last executing test programs: 5m51.469114062s ago: executing program 3 (id=2789): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0) utimensat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60204, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r0, 0x3, 0x0, 0x0, 0x0) select$auto(0x6, 0x0, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffffc, 0xfff]}, &(0x7f0000000180)={[0x2, 0x8000, 0x4, 0x8000000000000001, 0x7f, 0x0, 0x7, 0x7, 0x8, 0x2, 0x8, 0x10, 0x5, 0xfffffffffffffff4, 0x9, 0x2]}, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x801, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyqc\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd11/queue/stable_writes\x00', 0x1a1842, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r2 = socketpair$auto(0x20, 0x40006, 0xfffffff9, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(r1, 0x541c, r2) 5m51.142715518s ago: executing program 3 (id=2792): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0) utimensat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60204, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r0, 0x3, 0x0, 0x0, 0x0) select$auto(0x6, 0x0, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffffc, 0xfff]}, &(0x7f0000000180)={[0x2, 0x8000, 0x4, 0x8000000000000001, 0x7f, 0x0, 0x7, 0x7, 0x8, 0x2, 0x8, 0x10, 0x5, 0xfffffffffffffff4, 0x9, 0x2]}, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x801, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyqc\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd11/queue/stable_writes\x00', 0x1a1842, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r2 = socketpair$auto(0x20, 0x40006, 0xfffffff9, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(r1, 0x541c, r2) 5m50.252714128s ago: executing program 3 (id=2793): mmap$auto(0x7, 0x7, 0xdf, 0x30, 0x69a5, 0x7) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) epoll_create$auto(0x4) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/cpuidle/current_governor\x00', 0xa42, 0x0) sendfile$auto(r2, r2, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = io_uring_setup$auto(0x6, 0x0) r4 = io_uring_setup$auto(0x40, &(0x7f00000001c0)={0x3, 0x5, 0xbc, 0x9, 0x5b77b906, 0x0, 0xffffffffffffffff, [0xcfa, 0xe5d, 0x6], {0x6, 0x38, 0x9, 0x80004, 0x4, 0x3, 0x3ff, 0x7fffffff, 0xffff}, {0x2, 0x9, 0x7, 0x2, 0x0, 0xffff13a7, 0x80000006, 0x44a0, 0x1001}}) r5 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r5, 0x107, 0xf, 0x0, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x80000001, 0x6, 0x5c}) sendfile$auto(r3, r4, &(0x7f0000000180)=0x4, 0xfe) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200), 0x7}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x4, 0x100) mremap$auto(0x4, 0x9, 0x8, 0x2, 0x0) unshare$auto(0x40000080) unshare$auto(0x40000080) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) r6 = epoll_create$auto(0x3e) r7 = socket(0x1, 0x3, 0x0) epoll_ctl$auto(r6, 0x1, r7, 0x0) 5m41.575980037s ago: executing program 3 (id=2802): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0) utimensat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60204, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r0, 0x3, 0x0, 0x0, 0x0) select$auto(0x6, 0x0, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffffc, 0xfff]}, &(0x7f0000000180)={[0x2, 0x8000, 0x4, 0x8000000000000001, 0x7f, 0x0, 0x7, 0x7, 0x8, 0x2, 0x8, 0x10, 0x5, 0xfffffffffffffff4, 0x9, 0x2]}, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x801, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyqc\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd11/queue/stable_writes\x00', 0x1a1842, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r2 = socketpair$auto(0x20, 0x40006, 0xfffffff9, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(r1, 0x541c, r2) 5m40.471150893s ago: executing program 3 (id=2806): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0) utimensat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60204, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r0, 0x3, 0x0, 0x0, 0x0) select$auto(0x6, 0x0, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffffc, 0xfff]}, &(0x7f0000000180)={[0x2, 0x8000, 0x4, 0x8000000000000001, 0x7f, 0x0, 0x7, 0x7, 0x8, 0x2, 0x8, 0x10, 0x5, 0xfffffffffffffff4, 0x9, 0x2]}, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x801, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyqc\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd11/queue/stable_writes\x00', 0x1a1842, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r2 = socketpair$auto(0x20, 0x40006, 0xfffffff9, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(r1, 0x541c, r2) 5m39.294414131s ago: executing program 3 (id=2809): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r3, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r4, 0x41045508, r4) 5m24.1899417s ago: executing program 32 (id=2809): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r3, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r4, 0x41045508, r4) 3m12.543460371s ago: executing program 0 (id=3139): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0xa0801, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socketcall$auto(0x8000, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae91, &(0x7f0000000040)={0xdd}) 3m10.779468469s ago: executing program 0 (id=3144): mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0xffffffffffffffff, 0x7ffd) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) msgctl$auto_MSG_INFO(0x0, 0xc, &(0x7f0000000180)={{0xfffffffc, 0x0, 0x0, 0x5, 0x5f, 0xcf, 0x5}, 0x0, 0x0, 0x7, 0x7, 0x6, 0x3, 0x14cd21ec, 0x3, 0x7, 0x4, @inferred=0xffffffffffffffff}) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x7, 0x4000017, 0xfffffffffffffffa, 0x8000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D0c\x00', 0x80, 0x0) 3m6.194754778s ago: executing program 0 (id=3152): write$auto_proc_loginuid_operations_base(0xffffffffffffffff, &(0x7f0000000040)="9dc4e29815c3dd855a4340428a12ae12c859250e55d63ef492651f515f9a76158c045ff86707a23e18496d5d7129a8e340b7ebcd1806c7b26420ea05cab20eabc25b6240b084785dac9ddeceedcf0c288633b6a40eb3c9a9a00a8140c1a5d3f4418e6820622dc5e8f300f88254e3b7a4052254f9c40b62b89841b2", 0x7b) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) open(&(0x7f0000000800)='./file1\x00', 0x163ac1, 0x82) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r3 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sysfs$auto(0x2, 0x23, 0x0) r5 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r5, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000300), r2) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="42bf", 0x2) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYRESOCT=r2, @ANYRESOCT=r3, @ANYRES8, @ANYRES16, @ANYRESHEX=r4, @ANYBLOB="de2226424ecd338c2a7d7e9ab6b1692609176f3156f5b69843e3d8c9eb80b3a39ac2ac65fbbd662aed71f79092d0c7f0c813449df0a869e6744d994122cf1657ecabacc04e2758ba00a3afdfd032b5416c6b24fe4107aae14b9d588fa215e391889a0c2fa9cb2f296012d7dc7ee36bb8b868c82726ff9e52e834a9d553ec705b2cd00e7e3b6cdd40b54201aacd08c092b04e87ea9748a6905d3267f009ebe321fff308ebd08e96b7938e378f886985b5248a4b5f90c52ee9f02f33cad741954c4997b216bad5096965047f3979074d23bdfcd8", @ANYRES8], 0x50}, 0x1, 0x0, 0x0, 0x4048000}, 0x0) r6 = socket(0x10, 0x2, 0x6) getsockopt$auto(r6, 0x2, 0x0, &(0x7f0000000180)='%\x00', &(0x7f00000001c0)=0x8) 3m1.58857273s ago: executing program 0 (id=3167): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) read$auto_stats_fops_(r1, &(0x7f0000000840)=""/4096, 0x1000) write$auto(r0, &(0x7f0000000000)='/dev/loop6\x00', 0x6) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3) socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 2m58.862494446s ago: executing program 0 (id=3173): setdomainname$auto(0x0, 0x7) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyde\x00', 0x60540, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socketpair$auto(0x1, 0x5, 0x100000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyc4\x00', 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0x1, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) 2m51.559098534s ago: executing program 0 (id=3190): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_lowpan_control_fops_6lowpan(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x4006, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) socketpair$auto(0x8, 0x7, 0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 2m36.434431661s ago: executing program 33 (id=3190): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_lowpan_control_fops_6lowpan(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x4006, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) socketpair$auto(0x8, 0x7, 0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 2m4.151702291s ago: executing program 5 (id=3291): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0) utimensat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60204, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r0, 0x3, 0x0, 0x0, 0x0) select$auto(0x6, 0x0, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffffc, 0xfff]}, &(0x7f0000000180)={[0x2, 0x8000, 0x4, 0x8000000000000001, 0x7f, 0x0, 0x7, 0x7, 0x8, 0x2, 0x8, 0x10, 0x5, 0xfffffffffffffff4, 0x9, 0x2]}, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x801, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyqc\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd11/queue/stable_writes\x00', 0x1a1842, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) r2 = socketpair$auto(0x20, 0x40006, 0xfffffff9, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(r1, 0x541c, r2) 2m3.116209509s ago: executing program 5 (id=3293): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0) utimensat$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x28) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60204, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r0, 0x3, 0x0, 0x0, 0x0) select$auto(0x6, 0x0, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffffc, 0xfff]}, &(0x7f0000000180)={[0x2, 0x8000, 0x4, 0x8000000000000001, 0x7f, 0x0, 0x7, 0x7, 0x8, 0x2, 0x8, 0x10, 0x5, 0xfffffffffffffff4, 0x9, 0x2]}, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x10, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x801, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyqc\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/nbd11/queue/stable_writes\x00', 0x1a1842, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) r2 = socketpair$auto(0x20, 0x40006, 0xfffffff9, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(r1, 0x541c, r2) 2m2.212718605s ago: executing program 5 (id=3296): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYBLOB="140000", @ANYRES16=r1, @ANYBLOB="010031bddd40c82ddc06ef727000"], 0x14}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\x00\x01\x00'/21, 0x100000002, 0x100000001) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) prctl$auto(0x1, 0x8, 0x0, 0x3a, 0x1) 1m59.145102931s ago: executing program 5 (id=3301): clock_nanosleep$auto(0x8, 0x1, 0x0, 0xffffffffffffffff) select$auto(0x32, &(0x7f00000000c0)={[0x40, 0x54, 0x1, 0xffffffff00000001, 0x7, 0x1000, 0xfffffffffffffffe, 0x6, 0x5, 0x7, 0x0, 0x0, 0x0, 0x9, 0x81, 0x92e]}, &(0x7f0000000140)={[0x100000000, 0x2, 0x9, 0x8, 0x7fffffffffffffff, 0x5, 0x3, 0x9, 0x80, 0x302, 0x1, 0xfffffffffffffffc, 0x9, 0x7, 0xf, 0x100]}, &(0x7f00000001c0)={[0x5, 0x10000, 0xffff, 0x9, 0x6, 0x1, 0x1, 0x4, 0x8, 0xfffffffffffffff9, 0x4, 0x7fff, 0x2, 0x0, 0x6, 0x8000000000000006]}, &(0x7f0000000040)={0x367, 0x8}) mmap$auto(0x0, 0x4000e, 0x7, 0x9b72, 0x7, 0x28000) r0 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000080)='/dev/etherd/interfaces\x00', 0x1, 0x0) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x10a, 0x8, 0x0) writev$auto(r0, &(0x7f0000000140)={0x0, 0x1}, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000380), r1) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_active_count\x00', 0x0, 0x0) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x80, 0x0) r2 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000240)=0x200) ioctl$auto_SNDCTL_TMR_STOP(r2, 0x5403, &(0x7f0000000280)="c0a5270da6604ee00c8656c556717eb0914634aa827de8f6c4e2a666276ebded5d98d6ccced7f726772406393c54d9dd3fbda57c0a32dc6e5083d39b38537a75ad355046670ac5d6f539338ce2ba8165cc9be17d2d0dc79b450d72b69ddb312a46c2fd75166226467faa7672d86f377faee5f1ed339337a3b1d70a2513f6c554462c46c853e92c26d66fbc1ff7f609ac97522fa294a977f74f804043852b356fbe737068eaeb10f9509f519bfb73ca2ef17a68778102") mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto_USBDEVFS_DROP_PRIVILEGES(0xffffffffffffffff, 0x4004551e, &(0x7f0000000400)=0x4) madvise$auto(0x0, 0x2003f2, 0x15) io_uring_setup$auto(0x7f, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) close_range$auto(0x2, 0x8000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyta/uevent\x00', 0x41900, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40026f34, 0x0) ioctl$auto_EVIOCGREP(0xffffffffffffffff, 0x80084503, 0x0) 1m58.030156002s ago: executing program 5 (id=3304): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/022/001\x00', 0x10200, 0x0) ioctl$auto_USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, 0x0) acct$auto(&(0x7f0000000080)='-\'*\x00') acct$auto(&(0x7f00000000c0)='\xdd}\\\x00') r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/midi2\x00', 0x20440, 0x0) acct$auto(&(0x7f0000000140)='/dev/bus/usb/022/001\x00') r2 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000180), 0x100181, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/options/irq-info\x00', 0x0, 0x0) ioctl$auto_VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000200)=r1) setsockopt$auto_SO_PASSSEC(r3, 0x9, 0x22, &(0x7f0000000240)='(\x00', 0x400) acct$auto(&(0x7f0000000280)='/dev/qrtr-tun\x00') ioctl$auto_USBDEVFS_SETINTERFACE(r3, 0x80085504, &(0x7f00000002c0)={0x3, 0x862}) acct$auto(&(0x7f0000000300)='/sys/kernel/debug/tracing/options/irq-info\x00') acct$auto(&(0x7f0000000340)='@%\x00') r4 = getpgrp(0x0) ioctl$auto_XFS_IOC_FREESP(r3, 0x4030580b, &(0x7f0000000380)={0x6, 0x76, 0x1ff, 0x10, 0x8, r4}) read$auto_ima_measurements_ops_ima_fs(r3, &(0x7f00000003c0)=""/228, 0xe4) r5 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f00000004c0), 0x440, 0x0) setsockopt$auto_SO_TXREHASH(r5, 0x54, 0x4a, &(0x7f0000000500)='\x00', 0xf160) fcntl$auto_F_SETLKW(r3, 0x7, 0x6) acct$auto(&(0x7f0000000540)='%-+\x00') sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000640)={0x0}, 0x1, 0x0, 0x0, 0x4004811}, 0x40000) getsockopt$auto_SO_NOFCS(r2, 0x8, 0x2b, &(0x7f00000006c0)='/dev/bus/usb/022/001\x00', &(0x7f0000000700)=0x7ff) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000740), 0x210001, 0x0) syz_clone(0x0, &(0x7f0000000780)="8db1fd683d3fe6928fecce779ba37b9bd9e0f004b5b7db459925bb7bf4b695ff4d9d33584c960ce41def7b6f7575b462a632042f7777aaf43f2eba6a4ceecb4ce6b89e166cbe5ef70289960e4031e4d1b8b1f29249f34dbbf776efdc8cd3fc4fdd25e7a1ff4567cc5fc94125195e7ccafa4c0d119e32baffd6f388055f8982339517b0c63ca809e4eb07eddecb8f1f1edeeafc396fa254ee8e1c53173e6dcb9e3e84cc95beef31ff95649949e4c6604eebf700aa16045d5432b1fe0ffcd029a475f3700828a6f916d4478ba7e899dfee5baeeafcfbeefde7a9063a6f394f08b225c62fdf5b999a8444ca70c66b7f12e04b", 0xf1, &(0x7f0000000880), &(0x7f00000008c0), &(0x7f0000000900)="10ffd91ef0d7d96f6c4845e3727a10de6d902ec8b84cf1f06e9b68b0af9a29ea2540a39851a48c3cff1622e5354a6fc1e06c329fc569afe5cbec6ef2c19e8230ced01c7b8ca79a8551d0c7b9f43bfe5d33db47690a7e6f2a7d1d8f93de3c3d5092e2e61ba2875fe42dac95393f769a704b22df29b10ebe0222ac6e25aa0fdca3b2e61e3ab4b173c89f14dd35423bd02af1784fbba19166f04a4bfd7db754ba7f42294f22104aa29fd711105d5d1c2224bee8b90c4c06aff9244894ed4fd1c6679948087613481de582bd6c912b666c") sendto$auto(r5, &(0x7f0000000a00)="3805ff134f0cf8b1a64e70d2a134177b6503c8285e2d35eee60b6603d3bab4069253ab1a986f1742a0d096c27ec8c18eff4851ff94a2cd35696c4e118db932d910104ae0a973720fae758893185506390ff8669dc4af4e33e2b96b0d25b2e1f51f7d481a8e65a73a94f5f10e30f3e0446436e887070054fb634b58eefbed228f3bd5fb0fa40df1f144502e53d2191b1b0acf8dfc1c7b23e221cfb4933d2bda7f078d853df42d75b5e4489ba4a5c454026f4aa17df6a6e887cfd59aaa2a26282b4546e264bab27b1e31a60a25ed7f323d30049b942313187744b2e530507b86708fc202efa6106fe0b65fa8e9d9d9ab48026e7c8e4f172e33f9114a9b2da79ab07c097aa2ca992753fad0d1c401fbbe50ec50b5c650f716dc9dae3c4e9e3053355950ff01980181247d025e7e4240855245162040d887a016d70469dfa74529107af649fc15990021681b6a5e0d5de3d74f04815309506d88e3f500307bb134f595bee36398b2ac36dde9f4db4674bb931be5ac277627002c7e5f65b77ab005c08fbf27d7fbd61054d4823c2fc86b596bd41e487520827a811f0c097b45c388b784ba7f272607a16485b9205920792bf0a2edc2d0adb60ee2e8830e04548b8f4070610b40ff2774b9a44a624245b078f8f2fe3a1d6218e656669ab1889517fd4fcdc4e3d8d173a5fb5d60546d9034a93306c902788a175b92bfdf10b7a8dcfc57b627188c6bf3c9155233c6fb0ff646ae8eb24cb573f48a9fa3b571632bf146094d69070a80cf3a3f2bc0be86f03d086546b7ae1c23bcbf6add894f652d3b65cee73266f1074021e81f4d18b2fd8dc7e67c0b21b06969bcdc6b27bddc9a2bb41cdc4e17d060010113d754c8a165922d9af95de74190cda1924143edc795fa7a4de7c6ff45968d6aa0fc1522e4803c3f0409e1bebb7ac90c79c12393c9e8fb446a7c1ffff1e9929128f7a8a021d04cfc98b0eb5843d6753a831ef1c7450c016f4a6eea07513654f0a3d7da923ef835cff47759e913405422d804fd395e2f673fb3ceee0ede2a54092ba694ed83a2b033071f5ac1ff54f556c6cb11f492986ab4b1c08c07f6a6ffcd40da5b84b67bfcdf6ba158a50f32547b99ebeddef02238228cf570160668ee13bb46adda5fe35e2f770de9fd2b1d99467ef211f10e0277ae982848a7542c939c75c98573283ed884673d63c1b50936731afa6ae94659973d44eff7aeeb4990bdb6ad3cecbed8587ba06c921468c876de9fc113a266d2b9c887eaf95e7f4212f11e94a0c22f081b4dbf640707d8cd37a442a566f4c929a94cb9fb52ded4547aeb74942b82a127cbd2936efd720841561b751ef7d81bd305419157934ef0f583ab186d13cd0ebac7958a2f1a127e7937816f033d920deffef55fb49e31e5e950a9f65a402c01c989d314d216632e61a5d52938b01032462a68b8c29e81e806f55adb80eb6b140bc45b569e835db4acb5e1b5c4e95fd9410b3d50cdad99a536a60d1fe44d2f23a09a31148a2f8d791f4e457956f7367077e0adfc3bf0c2cf9fc295a3de467f8143abaab4612ac1316c88265c55da3c1b053a303b8e55ef2da8d34bc64ec165f93ca046cbf63cac22e0d330606c1f9f18b01e62c90a749c953702b50a5f809993a4da1e0e3e9815823c027ccea8e405ef6a6dea34f2caf90f18ee20c48fbe18f156f190c9c51c02473e1157569b52081cccdce8aee286ced20a436af2c9e6983dae009f3aef3ed5debe9615ed5b5ada620934157c512f60a90ce3d87d84252113492e03fe41735aabaef5ca6a1aee0a15fc0ef44f33d1084dc1f3cdcdd1d8d1e07e43c318a31ae2585d417978cd473177157a0ec941a6d593099d59b8905727580e1100b5a9b7c0d9f9587e111c1dab5f8be04eff02990eb8cd287aeb0e447bd820abe7cd56fdf017c5f58860b5d3d818ebf75c6b416820683039c900b7da91b818e4a6d29334652181246d36b32cb288325e2c3b3c0d431510f38f770d477e8376df956fb3089fba2e7e80a71c508e9c0a52724656e5ed4216d97746541b0c44c8efd42798b38003458c091b2e79047189943680c174084bd8fbc804928810e074487c5441f6ee9649e8e32c066c4d6bf676878a334ebe17f1b0b5aa8e1e89e37e56f4798458072de0b0267de478ee4bbc96e8fe511f48ae2599695f969c9032e0cea1634da6da4aa3dd68ecc4a9f4a5e6c0d51aabf10bd7db0959e68b9a55eb3eab053ee453244ecb8a0c5cf6226417560471b553db9caa2aa34fd952491e74e85ef4211666c86f5da351b29c1e76c2028963aa6cd8e5f70c1fd1084b21e7e4dc464efbee9e1dcd1d12ee8ee917b3d3c4563473802dd99bc88f435183e35053236373b76ac9866264556ce56f43b7f66324dcd06075d73f7cc3225fee9bd1d247b507d470181759cb3c35cd209037117ef92a637d88e129d6905257dc94734011cf602dbc6d96e81f095c342432a0c1fed71186c8de8b2698fef342aca0fff1451485c62349d1fa196d7f5d8f940ef450698be6447d671f1c0174b53cfc6a453d4d60ae1b536786bf7def05b19fb95d0ec97d83e91b79e58d0ed032d35de6a2a586fbc45880d0c96ef1f7b54066fd5e205428566d44fd3032a30890811835ae465902b328ad864b9ff40d6ac85c5e1b82dcae27f31eb389622a70238b6dfff506c5a107c44e31433986979f507d99fd5eea0f90a1c331266a77ca7ee5116fc2e4c40bde2b4106d3f447a1606e2e42db33716375507981538bde417b29ea1cd8a14bf132ce518c9d350523d832c7b3bdc9a420493d91804792953deda7b24950f625ccbd97e2a9624d43c606848f1ca59f3e0a9c3aff83a7dcae806a7ba2b517a19347c48e6898baa419a60f933b3c0a44b85bdbac118be7d391b4d3799bd8d7e32490239ac581acab251ca32f406df3da73cd2122239f40828782828ec17f2ea68b1dbf7ad8b1c2ce713ad69f20c8dd192d112f131698c179249c85d4ca497cb514cdacaf7572dde15821ec097063f2442e5754d3705cace40954a307598f3fea243ffbcece685767cb1734cc7f13e5b6dce04df8cf260c4d936c223aa569d8a86428f3e4c512fdb177d3c1a14929c6c656795fb9c7eb31764421f3aa8da32a3a289379dc18e8def7dd90dd9aa0ad1e6104f55d0bb44999bc070d6ff91aab8f03189f0fe75a5f9d5a812327055b850da62b994ceb717d72f191954aead5e23f0812f67566c062e7fc4993efad3398193b7d64a83a66a8157ec77995aa640d83bf4c8cccf3c36b5724095ed564b0ad57d00d880dac7bee573cfe7df937a3817fc23ba0898fb80cbe49debca6b52e837e05b712e69d06fe4ac1c1b3e7769e110ef29ef43478e411b22ff8812b1ae2be99e540fb122a16948edf560e5de973b6a03fa4dd72a73bf71c29d40e0542c0b79d0868a8291647b3f66537feea92b321b86bb2a138cec99995fe4448ad883704892cd0ba9538e1f645a0ba0755d9d6f86f1fc909a20d40138b2684aee95008a92607e94f86988fa24b0967001b4b9996b3e4030bbaac3cf7821f54a65ded92170a7a13a840d21881ca1524000839751d6ad2b109c48ef14472b993f203792cb116b16b8846eee814edc53ec4bcdaca0b39642caf33f9c603dd1aa29fac5c5e21d727e095c95d740bfdec61f70687ad00a47d9ccb20f055de3c9b03050289544820becdd7db89125fe86cc94838496b4524124c7ca14f36c1a36367d14622b2a955c64d7aa04604cbe444e3ccfac7f2b9a2be766495d7abc340b4fcf93e9d566790140cc5ff96467b7aa4ac579cc7c2ee5d2826272202c8098268a00e9d0b5a913be67de1b44f678b12b99aca1d77d2b4b99efa7d690aaabfd79ec1a711c63cc83c9e761ddd1369ecf8947a28b543df47934a47e51d5401e70a17219ccd9b5e7f4c8fc550048ad24944158c76e003576ac06ea2078d06e5163241e8e6a152623be3c04b10c38c7923bbb6da869c911c57eb3e44e5645fd7c60bca561c5e5d87e86c3e598abbe74360c0e4281299c608ee25efc7ef7c24bd12657f0f89fd610cbaa7cf16e9b6916ec8d0ce304defd76c935133b4423e9cebf95c3200b9f66be18481a177f4b607f74b3f6addfd7bab2f3669a1531a6e63b15cefeea3b830ab744a8ab046841011c603ff3f32f630e21fd629cbb49655b7a205c55860520ccb4a41f4153a0cc5280112ca441b87853c1c6883d9dab25a986019ba0b3bc6e4ff366b99fa990ca8809f399e2dad1f90857cdd08e17be9c5180b8516cca37f6a75fa7d4ffbf271fb6508f84c41150b2e80bd17ebfe30fd1fce236748895e39ff1808e1979129383f6efc2bb6ed493ebf784ad25aadcaee1d039f05493f64c4d7a43a425fd58ecb7df40223d073cb7268f8f33acd704a1436f8dec57f148b86002cde1268389807c295a587278a7f18c2727e768c58d9da77a8d6e08263c034c71c888245bdbcfb3126b1d9bf9af6bd93c0761be8ae51aaee7d0bd565e20a8a59dacd075e49371d78e26faf4951e6a93fdeac19c7277c677466f0029f0345357f842b4095f7a3901f67178b728fa1989b77116e534091db5cfbe9a476321562a937e5722fd1547af85f63455e9ed7368dd7b9d929105f2fe45443e0ee9a26ecbde7ec0df114a77b7f0c938529c3243f472d6457a676231573c46e8b60ec50b2168811f8fe68e0e54d86593620e3537cb1d1cdc17f910e9343ea2dd4ca78945a04fc408771d1caa70287f09799c3671a07b7ecce8da6baac1f7edb0c3af10f980dc67740ca92c14f9e094223db0c8b6c8957979e810a3f250ea7abd8c80f70216b25ae6236d8699d67f1cb91975cea5dc6e47374c08aa3205a09edbca415b7551a1aa9e35a42380c9131ddcbb98df4a35062c8f3f72539b34135f4d52e58dae30a4c9953e8dd1033f8e22fc0d0d051350deb187c734939e22c0b6073bd724897037dfc9210cb3548e35346290f532f900ed96e4f1483ebc2deaabb5333015708e10222438970947041aa58431f209057cedcbd15d8a6aafc32221158dd8a15300b916e596ce082e93e74d639cf7b74d5ee33f195d2d81a3a7dada014415ba9387be83d67bc199eb713e323cb02779824df80d94969edbb90bf0d0d07643c43d29002343cca8018b6112876284e50fd3e19cade623efb90e01dc2708aac3a468a8591382e2fab437f930ad362c5124e2f99b5f8091001c786a106f615d1fc21c1020027d24a4f5520155d2cbe306f871f4e0d557753a4566f0570f75ddf4513f4cf2f75302b8f2dfb48e6bc1b5fae719d5589c226acc2b888dbcec3b12491041851956e5d3a2f446b08dde4200eb42fdb587a99e440617623c5ee28ac0b19dd896bdce1cd984ba063a44e5904a51aaa97e68e1be96a06d709d731adf846645510dcf91c520c7c36ca634aad83e87f23b1a81c00c299febcdee428194d6be4de1e0dd4a6216726531299e1f3feb31991371035c267771c49820c57c311662964550bcb8ecb5d10683a9c539237ca887c8b00f45adab2ee958b7a7fb3d6159e0214c72ac3dccb1fe0dd6676f8916d00b6f75c5253b8bf3e3e866ac1df9dda596c522bda3d6adadaa9c90d919e90d938162978eecfb47904fb759ff16967af400895e5c54d200914f3f5784794d2696ab19d4c67cdf63b6bb53ba3f4be852bd0d0dcc304ebf9ff155f207aa7605b0e0eeecafcc40a2ee7de509f74f69a8935c50a4af6015df327796e0754a3bae23affbd2eeb33cfd8f2d2ffe1999923885d7ffdb5e37fe204c77b39d0ec", 