last executing test programs: 30.539451646s ago: executing program 0 (id=1761): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @local}, 0x54) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r0, 0x0, 0x400000000006) close_range$auto(0x2, 0x8, 0x0) 29.945136982s ago: executing program 0 (id=1764): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = io_uring_setup$auto(0x2, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) getsockopt$auto(0xffffffffffffffff, 0x29, 0xd0, 0x0, 0x0) io_uring_setup$auto(0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), r0) sendmsg$auto_NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r3, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0xfc}]}, 0x1c}}, 0x20000000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) 28.86353372s ago: executing program 0 (id=1766): r0 = socket(0x29, 0x2, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x80002, 0x73) (async) socket(0x2, 0x1, 0x84) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r2) (async) ioctl$auto_KVM_CREATE_VM(r1, 0x4008ae93, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) (async) recvmmsg$auto(r3, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) (async, rerun: 32) ioctl$auto(r0, 0x8919, 0x24) (rerun: 32) 27.248959677s ago: executing program 0 (id=1771): mmap$auto(0x0, 0x402000d, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x5000000000001000, 0x8001, 0x4) process_vm_readv$auto(0xffffffffffffffff, 0x0, 0x9, 0x0, 0x6, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) mmap$auto(0xffffffffffffffff, 0x2000000000000791, 0x3, 0xeb3, 0xffffffffffffffff, 0x57) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/binderfs/binder0\x00', 0x0, 0x0) madvise$auto(0x5, 0x5, 0x1) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0xe31, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x6903, 0x0) r2 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid\x00') r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x90c01, 0x0) read$auto(r4, 0x0, 0xb4d3) ioctl$auto(0x3, 0xc0383e04, r3) mmap$auto(0x0, 0x2000a, 0x4000000000df, 0x400000000eb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r5) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r7, @ANYBLOB="08007d802700"], 0x24}, 0x1, 0x0, 0x0, 0x8041}, 0x20000000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, 0x0, 0x20000000) mmap$auto(0x0, 0x20009, 0xdf, 0x91, 0x401, 0x8000) 24.399205712s ago: executing program 0 (id=1787): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/sockstat\x00', 0xc0000, 0x0) semctl$auto_SEM_INFO(0x5, 0xf9, 0x13, 0x8) ioctl$auto(r0, 0x2, 0x9) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) ioctl$auto(r1, 0x12b2, r1) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0xc00, 0x0) ioctl$auto_TUNGETVNETLE(r2, 0x800454dd, &(0x7f00000000c0)=0x3) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}}, 0xf7374674b920089e) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x2) writev$auto(r3, &(0x7f0000000200)={0x0, 0x5}, 0x3) sysfs$auto(0x2, 0x1, 0x4) fsopen$auto(0x0, 0x1) 22.627545448s ago: executing program 0 (id=1795): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) timer_create$auto_CLOCK_TAI(0xb, 0x0, &(0x7f0000000040)=0x1) r0 = openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000680), 0x103000, 0x0) read$auto_proc_timers_operations_base(r0, &(0x7f00000006c0)=""/1, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'bridge0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="95ca855bf8fb9cbe912f535ff9f60e1a7324fee30800002000000000b40000000001000000000000009bf5d4241f2a029e4cf68e554a574b2e8b5ad9e43714f011dafab15961d5f71027d24008ae7cb7dde06cf3415e00c556ca173d91001787eca93f6bdcac9c6513a9805a447f60a3f5538a8900c228895076f480893846ef84c79eac95aaa876e686755ba0645a9db64f5cd1fa575269cbffcf700172eb565f53a6ed455f874f2ca098bd2283a31dc0e1db255b436e7519cbe2e1bcba64c3c29a1b4185a18992ffadc5576f7ff74e8aefd9b42a42f4b8c3546507d0a0bbed8cf1be7097790ac5da040470cc02af3ed2ddaad188428f82257aef576e541515050f2778d80217c0c5753f5fafa7dea6b81cf661e1d7acddd9bc20c3308e8d266d18548f19e793a03125147961c20b1d0af7b82cc9009b4d2b7271a2b8e67586fd", @ANYRESDEC=r1, @ANYBLOB="02002abd7000fcdbdf259b0000000400930008000300", @ANYRES32=r2, @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x10) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x51c, 0x8000) r3 = socket(0xa, 0x2, 0x73) ioctl$auto(r3, 0x8918, 0x38) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/geneve0/disable_policy\x00', 0x40180, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) r5 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x12}}, 0x54) getsockopt$auto(r5, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x4bb) write$auto(r4, 0x0, 0x5) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) pipe2$auto(0x0, 0x80) 8.135461412s