114][ T7698] ? stack_trace_save+0x8e/0xc0 [ 190.711140][ T7698] ? __pfx_stack_trace_save+0x10/0x10 [ 190.711168][ T7698] ? stack_depot_save_flags+0x27/0x9d0 [ 190.711209][ T7698] ? kasan_save_stack+0x3f/0x50 [ 190.711231][ T7698] ? kasan_save_stack+0x30/0x50 [ 190.711253][ T7698] ? kasan_save_track+0x14/0x30 [ 190.711277][ T7698] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 190.711314][ T7698] ? __handle_mm_fault+0xa9e/0x2b60 [ 190.711347][ T7698] ? handle_mm_fault+0x36d/0xa20 [ 190.711379][ T7698] ? do_user_addr_fault+0x74c/0x12f0 [ 190.711404][ T7698] ? asm_exc_page_fault+0x26/0x30 [ 190.711429][ T7698] ? _copy_from_user+0x98/0xd0 [ 190.711458][ T7698] ? mtdchar_ioctl+0x1826/0x1fd0 [ 190.711488][ T7698] ? mtdchar_unlocked_ioctl+0xb0/0xf0 [ 190.711525][ T7698] ? __x64_sys_ioctl+0x18e/0x210 [ 190.711560][ T7698] ? do_syscall_64+0x106/0xf80 [ 190.711585][ T7698] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.711628][ T7698] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 190.711656][ T7698] ? policy_nodemask+0xed/0x4f0 [ 190.711687][ T7698] alloc_pages_mpol+0x1fb/0x550 [ 190.711717][ T7698] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 190.711755][ T7698] alloc_pages_noprof+0x136/0x390 [ 190.711793][ T7698] pte_alloc_one+0x1c/0x3d0 [ 190.711829][ T7698] do_fault+0x88e/0x18e0 [ 190.711859][ T7698] ? __pmd_alloc+0x3fb/0x950 [ 190.711892][ T7698] __handle_mm_fault+0x1815/0x2b60 [ 190.711934][ T7698] ? mt_find+0x45e/0x8e0 [ 190.711963][ T7698] ? __pfx___handle_mm_fault+0x10/0x10 [ 190.711996][ T7698] ? __pfx_mt_find+0x10/0x10 [ 190.712044][ T7698] ? find_vma+0xbf/0x140 [ 190.712069][ T7698] ? __pfx_find_vma+0x10/0x10 [ 190.712099][ T7698] handle_mm_fault+0x36d/0xa20 [ 190.712142][ T7698] do_user_addr_fault+0x74c/0x12f0 [ 190.712178][ T7698] exc_page_fault+0x6f/0xd0 [ 190.712205][ T7698] asm_exc_page_fault+0x26/0x30 [ 190.712229][ T7698] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 190.712264][ T7698] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 190.712286][ T7698] RSP: 0018:ffffc90003387bc0 EFLAGS: 00050246 [ 190.712308][ T7698] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 0000000000000008 [ 190.712323][ T7698] RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffffc90003387c58 [ 190.712337][ T7698] RBP: 0000000000000008 R08: 0000000000000001 R09: fffff52000670f8b [ 190.712352][ T7698] R10: ffffc90003387c5f R11: 0000000000000000 R12: 0000000000000000 [ 190.712367][ T7698] R13: ffffc90003387c58 R14: ffff888029051000 R15: 0000000040084d02 [ 190.712401][ T7698] _copy_from_user+0x98/0xd0 [ 190.712434][ T7698] mtdchar_ioctl+0x1826/0x1fd0 [ 190.712471][ T7698] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 190.712520][ T7698] ? rcu_is_watching+0x12/0xc0 [ 190.712559][ T7698] ? trace_contention_end+0x140/0x180 [ 190.712601][ T7698] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 190.712633][ T7698] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 190.712671][ T7698] ? __pfx___mutex_lock+0x10/0x10 [ 190.712705][ T7698] ? find_held_lock+0x2b/0x80 [ 190.712748][ T7698] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 190.712778][ T7698] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 190.712812][ T7698] __x64_sys_ioctl+0x18e/0x210 [ 190.712852][ T7698] do_syscall_64+0x106/0xf80 [ 190.712876][ T7698] ? clear_bhb_loop+0x40/0x90 [ 190.712907][ T7698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.712933][ T7698] RIP: 0033:0x7f1f9119c819 [ 190.712953][ T7698] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 190.712974][ T7698] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 190.712997][ T7698] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 190.713012][ T7698] RDX: 0000000000000003 RSI: 0000000040084d02 RDI: 0000000000000003 [ 190.713027][ T7698] RBP: 00007f1f9206c090 R08: 0000000000000000 R09: 0000000000000000 [ 190.713041][ T7698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 190.713056][ T7698] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 190.713090][ T7698] [ 191.419249][ T7706] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(2) [ 191.453329][ T7709] nvme_fcloop: unknown parameter or missing value '1' [ 191.500758][ T7709] netlink: 4 bytes leftover after parsing attributes in process `syz.1.403'. [ 192.480665][ T7723] netlink: 334 bytes leftover after parsing attributes in process `syz.2.408'. [ 194.700224][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.706839][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.289502][ T7831] sp0: Synchronizing with TNC [ 199.821400][ T7854] : Can't lookup blockdev [ 199.832349][ T30] audit: type=1800 audit(2147549248.377:8): pid=7854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.439" name="file0" dev="tmpfs" ino=591 res=0 errno=0 [ 200.660087][ T7870] FAULT_INJECTION: forcing a failure. [ 200.660087][ T7870] name fail_futex, interval 1, probability 0, space 0, times 0 [ 200.729767][ T7870] CPU: 1 UID: 0 PID: 7870 Comm: syz.3.442 Tainted: G L syzkaller #0 PREEMPT(full) [ 200.729816][ T7870] Tainted: [L]=SOFTLOCKUP [ 200.729827][ T7870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 200.729844][ T7870] Call Trace: [ 200.729855][ T7870] [ 200.729867][ T7870] dump_stack_lvl+0x100/0x190 [ 200.729920][ T7870] should_fail_ex.cold+0x5/0xa [ 200.729958][ T7870] get_futex_key+0x1d2/0x1620 [ 200.730002][ T7870] ? __pfx_get_futex_key+0x10/0x10 [ 200.730039][ T7870] ? shmem_get_folio_gfp+0x503/0x1900 [ 200.730095][ T7870] ? page_copy_sane+0x17c/0x2d0 [ 200.730135][ T7870] futex_wait_setup+0x83/0x510 [ 200.730192][ T7870] __futex_wait+0x19f/0x300 [ 200.730243][ T7870] ? __pfx___futex_wait+0x10/0x10 [ 200.730289][ T7870] ? __pfx_futex_wake_mark+0x10/0x10 [ 200.730339][ T7870] ? futex_hash+0x2c5/0x380 [ 200.730389][ T7870] futex_wait+0xed/0x380 [ 200.730435][ T7870] ? __pfx_futex_wait+0x10/0x10 [ 200.730490][ T7870] ? ksys_write+0x190/0x250 [ 200.730518][ T7870] ? ksys_write+0x190/0x250 [ 200.730555][ T7870] do_futex+0x1ef/0x350 [ 200.730596][ T7870] ? __pfx_do_futex+0x10/0x10 [ 200.730648][ T7870] __x64_sys_futex+0x34f/0x4d0 [ 200.730694][ T7870] ? fput+0x79/0x100 [ 200.730740][ T7870] ? __pfx___x64_sys_futex+0x10/0x10 [ 200.730781][ T7870] ? ksys_write+0x1ac/0x250 [ 200.730811][ T7870] ? __pfx_ksys_write+0x10/0x10 [ 200.730855][ T7870] do_syscall_64+0x106/0xf80 [ 200.730887][ T7870] ? clear_bhb_loop+0x40/0x90 [ 200.730926][ T7870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.730958][ T7870] RIP: 0033:0x7f20e079c819 [ 200.730984][ T7870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 200.731014][ T7870] RSP: 002b:00007f20e15d30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 200.731044][ T7870] RAX: ffffffffffffffda RBX: 00007f20e0a15fa8 RCX: 00007f20e079c819 [ 200.731065][ T7870] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f20e0a15fa8 [ 200.731084][ T7870] RBP: 00007f20e0a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 200.731101][ T7870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.731118][ T7870] R13: 00007f20e0a16038 R14: 00007ffe60533a00 R15: 00007ffe60533ae8 [ 200.731167][ T7870] [ 205.584602][ T7924] futex_wake_op: syz.2.453 tries to shift op by -2048; fix this program [ 214.122967][ T30] audit: type=1800 audit(2147549262.668:9): pid=8048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.475" name="lu_gp_id" dev="configfs" ino=22508 res=0 errno=0 [ 214.138764][ T8048] ALUA LU Group already has a valid ID, ignoring request [ 214.499841][ T8037] netlink: 8 bytes leftover after parsing attributes in process `syz.1.472'. [ 215.935458][ T8048] kexec: Could not allocate control_code_buffer [ 215.962676][ T8076] FAULT_INJECTION: forcing a failure. [ 215.962676][ T8076] name failslab, interval 1, probability 0, space 0, times 0 [ 215.962708][ T8076] CPU: 1 UID: 0 PID: 8076 Comm: syz.2.480 Tainted: G L syzkaller #0 PREEMPT(full) [ 215.962733][ T8076] Tainted: [L]=SOFTLOCKUP [ 215.962739][ T8076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 215.962749][ T8076] Call Trace: [ 215.962755][ T8076] [ 215.962762][ T8076] dump_stack_lvl+0x100/0x190 [ 215.962793][ T8076] should_fail_ex.cold+0x5/0xa [ 215.962816][ T8076] should_failslab+0xc2/0x120 [ 215.962837][ T8076] __kmalloc_cache_noprof+0x7a/0x6f0 [ 215.962862][ T8076] ? sctp_auth_shkey_create+0x9e/0x210 [ 215.962886][ T8076] sctp_auth_shkey_create+0x9e/0x210 [ 215.962907][ T8076] sctp_endpoint_new+0x589/0xb20 [ 215.962930][ T8076] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 215.962953][ T8076] ? lockdep_init_map_type+0x5c/0x250 [ 215.962977][ T8076] ? lockdep_init_map_type+0x5c/0x250 [ 215.963005][ T8076] sctp_init_sock+0xe2b/0x1300 [ 215.963023][ T8076] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 215.963042][ T8076] sctp_v6_init_sock+0x16/0x70 [ 215.963060][ T8076] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 215.963078][ T8076] inet6_create+0xb21/0x12b0 [ 215.963099][ T8076] ? inet6_create+0x7f/0x12b0 [ 215.963118][ T8076] __sock_create+0x339/0x860 [ 215.963146][ T8076] __sys_socket+0x14d/0x260 [ 215.963170][ T8076] ? __pfx___sys_socket+0x10/0x10 [ 215.963200][ T8076] __x64_sys_socket+0x72/0xb0 [ 215.963223][ T8076] ? lockdep_hardirqs_on+0x78/0x100 [ 215.963242][ T8076] do_syscall_64+0x106/0xf80 [ 215.963260][ T8076] ? clear_bhb_loop+0x40/0x90 [ 215.963282][ T8076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.963300][ T8076] RIP: 0033:0x7fd74699c819 [ 215.963315][ T8076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.963332][ T8076] RSP: 002b:00007fd747873028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 215.963349][ T8076] RAX: ffffffffffffffda RBX: 00007fd746c16090 RCX: 00007fd74699c819 [ 215.963360][ T8076] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 215.963370][ T8076] RBP: 00007fd746a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 215.963380][ T8076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.963390][ T8076] R13: 00007fd746c16128 R14: 00007fd746c16090 R15: 00007ffea6639598 [ 215.963411][ T8076] [ 217.997878][ T8099] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 218.044892][ T8101] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 218.070591][ T8102] netlink: 330 bytes leftover after parsing attributes in process `syz.3.488'. [ 219.215513][ T8113] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 221.664276][ T8143] netlink: 32 bytes leftover after parsing attributes in process `syz.2.499'. [ 223.147455][ T8192] netlink: 64 bytes leftover after parsing attributes in process `syz.2.505'. [ 233.408578][ T8404] netlink: 342 bytes leftover after parsing attributes in process `syz.1.542'. [ 235.107629][ T8420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.546'. [ 236.586413][ T8444] input: ø as /devices/virtual/input/input11 [ 237.901430][ T8474] block nbd0: shutting down sockets [ 238.952132][ T8502] vivid-007: ================= START STATUS ================= [ 239.027513][ T8502] vivid-007: Generate PTS: true [ 239.090249][ T8502] vivid-007: Generate SCR: true [ 239.119319][ T8502] tpg source WxH: 320x240 (Y'CbCr) [ 239.148462][ T8502] tpg field: 1 [ 239.180585][ T8502] tpg crop: (0,0)/320x240 [ 239.212003][ T8502] tpg compose: (0,0)/320x240 [ 239.245865][ T8502] tpg colorspace: 8 [ 239.282529][ T8502] tpg transfer function: 0/0 [ 239.319013][ T8502] tpg Y'CbCr encoding: 0/0 [ 239.364035][ T8502] tpg quantization: 0/0 [ 239.439850][ T8502] tpg RGB range: 0/2 [ 239.443840][ T8502] vivid-007: ================== END STATUS ================== [ 240.186173][ T8513] netlink: 4 bytes leftover after parsing attributes in process `syz.1.559'. [ 240.332057][ T8516] netlink: 25 bytes leftover after parsing attributes in process `syz.1.559'. [ 241.157669][ T8529] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.128.4294967291), cmd(3) [ 243.801391][ T8598] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input13 [ 249.941475][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 251.088693][ T8701] usb usb21: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 253.152569][ T8717] zswap: compressor not available [ 254.190761][ T8728] FAULT_INJECTION: forcing a failure. [ 254.190761][ T8728] name failslab, interval 1, probability 0, space 0, times 0 [ 254.236580][ T8728] CPU: 1 UID: 0 PID: 8728 Comm: syz.1.607 Tainted: G L syzkaller #0 PREEMPT(full) [ 254.236629][ T8728] Tainted: [L]=SOFTLOCKUP [ 254.236639][ T8728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 254.236655][ T8728] Call Trace: [ 254.236665][ T8728] [ 254.236676][ T8728] dump_stack_lvl+0x100/0x190 [ 254.236729][ T8728] should_fail_ex.cold+0x5/0xa [ 254.236769][ T8728] should_failslab+0xc2/0x120 [ 254.236802][ T8728] __kmalloc_cache_noprof+0x7a/0x6f0 [ 254.236845][ T8728] ? trace_pid_list_alloc+0x232/0x480 [ 