0x10000, 0x2, &(0x7f0000001a00)=@l2={0x1f, 0x800, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x7ff, 0x1}, 0x71482dc9) setsockopt$auto(r0, 0x7, 0xffffffff, &(0x7f0000001a40)=')\x00', 0x7) r6 = openat$auto_ext4_dir_operations_ext4(0xffffffffffffff9c, &(0x7f0000001a80)='/sys/devices/virtual/bluetooth/hci1/power\x00', 0x102, 0x0) ioctl$auto_FS_IOC_GET_ENCRYPTION_KEY_STATUS(r6, 0xc080661a, &(0x7f0000001ac0)={{0xffffff94}, '\x00', 0x800, 0x7, 0x5}) 1m57.047318072s ago: executing program 5 (id=3306): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r3, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r4, 0x41045508, r4) 1m41.912043636s ago: executing program 34 (id=3306): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r3, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r4, 0x41045508, r4) 8.122773931s ago: executing program 2 (id=3647): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd4\x00', 0x745100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) 7.511065319s ago: executing program 1 (id=3648): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) read$auto_stats_fops_(r1, &(0x7f0000000840)=""/4096, 0x1000) write$auto(r0, &(0x7f0000000000)='/dev/loop6\x00', 0x6) write$auto_fops_init_pkru_pkeys(r1, &(0x7f0000000280)="e7c2da8ba23469d9b78d2e257333bedaec957355b8c2c4c78f4a98e7180a2dfeddb935038a6350c625940925fc61f1b8b51df8f60e61c078ff39654003ba04", 0x3f) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) get_robust_list$auto(0x0, 0x0, 0x0) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3) r2 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r2, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4a", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100) mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listen$auto(r2, 0xff) 6.874149297s ago: executing program 2 (id=3649): waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0x5, 0x98, 0x10, @_timer={0x0, 0x2, @sival_int=0xa, 0x2}}}, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x10001, 0x80000002, 0x7, 0xb7, 0x6, 0x5, 0x7ff, 0x2055}) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x68002, 0x0) pread64$auto(r1, &(0x7f0000000040)='/dev/tty0\x00', 0x3, 0x93) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="1b0000000000000000000000000075344ceaa11e19eadf78c040a08a2b36f7f4202913c2a6a43696483c960e3220694e4940271ff0e8f621f4"], 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r5 = fcntl$auto_F_UNLCK(0xffffffffffffffff, 0x8, 0x2) ioctl$auto_TIOCGETD2(r5, 0x5424, &(0x7f0000000280)="229f9e175fdbc95cf556aac84063a2680da485d87a4041128df93df4abcfd60e430bfd5794dd4a9d9ace42724b2ae8616ac3433e0d7a76d0e091a76ec964477f1fe728e497336d451ed4bb51c9f5baf926bf3315219e7286735d1e09c8849d78a7ba0d152adffe37aafa6427b4d6105094") syslog$auto(0x2, 0xfffffffffffffffc, 0xa868) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@buf=&(0x7f0000000d80)="b623d2751b00fbfad2a6d1a6d09b5de74ab60bd7666cde9499615eb7a03982dfecd08c02032d0ff2dd", 0x2, 0x8000, 0x3000}, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x2a, 0x0, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto(r6, 0x80045438, 0xffffffffffffffff) 6.873981164s ago: executing program 4 (id=3650): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) utimensat$auto(r0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000002140)=""/4106, 0xfffffffffffffd1b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60204, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000180)='/dev/snd/midiC2D0\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) select$auto(0x6, &(0x7f0000000000)={[0x5, 0x4, 0x4, 0xa, 0xccf9, 0x9, 0xffffffffffffffff, 0x3, 0xb, 0x1, 0x100000000000000, 0x3, 0xfffffffffffffe8f, 0x3, 0x40000000000005, 0xfffffffffffffff5]}, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffffc, 0xfff]}, 0x0, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/virtual/dmi/id/modalias\x00', 0x40280, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC0\x00', 0x40000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000", @ANYRES16=0x0, @ANYRESDEC], 0x14}, 0x1, 0x0, 0x0, 0x4c011}, 0x810) r2 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000005c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x40000e6) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) 6.867060294s ago: executing program 1 (id=3657): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) 6.093229335s ago: executing program 6 (id=3651): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) read$auto_stats_fops_(r1, &(0x7f0000000840)=""/4096, 0x1000) write$auto(r0, &(0x7f0000000000)='/dev/loop6\x00', 0x6) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3) r2 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r2, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4a", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100) mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listen$auto(r2, 0xff) 5.929605118s ago: executing program 4 (id=3652): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) read$auto_stats_fops_(r1, &(0x7f0000000840)=""/4096, 0x1000) write$auto(r0, &(0x7f0000000000)='/dev/loop6\x00', 0x6) write$auto_fops_init_pkru_pkeys(r1, &(0x7f0000000280)="e7c2da8ba23469d9b78d2e257333bedaec957355b8c2c4c78f4a98e7180a2dfeddb935038a6350c625940925fc61f1b8b51df8f60e61c078ff39654003ba04", 0x3f) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) r2 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r2, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4a", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100) mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listen$auto(r2, 0xff) 5.45514948s ago: executing program 1 (id=3653): mmap$auto(0x0, 0x6, 0xdb, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) socketpair$auto(0x1, 0x5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x14) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x88) socketpair$auto(0x1, 0x5, 0x5, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyu2\x00', 0x101800, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 5.387631713s ago: executing program 6 (id=3654): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) 5.269524899s ago: executing program 4 (id=3655): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) 5.206109566s ago: executing program 2 (id=3656): syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f00000049c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040801}, 0x44000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) socket(0x29, 0x2, 0x0) select$auto(0x8, &(0x7f0000000340)={[0x7, 0x6, 0xfffc000000000000, 0x6, 0x1, 0x5, 0x8, 0x1ff, 0x9, 0x1, 0x5, 0x81, 0x5, 0x7fff, 0x5]}, 0x0, 0x0, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) pread64$auto(r2, 0x0, 0x200000000006, 0x8) mmap$auto(0x0, 0x5, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85) 5.069402874s ago: executing program 1 (id=3658): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) 4.61686361s ago: executing program 4 (id=3659): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd4\x00', 0x745100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) 3.747542036s ago: executing program 1 (id=3660): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd4\x00', 0x745100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) read$auto_vhci_fops_hci_vhci(0xffffffffffffffff, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) 3.747077893s ago: executing program 2 (id=3661): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) 3.597534007s ago: executing program 6 (id=3662): mmap$auto(0x0, 0x7f, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="361b1000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x2, 0x1, 0x0, 0x5, 0x7) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) setgroups$auto(0x8, &(0x7f0000000000)=0x5) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) write$auto_proc_mem_operations_base(r0, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff) r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/loop9/hctx0/sched_tags_bitmap\x00', 0x101a00, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f0000000340)=""/179, 0xb3) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) ioctl$auto_BLKRRPART(0xffffffffffffffff, 0x125f, 0x700000000000000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2900, 0x0) read$auto(r4, 0x0, 0x7) acct$auto(&(0x7f0000000000)='/dev/tty\x00`Mx\x9d\xfa\xb3\x1f\xc6k\x01\x13\x9b\x15[\xf7\xaan\x1fOgo\xbb(\xcbx\x9bJ\x91*\xa5a\x02\xf3\x1b\x9d\xddy\xef\xee\xe4h\xd5\nH\x80\x8a\xd7Y\xb8\xcb\x90') socket(0x10, 0x2, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x80000002, 0x85fc, 0x21010004}) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSTI2(r5, 0x545c, 0x0) ioctl$auto_TIOCVHANGUP2(r5, 0x5437, 0x0) 2.647190666s ago: executing program 6 (id=3663): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x4082, 0x0) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) utimensat$auto(r0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)={0x4000000006, 0x40}, 0x38) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000002140)=""/4106, 0xfffffffffffffd1b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60204, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r1, 0x3, &(0x7f0000000180)='/dev/snd/midiC2D0\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) select$auto(0x6, &(0x7f0000000000)={[0x5, 0x4, 0x4, 0xa, 0xccf9, 0x9, 0xffffffffffffffff, 0x3, 0xb, 0x1, 0x100000000000000, 0x3, 0xfffffffffffffe8f, 0x3, 0x40000000000005, 0xfffffffffffffff5]}, &(0x7f0000000100)={[0x8, 0x200000000005, 0x7, 0x7, 0x8, 0x80000004, 0xc, 0x6, 0x8fc, 0xb80, 0xe34c, 0x9, 0x3, 0xfffffffffffff954, 0xfffffffffffffffc, 0xfff]}, 0x0, &(0x7f0000000080)={0x1ff, 0x401}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001100)='/sys/devices/virtual/dmi/id/modalias\x00', 0x40280, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC0\x00', 0x40000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(0xffffffffffffffff, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000", @ANYRES16=0x0, @ANYRESDEC], 0x14}, 0x1, 0x0, 0x0, 0x4c011}, 0x810) r2 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000005c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x40000e6) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) 1.619907345s ago: executing program 1 (id=3664): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd4\x00', 0x745100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) 1.619364426s ago: executing program 2 (id=3665): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) read$auto_stats_fops_(r1, &(0x7f0000000840)=""/4096, 0x1000) write$auto(r0, &(0x7f0000000000)='/dev/loop6\x00', 0x6) write$auto_fops_init_pkru_pkeys(r1, &(0x7f0000000280)="e7c2da8ba23469d9b78d2e257333bedaec957355b8c2c4c78f4a98e7180a2dfeddb935038a6350c625940925fc61f1b8", 0x30) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x9}, 0x3) r2 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r2, &(0x7f0000000400)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000440)="661b0cbd4a", 0x49}, 0x1, &(0x7f0000000200), 0x5, 0x3}, 0x5}, 0x2, 0x100) mmap$auto(0x0, 0x40009, 0x6, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) listen$auto(r2, 0xff) 1.556395481s ago: executing program 6 (id=3666): waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0x5, 0x98, 0x10, @_timer={0x0, 0x2, @sival_int=0xa, 0x2}}}, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x5, 0x1, 0x3, 0x0, 0x10001, 0x80000002, 0x7, 0xb7, 0x6, 0x5, 0x7ff, 0x2055}) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x68002, 0x0) pread64$auto(r1, &(0x7f0000000040)='/dev/tty0\x00', 0x3, 0x93) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="1b0000000000000000000000000075344ceaa11e19eadf78c040a08a2b36f7f4202913c2a6a43696483c960e3220694e4940271ff0e8f621f4"], 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r5 = fcntl$auto_F_UNLCK(0xffffffffffffffff, 0x8, 0x2) ioctl$auto_TIOCGETD2(r5, 0x5424, &(0x7f0000000280)="229f9e175fdbc95cf556aac84063a2680da485d87a4041128df93df4abcfd60e430bfd5794dd4a9d9ace42724b2ae8616ac3433e0d7a76d0e091a76ec964477f1fe728e497336d451ed4bb51c9f5baf926bf3315219e7286735d1e09c8849d78a7ba0d152adffe37aafa6427b4d6105094") syslog$auto(0x2, 0xfffffffffffffffc, 0xa868) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@buf=&(0x7f0000000d80)="b623d2751b00fbfad2a6d1a6d09b5de74ab60bd7666cde9499615eb7a03982dfecd08c02032d0ff2dd", 0x2, 0x8000, 0x3000}, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x2a, 0x0, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto(r6, 0x80045438, 0xffffffffffffffff) 1.136397129s ago: executing program 4 (id=3667): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) 674.420589ms ago: executing program 2 (id=3668): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) pwrite64$auto(0xffffffffffffffff, 0x0, 0xb, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f0000000580)='/sys/kernel/debug/ieee80211/phy0/hwsim/ps\x00', 0x100, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) 139.15214ms ago: executing program 4 (id=3669): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x1, 0x2) madvise$auto(0x0, 0x8000000000000000, 0x15) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000280), r0) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r1, 0x200, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0x20000800) 0s ago: executing program 6 (id=3670): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd4\x00', 0x745100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x64c1, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) kernel console output (not intermixed with test programs): ne, BIOS Google 01/24/2026 [ 986.051698][T20082] Call Trace: [ 986.051705][T20082] [ 986.051713][T20082] dump_stack_lvl+0x100/0x190 [ 986.051738][T20082] should_fail_ex.cold+0x5/0xa [ 986.051765][T20082] should_failslab+0xc2/0x120 [ 986.051787][T20082] kmem_cache_alloc_noprof+0x83/0x780 [ 986.051808][T20082] ? __pfx_map_id_range_down+0x10/0x10 [ 986.051823][T20082] ? security_inode_alloc+0x3b/0x2c0 [ 986.051843][T20082] ? security_inode_alloc+0x3b/0x2c0 [ 986.051859][T20082] security_inode_alloc+0x3b/0x2c0 [ 986.051876][T20082] inode_init_always_gfp+0xced/0x1040 [ 986.051899][T20082] alloc_inode+0x8e/0x250 [ 986.051913][T20082] path_from_stashed+0x25b/0x750 [ 986.051932][T20082] ? do_raw_spin_unlock+0x145/0x1e0 [ 986.051950][T20082] ns_get_path+0x60/0x80 [ 986.051969][T20082] proc_ns_get_link+0x121/0x230 [ 986.051990][T20082] ? __pfx_proc_ns_get_link+0x10/0x10 [ 986.052026][T20082] ? atime_needs_update+0x8b/0x6b0 [ 986.052055][T20082] pick_link+0xd17/0x13c0 [ 986.052083][T20082] ? __pfx_proc_ns_get_link+0x10/0x10 [ 986.052123][T20082] step_into_slowpath+0x9ba/0xf90 [ 986.052144][T20082] ? __pfx_step_into_slowpath+0x10/0x10 [ 986.052159][T20082] ? find_held_lock+0x2b/0x80 [ 986.052181][T20082] path_openat+0xf95/0x31a0 [ 986.052206][T20082] ? __pfx_path_openat+0x10/0x10 [ 986.052231][T20082] do_file_open+0x20e/0x430 [ 986.052251][T20082] ? __pfx_do_file_open+0x10/0x10 [ 986.052282][T20082] ? _raw_spin_unlock+0x28/0x50 [ 986.052312][T20082] ? alloc_fd+0x476/0x790 [ 986.052337][T20082] do_sys_openat2+0x10d/0x1e0 [ 986.052361][T20082] ? __pfx_do_sys_openat2+0x10/0x10 [ 986.052388][T20082] ? __fget_files+0x21f/0x3d0 [ 986.052409][T20082] __x64_sys_openat+0x12d/0x210 [ 986.052424][T20082] ? __pfx___x64_sys_openat+0x10/0x10 [ 986.052437][T20082] ? xfd_validate_state+0x129/0x190 [ 986.052458][T20082] do_syscall_64+0xc9/0xf80 [ 986.052476][T20082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 986.052492][T20082] RIP: 0033:0x7f82c075c84e [ 986.052506][T20082] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 986.052521][T20082] RSP: 002b:00007f82c15a7ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 986.052537][T20082] RAX: ffffffffffffffda RBX: 00007f82c15a86c0 RCX: 00007f82c075c84e [ 986.052547][T20082] RDX: 0000000000000002 RSI: 00007f82c15a7f90 RDI: ffffffffffffff9c [ 986.052557][T20082] RBP: 00007f82c08327e0 R08: 0000000000000000 R09: 0000000000000000 [ 986.052566][T20082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 986.052576][T20082] R13: 00007f82c0a16038 R14: 00007f82c0a15fa0 R15: 00007ffc786a5de8 [ 986.052596][T20082] [ 986.423250][T17942] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 986.434785][T17942] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 986.445380][T17942] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 986.455492][T17942] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 986.463460][T17942] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 986.735398][T20085] chnl_net:caif_netlink_parms(): no params data found [ 987.224557][T20085] bridge0: port 1(bridge_slave_0) entered blocking state [ 987.267534][T20085] bridge0: port 1(bridge_slave_0) entered disabled state [ 987.274721][T20085] bridge_slave_0: entered allmulticast mode [ 987.301404][T20085] bridge_slave_0: entered promiscuous mode [ 987.389565][T20085] bridge0: port 2(bridge_slave_1) entered blocking state [ 987.427257][T20085] bridge0: port 2(bridge_slave_1) entered disabled state [ 987.434527][T20085] bridge_slave_1: entered allmulticast mode [ 987.468382][T20085] bridge_slave_1: entered promiscuous mode [ 987.543584][T20085] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 987.576125][T20085] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 987.664578][T20085] team0: Port device team_slave_0 added [ 987.726665][T20085] team0: Port device team_slave_1 added [ 987.792775][T20085] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 987.807446][T20085] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 987.834854][T20085] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 987.877597][T20085] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 