ago: executing program 1 (id=1839): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x559001, 0x0) writev$auto(r1, &(0x7f00000001c0)={0x0, 0x7}, 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="10002fbd7000fedbdf2592000000f95f3db93d6754200a97d0c76bdddbbf787f2142fefb825451ec05003e000500000096307d221d98d2c6492c076695352bd4379145fda2515b256800"/86], 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x48000) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x48002, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000340), 0xffffffffffffffff) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/loop6/trace/pid\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT64(0xffffffffffffffff, 0xc0984124, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r5, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/dummy0/statistics/tx_aborted_errors\x00', 0x145401, 0x0) read$auto(r6, 0x0, 0xe8) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r5, 0x7cb, 0x0) sendmsg$auto_NL80211_CMD_GET_COALESCE(0xffffffffffffffff, 0x0, 0x44860) openat$auto_clk_dump_fops_(0xffffffffffffff9c, 0x0, 0x80, 0x0) syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff) bpf$auto(0x0, &(0x7f0000000100)=@batch={0x7, 0x444, 0x3, 0x10001, 0x10000000, 0xffffffffffffffff, 0x400, 0x1ff}, 0x96) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000040)='1', 0x1) move_pages$auto(0x0, 0x800, 0x0, &(0x7f0000000280)=0x101, &(0x7f00000002c0)=0xf5, 0x96) 7.274502218s ago: executing program 32 (id=1795): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) timer_create$auto_CLOCK_TAI(0xb, 0x0, &(0x7f0000000040)=0x1) r0 = openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000680), 0x103000, 0x0) read$auto_proc_timers_operations_base(r0, &(0x7f00000006c0)=""/1, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'bridge0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="95ca855bf8fb9cbe912f535ff9f60e1a7324fee30800002000000000b40000000001000000000000009bf5d4241f2a029e4cf68e554a574b2e8b5ad9e43714f011dafab15961d5f71027d24008ae7cb7dde06cf3415e00c556ca173d91001787eca93f6bdcac9c6513a9805a447f60a3f5538a8900c228895076f480893846ef84c79eac95aaa876e686755ba0645a9db64f5cd1fa575269cbffcf700172eb565f53a6ed455f874f2ca098bd2283a31dc0e1db255b436e7519cbe2e1bcba64c3c29a1b4185a18992ffadc5576f7ff74e8aefd9b42a42f4b8c3546507d0a0bbed8cf1be7097790ac5da040470cc02af3ed2ddaad188428f82257aef576e541515050f2778d80217c0c5753f5fafa7dea6b81cf661e1d7acddd9bc20c3308e8d266d18548f19e793a03125147961c20b1d0af7b82cc9009b4d2b7271a2b8e67586fd", @ANYRESDEC=r1, @ANYBLOB="02002abd7000fcdbdf259b0000000400930008000300", @ANYRES32=r2, @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x40}, 0x10) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x51c, 0x8000) r3 = socket(0xa, 0x2, 0x73) ioctl$auto(r3, 0x8918, 0x38) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/geneve0/disable_policy\x00', 0x40180, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) r5 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x12}}, 0x54) getsockopt$auto(r5, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x4bb) write$auto(r4, 0x0, 0x5) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) pipe2$auto(0x0, 0x80) 7.261812039s ago: executing program 1 (id=1843): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vbi0\x00', 0x8280, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000000)=""/141, 0x8d) (fail_nth: 2) 5.871576922s ago: executing program 1 (id=1844): mmap$auto(0x0, 0xfe2, 0x7, 0xeb1, 0x404, 0x10008000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) r2 = socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_fd=r2, 0xd}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0x4) r3 = open(0x0, 0x261c2, 0x84) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="0600", @ANYRES16=0x0, @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040804) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='B'], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x4000, &(0x7f0000000100)={&(0x7f0000000080), 0x96bc}, 0x2, &(0x7f0000000380), 0x7, 0x4}, 0x9}, 0x7, 0x4008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) write$auto(r7, &(0x7f0000000080)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x8) socket(0xa, 0x2, 0x3a) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) 5.221775198s ago: executing program 1 (id=1848): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = io_uring_setup$auto(0xc, 0x0) mmap$auto(0x0, 0x400408, 0x10001, 0x411, r0, 0x8000) mprotect$auto(0x8000, 0x8, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x60002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) prctl$auto(0x3, 0x1, 0xffffffffffffffff, 0xff, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x1) acct$auto(&(0x7f0000000000)='/dev/bus/usb/036/001\x00') r1 = memfd_secret$auto(0x16a7c769) socket(0xa, 0x801, 0x84) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_CLAIMINTERFACE(r2, 0x8004550f, 0x0) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x22, 0xffffffffffffffff, 0x3) mmap$auto(0xce90, 0x9, 0xe, 0x111, 0xffffffffffffffff, 0xd71f) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x4, 0x6, 0x2}, 0x8000, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) madvise$auto(0x0, 0x200007, 0x19) write$auto(0x3, 0x0, 0xfffffdef) getsockopt$auto_SO_SNDTIMEO_OLD(r1, 0x8001, 0x15, &(0x7f0000000080)='&^-\xac{#\x00', &(0x7f00000000c0)=0x34) 4.921237511s ago: executing program 2 (id=1849): r0 = openat$auto_proc_mountstats_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x101600, 0x0) mmap$auto(0x6, 0x2020009, 0x3, 0x9000000ebf, r0, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r1, 0x3) r2 = socket(0x10, 0x80000, 0x4) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYBLOB="01002dbd7000f9dbdf25010000000600020001"], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/est_nice\x00', 0x143881, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.0/usb1/power/autosuspend_delay_ms\x00', 0x20461, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000000)='-', 0x1) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r5, 0x0, 0x1ff) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mmap$auto(0x0, 0xa, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r6, &(0x7f0000000080)=""/87, 0x57) r7 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdb, 0x9b72, 0x2, 0x8000) socket(0x2, 0x3, 0xa) futex_waitv$auto(&(0x7f0000000000)={0x0, 0x7e4, 0x2}, 0x1, 0x0, 0x0, 0x623d) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000240)=ANY=[@ANYBLOB="b1000000", @ANYRES64=r7, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x40410d4) 4.49873237s ago: executing program 1 (id=1851): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/scsi/sg/allow_dio\x00', 0x101181, 0x0) setresuid$auto(0x2, 0x7, 0x8080) write$auto(0x3, 0x0, 0xfdef) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) clone$auto(0x2, 0x7, 0x0, 0x0, 0xfff) r1 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r1, &(0x7f0000001680)="a7", 0xfffffc96) 3.832696707s ago: executing program 3 (id=1852): r0 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0) getsockopt$auto_SO_DEBUG(r0, 0x1, 0x1, &(0x7f0000000080)='.\x8a\x00', &(0x7f00000000c0)=0x80d) r1 = epoll_create$auto(0x60d8) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x140, 0x0) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(r2, 0x80044dfe, &(0x7f0000000140)="54a94d7706656f67ff519fc31384a73a38ebda46f5d3315ae0e5eada61d5c0") mmap$auto(0x401, 0x67, 0x0, 0x10, r2, 0x5e9affef) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000001c0), r1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'macsec0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'xfrm0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'macsec0\x00', 0x0}) shmctl$auto_IPC_RMID(0xfffff26b, 0x0, &(0x7f00000003c0)={{0xfff, 0xee01, 0xee01, 0x2, 0x42, 0x8000, 0x4}, 0xfffffffe, 0x100000001, 0x1ff, 0x7f, @raw=0xd18, @raw=0x8, 0x8000, 0x0, &(0x7f00000002c0)="65e2f60fc1cf8ae84d09525cecc36c03cbfea8ab93c78c75783213105547c51d844d924bed0f786ef96cd3568b468a571066cfc96594898fff8578fe7c185c8e81212f50655f5a0ec7a6178bc29942d539dc0a01c6cc4dd9d0e777cf14adcf878dffcf18242fdf16b8509de60f1231df9042f0d6392fcba2dc61de6abb892bdef8859b10e87d6215e33044a70084da9a3b60d979b79a85a45d0c01d0519dbb068fb120ce5255341b8a6eef9e4482282aeb3efb30e26676488585cb9a76", &(0x7f0000000380)="cfc2bbb11ffd702290a5a644b4e22bd9db2b84561ef3f3ff8afca857aff74aaa1916c4db0a1ed8d46c90f7e1a607532434601ab34e85c06bceb754f35b"}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000440)={'netdevsim0\x00', 0x0}) sendmsg$auto_MACSEC_CMD_ADD_RXSC(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000a00)={&(0x7f0000000480)={0x560, r3, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@MACSEC_ATTR_IFINDEX={0x8, 0x1, r4}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r5}, @MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_SA_CONFIG={0x1e7, 0x3, 0x0, 0x1, [@generic="1c0652c117a5bea6f6b43d55a28a8495184de019ca9301478526c171964e120f148e3e08d0ef5c19ab91ab11f5eb5bbef26997219063dfac447a2421d77df5b5d56592525c5b5065a48805edb8204dfe7e832f553377dc6d8eb3baf2b9d32f1b1ffe3401ca7bc92dd1ef8b1f254c7bc03285572676faeb81f90f7d594261ad8061761e6b2b25f5a0b37bb1c24b1ade8a911bb52703dfce39860c74ed9718ef869916bdf953537916f73aa7d3e26c6c6f58981e71958277d60307b1bc56d61e62731a2f86b93e4cb292fbd3f94bb72885f6d2020bc71d19615a74898825f8d5c72097a9fb0683bcacf3f2b45cabc373a868b7", @typed={0x14, 0x4a, 0x0, 