254.236895][ T8728] ? lockdep_init_map_type+0x5c/0x250 [ 254.236944][ T8728] trace_pid_list_alloc+0x232/0x480 [ 254.236996][ T8728] trace_pid_write+0x110/0x460 [ 254.237046][ T8728] ? __pfx_trace_pid_write+0x10/0x10 [ 254.237130][ T8728] event_pid_write.isra.0+0x1e4/0x800 [ 254.237166][ T8728] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 254.237211][ T8728] vfs_write+0x2aa/0x1070 [ 254.237243][ T8728] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 254.237280][ T8728] ? __pfx_vfs_write+0x10/0x10 [ 254.237308][ T8728] ? __fget_files+0x215/0x3d0 [ 254.237348][ T8728] ? __fget_files+0x21f/0x3d0 [ 254.237389][ T8728] ksys_write+0x12a/0x250 [ 254.237419][ T8728] ? __pfx_ksys_write+0x10/0x10 [ 254.237462][ T8728] do_syscall_64+0x106/0xf80 [ 254.237493][ T8728] ? clear_bhb_loop+0x40/0x90 [ 254.237532][ T8728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.237563][ T8728] RIP: 0033:0x7f1f9119c819 [ 254.237589][ T8728] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 254.237617][ T8728] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 254.237645][ T8728] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 254.237664][ T8728] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 254.237681][ T8728] RBP: 00007f1f91232c91 R08: 0000000000000000 R09: 0000000000000000 [ 254.237698][ T8728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 254.237715][ T8728] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 254.237757][ T8728] [ 254.990662][ T8741] IPVS: length: 131 != 8 [ 255.017233][ T8741] ICMPv6: process `syz.1.609' is using deprecated sysctl (syscall) net.ipv6.neigh.veth0_to_bridge.base_reachable_time - use net.ipv6.neigh.veth0_to_bridge.base_reachable_time_ms instead [ 256.145297][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.153075][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.915774][ T8791] FAULT_INJECTION: forcing a failure. [ 257.915774][ T8791] name failslab, interval 1, probability 0, space 0, times 0 [ 257.969478][ T8791] CPU: 1 UID: 0 PID: 8791 Comm: syz.1.618 Tainted: G L syzkaller #0 PREEMPT(full) [ 257.969529][ T8791] Tainted: [L]=SOFTLOCKUP [ 257.969539][ T8791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 257.969554][ T8791] Call Trace: [ 257.969564][ T8791] [ 257.969575][ T8791] dump_stack_lvl+0x100/0x190 [ 257.969623][ T8791] should_fail_ex.cold+0x5/0xa [ 257.969656][ T8791] ? __seq_open_private+0x22/0xd0 [ 257.969695][ T8791] should_failslab+0xc2/0x120 [ 257.969727][ T8791] __kmalloc_noprof+0xe0/0x850 [ 257.969770][ T8791] ? __pfx_apparmor_file_open+0x10/0x10 [ 257.969808][ T8791] __seq_open_private+0x22/0xd0 [ 257.969851][ T8791] pid_maps_open+0x29/0xf0 [ 257.969889][ T8791] do_dentry_open+0x6d8/0x1660 [ 257.969919][ T8791] ? __pfx_pid_maps_open+0x10/0x10 [ 257.969966][ T8791] vfs_open+0x82/0x3f0 [ 257.970008][ T8791] path_openat+0x208c/0x31a0 [ 257.970053][ T8791] ? __pfx_path_openat+0x10/0x10 [ 257.970105][ T8791] do_file_open+0x20e/0x430 [ 257.970141][ T8791] ? __pfx_do_file_open+0x10/0x10 [ 257.970187][ T8791] ? __pfx_kfree_link+0x10/0x10 [ 257.970239][ T8791] ? alloc_fd+0x476/0x790 [ 257.970273][ T8791] ? do_getname+0x191/0x390 [ 257.970313][ T8791] do_sys_openat2+0x10d/0x1e0 [ 257.970352][ T8791] ? __pfx_do_sys_openat2+0x10/0x10 [ 257.970393][ T8791] ? __fget_files+0x21f/0x3d0 [ 257.970430][ T8791] __x64_sys_openat+0x12d/0x210 [ 257.970470][ T8791] ? __pfx___x64_sys_openat+0x10/0x10 [ 257.970524][ T8791] do_syscall_64+0x106/0xf80 [ 257.970553][ T8791] ? clear_bhb_loop+0x40/0x90 [ 257.970587][ T8791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.970616][ T8791] RIP: 0033:0x7f1f9119c819 [ 257.970640][ T8791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 257.970666][ T8791] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 257.970693][ T8791] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 257.970713][ T8791] RDX: 0000000000000841 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 257.970730][ T8791] RBP: 00007f1f91232c91 R08: 0000000000000000 R09: 0000000000000000 [ 257.970747][ T8791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.970764][ T8791] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 257.970802][ T8791] [ 258.804538][ T8800] netlink: 20 bytes leftover after parsing attributes in process `syz.1.620'. [ 258.890572][ T8800] netlink: 32 bytes leftover after parsing attributes in process `syz.1.620'. [ 259.201949][ T8806] netlink: 334 bytes leftover after parsing attributes in process `syz.3.622'. [ 259.861898][ T8818] Invalid ELF header magic: != ELF [ 261.663841][ T8834] nfs4: Unknown parameter 'ethtoo ' [ 262.347221][ T8847] netlink: 'syz.2.628': attribute type 4 has an invalid length. [ 262.430734][ T8850] sd 0:0:1:0: PR command failed: 1026 [ 262.479071][ T8850] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 262.539111][ T8850] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 266.000079][ T8895] netlink: 8 bytes leftover after parsing attributes in process `syz.2.639'. [ 268.139913][ T8911] FAULT_INJECTION: forcing a failure. [ 268.139913][ T8911] name failslab, interval 1, probability 0, space 0, times 0 [ 268.300523][ T8911] CPU: 0 UID: 0 PID: 8911 Comm: syz.0.642 Tainted: G L syzkaller #0 PREEMPT(full) [ 268.300556][ T8911] Tainted: [L]=SOFTLOCKUP [ 268.300563][ T8911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 268.300574][ T8911] Call Trace: [ 268.300580][ T8911] [ 268.300587][ T8911] dump_stack_lvl+0x100/0x190 [ 268.300620][ T8911] should_fail_ex.cold+0x5/0xa [ 268.300642][ T8911] should_failslab+0xc2/0x120 [ 268.300663][ T8911] __kvmalloc_node_noprof+0xfa/0xa00 [ 268.300681][ T8911] ? __do_sys_setgroups+0x126/0x4f0 [ 268.300713][ T8911] __do_sys_setgroups+0x126/0x4f0 [ 268.300744][ T8911] do_syscall_64+0x106/0xf80 [ 268.300763][ T8911] ? clear_bhb_loop+0x40/0x90 [ 268.300785][ T8911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.300803][ T8911] RIP: 0033:0x7eff33f9c819 [ 268.300818][ T8911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 268.300836][ T8911] RSP: 002b:00007eff321d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000074 [ 268.300854][ T8911] RAX: ffffffffffffffda RBX: 00007eff34216180 RCX: 00007eff33f9c819 [ 268.300866][ T8911] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000010 [ 268.300876][ T8911] RBP: 00007eff34032c91 R08: 0000000000000000 R09: 0000000000000000 [ 268.300887][ T8911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.300898][ T8911] R13: 00007eff34216218 R14: 00007eff34216180 R15: 00007ffc286fb088 [ 268.300921][ T8911] [ 269.566374][ T8916] sd 0:0:1:0: PR command failed: 1026 [ 269.599696][ T8916] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 269.606511][ T8916] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 270.336948][ T8929] kafs: addr_prefs: Invalid Command [ 274.520267][ T8996] __vm_enough_memory: pid: 8996, comm: syz.1.660, bytes: 4398046511104 not enough memory for the allocation [ 278.054573][ T8993] pim6reg: entered allmulticast mode [ 278.554732][ T9059] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 278.579794][ T9059] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 278.832161][ T7930] pim6reg (unregistering): left allmulticast mode [ 280.912462][ T9110] netlink: 342 bytes leftover after parsing attributes in process `syz.3.682'. [ 280.946568][ T9110] IPv6: NLM_F_CREATE should be specified when creating new route [ 280.977491][ T9110] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 280.985144][ T9110] IPv6: NLM_F_CREATE should be set when creating new route [ 280.992530][ T9110] IPv6: NLM_F_CREATE should be set when creating new route [ 281.166393][ T9110] netlink: 342 bytes leftover after parsing attributes in process `syz.3.682'. [ 281.175660][ T9110] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 283.648689][ T9172] i2c i2c-0: delete_device: Can't parse I2C address [ 283.913880][ T9181] futex_wake_op: syz.3.693 tries to shift op by -2048; fix this program [ 283.991475][ T9172] netlink: 28 bytes leftover after parsing attributes in process `syz.3.693'. [ 284.389888][ T9175] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 284.396102][ T9175] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 284.421794][ T9175] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 284.429210][ T9175] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 284.970248][ T9198] bridge0: port 3(bond0) entered blocking state [ 285.001148][ T9198] bridge0: port 3(bond0) entered disabled state [ 285.030457][ T9198] bond0: entered allmulticast mode [ 285.067139][ T9198] bond_slave_0: entered allmulticast mode [ 285.106119][ T9198] bond_slave_1: entered allmulticast mode [ 285.153126][ T9198] bond0: entered promiscuous mode [ 285.179119][ T9198] bond_slave_0: entered promiscuous mode [ 285.220133][ T9198] bond_slave_1: entered promiscuous mode [ 285.262600][ T9198] bridge0: port 3(bond0) entered blocking state [ 285.269100][ T9198] bridge0: port 3(bond0) entered forwarding state [ 285.889787][ T7934] Bluetooth: hci0: command 0x0c1a tx timeout [ 286.404049][ T9221] overlayfs: missing 'lowerdir' [ 286.452571][ T7934] Bluetooth: hci3: command 0x0c1a tx timeout [ 286.458845][ T7934] Bluetooth: hci2: command 0x0c1a tx timeout [ 286.465306][ T7934] Bluetooth: hci1: command 0x0c1a tx timeout [ 290.976762][ T9292] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.220796][ T9307] random: crng reseeded on system resumption [ 291.269305][ T9301] zswap: compressor not available [ 291.482581][ T9317] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 291.656305][ T9316] Unable to find swap-space signature [ 296.206505][ T9366] random: crng reseeded on system resumption [ 298.657201][ T9393] HfR: entered promiscuous mode [ 298.739405][ T9396] netlink: 32 bytes leftover after parsing attributes in process `syz.1.743'. [ 300.983508][ T9425] FAULT_INJECTION: forcing a failure. [ 300.983508][ T9425] name failslab, interval 1, probability 0, space 0, times 0 [ 301.036863][ T9425] CPU: 1 UID: 0 PID: 9425 Comm: syz.2.751 Tainted: G L syzkaller #0 PREEMPT(full) [ 301.036915][ T9425] Tainted: [L]=SOFTLOCKUP [ 301.036926][ T9425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 301.036944][ T9425] Call Trace: [ 301.036955][ T9425] [ 301.036966][ T9425] dump_stack_lvl+0x100/0x190 [ 301.037018][ T9425] should_fail_ex.cold+0x5/0xa [ 301.037054][ T9425] ? tomoyo_supervisor+0x65d/0x1340 [ 301.037082][ T9425] should_failslab+0xc2/0x120 [ 301.037116][ T9425] __kmalloc_noprof+0xe0/0x850 [ 301.037172][ T9425] tomoyo_supervisor+0x65d/0x1340 [ 301.037211][ T9425] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 301.037244][ T9425] ? tomoyo_realpath_from_path+0x19c/0x690 [ 301.037303][ T9425] ? tomoyo_realpath_from_path+0x19c/0x690 [ 301.037346][ T9425] ? kfree+0x1f6/0x6b0 [ 301.037405][ T9425] tomoyo_path_number_perm+0x445/0x580 [ 301.037448][ T9425] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 301.037491][ T9425] ? futex_wait+0x125/0x380 [ 301.037574][ T9425] ? find_held_lock+0x2b/0x80 [ 301.037605][ T9425] ? __fget_files+0x215/0x3d0 [ 301.037633][ T9425] ? hook_file_ioctl_common+0x146/0x410 [ 301.037679][ T9425] ? __fget_files+0x21f/0x3d0 [ 301.037713][ T9425] security_file_ioctl+0xd3/0x230 [ 301.037750][ T9425] __x64_sys_ioctl+0xb7/0x210 [ 301.037806][ T9425] do_syscall_64+0x106/0xf80 [ 301.037839][ T9425] ? clear_bhb_loop+0x40/0x90 [ 301.037879][ T9425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.037909][ T9425] RIP: 0033:0x7fd74699c819 [ 301.037935][ T9425] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 301.037963][ T9425] RSP: 002b:00007fd747894028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 301.037994][ T9425] RAX: ffffffffffffffda RBX: 00007fd746c15fa0 RCX: 00007fd74699c819 [ 301.038012][ T9425] RDX: 0000000000000000 RSI: 000000008004500b RDI: 0000000000000004 [ 301.038029][ T9425] RBP: 00007fd746a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 301.038045][ T9425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.038060][ T9425] R13: 00007fd746c16038 R14: 00007fd746c15fa0 R15: 00007ffea6639598 [ 301.038101][ T9425] [ 301.513779][ T9432] FAULT_INJECTION: forcing a failure. [ 301.513779][ T9432] name failslab, interval 1, probability 0, space 0, times 0 [ 301.527117][ T9432] CPU: 1 UID: 0 PID: 9432 Comm: syz.1.754 Tainted: G L syzkaller #0 PREEMPT(full) [ 301.527162][ T9432] Tainted: [L]=SOFTLOCKUP [ 301.527173][ T9432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 301.527190][ T9432] Call Trace: [ 301.527200][ T9432] [ 301.527212][ T9432] dump_stack_lvl+0x100/0x190 [ 301.527262][ T9432] should_fail_ex.cold+0x5/0xa [ 301.527298][ T9432] should_failslab+0xc2/0x120 [ 301.527330][ T9432] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 301.527373][ T9432] ? alloc_inode+0x68/0x250 [ 301.527412][ T9432] ? simple_start_creating+0xb0/0x110 [ 301.527443][ T9432] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 301.527479][ T9432] alloc_inode+0x68/0x250 [ 301.527527][ T9432] new_inode+0x22/0x1c0 [ 301.527570][ T9432] __debugfs_create_file+0x105/0x4f0 [ 301.527613][ T9432] debugfs_create_file_full+0x41/0x60 [ 301.527654][ T9432] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 301.527696][ T9432] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 301.527737][ T9432] ? rcu_is_watching+0x12/0xc0 [ 301.527816][ T9432] ? lockdep_init_map_type+0x5c/0x250 [ 301.527865][ T9432] preinit_net.part.0+0x24e/0x8f0 [ 301.527900][ T9432] copy_net_ns+0x339/0x7c0 [ 301.527939][ T9432] create_new_namespaces+0x3ea/0xac0 [ 301.527982][ T9432] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 301.528021][ T9432] ksys_unshare+0x473/0xad0 [ 301.528072][ T9432] ? __pfx_ksys_unshare+0x10/0x10 [ 301.528126][ T9432] __x64_sys_unshare+0x31/0x40 [ 301.528163][ T9432] do_syscall_64+0x106/0xf80 [ 301.528193][ T9432] ? clear_bhb_loop+0x40/0x90 [ 301.528230][ T9432] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.528260][ T9432] RIP: 0033:0x7f1f9119c819 [ 301.528288][ T9432] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 301.528316][ T9432] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 301.528347][ T9432] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 301.528367][ T9432] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 301.528386][ T9432] RBP: 00007f1f91232c91 R08: 0000000000000000 R09: 0000000000000000 [ 301.528405][ T9432] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.528423][ T9432] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 301.528466][ T9432] [ 301.890336][ T9432] debugfs: out of free dentries, can not create file 'net_refcnt@ffff888055a18280' [ 301.913117][ T9425] capability: warning: `syz.2.751' uses 32-bit capabilities (legacy support in use) [ 303.318447][ T9453] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 304.408230][ T30] audit: type=1804 audit(2147483701.610:10): pid=9463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.763" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 304.509761][ T9466] random: crng reseeded on system resumption [ 305.838900][ T9486] sg_write: process 740 (syz.1.770) changed security contexts after opening file descriptor, this is not allowed. [ 306.607049][ T9499] Invalid ELF header magic: != ELF [ 306.657414][ T9498] Invalid ELF header magic: != ELF [ 307.752443][ T9509] futex_wake_op: syz.1.776 tries to shift op by -2048; fix this program [ 307.808858][ T9509] futex_wake_op: syz.1.776 tries to shift op by -2048; fix this program [ 308.351023][ T9512] netlink: 25 bytes leftover after parsing attributes in process `syz.0.777'. [ 308.442141][ T9513] [U] ^\ [ 311.715181][ T9556] futex_wake_op: syz.3.784 tries to shift op by -2048; fix this program [ 311.744481][ T9556] futex_wake_op: syz.3.784 tries to shift op by -2048; fix this program [ 312.158087][ T30] audit: type=1804 audit(2147483709.360:11): pid=9561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.786" name="/newroot/191/file0" dev="tmpfs" ino=1032 res=1 errno=0 [ 312.391240][ T9568] zswap: compressor not available [ 312.465181][ T9580] pci 0000:00:00.0: MSI/MSI-X allowed for future drivers [ 312.570678][ T9581] FAULT_INJECTION: forcing a failure. [ 312.570678][ T9581] name failslab, interval 1, probability 0, space 0, times 0 [ 312.588721][ T9581] CPU: 1 UID: 0 PID: 9581 Comm: syz.0.790 Tainted: G L syzkaller #0 PREEMPT(full) [ 312.588782][ T9581] Tainted: [L]=SOFTLOCKUP [ 312.588794][ T9581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 312.588811][ T9581] Call Trace: [ 312.588822][ T9581] [ 312.588834][ T9581] dump_stack_lvl+0x100/0x190 [ 312.588887][ T9581] should_fail_ex.cold+0x5/0xa [ 312.588924][ T9581] should_failslab+0xc2/0x120 [ 312.588959][ T9581] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 312.589005][ T9581] ? __d_alloc+0x34/0xa80 [ 312.589041][ T9581] ? lockdep_init_map_type+0x5c/0x250 [ 312.589090][ T9581] __d_alloc+0x34/0xa80 [ 312.589131][ T9581] d_alloc_pseudo+0x1c/0xc0 [ 312.589175][ T9581] alloc_file_pseudo+0xcf/0x230 [ 312.589217][ T9581] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 312.589258][ T9581] ? alloc_fd+0x476/0x790 [ 312.589296][ T9581] sock_alloc_file+0x50/0x210 [ 312.589331][ T9581] __sys_socket+0x1c0/0x260 [ 312.589372][ T9581] ? __pfx___sys_socket+0x10/0x10 [ 312.589422][ T9581] __x64_sys_socket+0x72/0xb0 [ 312.589459][ T9581] ? lockdep_hardirqs_on+0x78/0x100 [ 312.589492][ T9581] do_syscall_64+0x106/0xf80 [ 312.589526][ T9581] ? clear_bhb_loop+0x40/0x90 [ 312.589564][ T9581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.589597][ T9581] RIP: 0033:0x7eff33f9c819 [ 312.589623][ T9581] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 312.589651][ T9581] RSP: 002b:00007eff321f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 312.589682][ T9581] RAX: ffffffffffffffda RBX: 00007eff34216090 RCX: 00007eff33f9c819 [ 312.589702][ T9581] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 312.589720][ T9581] RBP: 00007eff34032c91 R08: 0000000000000000 R09: 0000000000000000 [ 312.589748][ T9581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 312.589765][ T9581] R13: 00007eff34216128 R14: 00007eff34216090 R15: 00007ffc286fb088 [ 312.589805][ T9581] [ 313.137099][ T9587] netlink: 342 bytes leftover after parsing attributes in process `syz.3.791'. [ 313.848816][ T9594] bridge0: port 4(netdevsim2) entered blocking state [ 313.867056][ T9594] bridge0: port 4(netdevsim2) entered disabled state [ 313.896250][ T9594] netdevsim netdevsim0 netdevsim2: entered allmulticast mode [ 313.951679][ T9594] netdevsim netdevsim0 netdevsim2: entered promiscuous mode [ 313.977988][ T9594] bridge0: port 4(netdevsim2) entered blocking state [ 313.984997][ T9594] bridge0: port 4(netdevsim2) entered forwarding state [ 314.542592][ T9600] bond0: invalid ARP target specified [ 314.548541][ T9600] bond0: invalid ARP target specified [ 314.854175][ T9621] vmstat_refresh: nr_hugetlb -2560 [ 315.040120][ T9623] vmstat_refresh: nr_hugetlb -2560 [ 315.734885][ T7925] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 317.411010][ T9650] binder: 9642:9650 ioctl 40086602 e20 returned -22 [ 317.577282][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.584104][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.759967][ T9668] Process accounting resumed [ 320.787144][ T9692] syz.0.811 (9692): attempted to duplicate a private mapping with mremap. This is not supported. [ 322.200977][ T9702] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 322.207485][ T9702] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 322.279967][ T9702] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 322.286143][ T9702] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 322.995753][ T9707] NFSD: Failed to start, no listeners configured. [ 323.462334][ T30] audit: type=1804 audit(2147483720.660:12): pid=9712 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.816" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 323.499281][ T9226] Bluetooth: hci0: command 0x0c1a tx timeout [ 324.210973][ T9226] Bluetooth: hci1: command 0x0c1a tx timeout [ 324.370254][ T9226] Bluetooth: hci3: command 0x0c1a tx timeout [ 324.377307][ T7934] Bluetooth: hci2: command 0x0c1a tx timeout [ 325.658444][ T9744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.823'. [ 325.715708][ T9745] netlink: 306 bytes leftover after parsing attributes in process `syz.2.823'. [ 328.007207][ T9764] FAULT_INJECTION: forcing a failure. [ 328.007207][ T9764] name failslab, interval 1, probability 0, space 0, times 0 [ 328.119718][ T9764] CPU: 1 UID: 0 PID: 9764 Comm: syz.1.830 Tainted: G L syzkaller #0 PREEMPT(full) [ 328.119766][ T9764] Tainted: [L]=SOFTLOCKUP [ 328.119775][ T9764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 328.119791][ T9764] Call Trace: [ 328.119800][ T9764] [ 328.119811][ T9764] dump_stack_lvl+0x100/0x190 [ 328.119869][ T9764] should_fail_ex.cold+0x5/0xa [ 328.119903][ T9764] ? tomoyo_realpath_from_path+0xb6/0x690 [ 328.119945][ T9764] should_failslab+0xc2/0x120 [ 328.119976][ T9764] __kmalloc_noprof+0xe0/0x850 [ 328.120029][ T9764] tomoyo_realpath_from_path+0xb6/0x690 [ 328.120080][ T9764] tomoyo_check_open_permission+0x2af/0x3c0 [ 328.120119][ T9764] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 328.120195][ T9764] ? do_raw_spin_lock+0x128/0x260 [ 328.120242][ T9764] ? path_get+0x61/0x80 [ 328.120291][ T9764] tomoyo_file_open+0x6b/0x90 [ 328.120320][ T9764] security_file_open+0xb5/0x1e0 [ 328.120358][ T9764] do_dentry_open+0x5aa/0x1660 [ 328.120392][ T9764] ? security_inode_permission+0xbf/0x250 [ 328.120433][ T9764] vfs_open+0x82/0x3f0 [ 328.120474][ T9764] path_openat+0x208c/0x31a0 [ 328.120521][ T9764] ? __pfx_path_openat+0x10/0x10 [ 328.120568][ T9764] do_file_open+0x20e/0x430 [ 328.120602][ T9764] ? __pfx_do_file_open+0x10/0x10 [ 328.120654][ T9764] ? alloc_fd+0x476/0x790 [ 328.120683][ T9764] ? do_getname+0x191/0x390 [ 328.120723][ T9764] do_sys_openat2+0x10d/0x1e0 [ 328.120763][ T9764] ? __pfx_do_sys_openat2+0x10/0x10 [ 328.120817][ T9764] __x64_sys_openat+0x12d/0x210 [ 328.120866][ T9764] ? __pfx___x64_sys_openat+0x10/0x10 [ 328.120923][ T9764] do_syscall_64+0x106/0xf80 [ 328.120952][ T9764] ? clear_bhb_loop+0x40/0x90 [ 328.120988][ T9764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.121016][ T9764] RIP: 0033:0x7f1f9119c819 [ 328.121042][ T9764] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 328.121069][ T9764] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 328.121096][ T9764] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 328.121115][ T9764] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 328.121132][ T9764] RBP: 00007f1f91232c91 R08: 0000000000000000 R09: 0000000000000000 [ 328.121150][ T9764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 328.121167][ T9764] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 328.121206][ T9764] [ 328.122844][ T9764] ERROR: Out of memory at tomoyo_realpath_from_path. [ 328.335071][ T9771] netlink: 8 bytes leftover after parsing attributes in process `syz.3.831'. [ 329.730051][ T9806] netlink: 24 bytes leftover after parsing attributes in process `syz.2.838'. [ 329.859849][ T30] audit: type=1804 audit(2147483727.070:13): pid=9812 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.839" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 332.918990][ T30] audit: type=1804 audit(2147483730.120:14): pid=9843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.849" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 332.970525][ T9845] netlink: 9 bytes leftover after parsing attributes in process `syz.2.850'. [ 333.257696][ T9848] netlink: 40 bytes leftover after parsing attributes in process `syz.3.851'. [ 334.695841][ T30] audit: type=1804 audit(2147483731.900:15): pid=9878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.860" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 334.956534][ T9863] netlink: 28 bytes leftover after parsing attributes in process `syz.0.856'. [ 335.021628][ T9882] netlink: 28 bytes leftover after parsing attributes in process `syz.1.861'. [ 335.082120][ T9882] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.206375][ T9882] bridge_slave_1 (unregistering): left allmulticast mode [ 335.282050][ T9882] bridge_slave_1 (unregistering): left promiscuous mode [ 335.309726][ T9882] bridge0: port 2(bridge_slave_1) entered disabled state [ 336.220709][ T9895] netlink: 16 bytes leftover after parsing attributes in process `syz.1.864'. [ 336.343369][ T9895] mac80211_hwsim hwsim9 wlan1: entered promiscuous mode [ 336.407515][ T9895] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 336.906885][ T9919] usb usb21: usbfs: process 9919 (syz.0.867) did not claim interface 0 before use [ 338.649934][ T9952] random: crng reseeded on system resumption [ 339.406012][ T9959] .