987.886533][T20085] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 987.913016][T20085] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 988.468305][T20120] FAULT_INJECTION: forcing a failure. [ 988.468305][T20120] name failslab, interval 1, probability 0, space 0, times 0 [ 988.481951][T20120] CPU: 0 UID: 0 PID: 20120 Comm: syz.1.2840 Tainted: G L syzkaller #0 PREEMPT(full) [ 988.481977][T20120] Tainted: [L]=SOFTLOCKUP [ 988.481983][T20120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 988.481994][T20120] Call Trace: [ 988.481999][T20120] [ 988.482006][T20120] dump_stack_lvl+0x100/0x190 [ 988.482032][T20120] should_fail_ex.cold+0x5/0xa [ 988.482068][T20120] should_failslab+0xc2/0x120 [ 988.482091][T20120] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 988.482114][T20120] ? __alloc_skb+0x156/0x410 [ 988.482136][T20120] ? __alloc_skb+0x156/0x410 [ 988.482152][T20120] __alloc_skb+0x156/0x410 [ 988.482168][T20120] ? __alloc_skb+0x35d/0x410 [ 988.482186][T20120] ? __pfx___alloc_skb+0x10/0x10 [ 988.482205][T20120] ? netlink_autobind.isra.0+0xc0/0x370 [ 988.482231][T20120] netlink_alloc_large_skb+0x69/0x150 [ 988.482254][T20120] netlink_sendmsg+0x680/0xda0 [ 988.482278][T20120] ? __pfx_netlink_sendmsg+0x10/0x10 [ 988.482301][T20120] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 988.482320][T20120] __sys_sendto+0x4aa/0x520 [ 988.482339][T20120] ? __pfx___sys_sendto+0x10/0x10 [ 988.482363][T20120] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 988.482399][T20120] __x64_sys_sendto+0xe0/0x1c0 [ 988.482417][T20120] ? do_syscall_64+0x94/0xf80 [ 988.482433][T20120] ? lockdep_hardirqs_on+0x78/0x100 [ 988.482454][T20120] do_syscall_64+0xc9/0xf80 [ 988.482472][T20120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 988.482489][T20120] RIP: 0033:0x7f82c075c84e [ 988.482502][T20120] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 988.482518][T20120] RSP: 002b:00007f82c15a6e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 988.482535][T20120] RAX: ffffffffffffffda RBX: 00007f82c15a86c0 RCX: 00007f82c075c84e [ 988.482545][T20120] RDX: 000000000000001c RSI: 00007f82c15a7000 RDI: 0000000000000005 [ 988.482555][T20120] RBP: 0000000000000000 R08: 00007f82c15a6f04 R09: 000000000000000c [ 988.482564][T20120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 988.482572][T20120] R13: 00007f82c15a6f58 R14: 00007f82c15a7000 R15: 0000000000000000 [ 988.482591][T20120] [ 988.689014][T17942] Bluetooth: hci4: command tx timeout [ 988.981367][T20085] hsr_slave_0: entered promiscuous mode [ 988.988491][T20085] hsr_slave_1: entered promiscuous mode [ 989.017259][T20085] debugfs: 'hsr0' already exists in 'hsr' [ 989.023043][T20085] Cannot create hsr debugfs directory [ 989.108668][T20060] netdevsim netdevsim100: probe with driver netdevsim failed with error -12 [ 989.803526][T20085] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 989.884691][T20085] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 989.913145][T20085] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 990.020368][T20085] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 990.445723][T20085] 8021q: adding VLAN 0 to HW filter on device bond0 [ 990.509183][T20085] 8021q: adding VLAN 0 to HW filter on device team0 [ 990.580698][ T1149] bridge0: port 1(bridge_slave_0) entered blocking state [ 990.587845][ T1149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 990.658313][ T2987] bridge0: port 2(bridge_slave_1) entered blocking state [ 990.665470][ T2987] bridge0: port 2(bridge_slave_1) entered forwarding state [ 990.762129][T20085] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 990.781242][T20085] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 990.797322][T17942] Bluetooth: hci4: command tx timeout [ 991.211739][T20085] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 991.750082][T20085] veth0_vlan: entered promiscuous mode [ 991.808568][T20085] veth1_vlan: entered promiscuous mode [ 991.907830][T20085] veth0_macvtap: entered promiscuous mode [ 991.919579][T20085] veth1_macvtap: entered promiscuous mode [ 991.967385][T20085] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 991.990391][T20085] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 992.040029][ T3012] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 992.060630][ T3012] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 992.110979][ T3012] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 992.127231][ T3012] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 992.261548][ T1087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 992.308621][ T1087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 992.370965][ T2987] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 992.378988][ T2987] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 992.667129][T20166] netlink: 'syz.2.2854': attribute type 2 has an invalid length. [ 992.707224][T20167] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2853'. [ 992.728771][T20166] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2854'. [ 992.922572][T17942] Bluetooth: hci4: command tx timeout [ 994.967842][T17942] Bluetooth: hci4: command tx timeout [ 998.175370][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 998.184741][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 998.187042][T20250] FAULT_INJECTION: forcing a failure. [ 998.187042][T20250] name fail_futex, interval 1, probability 0, space 0, times 0 [ 998.378249][T20250] CPU: 0 UID: 0 PID: 20250 Comm: syz.2.2858 Tainted: G L syzkaller #0 PREEMPT(full) [ 998.378294][T20250] Tainted: [L]=SOFTLOCKUP [ 998.378303][T20250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 998.378319][T20250] Call Trace: [ 998.378329][T20250] [ 998.378339][T20250] dump_stack_lvl+0x100/0x190 [ 998.378377][T20250] should_fail_ex.cold+0x5/0xa [ 998.378421][T20250] get_futex_key+0x1d2/0x1620 [ 998.378459][T20250] ? __pfx_get_futex_key+0x10/0x10 [ 998.378479][T20250] ? ex_handler_uaccess.isra.0+0xfa/0x200 [ 998.378502][T20250] ? fixup_exception+0x119/0xff0 [ 998.378526][T20250] futex_wake+0xea/0x530 [ 998.378541][T20250] ? __bad_area_nosemaphore+0x320/0x3f0 [ 998.378559][T20250] ? __pfx_futex_wake+0x10/0x10 [ 998.378577][T20250] ? rcu_is_watching+0x12/0xc0 [ 998.378592][T20250] ? irqentry_exit+0x180/0x670 [ 998.378610][T20250] do_futex+0x32b/0x350 [ 998.378630][T20250] ? __pfx_do_futex+0x10/0x10 [ 998.378656][T20250] __x64_sys_futex+0x34f/0x4d0 [ 998.378680][T20250] ? __pfx___x64_sys_futex+0x10/0x10 [ 998.378702][T20250] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 998.378728][T20250] do_syscall_64+0xc9/0xf80 [ 998.378745][T20250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 998.378761][T20250] RIP: 0033:0x7fc76c59bf79 [ 998.378775][T20250] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 998.378789][T20250] RSP: 002b:00007fc76d4dc0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 998.378804][T20250] RAX: ffffffffffffffda RBX: 00007fc76c815fa8 RCX: 00007fc76c59bf79 [ 998.378814][T20250] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc76c815fac [ 998.378823][T20250] RBP: 00007fc76c815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 998.378833][T20250] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 998.378842][T20250] R13: 00007fc76c816038 R14: 00007ffeb3e2cd00 R15: 00007ffeb3e2cde8 [ 998.378862][T20250] [ 998.788729][T20256] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1000.004872][T20269] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2860'. [ 1004.142154][T20327] [U] ^\ [ 1004.669567][T20335] zswap: compressor û not available [ 1004.967202][T17942] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 1007.499831][T20384] FAULT_INJECTION: forcing a failure. [ 1007.499831][T20384] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.678789][T20384] CPU: 0 UID: 0 PID: 20384 Comm: syz.1.2878 Tainted: G L syzkaller #0 PREEMPT(full) [ 1007.678818][T20384] Tainted: [L]=SOFTLOCKUP [ 1007.678824][T20384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1007.678834][T20384] Call Trace: [ 1007.678840][T20384] [ 1007.678847][T20384] dump_stack_lvl+0x100/0x190 [ 1007.678873][T20384] should_fail_ex.cold+0x5/0xa [ 1007.678900][T20384] should_failslab+0xc2/0x120 [ 1007.678922][T20384] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 1007.678944][T20384] ? __alloc_skb+0x156/0x410 [ 1007.678965][T20384] ? __alloc_skb+0x156/0x410 [ 1007.678981][T20384] __alloc_skb+0x156/0x410 [ 1007.678998][T20384] ? __alloc_skb+0x35d/0x410 [ 1007.679015][T20384] ? __pfx___alloc_skb+0x10/0x10 [ 1007.679042][T20384] ? netlink_autobind.isra.0+0xc0/0x370 [ 1007.679070][T20384] netlink_alloc_large_skb+0x69/0x150 [ 1007.679093][T20384] netlink_sendmsg+0x680/0xda0 [ 1007.679118][T20384] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1007.679143][T20384] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1007.679162][T20384] __sys_sendto+0x4aa/0x520 [ 1007.679181][T20384] ? __pfx___sys_sendto+0x10/0x10 [ 1007.679206][T20384] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 1007.679241][T20384] __x64_sys_sendto+0xe0/0x1c0 [ 1007.679259][T20384] ? do_syscall_64+0x94/0xf80 [ 1007.679274][T20384] ? lockdep_hardirqs_on+0x78/0x100 [ 1007.679290][T20384] do_syscall_64+0xc9/0xf80 [ 1007.679313][T20384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.679329][T20384] RIP: 0033:0x7f82c075c84e [ 1007.679343][T20384] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1007.679358][T20384] RSP: 002b:00007f82c15a6e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1007.679373][T20384] RAX: ffffffffffffffda RBX: 00007f82c15a86c0 RCX: 00007f82c075c84e [ 1007.679383][T20384] RDX: 000000000000001c RSI: 00007f82c15a7000 RDI: 0000000000000005 [ 1007.679392][T20384] RBP: 0000000000000000 R08: 00007f82c15a6f04 R09: 000000000000000c [ 1007.679402][T20384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1007.679412][T20384] R13: 00007f82c15a6f58 R14: 00007f82c15a7000 R15: 0000000000000000 [ 1007.679432][T20384] [ 1009.295041][T20405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2883'. [ 1009.378200][T20405] netlink: 13 bytes leftover after parsing attributes in process `syz.4.2883'. [ 1009.436390][T20405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2883'. [ 1013.458192][T20461] zswap: compressor û not available [ 1014.799651][T20477] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2892'. [ 1015.724328][T20475] Process accounting resumed [ 1017.264949][T20525] FAULT_INJECTION: forcing a failure. [ 1017.264949][T20525] name failslab, interval 1, probability 0, space 0, times 0 [ 1017.342309][T20525] CPU: 0 UID: 0 PID: 20525 Comm: syz.2.2899 Tainted: G L syzkaller #0 PREEMPT(full) [ 1017.342355][T20525] Tainted: [L]=SOFTLOCKUP [ 1017.342366][T20525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1017.342383][T20525] Call Trace: [ 1017.342392][T20525] [ 1017.342404][T20525] dump_stack_lvl+0x100/0x190 [ 1017.342449][T20525] should_fail_ex.cold+0x5/0xa [ 1017.342498][T20525] should_failslab+0xc2/0x120 [ 1017.342541][T20525] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 1017.342583][T20525] ? alloc_vmap_area+0x1840/0x2a00 [ 1017.342631][T20525] ? alloc_vmap_area+0x1840/0x2a00 [ 1017.342671][T20525] alloc_vmap_area+0x1840/0x2a00 [ 1017.342724][T20525] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1017.342774][T20525] __get_vm_area_node+0x1ca/0x330 [ 1017.342827][T20525] __vmalloc_node_range_noprof+0x213/0x1530 [ 1017.342857][T20525] ? n_tty_open+0x1a/0x170 [ 1017.342900][T20525] ? look_up_lock_class+0x64/0x120 [ 1017.342935][T20525] ? n_tty_open+0x1a/0x170 [ 1017.343010][T20525] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1017.343042][T20525] ? __ldsem_down_write_nested+0xfd/0x830 [ 1017.343084][T20525] ? __ldsem_down_write_nested+0x10e/0x830 [ 1017.343125][T20525] ? is_console_locked+0x9/0x20 [ 1017.343179][T20525] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 1017.343232][T20525] ? n_tty_open+0x1a/0x170 [ 1017.343272][T20525] __vmalloc_node_noprof+0xad/0xf0 [ 1017.343301][T20525] ? n_tty_open+0x1a/0x170 [ 1017.343342][T20525] ? __pfx_n_tty_open+0x10/0x10 [ 1017.343383][T20525] n_tty_open+0x1a/0x170 [ 1017.343426][T20525] tty_ldisc_open+0xa2/0x120 [ 1017.343458][T20525] tty_ldisc_setup+0x40/0xf0 [ 1017.343492][T20525] tty_init_dev.part.0+0x1b5/0x470 [ 1017.343532][T20525] tty_open+0xa63/0xfa0 [ 1017.343578][T20525] ? __pfx_tty_open+0x10/0x10 [ 1017.343616][T20525] ? chrdev_open+0x10b/0x6a0 [ 1017.343649][T20525] ? chrdev_open+0x10b/0x6a0 [ 1017.343689][T20525] ? __pfx_tty_open+0x10/0x10 [ 1017.343728][T20525] chrdev_open+0x234/0x6a0 [ 1017.343761][T20525] ? __pfx_apparmor_file_open+0x10/0x10 [ 1017.343793][T20525] ? __pfx_chrdev_open+0x10/0x10 [ 1017.343832][T20525] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1017.343880][T20525] do_dentry_open+0x6d8/0x1660 [ 1017.343913][T20525] ? __pfx_chrdev_open+0x10/0x10 [ 1017.343953][T20525] vfs_open+0x82/0x3f0 [ 1017.343996][T20525] path_openat+0x208c/0x31a0 [ 1017.344045][T20525] ? __pfx_path_openat+0x10/0x10 [ 1017.344091][T20525] do_file_open+0x20e/0x430 [ 1017.344130][T20525] ? __pfx_do_file_open+0x10/0x10 [ 1017.344204][T20525] ? _raw_spin_unlock+0x28/0x50 [ 1017.344248][T20525] ? alloc_fd+0x476/0x790 [ 1017.344293][T20525] do_sys_openat2+0x10d/0x1e0 [ 1017.344337][T20525] ? __pfx_do_sys_openat2+0x10/0x10 [ 1017.344394][T20525] __x64_sys_openat+0x12d/0x210 [ 1017.344421][T20525] ? __pfx___x64_sys_openat+0x10/0x10 [ 1017.344444][T20525] ? xfd_validate_state+0x129/0x190 [ 1017.344486][T20525] do_syscall_64+0xc9/0xf80 [ 1017.344517][T20525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1017.344544][T20525] RIP: 0033:0x7fc76c59bf79 [ 1017.344567][T20525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1017.344594][T20525] RSP: 002b:00007fc76d4bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1017.344620][T20525] RAX: ffffffffffffffda RBX: 00007fc76c816090 RCX: 00007fc76c59bf79 [ 1017.344639][T20525] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1017.344656][T20525] RBP: 00007fc76c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1017.344672][T20525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1017.344689][T20525] R13: 00007fc76c816128 R14: 00007fc76c816090 R15: 00007ffeb3e2cde8 [ 1017.344726][T20525] [ 1018.285102][T20520] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2897'. [ 1024.328805][T20619] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2915'. [ 1028.501521][T20657] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 1028.620651][T20662] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2923'. [ 1028.691843][T20669] FAULT_INJECTION: forcing a failure. [ 1028.691843][T20669] name failslab, interval 1, probability 0, space 0, times 0 [ 1028.901388][T20669] CPU: 1 UID: 0 PID: 20669 Comm: syz.1.2926 Tainted: G L syzkaller #0 PREEMPT(full) [ 1028.901432][T20669] Tainted: [L]=SOFTLOCKUP [ 1028.901441][T20669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1028.901458][T20669] Call Trace: [ 1028.901469][T20669] [ 1028.901483][T20669] dump_stack_lvl+0x100/0x190 [ 1028.901530][T20669] should_fail_ex.cold+0x5/0xa [ 1028.901575][T20669] should_failslab+0xc2/0x120 [ 1028.901614][T20669] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 1028.901652][T20669] ? __alloc_skb+0x156/0x410 [ 1028.901687][T20669] ? __alloc_skb+0x156/0x410 [ 1028.901715][T20669] __alloc_skb+0x156/0x410 [ 1028.901745][T20669] ? __alloc_skb+0x35d/0x410 [ 1028.901778][T20669] ? __pfx___alloc_skb+0x10/0x10 [ 1028.901813][T20669] ? netlink_autobind.isra.0+0xc0/0x370 [ 1028.901864][T20669] netlink_alloc_large_skb+0x69/0x150 [ 1028.901930][T20669] netlink_sendmsg+0x680/0xda0 [ 1028.901979][T20669] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1028.902027][T20669] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1028.902069][T20669] __sys_sendto+0x4aa/0x520 [ 1028.902109][T20669] ? __pfx___sys_sendto+0x10/0x10 [ 1028.902157][T20669] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 1028.902227][T20669] __x64_sys_sendto+0xe0/0x1c0 [ 1028.902261][T20669] ? do_syscall_64+0x94/0xf80 [ 1028.902291][T20669] ? lockdep_hardirqs_on+0x78/0x100 [ 1028.902319][T20669] do_syscall_64+0xc9/0xf80 [ 1028.902352][T20669] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1028.902382][T20669] RIP: 0033:0x7f82c075c84e [ 1028.902406][T20669] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1028.902435][T20669] RSP: 002b:00007f82c15a6e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 1028.902463][T20669] RAX: ffffffffffffffda RBX: 00007f82c15a86c0 RCX: 00007f82c075c84e [ 1028.902483][T20669] RDX: 000000000000001c RSI: 00007f82c15a7000 RDI: 0000000000000005 [ 1028.902501][T20669] RBP: 0000000000000000 R08: 00007f82c15a6f04 R09: 000000000000000c [ 1028.902519][T20669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 1028.902536][T20669] R13: 00007f82c15a6f58 R14: 00007f82c15a7000 R15: 0000000000000000 [ 1028.902571][T20669] [ 1030.299406][T20682] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2928'. [ 1033.015608][T20719] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2935'. [ 1034.004835][T20738] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2938'. [ 1039.509690][T20829] FAULT_INJECTION: forcing a failure. [ 1039.509690][T20829] name failslab, interval 1, probability 0, space 0, times 0 [ 1039.623974][T20829] CPU: 1 UID: 0 PID: 20829 Comm: syz.1.2957 Tainted: G L syzkaller #0 PREEMPT(full) [ 1039.624022][T20829] Tainted: [L]=SOFTLOCKUP [ 1039.624031][T20829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1039.624041][T20829] Call Trace: [ 1039.624048][T20829] [ 1039.624055][T20829] dump_stack_lvl+0x100/0x190 [ 1039.624081][T20829] should_fail_ex.cold+0x5/0xa [ 1039.624117][T20829] should_failslab+0xc2/0x120 [ 1039.624139][T20829] ? __list_lru_init+0xd9/0x4b0 [ 1039.624156][T20829] __kmalloc_noprof+0xf6/0x9c0 [ 1039.624171][T20829] ? lockdep_init_map_type+0x5c/0x250 [ 1039.624198][T20829] ? __list_lru_init+0xd9/0x4b0 [ 1039.624214][T20829] __list_lru_init+0xd9/0x4b0 [ 1039.624233][T20829] alloc_super+0x926/0xd20 [ 1039.624252][T20829] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1039.624276][T20829] sget_fc+0x117/0xc70 [ 1039.624291][T20829] ? __pfx_set_anon_super_fc+0x10/0x10 [ 1039.624307][T20829] ? __pfx_mqueue_fill_super+0x10/0x10 [ 1039.624331][T20829] get_tree_nodev+0x28/0x190 [ 1039.624352][T20829] mqueue_get_tree+0xf1/0x130 [ 1039.624375][T20829] vfs_get_tree+0x92/0x320 [ 1039.624390][T20829] fc_mount_longterm+0x1a/0x270 [ 1039.624407][T20829] mq_init_ns+0x482/0x820 [ 1039.624424][T20829] copy_ipcs+0x3dd/0x7e0 [ 1039.624442][T20829] create_new_namespaces+0x20a/0xac0 [ 1039.624461][T20829] ? security_capable+0x80/0x260 [ 1039.624478][T20829] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1039.624499][T20829] ksys_unshare+0x455/0xab0 [ 1039.624523][T20829] ? __pfx_ksys_unshare+0x10/0x10 [ 1039.624544][T20829] ? xfd_validate_state+0x129/0x190 [ 1039.624566][T20829] __x64_sys_unshare+0x31/0x40 [ 1039.624588][T20829] do_syscall_64+0xc9/0xf80 [ 1039.624606][T20829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1039.624622][T20829] RIP: 0033:0x7f82c079bf79 [ 1039.624649][T20829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1039.624664][T20829] RSP: 002b:00007f82c1587028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1039.624680][T20829] RAX: ffffffffffffffda RBX: 00007f82c0a16090 RCX: 00007f82c079bf79 [ 1039.624691][T20829] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 1039.624700][T20829] RBP: 00007f82c08327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1039.624709][T20829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1039.624719][T20829] R13: 00007f82c0a16128 R14: 00007f82c0a16090 R15: 00007ffc786a5de8 [ 1039.624740][T20829] [ 1042.177104][T20824] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1042.184786][T20824] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1042.204493][T20824] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1042.277299][T20824] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1042.307289][T20824] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1042.347258][T20824] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1042.637414][T17942] Bluetooth: hci0: command 0x0c1a tx timeout [ 1043.148313][T20824] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1044.237320][T17942] Bluetooth: hci2: command 0x0c1a tx timeout [ 1044.243515][T18455] Bluetooth: hci1: command 0x0c1a tx timeout [ 1044.318148][T17942] Bluetooth: hci4: command 0x0c1a tx timeout [ 1044.324222][T18455] Bluetooth: hci3: command 0x0c1a tx timeout [ 1045.837744][T20886] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2970'. [ 1046.242358][T20852] Process accounting paused [ 1046.407122][T17942] Bluetooth: hci4: command 0x0c1a tx timeout [ 1048.477489][T17942] Bluetooth: hci4: command 0x0c1a