0x0, @ipv6=@mcast1}, @generic="46cdfd63cdf1337f36c28320f4d3cca2005e229f0a79665a768df7953bea598aa5d057c3c85941494b9c130692da698b4933ea80256bd2dbfb0b426e8299d0778f894f82c15efd8f5dd3ae6cb2d69819980f337e13c6c2ebd2133c02ba0e3a0ddcb4578cd2179b25c908c35cdb432d3bdfe7be1a7ba0f0b19ff7e03f48b51c70269540f847a396d6baa276380cca1a00aa57f95288220574a82f37e4517dbc30bbea3661a278e76013d79fdfb83f381fdd32a838cdf1bfc6288cb9e376bd078670e7223aea88afebf541b16458464c8a669f29271368bb8b60331ebdea"]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r6}, @MACSEC_ATTR_RXSC_CONFIG={0x1ff, 0x2, 0x0, 0x1, [@nested={0x4, 0x67}, @generic="c2c99581e34c71329d77cd1b546a83ea3efcaa0d92b61c825f0fb7ecbd9873283c7990ce52ae8efd62b18be934b077428550cfe63b5e6004a038ab03d7cccf3d42c513d0ea1c2fec3ca24d291ea807bc6e0040e721c5ca720498afbf57b62a32511b657656a954509a2705a1defbdcb393883274db17d7ea1a4bfe2a3c0169ab27b1e59dfbb6d3a8dfd7add4064285726cc56d53b0584b9d9f1c775bfabc9ddb8e0fbe95f52eb66780d2efa89757c5155c6ba13443f2bedeed40039ba66079285811e512a34deb68cee37d805b691b4967e1f24da3c212db77b278b05c3fdda2c42b07a63e", @nested={0xfb, 0x134, 0x0, 0x1, [@generic="99f99b019d68476a5c072f78e1af36373035ec2701952f616f03c4704b35245e967f206b9f46bf8c6223310b6806fd7ebd3848613518acef856bd7d4061ff3e7b1c59e88a419ce26a75eb70ea5e0a46af7e2fc925ae3c617a3b1bd58068a4cc71eac28493686cac5161ae81b268275f9efee37036a41ba9e3fa7990de2f6c0a398ac91f36debe43ea925cdd6f8a2c436f4ddd4ce87e1aab253", @typed={0x4, 0xe9}, @generic="6636248803e36ffb2241021c0a2235b9b4868f79d0639e7ae2d2d1f8e8c4a28dafa3ff2429dcb08234a9f79fce010b2820ea5ac1dc19180ab0ddf3e395a1853f0a13c153b0bfdf3e9b95c3dbcfdcf5775ccfa9afc800", @nested={0x4, 0x128}]}, @generic="80fa0d72a07c2186a27ce461201a7c28f7f75d79e0e5"]}, @MACSEC_ATTR_SA_CONFIG={0x13a, 0x3, 0x0, 0x1, [@typed={0x8, 0x46, 0x0, 0x0, @ipv4=@empty}, @typed={0x4, 0x59}, @generic="eb9245ffea9a728036f8b8dc01ccc5504ea2690674b277226a2334594791851c795c6f0f90b42e0c96a8b967", @typed={0x8, 0x135, 0x0, 0x0, @uid=r7}, @generic="5e256064f2a8b97e27306313cb9a3ab07df16c82de8de23b661a1399eb0678f08815cc3305ccde683799592a3518a78e9467f832ae27aef362cf5caa28d2f239a0c14d592c1daf297822a6f50d10b5cb26f033606636e791724c9eb25be0e9b9fee45b6ed219dbfa3922c56cafc6299593f3f40bd48d141f4795d812d9186479cff9485c6172438631b2ed9facd905f73c8c0a040591c89264c17cadd19199daba5ec387ee9bd1b89456714ac88904133dd2f15c0d09143e252d5ee8627484b97b23e5979c0b09b2b72dbc99276a353ce817b54c245d6bf792564c314d8ea3a6c141284c461b82c5d00c675a3bce44d072b3d83f1250"]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r8}]}, 0x560}, 0x1, 0x0, 0x0, 0x24000001}, 0x40000080) setfsuid$auto(r7) r9 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000a80)='/dev/mtd0\x00', 0x220000, 0x0) ioctl$auto_MEMGETREGIONINFO(r9, 0xc0104d08, &(0x7f0000000ac0)={0x7, 0x3, 0x1}) unshare$auto(0x5) execveat$auto(r2, &(0x7f0000000b00)='./file0\x00', &(0x7f0000000b80)=&(0x7f0000000b40)='macsec\x00', &(0x7f0000000c00)=&(0x7f0000000bc0)='+!\x00', 0x5) close_range$auto(r0, r2, 0xde1e) bind$auto(r1, &(0x7f0000000c40)=@vsock={0x28, 0x0, 0x0, @local}, 0x2) r10 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), r1) sendmsg$auto_NL80211_CMD_NEW_KEY(r1, &(0x7f0000000e80)={&(0x7f0000000c80)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000d00)={0x130, r10, 0x8, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x6}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, 0xfd0}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r5}, @NL80211_ATTR_REKEY_DATA={0x104, 0x7a, 0x0, 0x1, [@nested={0x8, 0xde, 0x0, 0x1, [@nested={0x4, 0xa5}]}, @generic="bc361f69f2077c9f4efa6c6b9d3070f0d81fe67d3dd06462b41535e64783f52f93f859e430d66cd7d23aaef26b9a88132d29994a7056cdc5c04187fbbb2e78c04d3a212150162afd79fe53736e2d68c6fe95a185b7f97859a990abf05e90cfa4a8f74a10aa19f9769dc56d6484aaab1efb988beddc7bd51b8ab335c33a07384801147988f02cbdaff50b116365a93e1c8cd69a2f4790fc4d4fb33c1b9ff3b15f32d0679a7ffcf57eb633d04bc393aed5bf015dec112b788695287dee9026493856de1e34543a0750fab7851b265bdf067498a542d22f6a7f5cf8e706d473c402780688227a20e3b5677a0bb2a988b88f", @generic, @nested={0x8, 0xcf, 0x0, 0x1, [@typed={0x4, 0x115}]}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x8450}, 0x4044040) ioctl$auto_USB_RAW_IOCTL_EPS_INFO(r1, 0x83c0550b, &(0x7f0000000ec0)={[{"5ebe7e2531b9580a83da03565ddf7eea", 0x7, {0x0, 0x1, 0x1, 0x1, 0x0, 0x1}, {0xfffe, 0x8e, 0xe5}}, {"fe02844249dab85f0d990d949c2725c2", 0x8, {0x0, 0x1, 0x1}, {0x7918, 0x1c, 0x1}}, {"d700d57def01deb948362b064c3c04d8", 0x9, {0x0, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x40, 0x7, 0x1000000}}, {"7285f69ecce816f3cfce6ce698220385", 0x8, {0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x4, 0x2, 0x67}}, {"919c56897a73b3223ddb1d4e4ef165fa", 0x1, {0x0, 0x1, 0x1, 0x1, 0x1, 0x1}, {0x8, 0x9, 0x4}}, {"0721250c2eae1953209d1c553b68c956", 0x0, {0x1, 0x1, 0x0, 0x1}, {0x81, 0x0, 0x8}}, {"d66fad3692da0798e96821eb2fb638f8", 0x4, {0x1, 0x0, 0x1, 0x0, 0x1}, {0xd, 0x5, 0x100}}, {"a15cdbf648d4f5091243e73b9b41084d", 