^: entered promiscuous mode [ 339.739391][ T9969] futex_wake_op: syz.0.881 tries to shift op by -2048; fix this program [ 339.799681][ T30] audit: type=1804 audit(2147483737.000:16): pid=9973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.882" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 339.804000][ T9969] futex_wake_op: syz.0.881 tries to shift op by -2048; fix this program [ 340.230485][ T9982] usb usb3: usbfs: process 9982 (syz.0.885) did not claim interface 0 before use [ 341.310039][T10017] netlink: 8 bytes leftover after parsing attributes in process `syz.2.889'. [ 341.988050][T10028] FAULT_INJECTION: forcing a failure. [ 341.988050][T10028] name fail_futex, interval 1, probability 0, space 0, times 0 [ 342.010036][T10028] CPU: 1 UID: 0 PID: 10028 Comm: syz.1.892 Tainted: G L syzkaller #0 PREEMPT(full) [ 342.010088][T10028] Tainted: [L]=SOFTLOCKUP [ 342.010100][T10028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 342.010119][T10028] Call Trace: [ 342.010128][T10028] [ 342.010140][T10028] dump_stack_lvl+0x100/0x190 [ 342.010192][T10028] should_fail_ex.cold+0x5/0xa [ 342.010231][T10028] get_futex_key+0x1d2/0x1620 [ 342.010271][T10028] ? __pfx_get_futex_key+0x10/0x10 [ 342.010310][T10028] ? copy_msghdr_from_user+0x2fe/0x4f0 [ 342.010348][T10028] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 342.010397][T10028] futex_wait_setup+0x83/0x510 [ 342.010457][T10028] __futex_wait+0x19f/0x300 [ 342.010508][T10028] ? __pfx___futex_wait+0x10/0x10 [ 342.010558][T10028] ? __pfx_futex_wake_mark+0x10/0x10 [ 342.010608][T10028] ? futex_hash+0x2c5/0x380 [ 342.010657][T10028] futex_wait+0xed/0x380 [ 342.010704][T10028] ? __pfx_futex_wait+0x10/0x10 [ 342.010760][T10028] ? __pfx___sys_sendmmsg+0x10/0x10 [ 342.010805][T10028] do_futex+0x1ef/0x350 [ 342.010854][T10028] ? __pfx_do_futex+0x10/0x10 [ 342.010907][T10028] __x64_sys_futex+0x34f/0x4d0 [ 342.010954][T10028] ? __pfx___x64_sys_futex+0x10/0x10 [ 342.011014][T10028] do_syscall_64+0x106/0xf80 [ 342.011046][T10028] ? clear_bhb_loop+0x40/0x90 [ 342.011085][T10028] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.011115][T10028] RIP: 0033:0x7f1f9119c819 [ 342.011142][T10028] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 342.011171][T10028] RSP: 002b:00007f1f9206c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 342.011201][T10028] RAX: ffffffffffffffda RBX: 00007f1f91415fa8 RCX: 00007f1f9119c819 [ 342.011221][T10028] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1f91415fa8 [ 342.011240][T10028] RBP: 00007f1f91415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 342.011258][T10028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.011276][T10028] R13: 00007f1f91416038 R14: 00007ffd1bf3ae40 R15: 00007ffd1bf3af28 [ 342.011317][T10028] [ 343.238559][T10040] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3456254174 (3456254174 ns) > initial count (2671155079 ns). Using initial count to start timer. [ 343.928133][T10055] FAULT_INJECTION: forcing a failure. [ 343.928133][T10055] name failslab, interval 1, probability 0, space 0, times 0 [ 343.952537][T10050] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 344.031222][T10055] CPU: 1 UID: 0 PID: 10055 Comm: syz.0.900 Tainted: G L syzkaller #0 PREEMPT(full) [ 344.031274][T10055] Tainted: [L]=SOFTLOCKUP [ 344.031285][T10055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 344.031304][T10055] Call Trace: [ 344.031314][T10055] [ 344.031325][T10055] dump_stack_lvl+0x100/0x190 [ 344.031377][T10055] should_fail_ex.cold+0x5/0xa [ 344.031415][T10055] ? tomoyo_realpath_from_path+0xb6/0x690 [ 344.031459][T10055] should_failslab+0xc2/0x120 [ 344.031505][T10055] __kmalloc_noprof+0xe0/0x850 [ 344.031559][T10055] tomoyo_realpath_from_path+0xb6/0x690 [ 344.031611][T10055] tomoyo_check_open_permission+0x2af/0x3c0 [ 344.031650][T10055] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 344.031686][T10055] ? acct_on+0x189/0x9e0 [ 344.031723][T10055] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.031781][T10055] ? do_raw_spin_lock+0x128/0x260 [ 344.031823][T10055] ? path_get+0x61/0x80 [ 344.031858][T10055] tomoyo_file_open+0x6b/0x90 [ 344.031887][T10055] security_file_open+0xb5/0x1e0 [ 344.031925][T10055] do_dentry_open+0x5aa/0x1660 [ 344.031959][T10055] ? lockdep_init_map_type+0x5c/0x250 [ 344.032003][T10055] vfs_open+0x82/0x3f0 [ 344.032046][T10055] dentry_open+0x71/0xd0 [ 344.032084][T10055] acct_on+0x189/0x9e0 [ 344.032126][T10055] ? __pfx_acct_on+0x10/0x10 [ 344.032171][T10055] ? bpf_lsm_capable+0x9/0x10 [ 344.032203][T10055] ? security_capable+0x80/0x260 [ 344.032238][T10055] __x64_sys_acct+0x81/0x1e0 [ 344.032282][T10055] ? lockdep_hardirqs_on+0x78/0x100 [ 344.032311][T10055] do_syscall_64+0x106/0xf80 [ 344.032341][T10055] ? clear_bhb_loop+0x40/0x90 [ 344.032379][T10055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.032410][T10055] RIP: 0033:0x7eff33f9c819 [ 344.032439][T10055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 344.032466][T10055] RSP: 002b:00007eff321d5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 344.032509][T10055] RAX: ffffffffffffffda RBX: 00007eff34216180 RCX: 00007eff33f9c819 [ 344.032527][T10055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 344.032546][T10055] RBP: 00007eff34032c91 R08: 0000000000000000 R09: 0000000000000000 [ 344.032564][T10055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 344.032582][T10055] R13: 00007eff34216218 R14: 00007eff34216180 R15: 00007ffc286fb088 [ 344.032624][T10055] [ 344.032637][T10055] ERROR: Out of memory at tomoyo_realpath_from_path. [ 345.165452][T10071] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 345.191891][T10073] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 345.984665][T10077] NFSD: Failed to start, no listeners configured. [ 346.559765][ T30] audit: type=1804 audit(2147483743.760:17): pid=10094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.910" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 346.827225][T10105] bond0: invalid ARP target specified [ 347.532037][T10123] bridge_slave_1: left allmulticast mode [ 347.540331][T10123] bridge_slave_1: left promiscuous mode [ 347.547881][T10123] bridge0: port 2(bridge_slave_1) entered disabled state [ 348.043705][ T30] audit: type=1804 audit(2147483745.250:18): pid=10131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.920" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 350.725464][T10174] nvme_fcloop: unknown parameter or missing value 'Ù' [ 351.688087][T10189] zswap: compressor not available [ 351.694621][T10198] FAULT_INJECTION: forcing a failure. [ 351.694621][T10198] name failslab, interval 1, probability 0, space 0, times 0 [ 351.750188][T10198] CPU: 1 UID: 0 PID: 10198 Comm: syz.3.941 Tainted: G L syzkaller #0 PREEMPT(full) [ 351.750236][T10198] Tainted: [L]=SOFTLOCKUP [ 351.750246][T10198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 351.750263][T10198] Call Trace: [ 351.750273][T10198] [ 351.750283][T10198] dump_stack_lvl+0x100/0x190 [ 351.750333][T10198] should_fail_ex.cold+0x5/0xa [ 351.750369][T10198] should_failslab+0xc2/0x120 [ 351.750402][T10198] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 351.750448][T10198] ? __alloc_skb+0x140/0x710 [ 351.750510][T10198] __alloc_skb+0x140/0x710 [ 351.750550][T10198] ? __alloc_skb+0x5b7/0x710 [ 351.750593][T10198] ? __pfx___alloc_skb+0x10/0x10 [ 351.750637][T10198] ? netlink_has_listeners+0x20f/0x430 [ 351.750665][T10198] ? netlink_has_listeners+0x20f/0x430 [ 351.750700][T10198] alloc_uevent_skb+0x7d/0x210 [ 351.750746][T10198] kobject_uevent_env+0xd2d/0x18b0 [ 351.750793][T10198] ? bus_to_subsys+0x114/0x150 [ 351.750840][T10198] device_add+0x116e/0x1950 [ 351.750884][T10198] ? __pfx_device_add+0x10/0x10 [ 351.750937][T10198] nfc_register_device+0x41/0x3e0 [ 351.750971][T10198] nci_register_device+0x7f1/0xb80 [ 351.751015][T10198] ? __pfx_nci_register_device+0x10/0x10 [ 351.751060][T10198] ? lockdep_init_map_type+0x5c/0x250 [ 351.751107][T10198] virtual_ncidev_open+0x141/0x220 [ 351.751151][T10198] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 351.751194][T10198] misc_open+0x26d/0x450 [ 351.751232][T10198] ? __pfx_misc_open+0x10/0x10 [ 351.751267][T10198] chrdev_open+0x234/0x6a0 [ 351.751300][T10198] ? __pfx_apparmor_file_open+0x10/0x10 [ 351.751333][T10198] ? __pfx_chrdev_open+0x10/0x10 [ 351.751366][T10198] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 351.751407][T10198] do_dentry_open+0x6d8/0x1660 [ 351.751438][T10198] ? __pfx_chrdev_open+0x10/0x10 [ 351.751489][T10198] vfs_open+0x82/0x3f0 [ 351.751534][T10198] path_openat+0x208c/0x31a0 [ 351.751582][T10198] ? __pfx_path_openat+0x10/0x10 [ 351.751628][T10198] do_file_open+0x20e/0x430 [ 351.751665][T10198] ? __pfx_do_file_open+0x10/0x10 [ 351.751726][T10198] ? alloc_fd+0x476/0x790 [ 351.751762][T10198] ? do_getname+0x191/0x390 [ 351.751802][T10198] do_sys_openat2+0x10d/0x1e0 [ 351.751839][T10198] ? __pfx_do_sys_openat2+0x10/0x10 [ 351.751881][T10198] ? __fget_files+0x21f/0x3d0 [ 351.751918][T10198] __x64_sys_openat+0x12d/0x210 [ 351.751958][T10198] ? __pfx___x64_sys_openat+0x10/0x10 [ 351.752015][T10198] do_syscall_64+0x106/0xf80 [ 351.752044][T10198] ? clear_bhb_loop+0x40/0x90 [ 351.752080][T10198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 351.752108][T10198] RIP: 0033:0x7f20e079c819 [ 351.752133][T10198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 351.752162][T10198] RSP: 002b:00007f20e15d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 351.752191][T10198] RAX: ffffffffffffffda RBX: 00007f20e0a15fa0 RCX: 00007f20e079c819 [ 351.752209][T10198] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 351.752226][T10198] RBP: 00007f20e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 351.752242][T10198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 351.752259][T10198] R13: 00007f20e0a16038 R14: 00007f20e0a15fa0 R15: 00007ffe60533ae8 [ 351.752299][T10198] [ 352.845851][T10218] FAULT_INJECTION: forcing a failure. [ 352.845851][T10218] name failslab, interval 1, probability 0, space 0, times 0 [ 352.952105][T10218] CPU: 1 UID: 0 PID: 10218 Comm: syz.1.945 Tainted: G L syzkaller #0 PREEMPT(full) [ 352.952152][T10218] Tainted: [L]=SOFTLOCKUP [ 352.952163][T10218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 352.952180][T10218] Call Trace: [ 352.952191][T10218] [ 352.952202][T10218] dump_stack_lvl+0x100/0x190 [ 352.952253][T10218] should_fail_ex.cold+0x5/0xa [ 352.952290][T10218] ? tomoyo_realpath_from_path+0xb6/0x690 [ 352.952333][T10218] should_failslab+0xc2/0x120 [ 352.952367][T10218] __kmalloc_noprof+0xe0/0x850 [ 352.952422][T10218] tomoyo_realpath_from_path+0xb6/0x690 [ 352.952475][T10218] tomoyo_path_number_perm+0x23c/0x580 [ 352.952510][T10218] ? tomoyo_path_number_perm+0x22e/0x580 [ 352.952548][T10218] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 352.952625][T10218] ? find_held_lock+0x2b/0x80 [ 352.952656][T10218] ? __fget_files+0x215/0x3d0 [ 352.952684][T10218] ? hook_file_ioctl_common+0x146/0x410 [ 352.952732][T10218] ? __fget_files+0x21f/0x3d0 [ 352.952770][T10218] security_file_ioctl+0xd3/0x230 [ 352.952820][T10218] __x64_sys_ioctl+0xb7/0x210 [ 352.952868][T10218] do_syscall_64+0x106/0xf80 [ 352.952899][T10218] ? clear_bhb_loop+0x40/0x90 [ 352.952935][T10218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.952966][T10218] RIP: 0033:0x7f1f9119c819 [ 352.952991][T10218] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 352.953019][T10218] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.953047][T10218] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 352.953066][T10218] RDX: 0000000000000004 RSI: 000000000000560e RDI: 0000000000000004 [ 352.953083][T10218] RBP: 00007f1f9206c090 R08: 0000000000000000 R09: 0000000000000000 [ 352.953100][T10218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 352.953123][T10218] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 352.953164][T10218] [ 352.953252][T10218] ERROR: Out of memory at tomoyo_realpath_from_path. [ 354.669210][T10244] FAULT_INJECTION: forcing a failure. [ 354.669210][T10244] name fail_futex, interval 1, probability 0, space 0, times 0 [ 354.702727][T10244] CPU: 1 UID: 0 PID: 10244 Comm: syz.1.952 Tainted: G L syzkaller #0 PREEMPT(full) [ 354.702773][T10244] Tainted: [L]=SOFTLOCKUP [ 354.702784][T10244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 354.702799][T10244] Call Trace: [ 354.702808][T10244] [ 354.702819][T10244] dump_stack_lvl+0x100/0x190 [ 354.702870][T10244] should_fail_ex.cold+0x5/0xa [ 354.702905][T10244] get_futex_key+0x1d2/0x1620 [ 354.702946][T10244] ? __pfx_get_futex_key+0x10/0x10 [ 354.702997][T10244] futex_wait_setup+0x83/0x510 [ 354.703053][T10244] __futex_wait+0x19f/0x300 [ 354.703102][T10244] ? __pfx___futex_wait+0x10/0x10 [ 354.703153][T10244] ? __pfx_futex_wake_mark+0x10/0x10 [ 354.703204][T10244] ? futex_hash+0x2c5/0x380 [ 354.703252][T10244] futex_wait+0xed/0x380 [ 354.703297][T10244] ? __pfx_futex_wait+0x10/0x10 [ 354.703350][T10244] ? vfs_write+0x911/0x1070 [ 354.703376][T10244] ? vfs_write+0x15d/0x1070 [ 354.703404][T10244] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 354.703446][T10244] do_futex+0x1ef/0x350 [ 354.703493][T10244] ? __pfx_do_futex+0x10/0x10 [ 354.703540][T10244] __x64_sys_futex+0x34f/0x4d0 [ 354.703580][T10244] ? fput+0x79/0x100 [ 354.703614][T10244] ? __pfx___x64_sys_futex+0x10/0x10 [ 354.703654][T10244] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 354.703698][T10244] do_syscall_64+0x106/0xf80 [ 354.703727][T10244] ? clear_bhb_loop+0x40/0x90 [ 354.703768][T10244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 354.703798][T10244] RIP: 0033:0x7f1f9119c819 [ 354.703822][T10244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 354.703849][T10244] RSP: 002b:00007f1f9204b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 354.703878][T10244] RAX: ffffffffffffffda RBX: 00007f1f91416098 RCX: 00007f1f9119c819 [ 354.703897][T10244] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1f91416098 [ 354.703915][T10244] RBP: 00007f1f91416090 R08: 0000000000000000 R09: 0000000000000000 [ 354.703932][T10244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 354.703949][T10244] R13: 00007f1f91416128 R14: 00007ffd1bf3ae40 R15: 00007ffd1bf3af28 [ 354.703988][T10244] [ 356.150638][ T30] audit: type=1800 audit(2147483753.360:19): pid=10266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.957" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 356.368183][ T30] audit: type=1804 audit(2147483753.570:20): pid=10270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.959" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 356.886287][T10271] ima: policy update failed [ 356.895641][ T30] audit: type=1802 audit(2147483754.100:21): pid=10271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.960" res=0 errno=0 [ 356.920230][T10278] FAULT_INJECTION: forcing a failure. [ 356.920230][T10278] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 356.988630][T10278] CPU: 1 UID: 0 PID: 10278 Comm: syz.1.963 Tainted: G L syzkaller #0 PREEMPT(full) [ 356.988676][T10278] Tainted: [L]=SOFTLOCKUP [ 356.988686][T10278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 356.988701][T10278] Call Trace: [ 356.988710][T10278] [ 356.988720][T10278] dump_stack_lvl+0x100/0x190 [ 356.988767][T10278] should_fail_ex.cold+0x5/0xa [ 356.988800][T10278] _copy_from_user+0x2e/0xd0 [ 356.988839][T10278] vt_ioctl+0x1286/0x31a0 [ 356.988879][T10278] ? __pfx_vt_ioctl+0x10/0x10 [ 356.988911][T10278] ? find_held_lock+0x2b/0x80 [ 356.988939][T10278] ? tomoyo_path_number_perm+0x28f/0x580 [ 356.988974][T10278] ? tomoyo_path_number_perm+0x28f/0x580 [ 356.989016][T10278] ? tomoyo_path_number_perm+0x188/0x580 [ 356.989052][T10278] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 356.989093][T10278] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 356.989129][T10278] ? __pfx_vt_ioctl+0x10/0x10 [ 356.989164][T10278] tty_ioctl+0x26a/0x1690 [ 356.989192][T10278] ? __pfx_tty_ioctl+0x10/0x10 [ 356.989230][T10278] ? find_held_lock+0x2b/0x80 [ 356.989258][T10278] ? __fget_files+0x215/0x3d0 [ 356.989285][T10278] ? hook_file_ioctl_common+0x146/0x410 [ 356.989328][T10278] ? __fget_files+0x21f/0x3d0 [ 356.989362][T10278] ? __pfx_tty_ioctl+0x10/0x10 [ 356.989389][T10278] __x64_sys_ioctl+0x18e/0x210 [ 356.989434][T10278] do_syscall_64+0x106/0xf80 [ 356.989462][T10278] ? clear_bhb_loop+0x40/0x90 [ 356.989513][T10278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.989542][T10278] RIP: 0033:0x7f1f9119c819 [ 356.989564][T10278] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 356.989591][T10278] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 356.989619][T10278] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 356.989639][T10278] RDX: 0000000000000004 RSI: 000000000000560e RDI: 0000000000000004 [ 356.989655][T10278] RBP: 00007f1f9206c090 R08: 0000000000000000 R09: 0000000000000000 [ 356.989672][T10278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 356.989688][T10278] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 356.989724][T10278] [ 361.242097][T10333] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.1.974: bg 2: bad block bitmap checksum [ 361.344573][T10333] EXT4-fs (sda1): Delayed block allocation failed for inode 2028 at logical offset 10 with max blocks 1 with error 74 [ 361.389750][T10333] EXT4-fs (sda1): This should not happen!! Data will be lost [ 361.389750][T10333] [ 365.064902][T10311] kexec: Could not allocate control_code_buffer [ 372.290148][ T9226] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 373.024734][T10433] zswap: compressor not available [ 373.699148][T10453] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 373.938185][T10426] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 374.691103][T10462] FAULT_INJECTION: forcing a failure. [ 374.691103][T10462] name failslab, interval 1, probability 0, space 0, times 0 [ 374.738760][T10462] CPU: 1 UID: 0 PID: 10462 Comm: syz.2.1000 Tainted: G L syzkaller #0 PREEMPT(full) [ 374.738808][T10462] Tainted: [L]=SOFTLOCKUP [ 374.738816][T10462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 374.738826][T10462] Call Trace: [ 374.738833][T10462] [ 374.738840][T10462] dump_stack_lvl+0x100/0x190 [ 374.738874][T10462] should_fail_ex.cold+0x5/0xa [ 374.738897][T10462] ? lsm_blob_alloc+0x68/0x90 [ 374.738924][T10462] should_failslab+0xc2/0x120 [ 374.738945][T10462] __kmalloc_noprof+0xe0/0x850 [ 374.738973][T10462] ? audit_alloc+0xa2/0x7b0 [ 374.738998][T10462] lsm_blob_alloc+0x68/0x90 [ 374.739027][T10462] security_task_alloc+0x2a/0x260 [ 374.739053][T10462] copy_process+0x258f/0x7a40 [ 374.739086][T10462] ? __pfx_copy_process+0x10/0x10 [ 374.739111][T10462] ? lockdep_init_map_type+0x5c/0x250 [ 374.739138][T10462] ? lockdep_init_map_type+0x5c/0x250 [ 374.739163][T10462] ? __pfx_vhost_run_work_list+0x10/0x10 [ 374.739193][T10462] ? __pfx_vhost_worker_killed+0x10/0x10 [ 374.739222][T10462] vhost_task_create+0x1db/0x370 [ 374.739250][T10462] ? __pfx_vhost_task_create+0x10/0x10 [ 374.739301][T10462] ? __pfx_vhost_task_fn+0x10/0x10 [ 374.739337][T10462] ? snprintf+0xc7/0x100 [ 374.739358][T10462] vhost_task_worker_create+0x8d/0x260 [ 374.739377][T10462] ? __pfx_vhost_task_worker_create+0x10/0x10 [ 374.739396][T10462] ? lockdep_init_map_type+0x5c/0x250 [ 374.739422][T10462] ? lockdep_init_map_type+0x5c/0x250 [ 374.739450][T10462] vhost_worker_create+0x243/0x310 [ 374.739491][T10462] ? __pfx_vhost_worker_create+0x10/0x10 [ 374.739544][T10462] vhost_dev_set_owner+0x719/0xa30 [ 374.739579][T10462] vhost_net_ioctl+0xfa3/0x1910 [ 374.739597][T10462] ? do_vfs_ioctl+0x226/0x13e0 [ 374.739626][T10462] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 374.739653][T10462] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 374.739678][T10462] ? hook_file_ioctl_common+0x146/0x410 [ 374.739722][T10462] ? __pfx_vhost_net_ioctl+0x10/0x10 [ 374.739754][T10462] __x64_sys_ioctl+0x18e/0x210 [ 374.739810][T10462] do_syscall_64+0x106/0xf80 [ 374.739838][T10462] ? clear_bhb_loop+0x40/0x90 [ 374.739866][T10462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.739885][T10462] RIP: 0033:0x7fd74699c819 [ 374.739902][T10462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 374.739919][T10462] RSP: 002b:00007fd747894028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 374.739938][T10462] RAX: ffffffffffffffda RBX: 00007fd746c15fa0 RCX: 00007fd74699c819 [ 374.739950][T10462] RDX: 0000000000000005 RSI: 000000000000af01 RDI: 0000000000000005 [ 374.739961][T10462] RBP: 00007fd746a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 374.739972][T10462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 374.739983][T10462] R13: 00007fd746c16038 R14: 00007fd746c15fa0 R15: 00007ffea6639598 [ 374.740007][T10462] [ 375.235138][ T30] audit: type=1804 audit(2147483772.440:22): pid=10465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1001" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 376.060401][T10483] Zero length message leads to an empty skb [ 376.193978][T10479] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 376.294864][T10479] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 376.364318][T10479] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 376.386135][T10486] FAULT_INJECTION: forcing a failure. [ 376.386135][T10486] name failslab, interval 1, probability 0, space 0, times 0 [ 376.470024][T10479] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 376.480896][T10486] CPU: 1 UID: 0 PID: 10486 Comm: syz.2.1006 Tainted: G L syzkaller #0 PREEMPT(full) [ 376.480946][T10486] Tainted: [L]=SOFTLOCKUP [ 376.480957][T10486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 376.480974][T10486] Call Trace: [ 376.480984][T10486] [ 376.480995][T10486] dump_stack_lvl+0x100/0x190 [ 376.481049][T10486] should_fail_ex.cold+0x5/0xa [ 376.481087][T10486] should_failslab+0xc2/0x120 [ 376.481122][T10486] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 376.481169][T10486] ? alloc_empty_file+0x55/0x1c0 [ 376.481210][T10486] ? __pfx_stack_trace_save+0x10/0x10 [ 376.481249][T10486] alloc_empty_file+0x55/0x1c0 [ 376.481289][T10486] path_openat+0xe8/0x31a0 [ 376.481321][T10486] ? kasan_save_stack+0x3f/0x50 [ 376.481348][T10486] ? kasan_save_stack+0x30/0x50 [ 376.481374][T10486] ? kasan_save_track+0x14/0x30 [ 376.481399][T10486] ? __kasan_slab_alloc+0x89/0x90 [ 376.481428][T10486] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 376.481471][T10486] ? do_getname+0x35/0x390 [ 376.481506][T10486] ? do_sys_openat2+0xc5/0x1e0 [ 376.481546][T10486] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.481592][T10486] ? __pfx_path_openat+0x10/0x10 [ 376.481639][T10486] do_file_open+0x20e/0x430 [ 376.481676][T10486] ? __pfx_do_file_open+0x10/0x10 [ 376.481739][T10486] ? alloc_fd+0x476/0x790 [ 376.481776][T10486] ? do_getname+0x191/0x390 [ 376.481818][T10486] do_sys_openat2+0x10d/0x1e0 [ 376.481860][T10486] ? __pfx_do_sys_openat2+0x10/0x10 [ 376.481923][T10486] __x64_sys_openat+0x12d/0x210 [ 376.481968][T10486] ? __pfx___x64_sys_openat+0x10/0x10 [ 376.482027][T10486] do_syscall_64+0x106/0xf80 [ 376.482058][T10486] ? clear_bhb_loop+0x40/0x90 [ 376.482095][T10486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.482127][T10486] RIP: 0033:0x7fd74699c819 [ 376.482153][T10486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 376.482182][T10486] RSP: 002b:00007fd747894028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 376.482212][T10486] RAX: ffffffffffffffda RBX: 00007fd746c15fa0 RCX: 00007fd74699c819 [ 376.482230][T10486] RDX: 0000000000080000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 376.482248][T10486] RBP: 00007fd746a32c91 R08: 0000000000000000 R09: 0000000000000000 [ 376.482262][T10486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 376.482279][T10486] R13: 00007fd746c16038 R14: 00007fd746c15fa0 R15: 00007ffea6639598 [ 376.482314][T10486] [ 377.825280][T10501] MTRR 1 not used [ 378.210077][ T9226] Bluetooth: hci0: command 0x0c1a tx timeout [ 378.369869][ T7934] Bluetooth: hci1: command 0x0c1a tx timeout [ 378.375973][ T9226] Bluetooth: hci2: command 0x0c1a tx timeout [ 378.529551][ T9226] Bluetooth: hci3: command 0x0c1a tx timeout [ 378.837234][T10524] FAULT_INJECTION: forcing a failure. [ 378.837234][T10524] name failslab, interval 1, probability 0, space 0, times 0 [ 378.866312][T10527] random: crng reseeded on system resumption [ 378.917165][T10524] CPU: 1 UID: 0 PID: 10524 Comm: syz.0.1014 Tainted: G L syzkaller #0 PREEMPT(full) [ 378.917217][T10524] Tainted: [L]=SOFTLOCKUP [ 378.917228][T10524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 378.917246][T10524] Call Trace: [ 378.917256][T10524] [ 378.917268][T10524] dump_stack_lvl+0x100/0x190 [ 378.917321][T10524] should_fail_ex.cold+0x5/0xa [ 378.917360][T10524] should_failslab+0xc2/0x120 [ 378.917394][T10524] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 378.917441][T10524] ? __proc_create+0x2cb/0x8c0 [ 378.917480][T10524] __proc_create+0x2cb/0x8c0 [ 378.917521][T10524] ? __pfx___proc_create+0x10/0x10 [ 378.917551][T10524] ? __lock_acquire+0x4a5/0x2630 [ 378.917592][T10524] ? proc_register+0x559/0x8a0 [ 378.917634][T10524] proc_create_reg+0x75/0x170 [ 378.917671][T10524] proc_create_data+0x86/0x110 [ 378.917703][T10524] ? __pfx_proc_create_data+0x10/0x10 [ 378.917734][T10524] ? net_generic+0xea/0x2a0 [ 378.917789][T10524] gss_svc_init_net+0x233/0x640 [ 378.917833][T10524] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 378.917867][T10524] ? __pfx_rpcsec_gss_init_net+0x10/0x10 [ 378.917897][T10524] ops_init+0x1e2/0x5f0 [ 378.917935][T10524] setup_net+0x118/0x3a0 [ 378.917966][T10524] ? __pfx_setup_net+0x10/0x10 [ 378.917994][T10524] ? lockdep_init_map_type+0x5c/0x250 [ 378.918036][T10524] ? mutex_init_lockep+0x110/0x150 [ 378.918085][T10524] copy_net_ns+0x46f/0x7c0 [ 378.918125][T10524] create_new_namespaces+0x3ea/0xac0 [ 378.918168][T10524] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 378.918205][T10524] ksys_unshare+0x473/0xad0 [ 378.918248][T10524] ? __pfx_ksys_unshare+0x10/0x10 [ 378.918300][T10524] __x64_sys_unshare+0x31/0x40 [ 378.918339][T10524] do_syscall_64+0x106/0xf80 [ 378.918369][T10524] ? clear_bhb_loop+0x40/0x90 [ 