tx timeout [ 1051.582210][T20970] snd_virmidi snd_virmidi.0: control 1:-5:4195336:1Õ…:0 is already present [ 1057.676574][T21021] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2996'. [ 1058.452313][T21031] FAULT_INJECTION: forcing a failure. [ 1058.452313][T21031] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.474367][T21031] CPU: 1 UID: 0 PID: 21031 Comm: syz.4.2999 Tainted: G L syzkaller #0 PREEMPT(full) [ 1058.474418][T21031] Tainted: [L]=SOFTLOCKUP [ 1058.474430][T21031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1058.474449][T21031] Call Trace: [ 1058.474459][T21031] [ 1058.474471][T21031] dump_stack_lvl+0x100/0x190 [ 1058.474516][T21031] should_fail_ex.cold+0x5/0xa [ 1058.474567][T21031] should_failslab+0xc2/0x120 [ 1058.474610][T21031] kmem_cache_alloc_noprof+0x83/0x780 [ 1058.474650][T21031] ? do_timer_create+0x209/0x14b0 [ 1058.474700][T21031] ? do_timer_create+0x209/0x14b0 [ 1058.474740][T21031] do_timer_create+0x209/0x14b0 [ 1058.474785][T21031] ? do_futex+0x192/0x350 [ 1058.474826][T21031] ? __pfx_do_timer_create+0x10/0x10 [ 1058.474868][T21031] ? __pfx_do_futex+0x10/0x10 [ 1058.474912][T21031] ? find_held_lock+0x2b/0x80 [ 1058.474945][T21031] __x64_sys_timer_create+0x199/0x1d0 [ 1058.474985][T21031] ? __pfx___x64_sys_timer_create+0x10/0x10 [ 1058.475029][T21031] ? __fget_files+0x21f/0x3d0 [ 1058.475064][T21031] ? xfd_validate_state+0x129/0x190 [ 1058.475107][T21031] do_syscall_64+0xc9/0xf80 [ 1058.475141][T21031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1058.475171][T21031] RIP: 0033:0x7fcc0ed9bf79 [ 1058.475195][T21031] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1058.475224][T21031] RSP: 002b:00007fcc0fbd7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000de [ 1058.475253][T21031] RAX: ffffffffffffffda RBX: 00007fcc0f015fa0 RCX: 00007fcc0ed9bf79 [ 1058.475273][T21031] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1058.475291][T21031] RBP: 00007fcc0ee327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1058.475318][T21031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1058.475336][T21031] R13: 00007fcc0f016038 R14: 00007fcc0f015fa0 R15: 00007ffc9e357c78 [ 1058.475373][T21031] [ 1059.600991][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1059.607789][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1059.792010][T21047] zswap: compressor not available [ 1064.108915][T21115] FAULT_INJECTION: forcing a failure. [ 1064.108915][T21115] name failslab, interval 1, probability 0, space 0, times 0 [ 1064.157270][T21115] CPU: 0 UID: 0 PID: 21115 Comm: syz.2.3019 Tainted: G L syzkaller #0 PREEMPT(full) [ 1064.157319][T21115] Tainted: [L]=SOFTLOCKUP [ 1064.157330][T21115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1064.157349][T21115] Call Trace: [ 1064.157358][T21115] [ 1064.157369][T21115] dump_stack_lvl+0x100/0x190 [ 1064.157414][T21115] should_fail_ex.cold+0x5/0xa [ 1064.157463][T21115] should_failslab+0xc2/0x120 [ 1064.157506][T21115] kmem_cache_alloc_noprof+0x83/0x780 [ 1064.157547][T21115] ? prepare_creds+0x2c/0x950 [ 1064.157583][T21115] ? prepare_creds+0x2c/0x950 [ 1064.157612][T21115] prepare_creds+0x2c/0x950 [ 1064.157644][T21115] __sys_setgid+0x9a/0x400 [ 1064.157679][T21115] do_syscall_64+0xc9/0xf80 [ 1064.157713][T21115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.157744][T21115] RIP: 0033:0x7fc76c59bf79 [ 1064.157768][T21115] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1064.157797][T21115] RSP: 002b:00007fc76d4dc028 EFLAGS: 00000246 ORIG_RAX: 000000000000006a [ 1064.157855][T21115] RAX: ffffffffffffffda RBX: 00007fc76c815fa0 RCX: 00007fc76c59bf79 [ 1064.157876][T21115] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1064.157894][T21115] RBP: 00007fc76c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1064.157912][T21115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1064.157931][T21115] R13: 00007fc76c816038 R14: 00007fc76c815fa0 R15: 00007ffeb3e2cde8 [ 1064.157970][T21115] [ 1067.748220][T21163] FAULT_INJECTION: forcing a failure. [ 1067.748220][T21163] name failslab, interval 1, probability 0, space 0, times 0 [ 1067.771136][T21163] CPU: 1 UID: 0 PID: 21163 Comm: syz.2.3032 Tainted: G L syzkaller #0 PREEMPT(full) [ 1067.771165][T21163] Tainted: [L]=SOFTLOCKUP [ 1067.771171][T21163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1067.771182][T21163] Call Trace: [ 1067.771188][T21163] [ 1067.771196][T21163] dump_stack_lvl+0x100/0x190 [ 1067.771222][T21163] should_fail_ex.cold+0x5/0xa [ 1067.771249][T21163] should_failslab+0xc2/0x120 [ 1067.771272][T21163] kmem_cache_alloc_noprof+0x83/0x780 [ 1067.771292][T21163] ? do_getname+0x35/0x390 [ 1067.771317][T21163] ? do_getname+0x35/0x390 [ 1067.771338][T21163] do_getname+0x35/0x390 [ 1067.771361][T21163] do_sys_openat2+0xc5/0x1e0 [ 1067.771384][T21163] ? __pfx_do_sys_openat2+0x10/0x10 [ 1067.771407][T21163] ? __do_sys_kcmp+0x36b/0xd70 [ 1067.771428][T21163] __x64_sys_openat+0x12d/0x210 [ 1067.771442][T21163] ? __pfx___x64_sys_openat+0x10/0x10 [ 1067.771455][T21163] ? xfd_validate_state+0x129/0x190 [ 1067.771477][T21163] do_syscall_64+0xc9/0xf80 [ 1067.771503][T21163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1067.771520][T21163] RIP: 0033:0x7fc76c55c84e [ 1067.771533][T21163] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1067.771548][T21163] RSP: 002b:00007fc76d4dbec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1067.771564][T21163] RAX: ffffffffffffffda RBX: 00007fc76d4dc6c0 RCX: 00007fc76c55c84e [ 1067.771574][T21163] RDX: 0000000000000002 RSI: 00007fc76d4dbf90 RDI: ffffffffffffff9c [ 1067.771584][T21163] RBP: 00007fc76c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1067.771592][T21163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1067.771602][T21163] R13: 00007fc76c816038 R14: 00007fc76c815fa0 R15: 00007ffeb3e2cde8 [ 1067.771621][T21163] [ 1067.963895][T20816] syz.0.2952 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1067.976952][T21153] FAULT_INJECTION: forcing a failure. [ 1067.976952][T21153] name failslab, interval 1, probability 0, space 0, times 0 [ 1068.057314][T21153] CPU: 0 UID: 0 PID: 21153 Comm: syz.1.3027 Tainted: G L syzkaller #0 PREEMPT(full) [ 1068.057363][T21153] Tainted: [L]=SOFTLOCKUP [ 1068.057398][T21153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1068.057416][T21153] Call Trace: [ 1068.057427][T21153] [ 1068.057438][T21153] dump_stack_lvl+0x100/0x190 [ 1068.057517][T21153] should_fail_ex.cold+0x5/0xa [ 1068.057580][T21153] should_failslab+0xc2/0x120 [ 1068.057622][T21153] kmem_cache_alloc_noprof+0x83/0x780 [ 1068.057667][T21153] ? __pfx_map_id_range_down+0x10/0x10 [ 1068.057698][T21153] ? security_inode_alloc+0x3b/0x2c0 [ 1068.057746][T21153] ? security_inode_alloc+0x3b/0x2c0 [ 1068.057778][T21153] security_inode_alloc+0x3b/0x2c0 [ 1068.057816][T21153] inode_init_always_gfp+0xced/0x1040 [ 1068.057860][T21153] alloc_inode+0x8e/0x250 [ 1068.057887][T21153] path_from_stashed+0x25b/0x750 [ 1068.057929][T21153] ? do_raw_spin_unlock+0x145/0x1e0 [ 1068.057965][T21153] ns_get_path+0x60/0x80 [ 1068.058005][T21153] proc_ns_get_link+0x121/0x230 [ 1068.058048][T21153] ? __pfx_proc_ns_get_link+0x10/0x10 [ 1068.058097][T21153] ? atime_needs_update+0x8b/0x6b0 [ 1068.058133][T21153] pick_link+0xd17/0x13c0 [ 1068.058162][T21153] ? __pfx_proc_ns_get_link+0x10/0x10 [ 1068.058218][T21153] step_into_slowpath+0x9ba/0xf90 [ 1068.058260][T21153] ? __pfx_step_into_slowpath+0x10/0x10 [ 1068.058307][T21153] ? find_held_lock+0x2b/0x80 [ 1068.058355][T21153] path_openat+0xf95/0x31a0 [ 1068.058440][T21153] ? __pfx_path_openat+0x10/0x10 [ 1068.058500][T21153] do_file_open+0x20e/0x430 [ 1068.058545][T21153] ? __pfx_do_file_open+0x10/0x10 [ 1068.058612][T21153] ? _raw_spin_unlock+0x28/0x50 [ 1068.058658][T21153] ? alloc_fd+0x476/0x790 [ 1068.058704][T21153] do_sys_openat2+0x10d/0x1e0 [ 1068.058749][T21153] ? __pfx_do_sys_openat2+0x10/0x10 [ 1068.058797][T21153] ? __fget_files+0x21f/0x3d0 [ 1068.058841][T21153] __x64_sys_openat+0x12d/0x210 [ 1068.058869][T21153] ? __pfx___x64_sys_openat+0x10/0x10 [ 1068.058898][T21153] ? xfd_validate_state+0x129/0x190 [ 1068.058940][T21153] do_syscall_64+0xc9/0xf80 [ 1068.058978][T21153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1068.059007][T21153] RIP: 0033:0x7f82c075c84e [ 1068.059032][T21153] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 1068.059063][T21153] RSP: 002b:00007f82c15a7ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1068.059092][T21153] RAX: ffffffffffffffda RBX: 00007f82c15a86c0 RCX: 00007f82c075c84e [ 1068.059112][T21153] RDX: 0000000000000002 RSI: 00007f82c15a7f90 RDI: ffffffffffffff9c [ 1068.059135][T21153] RBP: 00007f82c08327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1068.059154][T21153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1068.059171][T21153] R13: 00007f82c0a16038 R14: 00007f82c0a15fa0 R15: 00007ffc786a5de8 [ 1068.059214][T21153] [ 1068.712063][T20816] CPU: 0 UID: 0 PID: 20816 Comm: syz.0.2952 Tainted: G L syzkaller #0 PREEMPT(full) [ 1068.712090][T20816] Tainted: [L]=SOFTLOCKUP [ 1068.712095][T20816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1068.712105][T20816] Call Trace: [ 1068.712113][T20816] [ 1068.712120][T20816] dump_stack_lvl+0x100/0x190 [ 1068.712145][T20816] dump_header+0xfb/0x606 [ 1068.712162][T20816] oom_kill_process.cold+0xd/0x321 [ 1068.712179][T20816] out_of_memory+0x340/0x14f0 [ 1068.712203][T20816] ? __pfx_out_of_memory+0x10/0x10 [ 1068.712227][T20816] mem_cgroup_out_of_memory+0xc6/0x130 [ 1068.712244][T20816] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1068.712260][T20816] ? find_held_lock+0x2b/0x80 [ 1068.712281][T20816] ? do_raw_spin_unlock+0x145/0x1e0 [ 1068.712297][T20816] ? _raw_spin_unlock+0x28/0x50 [ 1068.712322][T20816] try_charge_memcg+0x652/0xc90 [ 1068.712347][T20816] ? __pfx_try_charge_memcg+0x10/0x10 [ 1068.712368][T20816] ? find_held_lock+0x2b/0x80 [ 1068.712384][T20816] ? rcu_read_unlock+0x17/0x60 [ 1068.712410][T20816] ? rcu_read_unlock+0x17/0x60 [ 1068.712438][T20816] charge_memcg+0xa6/0x280 [ 1068.712459][T20816] __mem_cgroup_charge+0x2b/0x1e0 [ 1068.712484][T20816] shmem_alloc_and_add_folio+0x451/0xd40 [ 1068.712508][T20816] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1068.712528][T20816] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 1068.712548][T20816] ? do_fault+0x6a4/0x1990 [ 1068.712563][T20816] shmem_get_folio_gfp+0x6ab/0x1900 [ 1068.712592][T20816] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1068.712616][T20816] shmem_write_begin+0x1a4/0x420 [ 1068.712637][T20816] ? __pfx_shmem_write_begin+0x10/0x10 [ 1068.712657][T20816] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 1068.712682][T20816] ? lockdep_hardirqs_on+0x78/0x100 [ 1068.712699][T20816] generic_perform_write+0x292/0xa40 [ 1068.712725][T20816] ? __pfx_generic_perform_write+0x10/0x10 [ 1068.712747][T20816] ? file_update_time_flags+0x373/0x500 [ 1068.712771][T20816] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1068.712793][T20816] shmem_file_write_iter+0x10e/0x140 [ 1068.712816][T20816] __kernel_write_iter+0x2ac/0x920 [ 1068.712836][T20816] ? __pfx___kernel_write_iter+0x10/0x10 [ 1068.712854][T20816] ? __up_read+0x2c5/0x700 [ 1068.712870][T20816] ? dump_user_range+0x73b/0xb50 [ 1068.712892][T20816] dump_user_range+0x3f9/0xb50 [ 1068.712913][T20816] ? __pfx_dump_user_range+0x10/0x10 [ 1068.712938][T20816] ? __pfx_writenote+0x10/0x10 [ 1068.712962][T20816] elf_core_dump+0x2d16/0x3c60 [ 1068.712992][T20816] ? __pfx_elf_core_dump+0x10/0x10 [ 1068.713010][T20816] ? kasan_save_stack+0x30/0x50 [ 1068.713028][T20816] ? kasan_save_track+0x14/0x30 [ 1068.713046][T20816] ? __kasan_kmalloc+0xaa/0xb0 [ 1068.713062][T20816] ? __kvmalloc_node_noprof+0x34d/0xac0 [ 1068.713081][T20816] ? vfs_coredump+0x1f0c/0x5540 [ 1068.713097][T20816] ? arch_do_signal_or_restart+0x91/0x770 [ 1068.713119][T20816] ? irqentry_exit+0x1f8/0x670 [ 1068.713133][T20816] ? asm_exc_page_fault+0x26/0x30 [ 1068.713151][T20816] ? 0xffffffffff600000 [ 1068.713198][T20816] ? vfs_coredump+0x2777/0x5540 [ 1068.713215][T20816] vfs_coredump+0x2777/0x5540 [ 1068.713240][T20816] ? __pfx_vfs_coredump+0x10/0x10 [ 1068.713257][T20816] ? __lock_acquire+0x4a5/0x2630 [ 1068.713283][T20816] ? __lock_acquire+0x4a5/0x2630 [ 1068.713305][T20816] ? lock_acquire+0x17c/0x330 [ 1068.713330][T20816] ? lock_acquire+0x17c/0x330 [ 1068.713355][T20816] ? bpf_ksym_find+0x124/0x1c0 [ 1068.713374][T20816] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1068.713398][T20816] ? arch_stack_walk+0xa6/0xf0 [ 1068.713430][T20816] ? stack_trace_save+0x8e/0xc0 [ 1068.713446][T20816] ? __pfx_stack_trace_save+0x10/0x10 [ 1068.713463][T20816] ? stack_depot_save_flags+0x27/0x9c0 [ 1068.713484][T20816] ? __lock_acquire+0x4a5/0x2630 [ 1068.713539][T20816] ? proc_coredump_connector+0x2d3/0x4f0 [ 1068.713561][T20816] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1068.713587][T20816] ? rcu_is_watching+0x12/0xc0 [ 1068.713605][T20816] get_signal+0x1f2a/0x21e0 [ 1068.713632][T20816] ? __pfx_get_signal+0x10/0x10 [ 1068.713657][T20816] arch_do_signal_or_restart+0x91/0x770 [ 1068.713680][T20816] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1068.713708][T20816] ? do_user_addr_fault+0x8d6/0x12f0 [ 1068.713731][T20816] irqentry_exit+0x1f8/0x670 [ 1068.713748][T20816] asm_exc_page_fault+0x26/0x30 [ 1068.713763][T20816] RIP: 0033:0x15 [ 1068.713773][T20816] Code: Unable to access opcode bytes at 0xffffffffffffffeb. [ 1068.713780][T20816] RSP: 002b:000000000000000a EFLAGS: 00010212 [ 1068.713793][T20816] RAX: 000000000000000b RBX: 00007f0fd5016360 RCX: 00007f0fd4d9bf79 [ 1068.713802][T20816] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1068.713811][T20816] RBP: 00007f0fd4e327e0 R08: 0000000000000002 R09: 0000000000000000 [ 1068.713820][T20816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1068.713829][T20816] R13: 00007f0fd50163f8 R14: 00007f0fd5016360 R15: 00007ffd37d33518 [ 1068.713849][T20816] [ 1069.188990][T20816] memory: usage 307200kB, limit 307200kB, failcnt 178121 [ 1069.196043][T20816] memory+swap: usage 429808kB, limit 9007199254740988kB, failcnt 0 [ 1069.204115][T20816] kmem: usage 8008kB, limit 9007199254740988kB, failcnt 0 [ 1069.211715][T20816] Memory cgroup stats for /syz0: [ 1069.211930][T20816] cache 304750592 [ 1069.220507][T20816] rss 765952 [ 1069.223687][T20816] rss_huge 0 [ 1069.227237][T20816] shmem 304742400 [ 1069.230867][T20816] mapped_file 134836224 [ 1069.235013][T20816] dirty 0 [ 1069.238324][T20816] writeback 0 [ 1069.241605][T20816] workingset_refault_anon 40756 [ 1069.246434][T20816] workingset_refault_file 20024 [ 1069.251298][T20816] swap 125550592 [ 1069.254822][T20816] swapcached 847872 [ 1069.258637][T20816] pgpgin 2130912 [ 1069.262163][T20816] pgpgout 2151675 [ 1069.265771][T20816] pgfault 833737 [ 1069.269319][T20816] pgmajfault 2228 [ 1069.272934][T20816] inactive_anon 305258496 [ 1069.277517][T20816] active_anon 1089536 [ 1069.281484][T20816] inactive_file 8192 [ 1069.285354][T20816] active_file 0 [ 1069.288825][T20816] unevictable 0 [ 1069.292264][T20816] hierarchical_memory_limit 314572800 [ 1069.297672][T20816] hierarchical_memsw_limit 9223372036854771712 [ 1069.303806][T20816] total_cache 304750592 [ 1069.307966][T20816] total_rss 765952 [ 1069.311664][T20816] total_rss_huge 0 [ 1069.315370][T20816] total_shmem 304742400 [ 1069.319724][T20816] total_mapped_file 134836224 [ 1069.324388][T20816] total_dirty 0 [ 1069.328318][T20816] total_writeback 0 [ 1069.332116][T20816] total_workingset_refault_anon 40756 [ 1069.337506][T20816] total_workingset_refault_file 20024 [ 1069.342957][T20816] total_swap 125550592 [ 1069.347064][T20816] total_swapcached 847872 [ 1069.351487][T20816] total_pgpgin 2130912 [ 1069.355538][T20816] total_pgpgout 2151675 [ 1069.359914][T20816] total_pgfault 833737 [ 1069.363962][T20816] total_pgmajfault 2228 [ 1069.368122][T20816] total_inactive_anon 305258496 [ 1069.372966][T20816] total_active_anon 1089536 [ 1069.377478][T20816] total_inactive_file 8192 [ 1069.381874][T20816] total_active_file 0 [ 1069.385837][T20816] total_unevictable 0 [ 1069.389829][T20816] anon_cost 6853 [ 1069.393357][T20816] file_cost 7454 [ 1069.396887][T20816] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2931,pid=20712,uid=0 [ 1069.412106][T20816] Memory cgroup out of memory: Killed process 20712 (syz.0.2931) total-vm:152328kB, anon-rss:1368kB, file-rss:71464kB, shmem-rss:31872kB, UID:0 pgtables:312kB oom_score_adj:0 [ 1071.446196][T20851] syz.0.2958 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1071.469428][T21205] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3039'. [ 1072.178229][T20851] CPU: 0 UID: 0 PID: 20851 Comm: syz.0.2958 Tainted: G L syzkaller #0 PREEMPT(full) [ 1072.178256][T20851] Tainted: [L]=SOFTLOCKUP [ 1072.178262][T20851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1072.178272][T20851] Call Trace: [ 1072.178278][T20851] [ 1072.178284][T20851] dump_stack_lvl+0x100/0x190 [ 1072.178310][T20851] dump_header+0xfb/0x606 [ 1072.178326][T20851] oom_kill_process.cold+0xd/0x321 [ 1072.178343][T20851] out_of_memory+0x340/0x14f0 [ 1072.178367][T20851] ? __pfx_out_of_memory+0x10/0x10 [ 1072.178392][T20851] mem_cgroup_out_of_memory+0xc6/0x130 [ 1072.178408][T20851] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1072.178423][T20851] ? find_held_lock+0x2b/0x80 [ 1072.178444][T20851] ? do_raw_spin_unlock+0x145/0x1e0 [ 1072.178459][T20851] ? _raw_spin_unlock+0x28/0x50 [ 1072.178484][T20851] try_charge_memcg+0x652/0xc90 [ 1072.178509][T20851] ? __pfx_try_charge_memcg+0x10/0x10 [ 1072.178530][T20851] ? find_held_lock+0x2b/0x80 [ 1072.178545][T20851] ? rcu_read_unlock+0x17/0x60 [ 1072.178567][T20851] ? rcu_read_unlock+0x17/0x60 [ 1072.178594][T20851] charge_memcg+0xa6/0x280 [ 1072.178615][T20851] __mem_cgroup_charge+0x2b/0x1e0 [ 1072.178639][T20851] shmem_alloc_and_add_folio+0x451/0xd40 [ 1072.178663][T20851] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1072.178684][T20851] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 1072.178707][T20851] shmem_get_folio_gfp+0x6ab/0x1900 [ 1072.178730][T20851] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1072.178750][T20851] ? filemap_map_pages+0x9e0/0x2110 [ 1072.178773][T20851] shmem_fault+0x1f9/0xa20 [ 1072.178790][T20851] ? __lock_acquire+0x4a5/0x2630 [ 1072.178812][T20851] ? __pfx_shmem_fault+0x10/0x10 [ 1072.178834][T20851] ? __pfx_filemap_map_pages+0x10/0x10 [ 1072.178858][T20851] __do_fault+0x10d/0x550 [ 1072.178881][T20851] do_fault+0xaf9/0x1990 [ 1072.178898][T20851] __handle_mm_fault+0x1807/0x2b50 [ 1072.178920][T20851] ? __pfx___handle_mm_fault+0x10/0x10 [ 1072.178938][T20851] ? __pte_offset_map_lock+0x174/0x320 [ 1072.178960][T20851] ? find_held_lock+0x2b/0x80 [ 1072.178982][T20851] ? follow_page_pte+0x5b4/0x1410 [ 1072.179009][T20851] handle_mm_fault+0x36d/0xa20 [ 1072.179029][T20851] __get_user_pages+0xf9c/0x34d0 [ 1072.179060][T20851] ? __pfx___get_user_pages+0x10/0x10 [ 1072.179138][T20851] get_dump_page+0x27e/0x3d0 [ 1072.179152][T20851] ? __pfx_get_dump_page+0x10/0x10 [ 1072.179166][T20851] ? dump_user_range+0x73b/0xb50 [ 1072.179188][T20851] dump_user_range+0x18d/0xb50 [ 1072.179209][T20851] ? __pfx_dump_user_range+0x10/0x10 [ 1072.179233][T20851] ? __pfx_writenote+0x10/0x10 [ 1072.179258][T20851] elf_core_dump+0x2d16/0x3c60 [ 1072.179288][T20851] ? __pfx_elf_core_dump+0x10/0x10 [ 1072.179306][T20851] ? kasan_save_stack+0x30/0x50 [ 1072.179324][T20851] ? kasan_save_track+0x14/0x30 [ 1072.179341][T20851] ? __kasan_kmalloc+0xaa/0xb0 [ 1072.179358][T20851] ? __kvmalloc_node_noprof+0x34d/0xac0 [ 1072.179376][T20851] ? vfs_coredump+0x1f0c/0x5540 [ 1072.179392][T20851] ? arch_do_signal_or_restart+0x91/0x770 [ 1072.179414][T20851] ? irqentry_exit+0x1f8/0x670 [ 1072.179428][T20851] ? asm_exc_page_fault+0x26/0x30 [ 1072.179447][T20851] ? 