0xffffffff, {0x0, 0x1, 0x0, 0x0, 0x1}, {0x7, 0x1000, 0x54}}, {"e8e599836bf96f9cd572b8d54662a179", 0x2787, {0x1, 0x0, 0x0, 0x1, 0x1}, {0x7, 0xd, 0x24}}, {"4c03ca582520bf2f4c74252b95ab54ca", 0x5, {0x1, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x9, 0x9}}, {"12f27b28568e7d928ae14376580896cd", 0x8, {0x1, 0x1, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x9, 0x2}}, {"380023c6155ce04101fcbca264c256b2", 0xcb4, {0x0, 0x1, 0x1, 0x1}, {0x0, 0x8, 0xffffffff}}, {"31f70b25c8e672f20e808e64b2dc7c3e", 0x5, {0x1, 0x1}, {0x3, 0xf, 0x4}}, {"c0fd42b4346efa239c25686a8913590b", 0x9, {0x0, 0x1, 0x0, 0x0, 0x1}, {0x9000, 0x7, 0x4}}, {"6d9441020cf67ff19c687a5d1c199d31", 0x6, {0x1, 0x1, 0x1, 0x0, 0x1, 0x1}, {0x8, 0xfff9, 0x7}}, {"02c00c964352dd749222dc3b4ce4a63d", 0x0, {0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2, 0x4}}, {"ff59584312bc06c59fa734b294f038d3", 0x85a, {0x0, 0x1, 0x0, 0x1, 0x0, 0x1}, {0x5, 0x8, 0x1}}, {"b618fb961073e9e523aa9f1d2821f1a5", 0x4, {0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0xff, 0x0, 0x40}}, {"c7fd25b1e7bfac378a3b23bd3855b282", 0xffffffff, {0x1, 0x1, 0x0, 0x1}, {0xb1b, 0x41, 0x99}}, {"c52d271c9657ee7079ac516b77459340", 0x4, {0x0, 0x1, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x7, 0x1}}, {"d0e09a593fcf5e6b87f5599bce84b8d6", 0xfffff800, {0x1, 0x1}, {0x3, 0xfff9}}, {"9fe8b3afa7e6c2ae2acc6c3fd654c994", 0x1, {0x1, 0x1, 0x1, 0x0, 0x1, 0x1}, {0xde, 0x6, 0x7}}, {"b40bb2704f906aea4d2342f98afeb624", 0x77eb, {0x0, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x6, 0xe1, 0x8001}}, {"a4adb7114fda09be062e6879e262b617", 0x8, {0x0, 0x0, 0x0, 0x1}, {0x9c, 0x8, 0x4}}, {"9dd550076e18097cb1483f517362b8bf", 0xffff, {0x1, 0x1, 0x1, 0x1}, {0xff21, 0x6, 0x4}}, {"fe3ccd5c105bfe381860bf01135fc299", 0x0, {0x1, 0x1, 0x1, 0x0, 0x1}, {0xfffa, 0x1, 0x3}}, {"53a37a49ef992570abd9f1f1f62ce464", 0x101, {0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x7, 0x168, 0x6}}, {"046e98d851a2e4ac670f9beae2048b1b", 0x1, {0x0, 0x0, 0x1, 0x0, 0x1}, {0x7, 0x9, 0x5}}, {"6e8c141be3488a9faec8a1cb914f7607", 0x3f13, {0x0, 0x1, 0x1, 0x1}, {0x7, 0x1, 0x5}}, {"ab0dbf8826ee6d4ba7c80d4659862d58", 0xffff2f22, {0x1, 0x1, 0x0, 0x1, 0x1}, {0x1, 0x7, 0x8}}]}) close_range$auto(r1, r9, 0x6) r11 = openat$auto_fops_u64_ro_(0xffffffffffffff9c, &(0x7f0000001280)='/sys/kernel/debug/ramdisk_pages/ram13\x00', 0x400000, 0x0) getsockopt$auto_SO_OOBINLINE(r11, 0x9, 0xa, &(0x7f00000012c0)='\'-[&^\x00', &(0x7f0000001300)=0x800) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001340)={'bridge_slave_0\x00'}) ioctl$auto_XFS_IOC_SCRUBV_METADATA(r1, 0xc0285840, &(0x7f0000001380)={0x1f2, 0x8, 0x5, 0x5b, 0x3, 0x9, 0x0, 0xfffffffffffffffe}) r12 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f00000013c0), 0x40401, 0x0) fadvise64$auto_POSIX_FADV_DONTNEED(r12, 0x0, 0xb1b, 0x4) 3.757203429s ago: executing program 2 (id=1853): mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) mount_setattr$auto(r0, &(0x7f0000000000)='./file0\x00', 0x6, &(0x7f00000000c0)={0x9, 0x0, 0x0, @inferred=r0}, 0x2) sendmsg$auto_SMC_NETLINK_GET_LINK_SMCR(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000020}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="00082cbd7000fbdbdf25030000009405bfe1207046fd442d9bac6992b009cc55208cea7fb30628b90d54df617a7e092732f0e5cd76cdd836991ac274236aed974e29b17cda95d0d48614c090e81358aab4e81570ae2ba79caf79d2f7f9d9680ef57954e80d10e766b270aa9f9970a1e2a4fad3cf43dbb2845de29a22d2122dc13f74a163a15dbb3f691a64d13672567d43fde0853c3c6b3a28e11e445c4c562ea3ddc16326006a21350dfe454f662ec0e8df351403974341c777933f13fb171cec41c570a8f25a2724195627f8767590b44dbef45ee559d0da0b9ad7386d76aaeba37d6e42d57e37ccae347d4aefaf83ee9f9465d6235cb52300"], 0x100}, 0x1, 0x0, 0x0, 0x20000004}, 0x4008000) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0x8080) r1 = socket(0x0, 0x3, 0x84) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xffffffffffffffff, 0x8000) fcntl$auto_F_GETOWN_EX(r3, 0x10, 0xb9b) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r2, 0x4068aea3, &(0x7f0000000080)={0xbe}) getsockopt$auto(r1, 0x84, 0x10, 0x0, 0x0) 3.582400363s ago: executing program 3 (id=1854): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/sockstat\x00', 0xc0000, 0x0) semctl$auto_SEM_INFO(0x5, 0xf9, 0x13, 0x8) ioctl$auto(r0, 0x2, 0x9) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) ioctl$auto(r1, 0x12b2, r1) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0xc00, 0x0) ioctl$auto_TUNGETVNETLE(r2, 0x800454dd, &(0x7f00000000c0)=0x3) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}}, 0xf7374674b920089e) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x2) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5}, 0x3) sysfs$auto(0x2, 0x1, 0x4) fsopen$auto(0x0, 0x1) 2.464350789s ago: executing program 1 (id=1855): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x60, 0x0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@HSR_A_IF2_SEQ={0x6, 0x7, 0x7ffe}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x1}, @HSR_A_IF1_AGE={0x8, 0x3, 0x400}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @remote}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8}]}, 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40080) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004c18}, 0x48880) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/uniq\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000c80)=""/74, 0x4a) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='h'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) ioctl$auto_FS_IOC_GETFLAGS(r3, 0x80086601, 0x7fffffffbfffffff) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x40000080) r4 = getsockopt$auto(r2, 0x1, 0x2, &(0x7f0000000040)='/dev/cec27\x00', 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0xa2382, 0x0) sendfile$auto(r5, r5, 0x0, 0x1) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vbi0\x00', 0x8280, 0x0) read$auto_v4l2_fops_v4l2_dev(r6, &(0x7f0000000000)=""/141, 0x8d) getsockopt$auto(r4, 0x4, 0x8, &(0x7f0000000180)=':[@@)\xe7:\x00', &(0x7f00000001c0)=0x2) 2.276630182s ago: executing program 3 (id=1856): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4bfb, 0x9) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000040)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x3, 0x0, 0x100082) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) fdatasync$auto(r1) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x2, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/wg0/ioam6_id\x00', 0x242, 0x0) sendfile$auto(r4, r3, 0x0, 0x7fffe000) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x20040894) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027b4839f3015398d3b", @ANYRES32, @ANYRES32, @ANYRES64], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r5, 0x40045010, 0x0) r6 = socket(0x18, 0xa, 0x1) connect$auto(r6, &(0x7f0000000000)=@in={0x2, 0x100}, 0x26) r7 = openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/make-it-fail\x00', 0x40002, 0x0) sendmsg$auto_NL80211_CMD_ASSOCIATE(r6, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000380)={0x1320, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_UNSOL_BCAST_PROBE_RESP={0x214, 0x127, 0x0, 0x1, [@NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0x23a}, @NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL={0x1f8, 0x2, "7170634bce7a89f533493ff2c1f211d7dcc961a7d66bd9b7cd39e324340061cc33ca76561ddb24f69835587aab3055154bc4bec8f93393077a7239dfb265a0a47637b967d4210b6c67c03c0969591a2aa110f48ffc82dd6fc5e11e36e093f7dafd8c39b20e95af9deeaefbb475ad662dee27b925d54440ee5845de5ba4f0e8bda431b080828e7f32c4f9366f64722535131613ed30f15feca62d89734657191bfa807e0e235f2fc2b83ec483638d69247dab6cdbaa896d2a5d155e710f2f5b75649ba5d98d290363b56263ef44d4a9ba0b77bf4eb094a6c903312fc5400cb023af59dc1336124bda722e0cfc098ef5ee04de08b9dff7dd3ac02fbc89afc49bdd301e72aa5aa83adfe3e7836bfeacca49374b77ce5c68e76ced5d0a87986109a72e1c2f366dec4b4aa243db7417c798608aed23d8be9e18e7aaaaf03d384719c1db98eec6f1299b2baa9cb84dfc54d960d6ddeb9c95f010d7142fa42276b1075883d1b817af9cf2e9605183c9f9953574f0eda713f246f3e44a17c541991a7b8ef0eb8c617908e68f0da776f39b12bd655a7edb3e145c750f1ceb887c8a81cc1148fac54fa401f4e6f4184c8128efd18a00574fef900e4092c4a72e2027702fe1053b5b9dfaccf8ea6dc5e6dce2a7e31f7e3ea27aea93c49e15b74dbb9278abf7ce791c8b8381b97105a2405b42aeb5b4c67bc8b2"}, @NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0xf}, @NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0x7}]}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'wlan1\x00'}, @NL80211_ATTR_CQM={0x4}, @NL80211_ATTR_STA_TX_POWER={0x6}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_EMA_RNR_ELEMS={0x10c0, 0x145, 0x0, 0x1, [@nested={0x4c, 0xe0, 0x0, 0x1, [@typed={0x1c, 0x156, 0x0, 0x0, @str='/proc/self/make-it-fail\x00'}, @nested={0x4, 0xb4}, @nested={0x4}, @typed={0x4, 0x28}, @typed={0xc, 0x128, 0x0, 0x0, @u64=0x5}, @typed={0x8, 0x6f, 0x0, 0x0, @u32=0x9}, @typed={0x8, 0xaa, 0x0, 0x0, @ipv4=@multicast2}, @nested={0x4, 