378.918409][T10524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.918440][T10524] RIP: 0033:0x7eff33f9c819 [ 378.918468][T10524] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 378.918498][T10524] RSP: 002b:00007eff321f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 378.918538][T10524] RAX: ffffffffffffffda RBX: 00007eff34216090 RCX: 00007eff33f9c819 [ 378.918559][T10524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 378.918577][T10524] RBP: 00007eff34032c91 R08: 0000000000000000 R09: 0000000000000000 [ 378.918597][T10524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 378.918616][T10524] R13: 00007eff34216128 R14: 00007eff34216090 R15: 00007ffc286fb088 [ 378.918659][T10524] [ 379.241500][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.247937][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.525193][ T30] audit: type=1804 audit(2147483776.730:23): pid=10539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1017" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 380.083985][T10548] FAULT_INJECTION: forcing a failure. [ 380.083985][T10548] name failslab, interval 1, probability 0, space 0, times 0 [ 380.164487][T10548] CPU: 0 UID: 0 PID: 10548 Comm: syz.1.1020 Tainted: G L syzkaller #0 PREEMPT(full) [ 380.164581][T10548] Tainted: [L]=SOFTLOCKUP [ 380.164594][T10548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 380.164611][T10548] Call Trace: [ 380.164621][T10548] [ 380.164632][T10548] dump_stack_lvl+0x100/0x190 [ 380.164688][T10548] should_fail_ex.cold+0x5/0xa [ 380.164722][T10548] ? tomoyo_realpath_from_path+0xb6/0x690 [ 380.164764][T10548] should_failslab+0xc2/0x120 [ 380.164798][T10548] __kmalloc_noprof+0xe0/0x850 [ 380.164854][T10548] tomoyo_realpath_from_path+0xb6/0x690 [ 380.164909][T10548] tomoyo_check_open_permission+0x2af/0x3c0 [ 380.164951][T10548] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 380.164989][T10548] ? acct_on+0x189/0x9e0 [ 380.165028][T10548] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.165093][T10548] ? do_raw_spin_lock+0x128/0x260 [ 380.165137][T10548] ? path_get+0x61/0x80 [ 380.165174][T10548] tomoyo_file_open+0x6b/0x90 [ 380.165206][T10548] security_file_open+0xb5/0x1e0 [ 380.165244][T10548] do_dentry_open+0x5aa/0x1660 [ 380.165277][T10548] ? lockdep_init_map_type+0x5c/0x250 [ 380.165319][T10548] vfs_open+0x82/0x3f0 [ 380.165359][T10548] dentry_open+0x71/0xd0 [ 380.165394][T10548] acct_on+0x189/0x9e0 [ 380.165435][T10548] ? __pfx_acct_on+0x10/0x10 [ 380.165477][T10548] ? bpf_lsm_capable+0x9/0x10 [ 380.165509][T10548] ? security_capable+0x80/0x260 [ 380.165550][T10548] __x64_sys_acct+0x81/0x1e0 [ 380.165594][T10548] ? lockdep_hardirqs_on+0x78/0x100 [ 380.165626][T10548] do_syscall_64+0x106/0xf80 [ 380.165656][T10548] ? clear_bhb_loop+0x40/0x90 [ 380.165695][T10548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.165727][T10548] RIP: 0033:0x7f1f9119c819 [ 380.165752][T10548] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 380.165778][T10548] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 380.165808][T10548] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 380.165826][T10548] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 380.165842][T10548] RBP: 00007f1f91232c91 R08: 0000000000000000 R09: 0000000000000000 [ 380.165858][T10548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 380.165874][T10548] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 380.165913][T10548] [ 380.422457][T10548] ERROR: Out of memory at tomoyo_realpath_from_path. [ 380.694067][T10558] FAULT_INJECTION: forcing a failure. [ 380.694067][T10558] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 380.751982][T10558] CPU: 1 UID: 0 PID: 10558 Comm: syz.1.1022 Tainted: G L syzkaller #0 PREEMPT(full) [ 380.752030][T10558] Tainted: [L]=SOFTLOCKUP [ 380.752039][T10558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 380.752056][T10558] Call Trace: [ 380.752065][T10558] [ 380.752076][T10558] dump_stack_lvl+0x100/0x190 [ 380.752127][T10558] should_fail_ex.cold+0x5/0xa [ 380.752162][T10558] _copy_from_user+0x2e/0xd0 [ 380.752200][T10558] move_addr_to_kernel+0x65/0x170 [ 380.752241][T10558] __sys_sendto+0x1c9/0x4b0 [ 380.752294][T10558] ? __pfx___sys_sendto+0x10/0x10 [ 380.752369][T10558] ? ksys_write+0x1ac/0x250 [ 380.752399][T10558] ? __pfx_ksys_write+0x10/0x10 [ 380.752432][T10558] __x64_sys_sendto+0xe0/0x1c0 [ 380.752473][T10558] ? do_syscall_64+0x95/0xf80 [ 380.752503][T10558] ? lockdep_hardirqs_on+0x78/0x100 [ 380.752531][T10558] do_syscall_64+0x106/0xf80 [ 380.752559][T10558] ? clear_bhb_loop+0x40/0x90 [ 380.752595][T10558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.752623][T10558] RIP: 0033:0x7f1f9119c819 [ 380.752647][T10558] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 380.752674][T10558] RSP: 002b:00007f1f9206c028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 380.752702][T10558] RAX: ffffffffffffffda RBX: 00007f1f91415fa0 RCX: 00007f1f9119c819 [ 380.752721][T10558] RDX: 000000000000ff04 RSI: 0000000000000000 RDI: 0000000000000003 [ 380.752737][T10558] RBP: 00007f1f9206c090 R08: 0000200000000000 R09: 000000000000001c [ 380.752754][T10558] R10: 0000000000000101 R11: 0000000000000246 R12: 0000000000000001 [ 380.752770][T10558] R13: 00007f1f91416038 R14: 00007f1f91415fa0 R15: 00007ffd1bf3af28 [ 380.752809][T10558] [ 381.347364][T10562] futex_wake_op: syz.2.1024 tries to shift op by -2048; fix this program [ 381.470258][T10562] futex_wake_op: syz.2.1024 tries to shift op by -2048; fix this program [ 382.311029][ T30] audit: type=1800 audit(2147483779.520:24): pid=10574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1026" name="discovery_nqn" dev="configfs" ino=143769 res=0 errno=0 [ 382.690661][T10554] kexec: Could not allocate control_code_buffer [ 383.043740][T10583] netlink: Setting conntrack mark requires 'commit' flag. [ 383.455683][T10576] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 383.582626][T10576] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 383.636972][T10576] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 383.661307][T10576] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 383.890772][T10592] FAULT_INJECTION: forcing a failure. [ 383.890772][T10592] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 383.929723][T10592] CPU: 1 UID: 0 PID: 10592 Comm: syz.3.1031 Tainted: G L syzkaller #0 PREEMPT(full) [ 383.929770][T10592] Tainted: [L]=SOFTLOCKUP [ 383.929780][T10592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 383.929797][T10592] Call Trace: [ 383.929806][T10592] [ 383.929817][T10592] dump_stack_lvl+0x100/0x190 [ 383.929867][T10592] should_fail_ex.cold+0x5/0xa [ 383.929901][T10592] _copy_to_user+0x32/0xd0 [ 383.929943][T10592] simple_read_from_buffer+0xcb/0x170 [ 383.929993][T10592] proc_fail_nth_read+0x1af/0x230 [ 383.930032][T10592] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 383.930073][T10592] ? rw_verify_area+0xce/0x6d0 [ 383.930116][T10592] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 383.930154][T10592] vfs_read+0x1e4/0xb30 [ 383.930189][T10592] ? __pfx_vfs_read+0x10/0x10 [ 383.930216][T10592] ? __fget_files+0x215/0x3d0 [ 383.930253][T10592] ? __fget_files+0x21f/0x3d0 [ 383.930293][T10592] ksys_read+0x12a/0x250 [ 383.930321][T10592] ? __pfx_ksys_read+0x10/0x10 [ 383.930361][T10592] do_syscall_64+0x106/0xf80 [ 383.930392][T10592] ? clear_bhb_loop+0x40/0x90 [ 383.930427][T10592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 383.930456][T10592] RIP: 0033:0x7f20e075d04e [ 383.930481][T10592] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 383.930517][T10592] RSP: 002b:00007f20e15d2fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 383.930545][T10592] RAX: ffffffffffffffda RBX: 00007f20e15d36c0 RCX: 00007f20e075d04e [ 383.930564][T10592] RDX: 000000000000000f RSI: 00007f20e15d30a0 RDI: 0000000000000005 [ 383.930580][T10592] RBP: 00007f20e15d3090 R08: 0000000000000000 R09: 0000000000000000 [ 383.930597][T10592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 383.930613][T10592] R13: 00007f20e0a16038 R14: 00007f20e0a15fa0 R15: 00007ffe60533ae8 [ 383.930653][T10592] [ 384.477721][T10600] futex_wake_op: syz.2.1035 tries to shift op by -2048; fix this program [ 384.854892][ T9226] Bluetooth: hci0: command 0x0c1a tx timeout [ 385.322092][T10609] vivid-007: ================= START STATUS ================= [ 385.329909][T10609] vivid-007: Generate PTS: true [ 385.334951][T10609] vivid-007: Generate SCR: true [ 385.339985][T10609] tpg source WxH: 320x240 (Y'CbCr) [ 385.345158][T10609] tpg field: 1 [ 385.348582][T10609] tpg crop: (0,0)/320x240 [ 385.353028][T10609] tpg compose: (0,0)/320x240 [ 385.357763][T10609] tpg colorspace: 8 [ 385.361743][T10609] tpg transfer function: 0/0 [ 385.366461][T10609] tpg Y'CbCr encoding: 0/0 [ 385.370992][T10609] tpg quantization: 0/0 [ 385.375541][T10609] tpg RGB range: 0/2 [ 385.379613][T10609] vivid-007: ================== END STATUS ================== [ 385.428199][T10611] sg_write: data in/out 131052/209 bytes for SCSI command 0x67-- guessing data in; [ 385.428199][T10611] program syz.3.1036 not setting count and/or reply_len properly [ 385.652895][ T9226] Bluetooth: hci2: command 0x0c1a tx timeout [ 385.653488][T10614] ucma_write: process 1023 (syz.2.1037) changed security contexts after opening file descriptor, this is not allowed. [ 385.659146][ T7934] Bluetooth: hci1: command 0x0c1a tx timeout [ 385.729966][ T7934] Bluetooth: hci3: command 0x0c1a tx timeout [ 386.214919][T10622] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1039'. [ 386.270149][T10622] ip_vti0: entered promiscuous mode [ 386.275444][T10622] ip_vti0: entered allmulticast mode [ 386.703055][ T30] audit: type=1804 audit(2147483783.910:25): pid=10629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1041" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 386.812902][T10628] mmap: syz.2.1043 (10628) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 387.112408][T10638] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 389.291824][T10006] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 390.408238][T10670] capability: warning: `syz.0.1052' uses 32-bit capabilities (legacy support in use) [ 391.717637][T10700] futex_wake_op: syz.0.1061 tries to shift op by -2048; fix this program [ 394.240570][T10734] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1067'. [ 394.655107][T10734] veth1_macvtap: left promiscuous mode [ 398.855169][T10794] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1078'. [ 398.900720][T10794] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1078'. [ 398.949707][T10794] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1078'. [ 402.830806][T10842] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1088'. [ 403.192026][ T30] audit: type=1804 audit(2147483800.390:26): pid=10854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1093" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 405.412192][T10887] process 'syz.0.1098' launched '/dev/fd/6' with NULL argv: empty string added [ 407.258214][T10923] FAULT_INJECTION: forcing a failure. [ 407.258214][T10923] name fail_futex, interval 1, probability 0, space 0, times 0 [ 407.309795][T10923] CPU: 1 UID: 0 PID: 10923 Comm: syz.1.1108 Tainted: G L syzkaller #0 PREEMPT(full) [ 407.309846][T10923] Tainted: [L]=SOFTLOCKUP [ 407.309857][T10923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 407.309875][T10923] Call Trace: [ 407.309885][T10923] [ 407.309897][T10923] dump_stack_lvl+0x100/0x190 [ 407.309950][T10923] should_fail_ex.cold+0x5/0xa [ 407.309987][T10923] get_futex_key+0x1d2/0x1620 [ 407.310036][T10923] ? __pfx_get_futex_key+0x10/0x10 [ 407.310088][T10923] futex_wake+0xea/0x530 [ 407.310146][T10923] ? __pfx_futex_wake+0x10/0x10 [ 407.310198][T10923] ? errseq_sample+0x51/0x70 [ 407.310236][T10923] ? file_init_path+0x48e/0x670 [ 407.310281][T10923] do_futex+0x32b/0x350 [ 407.310323][T10923] ? __pfx_do_futex+0x10/0x10 [ 407.310361][T10923] ? fd_install+0x223/0x580 [ 407.310400][T10923] __x64_sys_futex+0x34f/0x4d0 [ 407.310443][T10923] ? __sys_socket+0xac/0x260 [ 407.310484][T10923] ? __pfx___x64_sys_futex+0x10/0x10 [ 407.310541][T10923] do_syscall_64+0x106/0xf80 [ 407.310572][T10923] ? clear_bhb_loop+0x40/0x90 [ 407.310610][T10923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 407.310642][T10923] RIP: 0033:0x7f1f9119c819 [ 407.310668][T10923] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 407.310697][T10923] RSP: 002b:00007f1f9206c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 407.310725][T10923] RAX: ffffffffffffffda RBX: 00007f1f91415fa8 RCX: 00007f1f9119c819 [ 407.310744][T10923] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1f91415fac [ 407.310762][T10923] RBP: 