0xffffffffff600000 [ 1072.179491][T20851] ? vfs_coredump+0x2777/0x5540 [ 1072.179507][T20851] vfs_coredump+0x2777/0x5540 [ 1072.179532][T20851] ? __pfx_vfs_coredump+0x10/0x10 [ 1072.179549][T20851] ? __lock_acquire+0x4a5/0x2630 [ 1072.179574][T20851] ? __lock_acquire+0x4a5/0x2630 [ 1072.179597][T20851] ? lock_acquire+0x17c/0x330 [ 1072.179622][T20851] ? lock_acquire+0x17c/0x330 [ 1072.179646][T20851] ? bpf_ksym_find+0x124/0x1c0 [ 1072.179665][T20851] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1072.179690][T20851] ? arch_stack_walk+0xa6/0xf0 [ 1072.179716][T20851] ? stack_trace_save+0x8e/0xc0 [ 1072.179732][T20851] ? __pfx_stack_trace_save+0x10/0x10 [ 1072.179750][T20851] ? stack_depot_save_flags+0x27/0x9c0 [ 1072.179770][T20851] ? __lock_acquire+0x4a5/0x2630 [ 1072.179828][T20851] ? proc_coredump_connector+0x2d3/0x4f0 [ 1072.179850][T20851] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1072.179877][T20851] ? rcu_is_watching+0x12/0xc0 [ 1072.179894][T20851] get_signal+0x1f2a/0x21e0 [ 1072.179922][T20851] ? __pfx_get_signal+0x10/0x10 [ 1072.179947][T20851] arch_do_signal_or_restart+0x91/0x770 [ 1072.179970][T20851] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1072.179998][T20851] ? do_user_addr_fault+0x8d6/0x12f0 [ 1072.180022][T20851] irqentry_exit+0x1f8/0x670 [ 1072.180039][T20851] asm_exc_page_fault+0x26/0x30 [ 1072.180053][T20851] RIP: 0033:0x15 [ 1072.180064][T20851] Code: Unable to access opcode bytes at 0xffffffffffffffeb. [ 1072.180071][T20851] RSP: 002b:000000000000000a EFLAGS: 00010212 [ 1072.180083][T20851] RAX: 000000000000000b RBX: 00007f0fd5016450 RCX: 00007f0fd4d9bf79 [ 1072.180109][T20851] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1072.180119][T20851] RBP: 00007f0fd4e327e0 R08: 0000000000000002 R09: 0000000000000000 [ 1072.180128][T20851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1072.180137][T20851] R13: 00007f0fd50164e8 R14: 00007f0fd5016450 R15: 00007ffd37d33518 [ 1072.180158][T20851] [ 1073.137182][T20851] memory: usage 306952kB, limit 307200kB, failcnt 179472 [ 1073.144375][T20851] memory+swap: usage 429560kB, limit 9007199254740988kB, failcnt 0 [ 1073.290574][T20851] kmem: usage 7204kB, limit 9007199254740988kB, failcnt 0 [ 1073.380150][T20851] Memory cgroup stats for /syz0: [ 1073.380370][T20851] cache 302465024 [ 1073.477262][T20851] rss 872448 [ 1073.497972][T20851] rss_huge 0 [ 1073.501185][T20851] shmem 302465024 [ 1073.504812][T20851] mapped_file 103698432 [ 1073.663043][T20851] dirty 0 [ 1073.666002][T20851] writeback 0 [ 1073.740547][T20851] workingset_refault_anon 40756 [ 1073.767129][T20851] workingset_refault_file 20025 [ 1073.772004][T20851] swap 125550592 [ 1073.812567][T20851] swapcached 847872 [ 1073.911067][T20851] pgpgin 2131995 [ 1073.914637][T20851] pgpgout 2153290 [ 1074.058430][T20851] pgfault 834334 [ 1074.062003][T20851] pgmajfault 2228 [ 1074.065621][T20851] inactive_anon 302612480 [ 1074.345575][T20851] active_anon 1564672 [ 1074.443093][T20851] inactive_file 0 [ 1074.452024][T20851] active_file 0 [ 1074.489994][T20851] unevictable 0 [ 1074.601573][T20851] hierarchical_memory_limit 314572800 [ 1074.652724][T20851] hierarchical_memsw_limit 9223372036854771712 [ 1074.767533][T20851] total_cache 302465024 [ 1074.771836][T20851] total_rss 872448 [ 1074.972367][T20851] total_rss_huge 0 [ 1074.976116][T20851] total_shmem 302465024 [ 1075.062852][T20851] total_mapped_file 103698432 [ 1075.077683][T20851] total_dirty 0 [ 1075.087157][T20851] total_writeback 0 [ 1075.090979][T20851] total_workingset_refault_anon 40756 [ 1075.105412][T20851] total_workingset_refault_file 20025 [ 1075.118587][T20851] total_swap 125550592 [ 1075.125036][T20851] total_swapcached 847872 [ 1075.143156][T20851] total_pgpgin 2131995 [ 1075.162775][T20851] total_pgpgout 2153290 [ 1075.168236][T20851] total_pgfault 834334 [ 1075.172319][T20851] total_pgmajfault 2228 [ 1075.176642][T20851] total_inactive_anon 302612480 [ 1075.245194][T20851] total_active_anon 1564672 [ 1075.507117][T20851] total_inactive_file 0 [ 1075.616278][T20851] total_active_file 0 [ 1075.697251][T20851] total_unevictable 0 [ 1075.701352][T20851] anon_cost 4571 [ 1075.788946][T20851] file_cost 5427 [ 1075.802964][T20851] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2927,pid=20691,uid=0 [ 1075.970472][T20851] Memory cgroup out of memory: Killed process 20691 (syz.0.2927) total-vm:148092kB, anon-rss:1352kB, file-rss:67940kB, shmem-rss:25344kB, UID:0 pgtables:312kB oom_score_adj:0 [ 1076.702559][T21265] nbd: must specify at least one socket [ 1077.275309][T21258] Process accounting resumed [ 1079.150396][T21303] FAULT_INJECTION: forcing a failure. [ 1079.150396][T21303] name failslab, interval 1, probability 0, space 0, times 0 [ 1079.334879][T21303] CPU: 1 UID: 0 PID: 21303 Comm: syz.1.3058 Tainted: G L syzkaller #0 PREEMPT(full) [ 1079.334907][T21303] Tainted: [L]=SOFTLOCKUP [ 1079.334914][T21303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1079.334924][T21303] Call Trace: [ 1079.334930][T21303] [ 1079.334937][T21303] dump_stack_lvl+0x100/0x190 [ 1079.334964][T21303] should_fail_ex.cold+0x5/0xa [ 1079.334991][T21303] should_failslab+0xc2/0x120 [ 1079.335013][T21303] __kmalloc_cache_noprof+0x80/0x810 [ 1079.335030][T21303] ? snd_seq_timer_new+0x44/0x1b0 [ 1079.335055][T21303] ? snd_seq_timer_new+0x44/0x1b0 [ 1079.335075][T21303] snd_seq_timer_new+0x44/0x1b0 [ 1079.335096][T21303] snd_seq_queue_alloc+0x177/0x590 [ 1079.335118][T21303] snd_seq_ioctl_create_queue+0xa9/0x370 [ 1079.335143][T21303] call_seq_client_ctl+0xa3/0x130 [ 1079.335166][T21303] snd_seq_kernel_client_ctl+0x77/0xd0 [ 1079.335190][T21303] alloc_seq_queue+0xdb/0x180 [ 1079.335205][T21303] ? __pfx_alloc_seq_queue+0x10/0x10 [ 1079.335229][T21303] ? mark_held_locks+0x40/0x70 [ 1079.335250][T21303] ? _raw_spin_unlock_irq+0x23/0x50 [ 1079.335273][T21303] ? lockdep_hardirqs_on+0x78/0x100 [ 1079.335289][T21303] snd_seq_oss_open+0x2b2/0xa10 [ 1079.335308][T21303] odev_open+0x79/0xc0 [ 1079.335329][T21303] ? __pfx_odev_open+0x10/0x10 [ 1079.335352][T21303] soundcore_open+0x2e3/0x5a0 [ 1079.335368][T21303] ? __pfx_soundcore_open+0x10/0x10 [ 1079.335382][T21303] chrdev_open+0x234/0x6a0 [ 1079.335401][T21303] ? __pfx_apparmor_file_open+0x10/0x10 [ 1079.335418][T21303] ? __pfx_chrdev_open+0x10/0x10 [ 1079.335445][T21303] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1079.335471][T21303] do_dentry_open+0x6d8/0x1660 [ 1079.335490][T21303] ? __pfx_chrdev_open+0x10/0x10 [ 1079.335514][T21303] vfs_open+0x82/0x3f0 [ 1079.335538][T21303] path_openat+0x208c/0x31a0 [ 1079.335563][T21303] ? __pfx_path_openat+0x10/0x10 [ 1079.335589][T21303] do_file_open+0x20e/0x430 [ 1079.335609][T21303] ? __pfx_do_file_open+0x10/0x10 [ 1079.335641][T21303] ? _raw_spin_unlock+0x28/0x50 [ 1079.335662][T21303] ? alloc_fd+0x476/0x790 [ 1079.335685][T21303] do_sys_openat2+0x10d/0x1e0 [ 1079.335708][T21303] ? __pfx_do_sys_openat2+0x10/0x10 [ 1079.335732][T21303] ? __fget_files+0x21f/0x3d0 [ 1079.335754][T21303] __x64_sys_openat+0x12d/0x210 [ 1079.335768][T21303] ? __pfx___x64_sys_openat+0x10/0x10 [ 1079.335781][T21303] ? xfd_validate_state+0x129/0x190 [ 1079.335803][T21303] do_syscall_64+0xc9/0xf80 [ 1079.335821][T21303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1079.335837][T21303] RIP: 0033:0x7f82c079bf79 [ 1079.335850][T21303] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1079.335865][T21303] RSP: 002b:00007f82c15a8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1079.335884][T21303] RAX: ffffffffffffffda RBX: 00007f82c0a15fa0 RCX: 00007f82c079bf79 [ 1079.335894][T21303] RDX: 0000000000000002 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1079.335904][T21303] RBP: 00007f82c08327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1079.335913][T21303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1079.335922][T21303] R13: 00007f82c0a16038 R14: 00007f82c0a15fa0 R15: 00007ffc786a5de8 [ 1079.335942][T21303] [ 1082.991956][T21337] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3071'. [ 1084.381534][T21348] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3064'. [ 1085.934740][T21384] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3070'. [ 1090.779351][T21453] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3083'. [ 1091.698211][T21464] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 1097.622128][T21545] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(2) [ 1098.867977][T21557] netlink: 504 bytes leftover after parsing attributes in process `syz.0.3099'. [ 1099.443025][T21568] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3103'. [ 1101.891925][T21587] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input21 [ 1102.510168][T21602] FAULT_INJECTION: forcing a failure. [ 1102.510168][T21602] name failslab, interval 1, probability 0, space 0, times 0 [ 1102.577213][T21602] CPU: 0 UID: 0 PID: 21602 Comm: syz.4.3111 Tainted: G L syzkaller #0 PREEMPT(full) [ 1102.577263][T21602] Tainted: [L]=SOFTLOCKUP [ 1102.577273][T21602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1102.577290][T21602] Call Trace: [ 1102.577299][T21602] [ 1102.577310][T21602] dump_stack_lvl+0x100/0x190 [ 1102.577336][T21602] should_fail_ex.cold+0x5/0xa [ 1102.577363][T21602] should_failslab+0xc2/0x120 [ 1102.577385][T21602] kmem_cache_alloc_noprof+0x83/0x780 [ 1102.577405][T21602] ? do_getname+0x35/0x390 [ 1102.577430][T21602] ? do_getname+0x35/0x390 [ 1102.577450][T21602] do_getname+0x35/0x390 [ 1102.577473][T21602] __x64_sys_symlink+0x66/0xb0 [ 1102.577495][T21602] do_syscall_64+0xc9/0xf80 [ 1102.577514][T21602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1102.577529][T21602] RIP: 0033:0x7fcc0ed9bf79 [ 1102.577542][T21602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1102.577557][T21602] RSP: 002b:00007fcc0fbd7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 1102.577581][T21602] RAX: ffffffffffffffda RBX: 00007fcc0f015fa0 RCX: 00007fcc0ed9bf79 [ 1102.577592][T21602] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180 [ 1102.577602][T21602] RBP: 00007fcc0ee327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1102.577612][T21602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1102.577621][T21602] R13: 00007fcc0f016038 R14: 00007fcc0f015fa0 R15: 00007ffc9e357c78 [ 1102.577641][T21602] [ 1105.327751][T21634] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3116'. [ 1108.094693][T21595] Process accounting paused [ 1108.106678][T21434] syz.0.3077 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 1108.280422][T21434] CPU: 1 UID: 0 PID: 21434 Comm: syz.0.3077 Tainted: G L syzkaller #0 PREEMPT(full) [ 1108.280468][T21434] Tainted: [L]=SOFTLOCKUP [ 1108.280479][T21434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1108.280496][T21434] Call Trace: [ 1108.280505][T21434] [ 1108.280517][T21434] dump_stack_lvl+0x100/0x190 [ 1108.280556][T21434] dump_header+0xfb/0x606 [ 1108.280581][T21434] oom_kill_process.cold+0xd/0x321 [ 1108.280600][T21434] out_of_memory+0x340/0x14f0 [ 1108.280624][T21434] ? __pfx_out_of_memory+0x10/0x10 [ 1108.280648][T21434] mem_cgroup_out_of_memory+0xc6/0x130 [ 1108.280666][T21434] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1108.280681][T21434] ? find_held_lock+0x2b/0x80 [ 1108.280701][T21434] ? do_raw_spin_unlock+0x145/0x1e0 [ 1108.280717][T21434] ? _raw_spin_unlock+0x28/0x50 [ 1108.280742][T21434] try_charge_memcg+0x652/0xc90 [ 1108.280773][T21434] ? __pfx_try_charge_memcg+0x10/0x10 [ 1108.280794][T21434] ? find_held_lock+0x2b/0x80 [ 1108.280810][T21434] ? rcu_read_unlock+0x17/0x60 [ 1108.280832][T21434] ? rcu_read_unlock+0x17/0x60 [ 1108.280859][T21434] charge_memcg+0xa6/0x280 [ 1108.280880][T21434] __mem_cgroup_charge+0x2b/0x1e0 [ 1108.280905][T21434] shmem_alloc_and_add_folio+0x451/0xd40 [ 1108.280929][T21434] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1108.280949][T21434] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 1108.280972][T21434] ? do_fault+0x6a4/0x1990 [ 1108.280987][T21434] shmem_get_folio_gfp+0x6ab/0x1900 [ 1108.281010][T21434] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1108.281034][T21434] shmem_write_begin+0x1a4/0x420 [ 1108.281055][T21434] ? __pfx_shmem_write_begin+0x10/0x10 [ 1108.281075][T21434] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 1108.281099][T21434] ? lockdep_hardirqs_on+0x78/0x100 [ 1108.281116][T21434] generic_perform_write+0x292/0xa40 [ 1108.281142][T21434] ? __pfx_generic_perform_write+0x10/0x10 [ 1108.281164][T21434] ? file_update_time_flags+0x373/0x500 [ 1108.281189][T21434] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 1108.281210][T21434] shmem_file_write_iter+0x10e/0x140 [ 1108.281233][T21434] __kernel_write_iter+0x2ac/0x920 [ 1108.281253][T21434] ? __pfx___kernel_write_iter+0x10/0x10 [ 1108.281271][T21434] ? __up_read+0x2c5/0x700 [ 1108.281287][T21434] ? dump_user_range+0x73b/0xb50 [ 1108.281309][T21434] dump_user_range+0x3f9/0xb50 [ 1108.281331][T21434] ? __pfx_dump_user_range+0x10/0x10 [ 1108.281355][T21434] ? __pfx_writenote+0x10/0x10 [ 1108.281383][T21434] elf_core_dump+0x2d16/0x3c60 [ 1108.281414][T21434] ? __pfx_elf_core_dump+0x10/0x10 [ 1108.281432][T21434] ? kasan_save_stack+0x30/0x50 [ 1108.281454][T21434] ? kasan_save_track+0x14/0x30 [ 1108.281472][T21434] ? __kasan_kmalloc+0xaa/0xb0 [ 1108.281489][T21434] ? __kvmalloc_node_noprof+0x34d/0xac0 [ 1108.281506][T21434] ? vfs_coredump+0x1f0c/0x5540 [ 1108.281522][T21434] ? arch_do_signal_or_restart+0x91/0x770 [ 1108.281549][T21434] ? irqentry_exit+0x1f8/0x670 [ 1108.281562][T21434] ? asm_exc_page_fault+0x26/0x30 [ 1108.281581][T21434] ? 0xffffffffff600000 [ 1108.281625][T21434] ? vfs_coredump+0x2777/0x5540 [ 1108.281641][T21434] vfs_coredump+0x2777/0x5540 [ 1108.281666][T21434] ? __pfx_vfs_coredump+0x10/0x10 [ 1108.281683][T21434] ? __lock_acquire+0x4a5/0x2630 [ 1108.281713][T21434] ? __lock_acquire+0x4a5/0x2630 [ 1108.281736][T21434] ? lock_acquire+0x17c/0x330 [ 1108.281771][T21434] ? lock_acquire+0x17c/0x330 [ 1108.281795][T21434] ? bpf_ksym_find+0x124/0x1c0 [ 1108.281815][T21434] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1108.281840][T21434] ? arch_stack_walk+0xa6/0xf0 [ 1108.281866][T21434] ? stack_trace_save+0x8e/0xc0 [ 1108.281882][T21434] ? __pfx_stack_trace_save+0x10/0x10 [ 1108.281900][T21434] ? stack_depot_save_flags+0x27/0x9c0 [ 1108.281920][T21434] ? __lock_acquire+0x4a5/0x2630 [ 1108.281976][T21434] ? proc_coredump_connector+0x2d3/0x4f0 [ 1108.281998][T21434] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1108.282024][T21434] ? rcu_is_watching+0x12/0xc0 [ 1108.282042][T21434] get_signal+0x1f2a/0x21e0 [ 1108.282070][T21434] ? __pfx_get_signal+0x10/0x10 [ 1108.282095][T21434] arch_do_signal_or_restart+0x91/0x770 [ 1108.282118][T21434] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1108.282146][T21434] ? do_user_addr_fault+0x8d6/0x12f0 [ 1108.282170][T21434] irqentry_exit+0x1f8/0x670 [ 1108.282187][T21434] asm_exc_page_fault+0x26/0x30 [ 1108.282201][T21434] RIP: 0033:0x15 [ 1108.282211][T21434] Code: Unable to access opcode bytes at 0xffffffffffffffeb. [ 1108.282218][T21434] RSP: 002b:000000000000000a EFLAGS: 00010212 [ 1108.282230][T21434] RAX: 000000000000000b RBX: 00007f0fd5016450 RCX: 00007f0fd4d9bf79 [ 1108.282240][T21434] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1108.282249][T21434] RBP: 00007f0fd4e327e0 R08: 0000000000000002 R09: 0000000000000000 [ 1108.282258][T21434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1108.282267][T21434] R13: 00007f0fd50164e8 R14: 00007f0fd5016450 R15: 00007ffd37d33518 [ 1108.282287][T21434] [ 1108.282293][T21434] memory: usage 307200kB, limit 307200kB, failcnt 207978 [ 1109.177091][T21434] memory+swap: usage 429608kB, limit 9007199254740988kB, failcnt 0 [ 1109.185005][T21434] kmem: usage 8944kB, limit 9007199254740988kB, failcnt 0 [ 1109.378790][T21434] Memory cgroup stats for /syz0: [ 1109.378900][T21434] cache 303411200 [ 1109.412004][T21434] rss 962560 [ 1109.415239][T21434] rss_huge 0 [ 1109.435078][T21434] shmem 303407104 [ 1109.457084][T21434] mapped_file 111071232 [ 1109.461262][T21434] dirty 0 [ 1109.489236][T21434] writeback 0 [ 1109.492538][T21434] workingset_refault_anon 41078 [ 1109.529780][T21434] workingset_refault_file 21960 [ 1109.534654][T21434] swap 125345792 [ 1109.547301][T21434] swapcached 1052672 [ 1109.551421][T21434] pgpgin 2225815 [ 1109.554972][T21434] pgpgout 2246808 [ 1109.580676][T21434] pgfault 857629 [ 1109.584515][T21434] pgmajfault 2234 [ 1109.588605][T21434] inactive_anon 304697344 [ 1109.597281][T21434] active_anon 712704 [ 1109.611343][T21434] inactive_file 4096 [ 1109.615247][T21434] active_file 0 [ 1109.622372][T21686] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3124'. [ 1109.652065][T21434] unevictable 0 [ 1109.655543][T21434] hierarchical_memory_limit 314572800 [ 1109.662168][T21434] hierarchical_memsw_limit 9223372036854771712 [ 1109.680354][T21434] total_cache 303411200 [ 1109.697132][T21434] total_rss 962560 [ 1109.700882][T21434] total_rss_huge 0 [ 1109.725392][T21434] total_shmem 303407104 [ 1109.737220][T21434] total_mapped_file 111071232 [ 1109.741916][T21434] total_dirty 0 [ 1109.769954][T21434] total_writeback 0 [ 1109.778265][T21434] total_workingset_refault_anon 41078 [ 1109.783666][T21434] total_workingset_refault_file 21960 [ 1109.827208][T21434] total_swap 125345792 [ 1109.831327][T21434] total_swapcached 1052672 [ 1109.835726][T21434] total_pgpgin 2225815 [ 1109.879102][T21434] total_pgpgout 2246808 [ 1109.893246][T21434] total_pgfault 857629 [ 1109.904788][T21434] total_pgmajfault 2234 [ 1109.925403][T21434] total_inactive_anon 304697344 [ 1109.944834][T21434] total_active_anon 712704 [ 1109.971232][T21434] total_inactive_file 4096 [ 1109.986319][T21434] total_active_file 0 [ 1109.997188][T21434] total_unevictable 0 [ 1110.019964][T21434] anon_cost 14604 [ 1110.027349][T21434] file_cost 2625 [ 1110.040126][T21434] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.2958,pid=20851,uid=0 [ 1110.079568][T21434] Memory cgroup out of memory: Killed process 20851 (syz.0.2958) total-vm:152328kB, anon-rss:1224kB, file-rss:72164kB, shmem-rss:25088kB, UID:0 pgtables:320kB oom_score_adj:0 [ 1111.379577][T21713] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3130'. [ 1112.960009][ T29] audit: type=1326 audit(2147502659.029:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21719 comm="syz.2.3131" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc76c59bf79 code=0x0 [ 1113.483284][T21721] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1114.686710][T21735] FAULT_INJECTION: forcing a failure. [ 1114.686710][T21735] name failslab, interval 1, probability 0, space 0, times 0 [ 1114.686758][T21735] CPU: 1 UID: 0 PID: 21735 Comm: syz.1.3134 Tainted: G L syzkaller #0 PREEMPT(full) [ 1114.686781][T21735] Tainted: [L]=SOFTLOCKUP [ 1114.686787][T21735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1114.686796][T21735] Call Trace: [ 1114.686802][T21735] [ 1114.686809][T21735] dump_stack_lvl+0x100/0x190 [ 1114.686834][T21735] should_fail_ex.cold+0x5/0xa [ 1114.686861][T21735] should_failslab+0xc2/0x120 [ 1114.686883][T21735] ? vc_allocate+0x4c3/0x880 [ 1114.686901][T21735] __kmalloc_noprof+0xf6/0x9c0 [ 1114.686916][T21735] ? con_free_unimap+0xac/0x100 [ 1114.686946][T21735] ? vgacon_init+0x30d/0x440 [ 1114.686986][T21735] ? vc_allocate+0x4c3/0x880 [ 1114.687017][T21735] vc_allocate+0x4c3/0x880 [ 1114.687041][T21735] ? __pfx_vc_allocate+0x10/0x10 [ 1114.687066][T21735] con_install+0xa1/0x620 [ 1114.687086][T21735] ? __pfx_con_install+0x10/0x10 [ 1114.687108][T21735] ? __pfx_con_install+0x10/0x10 [ 1114.687127][T21735] tty_init_dev.part.0+0x9e/0x470 [ 1114.687151][T21735] tty_open+0xa63/0xfa0 [ 1114.687175][T21735] ? __pfx_tty_open+0x10/0x10 [ 1114.687210][T21735] ? chrdev_open+0x10b/0x6a0 [ 1114.687229][T21735] ? chrdev_open+0x10b/0x6a0 [ 1114.687252][T21735] ? __pfx_tty_open+0x10/0x10 [ 1114.687283][T21735] chrdev_open+0x234/0x6a0 [ 1114.687315][T21735] ? __pfx_apparmor_file_open+0x10/0x10 [ 1114.687336][T21735] ? __pfx_chrdev_open+0x10/0x10 [ 1114.687356][T21735] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 1114.687380][T21735] do_dentry_open+0x6d8/0x1660 [ 1114.687398][T21735] ? __pfx_chrdev_open+0x10/0x10 [ 1114.687421][T21735] vfs_open+0x82/0x3f0 [ 1114.687448][T21735] path_openat+0x208c/0x31a0 [ 1114.687473][T21735] ? __pfx_path_openat+0x10/0x10 [ 1114.687499][T21735] do_file_open+0x20e/0x430 [ 1114.687520][T21735] ? __pfx_do_file_open+0x10/0x10 [ 1114.687553][T21735] ? _raw_spin_unlock+0x28/0x50 [ 1114.687576][T21735] ? alloc_fd+0x476/0x790 [ 1114.687600][T21735] do_sys_openat2+0x10d/0x1e0 [ 1114.687627][T21735] ? __pfx_do_sys_openat2+0x10/0x10 [ 1114.687658][T21735] __x64_sys_openat+0x12d/0x210 [ 1114.687673][T21735] ? __pfx___x64_sys_openat+0x10/0x10 [ 1114.687686][T21735] ? xfd_validate_state+0x129/0x190 [ 1114.687709][T21735] do_syscall_64+0xc9/0xf80 [ 1114.687727][T21735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1114.687742][T21735] RIP: 0033:0x7f82c079bf79 [ 1114.687756][T21735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1114.687771][T21735] RSP: 002b:00007f82c15a8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1114.687787][T21735] RAX: ffffffffffffffda RBX: 00007f82c0a15fa0 RCX: 00007f82c079bf79 [ 1114.687798][T21735] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1114.687808][T21735] RBP: 00007f82c08327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1114.687817][T21735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1114.687827][T21735] R13: 00007f82c0a16038 R14: 00007f82c0a15fa0 R15: 00007ffc786a5de8 [ 1114.687849][T21735] [ 1116.470893][T21753] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 1117.063650][T21765] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3138'. [ 1117.349712][T21754] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 