0x78}]}, @generic="10db1a69ca90d655246b2f32d60c7df0bd9af858896d16875975d7ae8809b14dea5f877ecd50787452f1f76007eb6d9f5bd7a709bc675ce2300f7f72d561797bd6d446fdb063f5c831affbab3efe8b19a9729f892e618d7b00e86c6c789c7e5e43000e38c8a44b0c051a87a73479492ec72e4ad213ea7b175a7a993c2af35b1f6ebd4f05acd7c577f74f7cbe4f44b7ec8466cd841891f981016832865310132b6714d6d97e8d1eb6d4145600cbc6af95ec487608a7be26b8c5326e2b72f46e848fc3b575f12a3508791f0aedc12c3ff1c24fe03fc57b88d42f3a06af7176e570312f00f251fa6e9d396fe7c412ff5c16a161a16d7bf51f36888aea87f88cd510ac3c36e46a7aa670e0bd0b8c36d81cf36532be863a760d8979c4c3361cb8ebe2d8e26293e064e7146dd3e84d1fbf7c79bfd974ce28b2d9dee39af382f6949ae5dae606abe00c35a97dd4c07bdf1db908912238100be44d436322341c048ffde1167a3fb36c6806d9d3d7d5a43cc019c2c4e2696847df629d25f6438b86dc36a0e65b7509b5780280cc3283c33320a9a7bef5a7b9c6cf9a86ad370bc0684e32bff6cec9eca72ef05ed3eac1fe6161f50e2151340e62dec1adf8c1e847caa353af550f3c28524f42a6184fbe3703ae2dc146d2af3a3e924c0f0e675bfcfc80b1607a5052bedd50e27040a3e7b3962b478a31e0ceae1d310d03eb15ad5f365d312eedf4ae5a15cfdf48eb3d3ea0d13cafeb5fe6f0eb4abe590a853db619ca8ce85d99a43a277cb90c04076788b462dca0ea2ada549b3dd7638879159935625c862655853c149250d8fe4fc9c565fdf31c17335ed3de1050db984fe9dc89271cf3c9e4ac8b02a0e23a71af93550b288180ba7c0fd3c92182ef5f4faa855eaeed0d03224c6136b8bf53b58e1c564a76f37b92788d653171125b32904ca55925ac9c7f7c05f2581cbb97cc35a9e24abff368db319557f74e34aaf14740573a9adfbf380f308afdb2aeeac6c880691dc114d21adda0e14f13ce679d20b18be82b5ece9b7f95d85b12030a445e8b26aa41b36d36c648d46b50d6d2e4d973293bc4a956ae9f08b94c3c3be8e21842167826e5f21d7764fc55183c87a47b5969b09440c03eaf145ce2157fc7d22a8f2b7845097daaac79e300a3048e3c3f0d17fa2a484cd11a2bcca695ab749cf860daac34bf732788f7f3b80ab18761883950bef2d203c85369423d59b7c0bc555a751361430f59fba233c678ad6cb33673c972c31464589cdea3b32e09975c3338f8a51d2b67ccdd961b89e9929e3650829f4dde11d855787f39463da6bcd80750c78576deb52ea2b515fe3d6afffaef6ac5e6dabcd57f557149c460540e7dc81ce493fab3a2841b7898d1dc154b10bd0b0beff9f7b5b87653aa97c8154f34cfa475be09d4068d90274f9f2aad8ab77b694c8ff9737264048f347b994134a5cf9a718a9cb9b87800d4171c2bfde8e0a30189e01c7995482db48c4fa55be29ff339906c5fc10107115e4f9b74628ed63a868c27f9f76af8faff38c1518675cedf27c0ad2571d27eb1e8dae9d7a3ae60b1a5c0110a65ee601c36510987e9f9729fc7da22faa1be63ae44548cfcb2c145fa0b7440a04aa1a8fd36cab07f85b2731bbf272c4e63ff8e32f079e08a91911072cd6d5b01a351bd5119aaaddac191ee0016e89c40fa280cb34c5d4a96193e0bc2e4d9efa16aa899da2eb8b6e177dcaf8e4475ee685a76528e293a6a464fb35d284e7b938107b6c4d17caf51902fcbda2d145682e374892d46db841ba92348df8075fd9a6aa5548392837f6b5bc279c0615eb40b83614fa3fa5c8783af43337ce526d50b6a5bf2c7a88ad1caca16c4b1600c1e4af5ee9472e80e049f1d0df802507e21bccb2d5d819de9ba619f7ea6ec616130cedb662d3040ce6a8997236b4e41096284577c2071866b351625bf85c7a2c71ee6f7fc8266c5198c6a450e8d74cb08776f62bbe06d780b266a0cc485ecd52684b94a1ef44d21e1376db40ec1f28132b951749b3519b9ff970f8bff2e8a714d79a11a74cbdab544d2b45e61221a2851d4da6f44c37c75f589b60157d6936638f83b32b0c3a43b0ef431634d2b122257b73903ccb2133031dc6873ddace79520f398bee8d4945bec0698e32e661b5dcc613594bcca02ad8021c2c266fc503048fa747920d3f638a882bcd55abd682a27458ec759e1a5144320e7d7bec1fc98c9bacfbf0ce00d40405baedf162681bc6bfc1842aaa70ac692a6cdb56d41c8a6c53d2a90d1baeea8ec89e50e29362256aef12a414dca31c0754a03caccc83ae9b293ff3e0ff420459d8860130e9f29c82ba83a5f8c44b01a516832c528ae81ae5c74d63164c3f1cbc7a69bcc9b9bc072624e7db0b416ee4c59a288f32adca11942e0dfc2471ae70293e96eb23a5fe02f315e830709d5e811064e599e58d4c1e10274cf7b2da871c0ca828669c39dd09fda799885d359c1da06be74b616c146d24984059d025be404aa1267fa05ee1fb4037bf43c10a626ad069ae059751c66324569a22fbdc87d4e0acab8dc0071bf3409379bde21b9ae24f05e6334b10a4bada015aee83eab6fce4fae67378b1cea4a135c3bd776d1b189ef91ecddabf1539513eee08ccbd8ede64bae50f1fe4cc23da460a8d0e5554c712857e4a787e997810ab9748c90f1c48e47f8fa47fd48ad61bebefe5a31d69caa17675376d8bfff36e7759d29f3ff2dbe1ff1863fbe2afeffd0183f048ee560db8528451a7387fd22a23029e3dee557bdb7e239ab5e781eaa7cc7375be3b8a15337a90e2d380201a84d1755808a6f9a019e7193682bcd9fca5871d68a5c9a207de7348f4aefaf73f72393c3b67a217aa212737382780843798b9af9a1d21c14e49bb99d66288f5f6c2ea5966908ea5b6b80bbf9427c8f44b80620d8e7f2393e73d7c1cc0fb294d7f82c456a4ca2c5f5bc1821c1b15fc42ca364da197a9a52dca1abb82145e472b20a3eac1a24ab0a2d9e9088751b44c74f20f748829c57ce856e080d70b6ee4e7c0a3818d9c8a3db8ef5f4e42d3f64f014bfc69881ce6d360607af2fd0b808f9e1761c8e7e0b3b3e17dd06c5476a9c597c6b33ffb748d0fec5c065eca6f38186d1c43cfba911be7c8e4d646a366f5196deab13cd7277ad0fa5cc07baad06739961d03e7b06464f03fe3edb97bd1ccc62ca2c508777e1c53a8aeb6ad036bb16ac7bfc3e2fa23b4e4e66e72383012ae5b022d545a04478cd696ed4449a679d5e192285596a5d40bbba1ea8cd096cd8c608be90cbb2aca03ef0fc62b9d95951163e70472cd59b058f64fa08f65d2b90ad8333b171c5cb3ea564a0fb7a8cd8d773a696752769771cd57f5686b312b227330426b58633e92acad2b8333870e2ea38abf9958a99784065d51c9038c0e97128ad828641d4f7fa8152007f535719df49af9db5d47581bf79dd0456b516675bd4f344f5d35865f4dcecc8076ff2a3f35bf0ef8f59138c8320bee5106eb5dda54043c47625e4cb8e660beeb6a54812be58e917e86487590369729eedc50102ab4e20fb208f3cd6371decad16a62f0d95dccc98b2a2eeb16ae0f3f9a9ddf010f5e615ac4c157e333121af29eb10699e74b2e2d2c5066e83225d242625b77e45c5157cc49e4d90c640f85c0d5552dc37a4dac7b00ca820323610d8f19ad34d42851fb608c9b90360f89fafe1e23d85a81a40207a5745357b465f2006b26eee0f51dfb6202210200b4a38ea64f23f5179dbb69370555a1d9cf115263d38ee31b25e7a7d6300b562806a79a349f45105d09c05ffa5afccab219