00007f1f91415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 407.310780][T10923] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000000 [ 407.310797][T10923] R13: 00007f1f91416038 R14: 00007ffd1bf3ae40 R15: 00007ffd1bf3af28 [ 407.310837][T10923] [ 411.761439][ T30] audit: type=1804 audit(2147483808.960:27): pid=10981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1120" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 412.130612][T10977] NFSD: Failed to start, no listeners configured. [ 412.292376][T10993] FAULT_INJECTION: forcing a failure. [ 412.292376][T10993] name failslab, interval 1, probability 0, space 0, times 0 [ 412.591244][T10993] CPU: 1 UID: 0 PID: 10993 Comm: syz.3.1123 Tainted: G L syzkaller #0 PREEMPT(full) [ 412.591298][T10993] Tainted: [L]=SOFTLOCKUP [ 412.591309][T10993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 412.591326][T10993] Call Trace: [ 412.591336][T10993] [ 412.591347][T10993] dump_stack_lvl+0x100/0x190 [ 412.591399][T10993] should_fail_ex.cold+0x5/0xa [ 412.591437][T10993] should_failslab+0xc2/0x120 [ 412.591473][T10993] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 412.591521][T10993] ? __proc_create+0x2cb/0x8c0 [ 412.591561][T10993] __proc_create+0x2cb/0x8c0 [ 412.591592][T10993] ? __pfx___proc_create+0x10/0x10 [ 412.591629][T10993] ? _raw_write_unlock+0x28/0x50 [ 412.591660][T10993] ? proc_register+0x559/0x8a0 [ 412.591697][T10993] proc_create_reg+0x75/0x170 [ 412.591728][T10993] ? __pfx_rt_acct_proc_show+0x10/0x10 [ 412.591767][T10993] proc_create_single_data+0x86/0x130 [ 412.591798][T10993] ? __pfx_proc_create_single_data+0x10/0x10 [ 412.591832][T10993] ? timer_init_key+0x150/0x340 [ 412.591864][T10993] ? __pfx_nl_fib_input+0x10/0x10 [ 412.591903][T10993] ip_rt_do_proc_init+0xf9/0x1d0 [ 412.591940][T10993] ? __pfx_ip_rt_do_proc_init+0x10/0x10 [ 412.591973][T10993] ops_init+0x1e2/0x5f0 [ 412.592009][T10993] setup_net+0x118/0x3a0 [ 412.592048][T10993] ? __pfx_setup_net+0x10/0x10 [ 412.592089][T10993] ? lockdep_init_map_type+0x5c/0x250 [ 412.592132][T10993] ? mutex_init_lockep+0x110/0x150 [ 412.592180][T10993] copy_net_ns+0x46f/0x7c0 [ 412.592219][T10993] create_new_namespaces+0x3ea/0xac0 [ 412.592264][T10993] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 412.592300][T10993] ksys_unshare+0x473/0xad0 [ 412.592340][T10993] ? __pfx_ksys_unshare+0x10/0x10 [ 412.592393][T10993] __x64_sys_unshare+0x31/0x40 [ 412.592432][T10993] do_syscall_64+0x106/0xf80 [ 412.592461][T10993] ? clear_bhb_loop+0x40/0x90 [ 412.592498][T10993] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.592528][T10993] RIP: 0033:0x7f20e079c819 [ 412.592554][T10993] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 412.592583][T10993] RSP: 002b:00007f20e15d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 412.592613][T10993] RAX: ffffffffffffffda RBX: 00007f20e0a15fa0 RCX: 00007f20e079c819 [ 412.592632][T10993] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 412.592650][T10993] RBP: 00007f20e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 412.592669][T10993] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 412.592688][T10993] R13: 00007f20e0a16038 R14: 00007f20e0a15fa0 R15: 00007ffe60533ae8 [ 412.592728][T10993] [ 414.022454][T11008] phram: not enough arguments [ 414.572711][T11018] netlink: 'syz.1.1130': attribute type 4 has an invalid length. [ 414.605182][T11018] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1130'. [ 414.629795][T11014] program syz.3.1129 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 414.661966][T11014] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 415.338647][ T30] audit: type=1804 audit(2147483812.540:28): pid=11026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1134" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 416.165703][T11043] nvme_fcloop: unknown parameter or missing value '7' [ 416.501717][T11049] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1141'. [ 417.679738][ T30] audit: type=1804 audit(2147483814.880:29): pid=11068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1145" name="/newroot/sys/kernel/debug/tracing/README" dev="tracefs" ino=730 res=1 errno=0 [ 419.801386][T11094] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 419.866185][T11094] netlink: 504 bytes leftover after parsing attributes in process `syz.1.1154'. [ 420.928852][T11111] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1157'. [ 421.040592][T11118] netlink: zone id is out of range [ 421.045901][T11118] netlink: zone id is out of range [ 421.060771][T11118] netlink: zone id is out of range [ 421.081257][T11118] netlink: zone id is out of range [ 421.102403][T11118] netlink: zone id is out of range [ 421.141374][T11118] netlink: zone id is out of range [ 421.185528][T11118] netlink: zone id is out of range [ 421.197038][T11118] netlink: zone id is out of range [ 421.211621][T11118] netlink: zone id is out of range [ 421.222765][T11118] netlink: zone id is out of range [ 421.310115][T11088] FAULT_INJECTION: forcing a failure. [ 421.310115][T11088] name failslab, interval 1, probability 0, space 0, times 0 [ 421.399525][T11088] CPU: 1 UID: 0 PID: 11088 Comm: syz.0.1149 Tainted: G L syzkaller #0 PREEMPT(full) [ 421.399576][T11088] Tainted: [L]=SOFTLOCKUP [ 421.399587][T11088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 421.399603][T11088] Call Trace: [ 421.399613][T11088] [ 421.399623][T11088] dump_stack_lvl+0x100/0x190 [ 421.399673][T11088] should_fail_ex.cold+0x5/0xa [ 421.399716][T11088] should_failslab+0xc2/0x120 [ 421.399750][T11088] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 421.399793][T11088] ? mas_alloc_nodes+0x280/0x390 [ 421.399843][T11088] mas_alloc_nodes+0x280/0x390 [ 421.399893][T11088] mas_preallocate+0x39c/0xf10 [ 421.399935][T11088] ? __pfx_mas_preallocate+0x10/0x10 [ 421.399967][T11088] ? __lock_acquire+0x4a5/0x2630 [ 421.400028][T11088] ? __asan_memset+0x23/0x50 [ 421.400072][T11088] ? init_multi_vma_prep+0x33c/0x650 [ 421.400117][T11088] commit_merge+0x3e3/0xbd0 [ 421.400165][T11088] ? __pfx_commit_merge+0x10/0x10 [ 421.400205][T11088] ? do_raw_spin_unlock+0x145/0x1e0 [ 421.400273][T11088] vma_expand+0x7df/0xcf0 [ 421.400324][T11088] ? __pfx_vma_expand+0x10/0x10 [ 421.400368][T11088] ? can_vma_merge_right+0xa5/0x530 [ 421.400414][T11088] vma_merge_new_range+0x2ce/0xa30 [ 421.400457][T11088] ? __sanitizer_cov_trace_const_cmp4+0x11/0x20 [ 421.400499][T11088] __mmap_region+0x900/0x29e0 [ 421.400548][T11088] ? update_cfs_rq_load_avg+0x51/0x550 [ 421.400583][T11088] ? __pfx___mmap_region+0x10/0x10 [ 421.400639][T11088] ? set_next_entity+0x11e/0x9c0 [ 421.400689][T11088] ? __lock_acquire+0x4a5/0x2630 [ 421.400743][T11088] ? lock_acquire+0x1cf/0x380 [ 421.400780][T11088] ? find_held_lock+0x2b/0x80 [ 421.400828][T11088] ? trace_sched_exit_tp+0x13a/0x180 [ 421.400916][T11088] ? rcu_is_watching+0x12/0xc0 [ 421.400963][T11088] ? cap_capable+0x107/0x460 [ 421.401002][T11088] mmap_region+0x180/0x3e0 [ 421.401068][T11088] do_mmap+0xc63/0x12f0 [ 421.401114][T11088] ? __pfx_do_mmap+0x10/0x10 [ 421.401150][T11088] ? __pfx_down_write_killable+0x10/0x10 [ 421.401196][T11088] vm_mmap_pgoff+0x29e/0x470 [ 421.401240][T11088] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 421.401278][T11088] ? do_futex+0x192/0x350 [ 421.401317][T11088] ? __pfx_do_futex+0x10/0x10 [ 421.401363][T11088] ksys_mmap_pgoff+0xe1/0x650 [ 421.401396][T11088] ? __x64_sys_futex+0x34f/0x4d0 [ 421.401434][T11088] ? __x64_sys_futex+0x358/0x4d0 [ 421.401475][T11088] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 421.401511][T11088] ? xfd_validate_state+0x129/0x190 [ 421.401558][T11088] __x64_sys_mmap+0x125/0x190 [ 421.401607][T11088] do_syscall_64+0x106/0xf80 [ 421.401636][T11088] ? clear_bhb_loop+0x40/0x90 [ 421.401674][T11088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.401706][T11088] RIP: 0033:0x7eff33f9c819 [ 421.401733][T11088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 421.401763][T11088] RSP: 002b:00007eff34d88028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 421.401795][T11088] RAX: ffffffffffffffda RBX: 00007eff34215fa0 RCX: 00007eff33f9c819 [ 421.401814][T11088] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 421.401833][T11088] RBP: 00007eff34032c91 R08: 0000000000000007 R09: 0000000000028000 [ 421.401851][T11088] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 421.401869][T11088] R13: 00007eff34216038 R14: 00007eff34215fa0 R15: 00007ffc286fb088 [ 421.401911][T11088] [ 421.993696][T11122] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 422.139274][T11127] FAULT_INJECTION: forcing a failure. [ 422.139274][T11127] name failslab, interval 1, probability 0, space 0, times 0 [ 422.154154][T11127] CPU: 1 UID: 0 PID: 11127 Comm: syz.2.1160 Tainted: G L syzkaller #0 PREEMPT(full) [ 422.154204][T11127] Tainted: [L]=SOFTLOCKUP [ 422.154216][T11127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 422.154233][T11127] Call Trace: [ 422.154243][T11127] [ 422.154255][T11127] dump_stack_lvl+0x100/0x190 [ 422.154305][T11127] should_fail_ex.cold+0x5/0xa [ 422.154350][T11127] should_failslab+0xc2/0x120 [ 422.154385][T11127] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 422.154433][T11127] ? __d_alloc+0x34/0xa80 [ 422.154476][T11127] __d_alloc+0x34/0xa80 [ 422.154516][T11127] d_alloc_pseudo+0x1c/0xc0 [ 422.154557][T11127] alloc_file_pseudo+0xcf/0x230 [ 422.154596][T11127] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 422.154643][T11127] __shmem_file_setup+0x221/0x490 [ 422.154691][T11127] ? __pfx___shmem_file_setup+0x10/0x10 [ 422.154739][T11127] ? vm_area_alloc+0x1f/0x160 [ 422.154785][T11127] shmem_zero_setup+0x96/0x1b0 [ 422.154818][T11127] __mmap_region+0x2198/0x29e0 [ 422.154870][T11127] ? __pfx___mmap_region+0x10/0x10 [ 422.154924][T11127] ? set_next_entity+0x11e/0x9c0 [ 422.154978][T11127] ? __lock_acquire+0x4a5/0x2630 [ 422.155038][T11127] ? find_held_lock+0x2b/0x80 [ 422.155067][T11127] ? finish_task_switch.isra.0+0x200/0xb80 [ 422.155098][T11127] ? finish_task_switch.isra.0+0x200/0xb80 [ 422.155150][T11127] ? trace_sched_exit_tp+0x13a/0x180 [ 422.155185][T11127] ? __schedule+0x1000/0x6120 [ 422.155277][T11127] ? rcu_is_watching+0x12/0xc0 [ 422.155325][T11127] ? cap_capable+0x107/0x460 [ 422.155373][T11127] mmap_region+0x180/0x3e0 [ 422.155424][T11127] do_mmap+0xc63/0x12f0 [ 422.155465][T11127] ? __pfx_do_mmap+0x10/0x10 [ 422.155501][T11127] ? __pfx_down_write_killable+0x10/0x10 [ 422.155545][T11127] vm_mmap_pgoff+0x29e/0x470 [ 422.155586][T11127] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 422.155620][T11127] ? do_futex+0x192/0x350 [ 422.155659][T11127] ? __pfx_do_futex+0x10/0x10 [ 422.155700][T11127] ksys_mmap_pgoff+0xe1/0x650 [ 422.155732][T11127] ? __x64_sys_futex+0x34f/0x4d0 [ 422.155765][T11127] ? __x64_sys_futex+0x358/0x4d0 [ 422.155803][T11127] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 422.155837][T11127] ? xfd_validate_state+0x129/0x190 [ 422.155884][T11127] __x64_sys_mmap+0x125/0x190 [ 422.155930][T11127] do_syscall_64+0x106/0xf80 [ 422.155960][T11127] ? clear_bhb_loop+0x40/0x90 [ 422.155996][T11127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 422.156026][T11127] RIP: 0033:0x7fd74699c819 [ 422.156051][T11127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 422.156077][T11127] RSP: 002b:00007fd747873028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 422.156103][T11127] RAX: ffffffffffffffda RBX: 00007fd746c16090 RCX: 00007fd74699c819 [ 422.156122][T11127] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 422.156140][T11127] RBP: 00007fd746a32c91 R08: 0000000000000401 R09: 0000000000008000 [ 422.156159][T11127] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 422.156176][T11127] R13: 00007fd746c16128 R14: 00007fd746c16090 R15: 00007ffea6639598 [ 422.156212][T11127] [ 423.255115][T11137] syz.2.1163(11137): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 424.667667][T11143] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1165'. [ 425.255663][T11173] syz.2.1173 uses obsolete (PF_INET,SOCK_PACKET) [ 425.319287][T11173] netlink: 346 bytes leftover after parsing attributes in process `syz.2.1173'. [ 430.636347][T11258] net_ratelimit: 47 callbacks suppressed [ 430.636376][T11258] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 432.107149][T11284] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 436.075504][T11297] kexec: Could not allocate control_code_buffer [ 436.115173][T11318] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 436.199807][T11318] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 436.206020][T11318] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 436.290656][T11318] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 436.358994][T11333] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1207'. [ 