1119.002824][T21787] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3143'. [ 1121.047348][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1121.053834][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1124.934163][T21862] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3157'. [ 1125.137625][T21864] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.4.3157: bg 3: bad block bitmap checksum [ 1125.239724][T21864] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5072 with max blocks 1 with error 74 [ 1125.386634][T21864] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1125.386634][T21864] [ 1125.540531][T21857] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5115 with max blocks 1 with error 117 [ 1125.628043][T21857] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1125.628043][T21857] [ 1125.717433][T21868] [U] ^\ [ 1128.356224][T21912] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078000dc0 pfn:0x78000 [ 1128.454212][T21912] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1128.481052][T21912] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 1128.497132][T21912] raw: ffff888078000dc0 0000000000000000 00000001ffffffff 0000000000000000 [ 1128.506890][T20506] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:2: bg 4: bad block bitmap checksum [ 1128.507094][T21912] page dumped because: unmovable page [ 1128.527366][T21912] page_owner tracks the page as allocated [ 1128.534278][T21912] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2cc0(GFP_KERNEL|__GFP_NOWARN), pid 21381, tgid 21380 (syz.2.3070), ts 1086023206698, free_ts 1083768403454 [ 1128.595620][T20506] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 4980 with max blocks 1 with error 74 [ 1128.608553][T20506] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1128.608553][T20506] [ 1128.639961][T21912] post_alloc_hook+0x1e1/0x250 [ 1128.691913][ T1149] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5072 with max blocks 1 with error 117 [ 1128.707191][T21912] get_page_from_freelist+0xe3d/0x2e10 [ 1128.741469][ T1149] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1128.741469][ T1149] [ 1128.768156][T21912] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 1128.887062][T21912] alloc_pages_bulk_noprof+0x777/0x1500 [ 1128.892842][T21912] __kasan_populate_vmalloc+0xf0/0x210 [ 1128.913256][T21912] alloc_vmap_area+0x935/0x2a00 [ 1129.075657][T21912] __get_vm_area_node+0x1ca/0x330 [ 1129.126511][T21912] __vmalloc_node_range_noprof+0x213/0x1530 [ 1129.227245][T21912] __vmalloc_node_noprof+0xad/0xf0 [ 1129.253813][T21912] __vmalloc_noprof+0xa3/0x120 [ 1129.326751][T21912] pcpu_mem_zalloc+0x54/0xb0 [ 1129.359308][T21912] pcpu_create_chunk+0x432/0x730 [ 1129.377988][T21912] pcpu_alloc_noprof+0x18a0/0x1b70 [ 1129.457583][T21912] bpf_map_alloc_percpu+0x9a/0x470 [ 1129.467354][T21912] htab_map_alloc+0x1054/0x14e0 [ 1129.508711][T21912] map_create+0x84e/0x2ba0 [ 1129.534145][T21912] page last free pid 16758 tgid 16758 stack trace: [ 1129.597178][T21912] __free_frozen_pages+0x822/0x1130 [ 1129.627172][T21912] pcpu_free_pages.isra.0+0x13c/0x1c0 [ 1129.637458][T21912] pcpu_balance_workfn+0x24e/0xdd0 [ 1129.718985][T21912] process_one_work+0x9c2/0x1840 [ 1129.740525][T21912] worker_thread+0x5da/0xe40 [ 1129.746614][T21912] kthread+0x370/0x450 [ 1129.757972][T21912] ret_from_fork+0x754/0xaf0 [ 1129.796127][T21912] ret_from_fork_asm+0x1a/0x30 [ 1130.370416][T21924] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1131.126980][T20506] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5289 with max blocks 1 with error 117 [ 1131.217130][T20506] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1131.217130][T20506] [ 1131.262152][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5295 with max blocks 1 with error 117 [ 1131.333710][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1131.333710][ T12] [ 1132.098005][ T29] audit: type=1800 audit(2147502678.179:26): pid=21952 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3174" name="lu_gp_id" dev="configfs" ino=98843 res=0 errno=0 [ 1132.178423][T21952] netlink: 326 bytes leftover after parsing attributes in process `syz.4.3174'. [ 1132.203905][T21952] bridge0: port 2(bridge_slave_1) entered disabled state [ 1132.211792][T21952] bridge0: port 1(bridge_slave_0) entered disabled state [ 1132.806467][T21966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888078000dc0 pfn:0x78000 [ 1132.874743][T21966] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1132.991640][T21966] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 1133.021044][T21966] raw: ffff888078000dc0 0000000000000000 00000001ffffffff 0000000000000000 [ 1133.487017][T21966] page dumped because: unmovable page [ 1133.497381][T21966] page_owner tracks the page as allocated [ 1133.503252][T21966] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2cc0(GFP_KERNEL|__GFP_NOWARN), pid 21381, tgid 21380 (syz.2.3070), ts 1086023206698, free_ts 1083768403454 [ 1133.540076][T21966] post_alloc_hook+0x1e1/0x250 [ 1133.587078][T21966] get_page_from_freelist+0xe3d/0x2e10 [ 1133.592579][T21966] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 1133.652373][T21966] alloc_pages_bulk_noprof+0x777/0x1500 [ 1133.783124][T21966] __kasan_populate_vmalloc+0xf0/0x210 [ 1133.795488][T21966] alloc_vmap_area+0x935/0x2a00 [ 1133.827053][T21966] __get_vm_area_node+0x1ca/0x330 [ 1133.846027][T21966] __vmalloc_node_range_noprof+0x213/0x1530 [ 1133.856189][T21966] __vmalloc_node_noprof+0xad/0xf0 [ 1133.917199][T21966] __vmalloc_noprof+0xa3/0x120 [ 1133.987173][T21966] pcpu_mem_zalloc+0x54/0xb0 [ 1133.991845][T21966] pcpu_create_chunk+0x432/0x730 [ 1134.065564][T21966] pcpu_alloc_noprof+0x18a0/0x1b70 [ 1134.126603][T21966] bpf_map_alloc_percpu+0x9a/0x470 [ 1134.131938][T21966] htab_map_alloc+0x1054/0x14e0 [ 1134.197229][T21966] map_create+0x84e/0x2ba0 [ 1134.201718][T21966] page last free pid 16758 tgid 16758 stack trace: [ 1134.663117][T21966] __free_frozen_pages+0x822/0x1130 [ 1134.729437][T21966] pcpu_free_pages.isra.0+0x13c/0x1c0 [ 1134.735001][T21966] pcpu_balance_workfn+0x24e/0xdd0 [ 1134.762220][T21966] process_one_work+0x9c2/0x1840 [ 1134.813210][T21966] worker_thread+0x5da/0xe40 [ 1134.837112][T21966] kthread+0x370/0x450 [ 1134.874285][T21966] ret_from_fork+0x754/0xaf0 [ 1134.894649][T21966] ret_from_fork_asm+0x1a/0x30 [ 1137.328894][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5075 with max blocks 1 with error 117 [ 1137.371378][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1137.371378][ T12] [ 1137.488788][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5299 with max blocks 1 with error 117 [ 1137.527412][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1137.527412][ T12] [ 1138.443210][ T3018] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5304 with max blocks 1 with error 117 [ 1138.490648][ T3018] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1138.490648][ T3018] [ 1138.877611][T22003] Process accounting resumed [ 1141.680447][T22077] FAULT_INJECTION: forcing a failure. [ 1141.680447][T22077] name failslab, interval 1, probability 0, space 0, times 0 [ 1141.727077][T22077] CPU: 1 UID: 0 PID: 22077 Comm: syz.4.3195 Tainted: G L syzkaller #0 PREEMPT(full) [ 1141.727105][T22077] Tainted: [L]=SOFTLOCKUP [ 1141.727111][T22077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1141.727122][T22077] Call Trace: [ 1141.727128][T22077] [ 1141.727135][T22077] dump_stack_lvl+0x100/0x190 [ 1141.727160][T22077] should_fail_ex.cold+0x5/0xa [ 1141.727187][T22077] should_failslab+0xc2/0x120 [ 1141.727209][T22077] __kvmalloc_node_noprof+0x101/0xac0 [ 1141.727229][T22077] ? alloc_fdtable+0x17f/0x2d0 [ 1141.727250][T22077] ? alloc_fdtable+0x17f/0x2d0 [ 1141.727265][T22077] alloc_fdtable+0x17f/0x2d0 [ 1141.727282][T22077] dup_fd+0x995/0xd10 [ 1141.727302][T22077] ? apparmor_task_alloc+0x2c1/0x3b0 [ 1141.727320][T22077] copy_process+0x2631/0x79b0 [ 1141.727363][T22077] ? __pfx_copy_process+0x10/0x10 [ 1141.727385][T22077] ? find_held_lock+0x2b/0x80 [ 1141.727410][T22077] kernel_clone+0xfc/0x930 [ 1141.727430][T22077] ? __pfx_futex_wait+0x10/0x10 [ 1141.727447][T22077] ? __pfx_kernel_clone+0x10/0x10 [ 1141.727478][T22077] __do_sys_clone+0xd9/0x120 [ 1141.727500][T22077] ? __pfx___do_sys_clone+0x10/0x10 [ 1141.727520][T22077] ? find_held_lock+0x2b/0x80 [ 1141.727543][T22077] ? xfd_validate_state+0x129/0x190 [ 1141.727565][T22077] do_syscall_64+0xc9/0xf80 [ 1141.727583][T22077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1141.727598][T22077] RIP: 0033:0x7fcc0ed9bf79 [ 1141.727619][T22077] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1141.727634][T22077] RSP: 002b:00007fcc0fbd6fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1141.727650][T22077] RAX: ffffffffffffffda RBX: 00007fcc0f015fa0 RCX: 00007fcc0ed9bf79 [ 1141.727661][T22077] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000004001000 [ 1141.727670][T22077] RBP: 00007fcc0ee327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1141.727680][T22077] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1141.727689][T22077] R13: 00007fcc0f016038 R14: 00007fcc0f015fa0 R15: 00007ffc9e357c78 [ 1141.727709][T22077] [ 1145.587040][ T1087] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5000 with max blocks 1 with error 117 [ 1145.657003][ T1087] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1145.657003][ T1087] [ 1145.836479][ T1087] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 908 with max blocks 4 with error 117 [ 1145.909399][ T1087] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1145.909399][ T1087] [ 1145.987288][ T1087] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5026 with max blocks 1 with error 117 [ 1146.007129][ T1087] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1146.007129][ T1087] [ 1146.075353][ T1087] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5037 with max blocks 1 with error 117 [ 1146.107118][ T1087] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1146.107118][ T1087] [ 1146.288868][ T1087] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5301 with max blocks 1 with error 117 [ 1146.413221][ T1087] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1146.413221][ T1087] [ 1147.294590][T22133] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3205'. [ 1147.374054][T22134] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3205'. [ 1147.984136][T22137] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 1149.966636][T22172] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3213'. [ 1150.650809][T22178] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3214'. [ 1151.009329][T22178] EXT4-fs: 4 callbacks suppressed [ 1151.009355][T22178] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5164 with max blocks 1 with error 117 [ 1151.119442][T22178] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1151.119442][T22178] [ 1151.605263][T22191] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3217'. [ 1151.728429][T22191] ovs_: entered promiscuous mode [ 1153.349586][T22203] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 2, inode_bitmap = 139 [ 1153.370451][T22203] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 5: bad block bitmap checksum [ 1154.167780][T18455] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1154.181950][T18455] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1154.190680][T18455] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1154.200121][T18455] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1154.208302][T18455] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1154.526466][T22216] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3221'. [ 1154.547797][T22216] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3221'. [ 1155.654587][T22210] chnl_net:caif_netlink_parms(): no params data found [ 1155.742266][T22232] FAULT_INJECTION: forcing a failure. [ 1155.742266][T22232] name failslab, interval 1, probability 0, space 0, times 0 [ 1156.017249][T22232] CPU: 0 UID: 0 PID: 22232 Comm: syz.1.3223 Tainted: G L syzkaller #0 PREEMPT(full) [ 1156.017278][T22232] Tainted: [L]=SOFTLOCKUP [ 1156.017284][T22232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1156.017293][T22232] Call Trace: [ 1156.017299][T22232] [ 1156.017307][T22232] dump_stack_lvl+0x100/0x190 [ 1156.017334][T22232] should_fail_ex.cold+0x5/0xa [ 1156.017361][T22232] should_failslab+0xc2/0x120 [ 1156.017383][T22232] __kmalloc_cache_noprof+0x80/0x810 [ 1156.017408][T22232] ? zs_create_pool+0x4fe/0xbc0 [ 1156.017435][T22232] ? zs_create_pool+0x4fe/0xbc0 [ 1156.017455][T22232] zs_create_pool+0x4fe/0xbc0 [ 1156.017480][T22232] ? __pfx_zs_create_pool+0x10/0x10 [ 1156.017506][T22232] ? disksize_store+0x117/0x510 [ 1156.017527][T22232] ? __vmalloc_node_noprof+0xad/0xf0 [ 1156.017542][T22232] ? disksize_store+0x117/0x510 [ 1156.017564][T22232] ? __pfx_disksize_store+0x10/0x10 [ 1156.017585][T22232] disksize_store+0x175/0x510 [ 1156.017608][T22232] ? sysfs_file_kobj+0xe4/0x290 [ 1156.017629][T22232] ? __pfx_disksize_store+0x10/0x10 [ 1156.017652][T22232] dev_attr_store+0x58/0x80 [ 1156.017670][T22232] ? __pfx_dev_attr_store+0x10/0x10 [ 1156.017687][T22232] sysfs_kf_write+0xf2/0x150 [ 1156.017708][T22232] kernfs_fop_write_iter+0x3e0/0x5f0 [ 1156.017724][T22232] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1156.017745][T22232] vfs_write+0x6ac/0x1070 [ 1156.017763][T22232] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1156.017782][T22232] ? __pfx_vfs_write+0x10/0x10 [ 1156.017798][T22232] ? find_held_lock+0x2b/0x80 [ 1156.017827][T22232] ksys_write+0x12a/0x250 [ 1156.017844][T22232] ? __pfx_ksys_write+0x10/0x10 [ 1156.017867][T22232] do_syscall_64+0xc9/0xf80 [ 1156.017885][T22232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1156.017901][T22232] RIP: 0033:0x7f82c079bf79 [ 1156.017915][T22232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1156.017929][T22232] RSP: 002b:00007f82c1587028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1156.017945][T22232] RAX: ffffffffffffffda RBX: 00007f82c0a16090 RCX: 00007f82c079bf79 [ 1156.017955][T22232] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1156.017965][T22232] RBP: 00007f82c08327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1156.017974][T22232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1156.017984][T22232] R13: 00007f82c0a16128 R14: 00007f82c0a16090 R15: 00007ffc786a5de8 [ 1156.018005][T22232] [ 1156.295609][T17942] Bluetooth: hci6: command tx timeout [ 1156.900506][T19930] NFSD: Failed to start, no listeners configured. [ 1156.941904][T22210] bridge0: port 1(bridge_slave_0) entered blocking state [ 1156.957255][T22210] bridge0: port 1(bridge_slave_0) entered disabled state [ 1156.967623][T22210] bridge_slave_0: entered allmulticast mode [ 1156.986429][T22210] bridge_slave_0: entered promiscuous mode [ 1157.048831][T22210] bridge0: port 2(bridge_slave_1) entered blocking state [ 1157.055989][T22210] bridge0: port 2(bridge_slave_1) entered disabled state [ 1157.067700][T22244] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3225'. [ 1157.207131][T22210] bridge_slave_1: entered allmulticast mode [ 1157.218093][T22210] bridge_slave_1: entered promiscuous mode [ 1157.539010][T22210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1157.569194][T22210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1157.651005][T22247] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5164 with max blocks 1 with error 117 [ 1157.777111][T22247] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1157.777111][T22247] [ 1158.114458][T22210] team0: Port device team_slave_0 added [ 1158.212976][T22210] team0: Port device team_slave_1 added [ 1158.329778][T17942] Bluetooth: hci6: command tx timeout [ 1158.509598][T22210] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1158.516556][T22210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1158.547533][T22210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1158.562249][T22210] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1158.577045][T22210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1158.603497][T22210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1159.333279][T22210] hsr_slave_0: entered promiscuous mode [ 1159.367482][T22210] hsr_slave_1: entered promiscuous mode [ 1159.447855][T22210] debugfs: 'hsr0' already exists in 'hsr' [ 1159.454451][T22210] Cannot create hsr debugfs directory [ 1159.834280][ T2987] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5186 with max blocks 1 with error 117 [ 1159.901313][ T2987] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1159.901313][ T2987] [ 1159.993065][ T2987] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5311 with max blocks 1 with error 117 [ 1160.017149][ T2987] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1160.017149][ T2987] [ 1160.397048][T17942] Bluetooth: hci6: command tx timeout [ 1160.425780][T22210] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1160.466033][T22210] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1160.877568][T22210] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1160.914166][T22210] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1161.477607][T22210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1161.599402][T22210] 8021q: adding VLAN 0 to HW filter on device team0 [ 1162.048115][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 1162.055232][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1162.336497][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state [ 1162.343679][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1162.477091][T17942] Bluetooth: hci6: command tx timeout [ 1162.509379][T22210] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1163.017801][T22210] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1164.272098][T22210] veth0_vlan: entered promiscuous mode [ 1164.523402][T22210] veth1_vlan: entered promiscuous mode [ 1164.671630][T22210] veth0_macvtap: entered promiscuous mode [ 1164.703870][T22210] veth1_macvtap: entered promiscuous mode [ 1164.806657][T22210] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1164.831902][T22210] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1164.868983][ T2987] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1164.900159][ T2987] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1164.956354][ T2987] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1165.123664][ T2987] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1165.268860][ T3018] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1165.285054][ T3018] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1165.392418][ T1087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1165.401459][ T1087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1166.176632][T17942] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 1166.311144][T22379] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1166.955361][T22382] Invalid ELF header magic: != ELF [ 1168.673504][T22403] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3250'. [ 1169.109014][T22381] Process accounting paused [ 1169.359478][T22416] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.3252: iget: checksum invalid [ 1169.427373][T22416] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1169.490409][T22416] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.3252: iget: checksum invalid [ 1169.565018][T22416] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1169.576053][T22416] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.3252: iget: checksum invalid [ 1169.603352][T22416] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1169.614160][T22416] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.2.3252: iget: checksum invalid [ 1169.625417][T22416] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1169.634993][T22416] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1169.644727][T22416] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1169.958883][T22435] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 1172.530163][T22484] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3263'. [ 1172.787653][T22492] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5081 with max blocks 1 with error 117 [ 1172.854961][T22492] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1172.854961][T22492] [ 1173.688285][T22507] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3268'. [ 1174.946886][T22536] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1175.671158][T22536] netlink: 350 bytes leftover after parsing attributes in process `syz.1.3272'. [ 1176.558134][ T29] audit: type=1800 audit(4294967364.420:27): pid=22520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3269" name="lu_gp_id" dev="configfs" ino=101106 res=0 errno=0 [ 1177.098300][T22561] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3276'. [ 1177.215334][T22565] netlink: 25 bytes leftover after parsing attributes in process `syz.4.3276'. [ 1179.835507][T22591] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1180.080411][T22591] serio: Serial port pty6 [ 1180.474808][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5195 with max blocks 1 with error 117 [ 1180.547000][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1180.547000][ T12] [ 1180.665062][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5230 with max blocks 1 with error 117 [ 1180.739977][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1180.739977][ T13] [ 1182.278416][ T3018] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5269 with max blocks 1 with error 117 [ 1182.337204][ T3018] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1182.337204][ T3018] [ 1182.427642][ T12] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5315 with max blocks 1 with error 117 [ 1182.472568][ T12] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1182.472568][ T12] [ 1182.493080][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1182.507101][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1183.274775][T22621] usb usb14: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1183.721974][T22625] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 1183.853016][ T2987] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5318 with max blocks 1 with error 117 [ 1183.926019][ T2987] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1183.926019][ T2987] [ 1184.429570][ T29] audit: type=1804 audit(4294967372.270:28): pid=22638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3288" name="/newroot/810/file0" dev="tmpfs" ino=4191 res=1 errno=0 [ 1184.507041][ T29] audit: type=1804 audit(4294967372.280:29): pid=22639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.3288" name="/newroot/810/file0" dev="tmpfs" ino=4191 res=1 errno=0 [ 1187.590204][T22680] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3294'. [ 1187.944735][T22683] EXT4-fs: 2 callbacks suppressed [ 1187.944758][T22683] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5140 with max blocks 1 with error 117 [ 1187.977148][T22683] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1187.977148][T22683] [ 1188.887809][T22699] FAULT_INJECTION: forcing a failure. [ 1188.887809][T22699] name failslab, interval 1, probability 0, space 0, times 0 [ 1188.982800][T22699] CPU: 0 UID: 0 PID: 22699 Comm: syz.4.3297 Tainted: G L syzkaller #0 PREEMPT(full) [ 1188.982828][T22699] Tainted: [L]=SOFTLOCKUP [ 1188.982834][T22699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1188.982843][T22699] Call Trace: [ 1188.982850][T22699] [ 1188.982857][T22699] dump_stack_lvl+0x100/0x190 [ 1188.982882][T22699] should_fail_ex.cold+0x5/0xa [ 1188.982909][T22699] should_failslab+0xc2/0x120 [ 1188.982930][T22699] __kmalloc_cache_noprof+0x80/0x810 [ 1188.982946][T22699] ? __nla_validate_parse+0x160/0x28b0 [ 1188.982970][T22699] ? ovs_dp_cmd_new+0x1af/0xdf0 [ 1188.982997][T22699] ? ovs_dp_cmd_new+0x1af/0xdf0 [ 1188.983019][T22699] ovs_dp_cmd_new+0x1af/0xdf0 [ 1188.983042][T22699] ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 1188.983069][T22699] ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 1188.983098][T22699] ? __kmalloc_noprof+0x365/0x9c0 [ 1188.983113][T22699] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 1188.983140][T22699] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1188.983164][T22699] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1188.983191][T22699] genl_family_rcv_msg_doit+0x214/0x300 [ 1188.983219][T22699] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1188.983242][T22699] ? genl_get_cmd+0x3ef/0x720 [ 1188.983269][T22699] ? bpf_lsm_capable+0x9/0x10 [ 1188.983282][T22699] ? security_capable+0x80/0x260 [ 1188.983298][T22699] ? ns_capable+0xd2/0xf0 [ 1188.983318][T22699] genl_rcv_msg+0x560/0x800 [ 1188.983334][T22699] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1188.983349][T22699] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 1188.983379][T22699] netlink_rcv_skb+0x159/0x420 [ 1188.983400][T22699] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1188.983415][T22699] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1188.983443][T22699] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1188.983466][T22699] genl_rcv+0x28/0x40 [ 1188.983486][T22699] netlink_unicast+0x5aa/0x870 [ 1188.983510][T22699] ? __pfx_netlink_unicast+0x10/0x10 [ 1188.983537][T22699] netlink_sendmsg+0x8b0/0xda0 [ 1188.983561][T22699] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1188.983588][T22699] ? __import_iovec+0x1d2/0x640 [ 1188.983610][T22699] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1188.983630][T22699] ____sys_sendmsg+0xa54/0xc30 [ 1188.983647][T22699] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1188.983660][T22699] ? __pfx___futex_wait+0x10/0x10 [ 1188.983678][T22699] ? __pfx_futex_wake_mark+0x10/0x10 [ 1188.983696][T22699] ___sys_sendmsg+0x190/0x1e0 [ 1188.983713][T22699] ? __pfx____sys_sendmsg+0x10/0x10 [ 1188.983737][T22699] ? find_held_lock+0x2b/0x80 [ 1188.983765][T22699] __sys_sendmsg+0x170/0x220 [ 1188.983786][T22699] ? __pfx___sys_sendmsg+0x10/0x10 [ 1188.983805][T22699] ? __x64_sys_futex+0x34f/0x4d0 [ 1188.983837][T22699] do_syscall_64+0xc9/0xf80 [ 1188.983855][T22699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1188.983871][T22699] RIP: 0033:0x7fcc0ed9bf79 [ 1188.983885][T22699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1188.983899][T22699] RSP: 002b:00007fcc0fbd7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1188.983915][T22699] RAX: ffffffffffffffda RBX: 00007fcc0f015fa0 RCX: 00007fcc0ed9bf79 [ 1188.983926][T22699] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000008 [ 1188.983935][T22699] RBP: 00007fcc0ee327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1188.983944][T22699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1188.983954][T22699] R13: 00007fcc0f016038 R14: 00007fcc0f015fa0 R15: 00007ffc9e357c78 [ 1188.983974][T22699] [ 1189.727750][ T2987] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5026 with max blocks 1 with error 117 [ 1189.877954][ T2987] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1189.877954][ T2987] [ 1189.962948][ T2987] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5274 with max blocks 1 with error 117 [ 1190.022837][ T2987] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1190.022837][ T2987] [ 1190.193372][ T29] audit: type=1326 audit(4294967378.050:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22703 comm="syz.2.3299" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc76c59bf79 code=0x0 [ 1190.229418][T22708] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3298'. [ 1190.367668][T22709] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 1190.367668][T22709] The task syz.2.3299 (22709) triggered the difference, watch for misbehavior. [ 1190.419416][T22708] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5087 with max blocks 2 with error 117 [ 1190.482505][T22708] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1190.482505][T22708] [ 1190.939196][T22720] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1192.202849][ T29] audit: type=1804 audit(4294967380.060:31): pid=22740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3304" name="/newroot/sys/kernel/debug/tracing/options/irq-info" dev="tracefs" ino=161 res=1 errno=0 [ 1192.589903][T22747] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3305'. [ 1192.639335][ T2987] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5213 with max blocks 1 with error 117 [ 1192.690953][ T2987] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1192.690953][ T2987] [ 1193.032382][ T1087] EXT4-fs (sda1): Delayed block allocation failed for inode 2021 at logical offset 5146 with max blocks 1 with error 117 [ 1193.138777][ T1087] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1193.138777][ T1087] [ 1193.612143][T22758] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1193.743222][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.777536][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.790927][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.804723][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.819150][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.890555][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.928613][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.945170][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.959974][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1193.974425][T22758] EXT4-fs error (device sda1): ext4_discard_preallocations:5702: comm syz.2.3308: Error -117 reading block bitmap for 3 [ 1196.114926][T20506] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1348 with max blocks 1 with error 117 [ 1196.270633][T20506] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1196.270633][T20506] [ 1196.701588][T22800] Invalid ELF header magic: != ELF [ 1198.413966][T22832] FAULT_INJECTION: forcing a failure. [ 1198.413966][T22832] name failslab, interval 1, probability 0, space 0, times 0 [ 1198.426856][T22832] CPU: 0 UID: 0 PID: 22832 Comm: syz.2.3322 Tainted: G L syzkaller #0 PREEMPT(full) [ 1198.426881][T22832] Tainted: [L]=SOFTLOCKUP [ 1198.426887][T22832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1198.426902][T22832] Call Trace: [ 1198.426912][T22832] [ 1198.426921][T22832] dump_stack_lvl+0x100/0x190 [ 1198.426964][T22832] should_fail_ex.cold+0x5/0xa [ 1198.427010][T22832] should_failslab+0xc2/0x120 [ 1198.427042][T22832] kmem_cache_alloc_noprof+0x83/0x780 [ 1198.427063][T22832] ? __proc_create+0xc2/0x8c0 [ 1198.427077][T22832] ? __proc_create+0x2cb/0x8c0 [ 1198.427095][T22832] ? __proc_create+0x2cb/0x8c0 [ 1198.427108][T22832] __proc_create+0x2cb/0x8c0 [ 1198.427124][T22832] ? __pfx___proc_create+0x10/0x10 [ 1198.427146][T22832] _proc_mkdir+0xb9/0x210 [ 1198.427161][T22832] ? __pfx__proc_mkdir+0x10/0x10 [ 1198.427176][T22832] ? proc_net_ns_init+0x42/0x420 [ 1198.427195][T22832] proc_net_ns_init+0x273/0x420 [ 1198.427210][T22832] ? __pfx_proc_net_ns_init+0x10/0x10 [ 1198.427225][T22832] ops_init+0x1e2/0x5f0 [ 1198.427248][T22832] setup_net+0x118/0x3a0 [ 1198.427269][T22832] ? __pfx_setup_net+0x10/0x10 [ 1198.427288][T22832] ? lockdep_init_map_type+0x5c/0x250 [ 1198.427311][T22832] ? mutex_init_lockep+0x110/0x150 [ 1198.427336][T22832] copy_net_ns+0x46f/0x7c0 [ 1198.427360][T22832] create_new_namespaces+0x3ea/0xac0 [ 1198.427383][T22832] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1198.427404][T22832] ksys_unshare+0x455/0xab0 [ 1198.427428][T22832] ? __pfx_ksys_unshare+0x10/0x10 [ 1198.427449][T22832] ? xfd_validate_state+0x129/0x190 [ 1198.427471][T22832] __x64_sys_unshare+0x31/0x40 [ 1198.427493][T22832] do_syscall_64+0xc9/0xf80 [ 1198.427510][T22832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1198.427525][T22832] RIP: 0033:0x7fc76c59bf79 [ 1198.427539][T22832] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1198.427555][T22832] RSP: 002b:00007fc76d4dc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1198.427570][T22832] RAX: ffffffffffffffda RBX: 00007fc76c815fa0 RCX: 00007fc76c59bf79 [ 1198.427580][T22832] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1198.427589][T22832] RBP: 00007fc76c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1198.427598][T22832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1198.427607][T22832] R13: 00007fc76c816038 R14: 00007fc76c815fa0 R15: 00007ffeb3e2cde8 [ 1198.427627][T22832] [ 1199.257903][T22831] Process accounting resumed [ 1202.269451][T20506] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 911 with max blocks 1 with error 117 [ 1202.311761][T20506] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1202.311761][T20506] [ 1204.439101][T22919] FAULT_INJECTION: forcing a failure. [ 1204.439101][T22919] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1204.605996][T22919] CPU: 1 UID: 0 PID: 22919 Comm: syz.4.3340 Tainted: G L syzkaller #0 PREEMPT(full) [ 1204.606024][T22919] Tainted: [L]=SOFTLOCKUP [ 1204.606030][T22919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1204.606040][T22919] Call Trace: [ 1204.606045][T22919] [ 1204.606052][T22919] dump_stack_lvl+0x100/0x190 [ 1204.606078][T22919] should_fail_ex.cold+0x5/0xa [ 1204.606113][T22919] get_futex_key+0x1d2/0x1620 [ 1204.606136][T22919] ? __pfx_get_futex_key+0x10/0x10 [ 1204.606155][T22919] ? ex_handler_uaccess.isra.0+0xfa/0x200 [ 1204.606177][T22919] ? fixup_exception+0x119/0xff0 [ 1204.606201][T22919] futex_wake+0xea/0x530 [ 1204.606215][T22919] ? __bad_area_nosemaphore+0x320/0x3f0 [ 1204.606234][T22919] ? __pfx_futex_wake+0x10/0x10 [ 1204.606251][T22919] ? rcu_is_watching+0x12/0xc0 [ 1204.606265][T22919] ? irqentry_exit+0x180/0x670 [ 1204.606283][T22919] do_futex+0x32b/0x350 [ 1204.606304][T22919] ? __pfx_do_futex+0x10/0x10 [ 1204.606330][T22919] __x64_sys_futex+0x34f/0x4d0 [ 1204.606352][T22919] ? __pfx___x64_sys_futex+0x10/0x10 [ 1204.606373][T22919] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 1204.606398][T22919] do_syscall_64+0xc9/0xf80 [ 1204.606416][T22919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1204.606431][T22919] RIP: 0033:0x7fcc0ed9bf79 [ 1204.606445][T22919] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1204.606459][T22919] RSP: 002b:00007fcc0fbd70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1204.606475][T22919] RAX: ffffffffffffffda RBX: 00007fcc0f015fa8 RCX: 00007fcc0ed9bf79 [ 1204.606485][T22919] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fcc0f015fac [ 1204.606494][T22919] RBP: 00007fcc0f015fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1204.606504][T22919] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1204.606513][T22919] R13: 00007fcc0f016038 R14: 00007ffc9e357b90 R15: 00007ffc9e357c78 [ 1204.606534][T22919] [ 1207.398777][T22964] Setting dangerous option i915.mitigations - tainting kernel [ 1207.495459][T22965] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1207.518952][T22965] ubi31: attaching mtd0 [ 1207.554071][T22965] ubi31: scanning is finished [ 1207.583615][T22965] ubi31 error: ubi_read_volume_table: the layout volume was not found [ 1207.901293][T22965] ubi31 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1208.278775][T17942] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1208.306698][T17942] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1208.315208][T17942] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1208.328309][T17942] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1208.336108][T17942] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1208.856180][T22991] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3359'. [ 1209.346089][T22978] chnl_net:caif_netlink_parms(): no params data found [ 1209.749264][T22978] bridge0: port 1(bridge_slave_0) entered blocking state [ 1209.756660][T22978] bridge0: port 1(bridge_slave_0) entered disabled state [ 1209.786298][T22978] bridge_slave_0: entered allmulticast mode [ 1209.800306][T22978] bridge_slave_0: entered promiscuous mode [ 1209.815689][T22978] bridge0: port 2(bridge_slave_1) entered blocking state [ 1209.824285][T22978] bridge0: port 2(bridge_slave_1) entered disabled state [ 1209.893938][T22978] bridge_slave_1: entered allmulticast mode [ 1209.906305][T22978] bridge_slave_1: entered promiscuous mode [ 1210.075169][T22978] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1210.098132][T22978] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1210.325980][T22978] team0: Port device team_slave_0 added [ 1210.393999][T22978] team0: Port device team_slave_1 added [ 1210.402478][T18455] Bluetooth: hci7: command tx timeout [ 1210.683758][T22978] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1210.694512][T22978] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1210.737039][T22978] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1210.769246][T22978] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1210.776229][T22978] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1210.808957][T22978] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1211.095785][T22978] hsr_slave_0: entered promiscuous mode [ 1211.111521][T22978] hsr_slave_1: entered promiscuous mode [ 1211.148386][T22978] debugfs: 'hsr0' already exists in 'hsr' [ 1211.157112][T22978] Cannot create hsr debugfs directory [ 1212.098494][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1348 with max blocks 1 with error 117 [ 1212.156597][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1212.156597][ T13] [ 1212.276611][T22978] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 1212.336470][T22978] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 1212.464715][T22978] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 1212.478394][T18455] Bluetooth: hci7: command tx timeout [ 1212.554118][T22978] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 1213.099475][T22978] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1213.169800][T22978] 8021q: adding VLAN 0 to HW filter on device team0 [ 1213.435238][ T1087] bridge0: port 1(bridge_slave_0) entered blocking state [ 1213.442399][ T1087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1213.496163][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state [ 1213.503506][ T1087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1214.535079][T22978] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1214.557718][T17942] Bluetooth: hci7: command tx timeout [ 1215.320624][T22978] veth0_vlan: entered promiscuous mode [ 1215.353669][T22978] veth1_vlan: entered promiscuous mode [ 1215.497551][T22978] veth0_macvtap: entered promiscuous mode [ 1215.508716][T22978] veth1_macvtap: entered promiscuous mode [ 1215.540345][T22978] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1215.559785][T22978] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1215.596593][ T2987] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1215.622152][ T2987] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1215.646012][ T2987] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1215.672808][ T2987] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1215.833390][ T2987] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1215.844664][ T2987] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1216.042667][ T3018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1216.050964][ T3018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1216.247593][T18455] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1216.638342][T18455] Bluetooth: hci7: command tx timeout [ 1219.154944][T23188] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3395'. [ 1219.443306][ T13] EXT4-fs (sda1): Delayed block allocation failed for inode 2034 at logical offset 909 with max blocks 3 with error 117 [ 1219.493752][ T13] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1219.493752][ T13] [ 1222.119058][T23244] netlink: 342 bytes leftover after parsing attributes in process `syz.6.3408'. [ 1224.481024][T18455] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1228.720592][T18455] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1229.117012][T17942] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1229.323569][T23352] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3429'. [ 1229.438927][T22983] Bluetooth: hci10: Opcode 0x0c03 failed: -110 [ 1229.653508][T23310] Process accounting paused [ 1232.257249][T23416] netlink: 322 bytes leftover after parsing attributes in process `syz.2.3442'. [ 1233.598908][T22983] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1236.124799][T23482] netlink: 322 bytes leftover after parsing attributes in process `syz.2.3454'. [ 1237.678046][T22983] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1239.600248][T17942] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1241.277041][T22983] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1243.285670][T18455] Bluetooth: hci10: Opcode 0x0c03 failed: -110 [ 1243.289890][T17942] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1243.923491][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1243.930004][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1244.849061][T23599] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3476'. [ 1247.120856][T17942] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1247.923889][T18455] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1248.485889][T23653] FAULT_INJECTION: forcing a failure. [ 1248.485889][T23653] name failslab, interval 1, probability 0, space 0, times 0 [ 1248.519609][T23653] CPU: 0 UID: 0 PID: 23653 Comm: syz.2.3488 