436.567959][T11333] ›: renamed from bond_slave_0 (while UP) [ 436.622920][T11333] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1207'. [ 436.949292][T11344] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 437.070012][T11335] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 437.108168][T11335] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 437.185253][T11335] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 437.301015][T11335] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 438.390128][T11364] FAULT_INJECTION: forcing a failure. [ 438.390128][T11364] name failslab, interval 1, probability 0, space 0, times 0 [ 438.390180][T11364] CPU: 1 UID: 0 PID: 11364 Comm: syz.3.1216 Tainted: G L syzkaller #0 PREEMPT(full) [ 438.390223][T11364] Tainted: [L]=SOFTLOCKUP [ 438.390233][T11364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 438.390251][T11364] Call Trace: [ 438.390260][T11364] getty: ttyS0: read error: Resource temporarily unavailable [ 438.390271][T11364] dump_stack_lvl+0x100/0x190 [ 438.390323][T11364] should_fail_ex.cold+0x5/0xa [ 438.390360][T11364] should_failslab+0xc2/0x120 [ 438.390394][T11364] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 438.390441][T11364] ? alloc_empty_file+0x55/0x1c0 [ 438.390489][T11364] alloc_empty_file+0x55/0x1c0 [ 438.390529][T11364] alloc_file_pseudo+0x13a/0x230 [ 438.390570][T11364] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 438.390610][T11364] ? alloc_fd+0x476/0x790 [ 438.390648][T11364] sock_alloc_file+0x50/0x210 [ 438.390683][T11364] __sys_socket+0x1c0/0x260 [ 438.390723][T11364] ? __pfx___sys_socket+0x10/0x10 [ 438.390776][T11364] __x64_sys_socket+0x72/0xb0 [ 438.390817][T11364] ? lockdep_hardirqs_on+0x78/0x100 [ 438.390851][T11364] do_syscall_64+0x106/0xf80 [ 438.390881][T11364] ? clear_bhb_loop+0x40/0x90 [ 438.390929][T11364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.390961][T11364] RIP: 0033:0x7f20e079c819 [ 438.390986][T11364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 438.391015][T11364] RSP: 002b:00007f20e15d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 438.391045][T11364] RAX: ffffffffffffffda RBX: 00007f20e0a15fa0 RCX: 00007f20e079c819 [ 438.391064][T11364] RDX: 000000000000003a RSI: 0000000000000003 RDI: 000000000000000a [ 438.391081][T11364] RBP: 00007f20e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 438.391098][T11364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.391116][T11364] R13: 00007f20e0a16038 R14: 00007f20e0a15fa0 R15: 00007ffe60533ae8 [ 438.391156][T11364] [ 439.089988][ T7934] Bluetooth: hci0: command 0x0c1a tx timeout [ 439.218987][ T9226] Bluetooth: hci1: command 0x0c1a tx timeout [ 439.249775][ T7934] Bluetooth: hci2: command 0x0c1a tx timeout [ 439.329745][ T7934] Bluetooth: hci3: command 0x0c1a tx timeout [ 439.359707][T11392] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1220'. syzkaller syzkaller login: [ 440.452348][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.458970][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.916548][T11426] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 445.268540][T11472] __vm_enough_memory: pid: 11472, comm: syz.2.1235, bytes: 4398046457856 not enough memory for the allocation [ 446.450693][T11494] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1241'. [ 446.764866][T10011] EXT4-fs (sda1): Delayed block allocation failed for inode 2026 at logical offset 7 with max blocks 75 with error 117 [ 447.043530][T10011] EXT4-fs (sda1): This should not happen!! Data will be lost [ 447.043530][T10011] [ 447.266842][ T30] audit: type=1800 audit(2147483844.460:30): pid=11501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1242" name="dbroot" dev="configfs" ino=181012 res=0 errno=0 [ 447.726163][T11511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1245'. [ 448.358958][T11503] FAULT_INJECTION: forcing a failure. [ 448.358958][T11503] name failslab, interval 1, probability 0, space 0, times 0 [ 448.420788][T11503] CPU: 1 UID: 0 PID: 11503 Comm: syz.3.1243 Tainted: G L syzkaller #0 PREEMPT(full) [ 448.420840][T11503] Tainted: [L]=SOFTLOCKUP [ 448.420850][T11503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 448.421008][T11503] Call Trace: [ 448.421021][T11503] [ 448.421033][T11503] dump_stack_lvl+0x100/0x190 [ 448.421113][T11503] should_fail_ex.cold+0x5/0xa [ 448.421152][T11503] should_failslab+0xc2/0x120 [ 448.421187][T11503] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 448.421236][T11503] ? mas_alloc_nodes+0x280/0x390 [ 448.421290][T11503] mas_alloc_nodes+0x280/0x390 [ 448.421343][T11503] mas_preallocate+0x39c/0xf10 [ 448.421384][T11503] ? __pfx_mas_preallocate+0x10/0x10 [ 448.421416][T11503] ? __lock_acquire+0x4a5/0x2630 [ 448.421466][T11503] ? __asan_memset+0x23/0x50 [ 448.421506][T11503] ? init_multi_vma_prep+0x33c/0x650 [ 448.421552][T11503] commit_merge+0x3e3/0xbd0 [ 448.421600][T11503] ? __pfx_commit_merge+0x10/0x10 [ 448.421641][T11503] ? do_raw_spin_unlock+0x145/0x1e0 [ 448.421706][T11503] vma_expand+0x7df/0xcf0 [ 448.421752][T11503] ? __pfx_vma_expand+0x10/0x10 [ 448.421810][T11503] ? can_vma_merge_right+0xa5/0x530 [ 448.421853][T11503] vma_merge_new_range+0x2ce/0xa30 [ 448.421887][T11503] ? __sanitizer_cov_trace_const_cmp4+0x11/0x20 [ 448.421927][T11503] __mmap_region+0x900/0x29e0 [ 448.421981][T11503] ? __pfx___mmap_region+0x10/0x10 [ 448.422022][T11503] ? process_measurement+0x1f4/0x2350 [ 448.422062][T11503] ? __pfx_css_rstat_updated+0x10/0x10 [ 448.422123][T11503] ? __lock_acquire+0x4a5/0x2630 [ 448.422179][T11503] ? lock_acquire+0x1cf/0x380 [ 448.422218][T11503] ? find_held_lock+0x2b/0x80 [ 448.422273][T11503] ? trace_sched_exit_tp+0x13a/0x180 [ 448.422366][T11503] ? rcu_is_watching+0x12/0xc0 [ 448.422416][T11503] ? cap_capable+0x107/0x460 [ 448.422455][T11503] mmap_region+0x180/0x3e0 [ 448.422509][T11503] do_mmap+0xc63/0x12f0 [ 448.422553][T11503] ? __pfx_do_mmap+0x10/0x10 [ 448.422589][T11503] ? __pfx_down_write_killable+0x10/0x10 [ 448.422636][T11503] vm_mmap_pgoff+0x29e/0x470 [ 448.422682][T11503] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 448.422722][T11503] ? do_futex+0x192/0x350 [ 448.422761][T11503] ? __pfx_do_futex+0x10/0x10 [ 448.422811][T11503] ksys_mmap_pgoff+0xe1/0x650 [ 448.422846][T11503] ? __x64_sys_futex+0x34f/0x4d0 [ 448.422882][T11503] ? __x64_sys_futex+0x358/0x4d0 [ 448.422924][T11503] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 448.422958][T11503] ? xfd_validate_state+0x129/0x190 [ 448.423012][T11503] __x64_sys_mmap+0x125/0x190 [ 448.423062][T11503] do_syscall_64+0x106/0xf80 [ 448.423101][T11503] ? clear_bhb_loop+0x40/0x90 [ 448.423140][T11503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.423172][T11503] RIP: 0033:0x7f20e079c819 [ 448.423202][T11503] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 448.423231][T11503] RSP: 002b:00007f20e15d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 448.423261][T11503] RAX: ffffffffffffffda RBX: 00007f20e0a15fa0 RCX: 00007f20e079c819 [ 448.423283][T11503] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 448.423301][T11503] RBP: 00007f20e0832c91 R08: 0000000000000007 R09: 0000000000028000 [ 448.423319][T11503] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 448.423336][T11503] R13: 00007f20e0a16038 R14: 00007f20e0a15fa0 R15: 00007ffe60533ae8 [ 448.423378][T11503] [ 449.289388][T11532] BUG: unable to handle page fault for address: fffff520047e3200 [ 449.289414][T11532] #PF: supervisor read access in kernel mode [ 449.289432][T11532] #PF: error_code(0x0000) - not-present page [ 449.289453][T11532] PGD 23fff5067 P4D 23fff5067 PUD 1c6bd067 PMD 4fd7f067 PTE 0 [ 449.289506][T11532] Oops: Oops: 0000 [#1] SMP KASAN PTI [ 449.289537][T11532] CPU: 1 UID: 0 PID: 11532 Comm: syz.3.1250 Tainted: G L syzkaller #0 PREEMPT(full) [ 449.289579][T11532] Tainted: [L]=SOFTLOCKUP [ 449.289590][T11532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 449.289607][T11532] RIP: 0010:sys_imageblit+0x16c1/0x1d60 [ 449.289658][T11532] Code: 7c cd 00 48 89 fe 48 c1 ee 03 80 3c 1e 00 0f 85 aa 05 00 00 4d 63 f6 48 8b 8c cc 88 00 00 00 4f 8d 34 f7 4c 89 f6 48 c1 ee 03 <80> 3c 1e 00 0f 85 1b 03 00 00 49 89 0e 41 89 c6 8d 4d fd 41 c1 ee [ 449.289687][T11532] RSP: 0018:ffffc90006117778 EFLAGS: 00010a06 [ 449.289711][T11532] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 449.289730][T11532] RDX: 0000000000000000 RSI: 1ffff920047e3200 RDI: ffffc90006117800 [ 449.289749][T11532] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000003 [ 449.289767][T11532] R10: 0000000000000008 R11: 0000000000000000 R12: ffff888026cf5b51 [ 449.289785][T11532] R13: ffffc90006117800 R14: ffffc90023f19000 R15: ffffc90023f19000 [ 449.289805][T11532] FS: 00007f20e15d36c0(0000) GS:ffff888124440000(0000) knlGS:0000000000000000 [ 449.289834][T11532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 449.289852][T11532] CR2: fffff520047e3200 CR3: 000000002a72c000 CR4: 00000000003526f0 [ 449.289872][T11532] Call Trace: [ 449.289881][T11532] [ 449.289898][T11532] ? __pfx_sys_imageblit+0x10/0x10 [ 449.289943][T11532] ? debug_object_activate+0x331/0x490 [ 449.289978][T11532] ? do_raw_spin_unlock+0x145/0x1e0 [ 449.290026][T11532] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 449.290064][T11532] soft_cursor+0x524/0xa10 [ 449.290115][T11532] ? __mod_timer+0x409/0xca0 [ 449.290151][T11532] ? fb_get_color_depth+0x120/0x250 [ 449.290188][T11532] ccw_cursor+0xf93/0x1c20 [ 449.290241][T11532] ? __pfx_ccw_cursor+0x10/0x10 [ 449.290289][T11532] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 449.290322][T11532] ? get_color+0x1da/0x450 [ 449.290353][T11532] ? __pfx_ccw_cursor+0x10/0x10 [ 449.290395][T11532] fbcon_cursor+0x43c/0x5e0 [ 449.290430][T11532] hide_cursor+0x87/0x230 [ 449.290469][T11532] putconsxy+0x1f/0x3c0 [ 449.290497][T11532] vcs_write+0xba9/0xd60 [ 449.290537][T11532] ? __bpf_trace_sched_exit_tp+0xc0/0xc0 [ 449.290583][T11532] ? __pfx_vcs_write+0x10/0x10 [ 449.290619][T11532] ? apparmor_file_permission+0x13f/0x1c0 [ 449.290655][T11532] ? bpf_lsm_file_permission+0x9/0x10 [ 449.290684][T11532] ? security_file_permission+0x76/0x210 [ 449.290726][T11532] ? rw_verify_area+0xce/0x6d0 [ 449.290771][T11532] vfs_write+0x2aa/0x1070 [ 449.290799][T11532] ? __pfx_vcs_write+0x10/0x10 [ 449.290837][T11532] ? __pfx_vfs_write+0x10/0x10 [ 449.290862][T11532] ? do_futex+0x192/0x350 [ 449.290901][T11532] ? __pfx_do_futex+0x10/0x10 [ 449.290943][T11532] ? __x64_sys_futex+0x34f/0x4d0 [ 449.290981][T11532] ? __x64_sys_futex+0x358/0x4d0 [ 449.291021][T11532] ksys_write+0x12a/0x250 [ 449.291048][T11532] ? __pfx_ksys_write+0x10/0x10 [ 449.291082][T11532] do_syscall_64+0x106/0xf80 [ 449.291122][T11532] ? clear_bhb_loop+0x40/0x90 [ 449.291158][T11532] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.291189][T11532] RIP: 0033:0x7f20e079c819 [ 449.291212][T11532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 449.291242][T11532] RSP: 002b:00007f20e15d3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 449.291269][T11532] RAX: ffffffffffffffda RBX: 00007f20e0a15fa0 RCX: 00007f20e079c819 [ 449.291290][T11532] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 449.291308][T11532] RBP: 00007f20e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 449.291325][T11532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 449.291343][T11532] R13: 00007f20e0a16038 R14: 00007f20e0a15fa0 R15: 00007ffe60533ae8 [ 449.291368][T11532] [ 449.291377][T11532] Modules linked in: [ 449.291395][T11532] CR2: fffff520047e3200 [ 449.291409][T11532] ---[ end trace 0000000000000000 ]--- [ 449.291424][T11532] RIP: 0010:sys_imageblit+0x16c1/0x1d60 [ 449.291472][T11532] Code: 7c cd 00 48 89 fe 48 c1 ee 03 80 3c 1e 00 0f 85 aa 05 00 00 4d 63 f6 48 8b 8c cc 88 00 00 00 4f 8d 34 f7 4c 89 f6 48 c1 ee 03 <80> 3c 1e 00 0f 85 1b 03 00 00 49 89 0e 41 89 c6 8d 4d fd 41 c1 ee [ 449.291501][T11532] RSP: 0018:ffffc90006117778 EFLAGS: 00010a06 [ 449.291524][T11532] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: 0000000000000000 [ 449.291543][T11532] RDX: 0000000000000000 RSI: 1ffff920047e3200 RDI: ffffc90006117800 [ 449.291563][T11532] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000003 [ 449.291579][T11532] R10: 0000000000000008 R11: 0000000000000000 R12: ffff888026cf5b51 [ 449.291597][T11532] R13: ffffc90006117800 R14: ffffc90023f19000 R15: ffffc90023f19000 [ 449.291618][T11532] FS: 00007f20e15d36c0(0000) GS:ffff888124440000(0000) knlGS:0000000000000000 [ 449.291648][T11532] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 449.291668][T11532] CR2: fffff520047e3200 CR3: 000000002a72c000 CR4: 00000000003526f0 [ 449.291690][T11532] Kernel panic - not syncing: Fatal exception [ 449.291854][T11532] Kernel Offset: disabled