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1248.519651][T23653] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1248.519658][T23653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1248.519668][T23653] Call Trace: [ 1248.519673][T23653] [ 1248.519680][T23653] dump_stack_lvl+0x100/0x190 [ 1248.519706][T23653] should_fail_ex.cold+0x5/0xa [ 1248.519742][T23653] should_failslab+0xc2/0x120 [ 1248.519765][T23653] __kmalloc_cache_noprof+0x80/0x810 [ 1248.519781][T23653] ? zs_create_pool+0x4fe/0xbc0 [ 1248.519808][T23653] ? zs_create_pool+0x4fe/0xbc0 [ 1248.519828][T23653] zs_create_pool+0x4fe/0xbc0 [ 1248.519853][T23653] ? __pfx_zs_create_pool+0x10/0x10 [ 1248.519888][T23653] ? disksize_store+0x117/0x510 [ 1248.519910][T23653] ? __vmalloc_node_noprof+0xad/0xf0 [ 1248.519925][T23653] ? disksize_store+0x117/0x510 [ 1248.519948][T23653] ? __pfx_disksize_store+0x10/0x10 [ 1248.519969][T23653] disksize_store+0x175/0x510 [ 1248.519991][T23653] ? sysfs_file_kobj+0xe4/0x290 [ 1248.520011][T23653] ? __pfx_disksize_store+0x10/0x10 [ 1248.520054][T23653] dev_attr_store+0x58/0x80 [ 1248.520073][T23653] ? __pfx_dev_attr_store+0x10/0x10 [ 1248.520091][T23653] sysfs_kf_write+0xf2/0x150 [ 1248.520112][T23653] kernfs_fop_write_iter+0x3e0/0x5f0 [ 1248.520128][T23653] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1248.520149][T23653] vfs_write+0x6ac/0x1070 [ 1248.520168][T23653] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1248.520187][T23653] ? __pfx_vfs_write+0x10/0x10 [ 1248.520202][T23653] ? find_held_lock+0x2b/0x80 [ 1248.520232][T23653] ksys_write+0x12a/0x250 [ 1248.520249][T23653] ? __pfx_ksys_write+0x10/0x10 [ 1248.520272][T23653] do_syscall_64+0xc9/0xf80 [ 1248.520290][T23653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1248.520306][T23653] RIP: 0033:0x7fc76c59bf79 [ 1248.520320][T23653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1248.520334][T23653] RSP: 002b:00007fc76d4dc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1248.520349][T23653] RAX: ffffffffffffffda RBX: 00007fc76c815fa0 RCX: 00007fc76c59bf79 [ 1248.520360][T23653] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1248.520369][T23653] RBP: 00007fc76c6327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1248.520379][T23653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1248.520388][T23653] R13: 00007fc76c816038 R14: 00007fc76c815fa0 R15: 00007ffeb3e2cde8 [ 1248.520409][T23653] [ 1250.426543][T23677] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3492'. [ 1251.037111][T18455] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1251.277902][T17942] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1252.718043][T22983] Bluetooth: hci10: Opcode 0x0c03 failed: -110 [ 1252.817540][T23705] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1254.701738][T23729] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3503'. [ 1255.944773][T23749] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3507'. [ 1255.997013][T22983] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1258.096772][ T1087] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 920 with max blocks 5 with error 117 [ 1258.148095][ T1087] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1258.148095][ T1087] [ 1258.724554][T22983] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1258.877366][T17942] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1260.451428][T23793] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3514'. [ 1260.478996][T18455] Bluetooth: hci10: Opcode 0x0c03 failed: -110 [ 1260.681909][T23786] Process accounting resumed [ 1260.894795][T23804] netlink: 342 bytes leftover after parsing attributes in process `syz.6.3516'. [ 1263.482126][T23845] netlink: 330 bytes leftover after parsing attributes in process `syz.4.3524'. [ 1264.077032][T18455] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1266.880587][T18455] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1268.102846][T23944] EXT4-fs error: 9 callbacks suppressed [ 1268.102864][T23944] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.3536: iget: checksum invalid [ 1268.166468][T23944] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1268.248245][T23944] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.3536: iget: checksum invalid [ 1268.297839][T23944] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1268.395281][T23944] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.3536: iget: checksum invalid [ 1268.419592][T23944] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1268.437083][T23944] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.1.3536: iget: checksum invalid [ 1268.589963][T23944] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1268.633011][T23944] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1268.644029][T23944] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1268.735327][T23956] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1268.827786][T23957] serio: Serial port pty6 [ 1274.909637][T24073] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 1276.731001][T18455] Bluetooth: hci6: command 0x0406 tx timeout [ 1276.910084][T24110] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3571'. [ 1278.041543][ T29] audit: type=1326 audit(4294967465.899:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24120 comm="syz.1.3574" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f82c079bf79 code=0x0 [ 1278.237269][T17942] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1279.267963][T24147] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 1279.319447][ T29] audit: type=1804 audit(4294967467.159:33): pid=24140 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3576" name="/newroot/207/file0" dev="tmpfs" ino=1079 res=1 errno=0 [ 1279.412058][ T29] audit: type=1804 audit(4294967467.169:34): pid=24142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3576" name="/newroot/207/file0" dev="tmpfs" ino=1079 res=1 errno=0 [ 1281.050733][T17942] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1281.714933][ T29] audit: type=1326 audit(4294967469.569:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24175 comm="syz.4.3585" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcc0ed9bf79 code=0x0 [ 1283.168531][T24203] ovs_: entered promiscuous mode [ 1283.474185][T24214] FAULT_INJECTION: forcing a failure. [ 1283.474185][T24214] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1283.597110][T24214] CPU: 0 UID: 0 PID: 24214 Comm: syz.6.3593 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1283.597157][T24214] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1283.597167][T24214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1283.597183][T24214] Call Trace: [ 1283.597192][T24214] [ 1283.597203][T24214] dump_stack_lvl+0x100/0x190 [ 1283.597246][T24214] should_fail_ex.cold+0x5/0xa [ 1283.597289][T24214] get_futex_key+0x1d2/0x1620 [ 1283.597331][T24214] ? __pfx_get_futex_key+0x10/0x10 [ 1283.597379][T24214] futex_wait_setup+0x81/0x500 [ 1283.597416][T24214] __futex_wait+0x19f/0x300 [ 1283.597445][T24214] ? __pfx___futex_wait+0x10/0x10 [ 1283.597472][T24214] ? bsearch+0x9e/0xd0 [ 1283.597506][T24214] ? __pfx_cmp_ex_search+0x10/0x10 [ 1283.597541][T24214] ? __pfx_futex_wake_mark+0x10/0x10 [ 1283.597571][T24214] ? futex_hash+0x2c5/0x380 [ 1283.597613][T24214] futex_wait+0xed/0x380 [ 1283.597650][T24214] ? __pfx_futex_wait+0x10/0x10 [ 1283.597689][T24214] ? rcu_is_watching+0x12/0xc0 [ 1283.597716][T24214] ? irqentry_exit+0x180/0x670 [ 1283.597745][T24214] do_futex+0x1ef/0x350 [ 1283.597781][T24214] ? __pfx_do_futex+0x10/0x10 [ 1283.597828][T24214] __x64_sys_futex+0x34f/0x4d0 [ 1283.597874][T24214] ? __pfx___x64_sys_futex+0x10/0x10 [ 1283.597912][T24214] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 1283.597957][T24214] do_syscall_64+0xc9/0xf80 [ 1283.597989][T24214] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1283.598018][T24214] RIP: 0033:0x7fdf8759bf79 [ 1283.598040][T24214] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1283.598067][T24214] RSP: 002b:00007fdf883750e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1283.598095][T24214] RAX: ffffffffffffffda RBX: 00007fdf87815fa8 RCX: 00007fdf8759bf79 [ 1283.598113][T24214] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fdf87815fa8 [ 1283.598131][T24214] RBP: 00007fdf87815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1283.598147][T24214] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1283.598163][T24214] R13: 00007fdf87816038 R14: 00007ffd56262410 R15: 00007ffd562624f8 [ 1283.598197][T24214] [ 1284.336965][T24228] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 1286.394794][T24252] Invalid ELF header magic: != ELF [ 1287.277105][T17942] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1289.197273][T22983] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1290.717264][T17942] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1290.912707][T24313] Process accounting paused [ 1292.631931][T24345] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1296.283484][T24405] Invalid ELF header magic: != ELF [ 1296.567037][T17942] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1297.757695][T22983] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1300.244695][T22983] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1301.448448][T17942] Bluetooth: hci9: Opcode 0x0c03 failed: -110 [ 1303.520075][T22983] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1305.362028][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1305.368583][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1308.477277][T22983] Bluetooth: hci8: Opcode 0x0c03 failed: -110 [ 1309.837425][ T30] INFO: task syz.0.3094:21528 blocked for more than 143 seconds. [ 1309.875294][ T30] Tainted: G U L syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1309.899300][ T30] Blocked by coredump. [ 1309.905249][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1309.914415][ T30] task:syz.0.3094 state:D stack:19624 pid:21528 tgid:21528 ppid:5821 task_flags:0x40064c flags:0x00080003 [ 1309.938581][ T30] Call Trace: [ 1309.951537][ T30] [ 1309.959813][ T30] ? __schedule+0xf67/0x5fa0 [ 1310.036950][ T30] __schedule+0xfe6/0x5fa0 [ 1310.053132][ T30] ? __lock_acquire+0x4a5/0x2630 [ 1310.077840][ T30] ? __pfx___schedule+0x10/0x10 [ 1310.159773][ T30] ? find_held_lock+0x2b/0x80 [ 1310.197754][ T30] ? schedule+0x2bf/0x390 [ 1310.217219][ T30] schedule+0xdd/0x390 [ 1310.236951][ T30] schedule_preempt_disabled+0x13/0x30 [ 1310.242472][ T30] __mutex_lock+0xc9a/0x1b90 [ 1310.297039][ T30] ? nfsd_shutdown_threads+0x5b/0xf0 [ 1310.302415][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 1310.327891][ T30] ? net_generic+0xea/0x2a0 [ 1310.332465][ T30] ? net_generic+0xea/0x2a0 [ 1310.357020][ T30] ? nfsd_shutdown_threads+0x5b/0xf0 [ 1310.362339][ T30] nfsd_shutdown_threads+0x5b/0xf0 [ 1310.416951][ T30] nfsd_umount+0x3b/0x60 [ 1310.421253][ T30] deactivate_locked_super+0xc1/0x1b0 [ 1310.426655][ T30] deactivate_super+0xe7/0x110 [ 1310.466964][ T30] cleanup_mnt+0x21f/0x450 [ 1310.492727][ T30] task_work_run+0x150/0x240 [ 1310.516931][ T30] ? __pfx_task_work_run+0x10/0x10 [ 1310.522073][ T30] do_exit+0x829/0x2a30 [ 1310.526223][ T30] ? __pfx_do_exit+0x10/0x10 [ 1310.595425][ T30] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1310.606932][ T30] do_group_exit+0xd5/0x2a0 [ 1310.611493][ T30] get_signal+0x1ec7/0x21e0 [ 1310.616045][ T30] ? __pfx_get_signal+0x10/0x10 [ 1310.646961][ T30] arch_do_signal_or_restart+0x91/0x770 [ 1310.652590][ T30] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1310.676974][ T30] ? do_user_addr_fault+0x8d6/0x12f0 [ 1310.682348][ T30] irqentry_exit+0x1f8/0x670 [ 1310.688302][ T30] asm_exc_page_fault+0x26/0x30 [ 1310.693196][ T30] RIP: 0033:0x15 [ 1310.697209][ T30] RSP: 002b:000000000000000a EFLAGS: 00010212 [ 1310.703297][ T30] RAX: 000000000000000b RBX: 00007f0fd5016450 RCX: 00007f0fd4d9bf79 [ 1310.734898][ T30] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1310.743495][ T30] RBP: 00007f0fd4e327e0 R08: 0000000000000002 R09: 0000000000000000 [ 1310.760357][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1310.776946][ T30] R13: 00007f0fd50164e8 R14: 00007f0fd5016450 R15: 00007ffd37d33518 [ 1310.785440][ T30] [ 1310.797038][ T30] [ 1310.797038][ T30] Showing all locks held in the system: [ 1310.805171][ T30] 1 lock held by khungtaskd/30: [ 1310.814020][ T30] #0: ffffffff8e5e2de0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 1310.824111][ T30] 4 locks held by kworker/u8:9/3018: [ 1310.829543][ T30] #0: ffff88801c2e7148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x11ae/0x1840 [ 1310.839952][ T30] #1: ffffc9000b957d08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x927/0x1840 [ 1310.850048][ T30] #2: ffffffff903e97f0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xab/0x830 [ 1310.859516][ T30] #3: ffffffff90402128 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x7ec/0xab0 [ 1310.868664][ T30] 2 locks held by syz.3.2809/19930: [ 1310.873851][ T30] #0: ffffffff904aef90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1310.883149][ T30] #1: ffffffff8ea47b68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 1310.893297][ T30] 1 lock held by syz.2.2865/20304: [ 1310.898443][ T30] #0: ffff8880580c9348 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 1310.909472][ T30] 2 locks held by syz.0.3094/21528: [ 1310.914663][ T30] #0: ffff888029cda0e0 (&type->s_umount_key#53){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 1310.925019][ T30] #1: ffffffff8ea47b68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 1310.934861][ T30] 2 locks held by syz.5.3306/22752: [ 1310.940123][ T30] #0: ffffffff904aef90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1310.948377][ T30] #1: ffffffff8ea47b68 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 1310.958451][ T30] 3 locks held by kworker/u9:1/22983: [ 1310.963869][ T30] #0: ffff888069450148 ((wq_completion)hci8){+.+.}-{0:0}, at: process_one_work+0x11ae/0x1840 [ 1310.980570][ T30] #1: ffffc9000b5afd08 ((work_completion)(&hdev->power_on)){+.+.}-{0:0}, at: process_one_work+0x927/0x1840 [ 1310.992971][ T30] #2: ffff88807a708ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_open+0x22/0xb0 [ 1311.002572][ T30] 2 locks held by getty/24249: [ 1311.007561][ T30] #0: ffff8880341ed0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1311.017353][ T30] #1: ffffc900044c62f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 1311.027600][ T30] 1 lock held by syz.2.3668/24575: [ 1311.032692][ T30] #0: ffffffff8e5ee9f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 1311.046206][ T30] 2 locks held by syz.6.3670/24581: [ 1311.051730][ T30] #0: ffffffff903e97f0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 1311.061357][ T30] #1: ffffffff8e5ee9f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 1311.071575][ T30] [ 1311.073911][ T30] ============================================= [ 1311.073911][ T30] [ 1311.082397][ T30] NMI backtrace for cpu 1 [ 1311.082421][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 1311.082463][ T30] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1311.082474][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1311.082491][ T30] Call Trace: [ 1311.082501][ T30] [ 1311.082512][ T30] dump_stack_lvl+0x100/0x190 [ 1311.082552][ T30] nmi_cpu_backtrace.cold+0x12d/0x151 [ 1311.082593][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1311.082624][ T30] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 1311.082665][ T30] sys_info+0x141/0x190 [ 1311.082697][ T30] watchdog+0xcc3/0xfe0 [ 1311.082736][ T30] ? __pfx_watchdog+0x10/0x10 [ 1311.082766][ T30] ? __kthread_parkme+0x18c/0x230 [ 1311.082806][ T30] ? kthread+0x13a/0x450 [ 1311.082827][ T30] ? __pfx_watchdog+0x10/0x10 [ 1311.082854][ T30] kthread+0x370/0x450 [ 1311.082877][ T30] ? __pfx_kthread+0x10/0x10 [ 1311.082903][ T30] ret_from_fork+0x754/0xaf0 [ 1311.082935][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1311.082968][ T30] ? __switch_to+0x7b9/0x10c0 [ 1311.083004][ T30] ? __pfx_kthread+0x10/0x10 [ 1311.083030][ T30] ret_from_fork_asm+0x1a/0x30 [ 1311.083079][ T30] [ 1311.083090][ T30] Sending NMI from CPU 1 to CPUs 0: [ 1311.214793][ C0] NMI backtrace for cpu 0 [ 1311.214816][ C0] CPU: 0 UID: 0 PID: 23074 Comm: kworker/u8:3 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1311.214855][ C0] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1311.214866][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1311.214887][ C0] Workqueue: events_unbound toggle_allocation_gate [ 1311.214925][ C0] RIP: 0010:check_preemption_disabled+0x2c/0xe0 [ 1311.214957][ C0] Code: 55 53 48 83 ec 08 65 8b 1d f5 23 6e 08 65 f7 05 e6 23 6e 08 ff ff ff 7f 74 0f 48 83 c4 08 89 d8 5b 5d 41 5c e9 45 16 03 00 9c <58> f6 c4 02 74 ea 65 4c 8b 25 ae 23 6e 08 48 89 fd 41 f6 44 24 2f [ 1311.214981][ C0] RSP: 0018:ffffc9000bd8f8a8 EFLAGS: 00000046 [ 1311.215000][ C0] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff81ab45fa [ 1311.215016][ C0] RDX: 0000000000000000 RSI: ffffffff8dd3de47 RDI: ffffffff8bfa95a0 [ 1311.215033][ C0] RBP: ffffffff81ab4436 R08: 0000000000000001 R09: 0000000000000000 [ 1311.215049][ C0] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88802eba8000 [ 1311.215065][ C0] R13: ffffffff8e7a6e80 R14: 0000000000000202 R15: 8000000000000063 [ 1311.215083][ C0] FS: 0000000000000000(0000) GS:ffff8881245c1000(0000) knlGS:0000000000000000 [ 1311.215108][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1311.215124][ C0] CR2: 00002000000c7000 CR3: 000000000e392000 CR4: 00000000003526f0 [ 1311.215142][ C0] Call Trace: [ 1311.215150][ C0] [ 1311.215160][ C0] ? __text_poke+0x526/0xac0 [ 1311.215191][ C0] lock_release+0x9a/0x2e0 [ 1311.215225][ C0] ? __kvmalloc_node_noprof+0x118/0xac0 [ 1311.215256][ C0] ? __kvmalloc_node_noprof+0x118/0xac0 [ 1311.215287][ C0] __text_poke+0x52b/0xac0 [ 1311.215322][ C0] ? __pfx_text_poke_memcpy+0x10/0x10 [ 1311.215357][ C0] ? __pfx___text_poke+0x10/0x10 [ 1311.215388][ C0] ? __kvmalloc_node_noprof+0x118/0xac0 [ 1311.215422][ C0] smp_text_poke_batch_finish+0x57d/0xc60 [ 1311.215461][ C0] ? __pfx_smp_text_poke_batch_finish+0x10/0x10 [ 1311.215507][ C0] ? arch_jump_label_transform_queue+0xc0/0x120 [ 1311.215553][ C0] arch_jump_label_transform_apply+0x1c/0x30 [ 1311.215592][ C0] jump_label_update+0x37a/0x550 [ 1311.215618][ C0] static_key_enable_cpuslocked+0x1bc/0x270 [ 1311.215645][ C0] static_key_enable+0x1a/0x20 [ 1311.215669][ C0] toggle_allocation_gate+0xfe/0x2d0 [ 1311.215702][ C0] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 1311.215738][ C0] ? process_one_work+0x80b/0x1840 [ 1311.215763][ C0] ? rcu_is_watching+0x12/0xc0 [ 1311.215791][ C0] process_one_work+0x9c2/0x1840 [ 1311.215822][ C0] ? __pfx_process_one_work+0x10/0x10 [ 1311.215870][ C0] ? assign_work+0x19c/0x250 [ 1311.215909][ C0] worker_thread+0x5da/0xe40 [ 1311.215937][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1311.215963][ C0] ? kthread+0x13a/0x450 [ 1311.215982][ C0] ? __pfx_worker_thread+0x10/0x10 [ 1311.216005][ C0] kthread+0x370/0x450 [ 1311.216026][ C0] ? __pfx_kthread+0x10/0x10 [ 1311.216048][ C0] ret_from_fork+0x754/0xaf0 [ 1311.216076][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 1311.216104][ C0] ? __switch_to+0x7b9/0x10c0 [ 1311.216137][ C0] ? __pfx_kthread+0x10/0x10 [ 1311.216159][ C0] ret_from_fork_asm+0x1a/0x30 [ 1311.216191][ C0] [ 1311.218180][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 1311.218205][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 1311.218247][ T30] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1311.218258][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1311.218274][ T30] Call Trace: [ 1311.218285][ T30] [ 1311.218295][ T30] dump_stack_lvl+0x100/0x190 [ 1311.218335][ T30] vpanic+0x20d/0x630 [ 1311.218362][ T30] panic+0xd1/0xd1 [ 1311.218387][ T30] ? __pfx_panic+0x10/0x10 [ 1311.218416][ T30] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 1311.218455][ T30] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 1311.218493][ T30] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 1311.218529][ T30] ? watchdog.cold+0x198/0x1ca [ 1311.218558][ T30] ? watchdog+0xcd3/0xfe0 [ 1311.218589][ T30] watchdog.cold+0x1a9/0x1ca [ 1311.218628][ T30] ? __pfx_watchdog+0x10/0x10 [ 1311.218658][ T30] ? __kthread_parkme+0x18c/0x230 [ 1311.218698][ T30] ? kthread+0x13a/0x450 [ 1311.218720][ T30] ? __pfx_watchdog+0x10/0x10 [ 1311.218747][ T30] kthread+0x370/0x450 [ 1311.218769][ T30] ? __pfx_kthread+0x10/0x10 [ 1311.218795][ T30] ret_from_fork+0x754/0xaf0 [ 1311.218826][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 1311.218859][ T30] ? __switch_to+0x7b9/0x10c0 [ 1311.218896][ T30] ? __pfx_kthread+0x10/0x10 [ 1311.218922][ T30] ret_from_fork_asm+0x1a/0x30 [ 1311.218963][ T30] [ 1311.665247][ T30] Kernel Offset: disabled [ 1311.669564][ T30] Rebooting in 86400 seconds..