abf760e19a1140978a37553018feeef1c11557eaf0ed75b4ccd86fd82a1ee7c11ff098a588fe40ee7baab11e7d7dcafe451a52ced1ddf6bccf3bd4efd8efead6f6af400e29bd28776ae6da8de81e556c63970794d1c95b90ba4309717ae0d48117534c9b4dbee99aaef5837cbb25a368169a5b35e9684e4927bb8dae947bf90f2aeaffc8e5647d8ef0a908de59279e6313202f02ee06585b95f774d021a53d71543f79be9ed10f90306a5f401941f02f8709ac45b6b0a0858329bb247f95b3eae46069705653eaf8dca62f6bff78aad49afcef54b4cd58b6e6a023c798d6d61c604579332fcab293fe375243c0707bedbe21188f7124883c99deac490d5516710cf74ac3f527c967e1f39b1177498e9c7fe607189a679ec7c1f3aea7b6b070ac59c68db32c2c1fe8f50f43c84b58b1847e3b73dc3c971cf4693b4409b814f1c15b96e3565ae0750937975448fd186f82ec16a73533ab4b2d0264b227d5303a5cfa33ec62f6484f08efee9256a6f130224fe3e3b38a67fe1f49bdfe791df3fdd56404eb62213742925d63f2effce124df6fe9c65a1d7680531d82279f26deb7c4fa3d1efb52fe210d3da5a98dd3ff18af401f10d4218fba6d5d09f5796ef458ae3eb6a44a24c7cffef6edee7c7c62c8d5f5d70f1a76f03b361709d27fc2e7bac0a6dd5f4adca929ba1eb2ea0890a53ae5a2312ace60e335003079482cc5c3a3dceb3d4ac5c4454cda37fa5b47d93364907bfb156eac4fa97d69e9a90f74cf0de49e70412e077b5cacc333f5dfa9c765142b0005b1b833c9cb522c14997a2527d2e6d21f02cf57cd049c3f7b4f5fe01ba96b90262876a7fa456931f25103bf220b8a5d0841468442d5646794cb26b431fb62522edd507c0d0be15fb6bc758ec25012e8997cb1db4679c9fadc6bf6e8e232ffc6c3cd4017f401ce2243cbdfd7b81b8ebff7f01745fdfb49e8000fbd7c3b1b6c01d1e0c4be9edb504717146ea8702ff28cba6e930b1a6952d076b09f126c7f4899fc8db26310e7ba848c82e86561f3b0f5afe48ee47f3bdf2fe82b97614addf0d5e03d4124f4cfb193831bbdce168f151befb9af6073757a8fb9516ec5f32ae69783018664dadff3e31edadd9d1e48f0d56b7bc287488623895598881f9398d18dd505fb6032335ce6fb9ea68fd3d559a443257c7ac7b7f2b46fd509e602d5f40f618027478456d3487878a4666128a0a6541b40300fdc48f453699a825b91f18165a2a8e54c14d9031f4b7b97509bb1f0154af96064f20b251802152713308b86c4c603cecfbfa50e049470e8ba4dc9d31d1eadc5113ba9226b40e44f6a943235f52bab5262f05ffc1fe54fe7d9355f4874d82913b77eb9e29dce15aecac013e64034d6812a6427415994a48cf7d07423fc1db4f4f56e4bad7479640d44d1dd874fbd5b1f479cbe06bf0f0a5f26451b0fd1333b722222655b11670ac66d56ae35f0114959cdc07f6ff92855b77421e19ae1a7c94663d1bde25f9b4da66314200fffd26c0dcd6f8ff609188042e04a7630c8a1af252a40e646ff8c33e16576067462a408b17af8314ad135a8adc2fe133ec525c57421bc413e8051ac0906dd13b615006af9bd79c5e203c838a876ea1242bf7d2df5921f48cee2b902e0bb8babc7a1dd7ec33bc72e1fce82374cfa0a12aa99841dc0c36bef105d54749c9215dde00b83c6a80a8a7dab737ef0164ae4f14a774bbfee37c767f4c7469971d34b977e25c544262f98de70af035cd7feeda8ad52f2001cfae46ef3ad407d96bfe79747e13c25a906c3809f7954412c28d391c57766f3490a8184ce066c8b457a9256fcf0a5f1ca5d72798c7f701f8ae66fe35894931c53b320a0f620983ab236bcbbde18941aea2e1e564a654800bf9a2409cfe48ec6eb399c8f7821a079db20e110567e19c693e4dbd47952ad4a5a708a81f63e12148c36e587fa9c300b9bd8b985a6305", @nested={0x64, 0x151, 0x0, 0x1, [@generic="0a49621e22155e65", @generic="cbda0de4faf6ea20388860348f41ecd4f0c9d88c00c023f3b14aa8847f60898bc9d73c3853c243eb85c8a022d905ee3bf10ebf8520888d03de9d8a67e86c74acace6b9d1a5c0ae9ead2adf13954ddb3d77714a31d1d6534c"]}, @typed={0xc, 0xbe, 0x0, 0x0, @u64=0x5ffffc}]}, @NL80211_ATTR_CNTDWN_OFFS_BEACON={0x13, 0xba, "41a5c5777cacdf14f77deec4f02cbf"}]}, 0x1320}}, 0x8040) write$auto_proc_fault_inject_operations_base(r7, 0x0, 0x0) r8 = socket(0x1e, 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) getsockopt$auto(r8, 0x10f, 0x82, 0x0, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, &(0x7f0000000240)) eventfd$auto(0xfffffff9) 2.196681457s ago: executing program 2 (id=1857): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x416440, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4020aed2, r0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x416440, 0x0) (async) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$auto(0x3, 0x4020aed2, r0) (async) 2.057429458s ago: executing program 3 (id=1858): unshare$auto(0x40000080) r0 = socket(0xa, 0x5, 0x0) mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, r0, 0x7ffe) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9) ioctl$auto(0xffffffffffffffff, 0x540a, 0x0) close_range$auto(0x2, r2, 0x401) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0) socket(0x2, 0x3, 0xa) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x28002, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x800, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x4, 0x3, 0x62, 0x80000002, 0x7, 0x1, 0x9, 0x3, 0xfffffffffefffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd40, 0x1, 0x948f, 0x5, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0xa, 0x8, 0x6]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000001ff, 0x4, 0xd, 0x1, 0x3, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0xd, 0xd, 0x1]}, 0x0) r4 = openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) read$auto_stats_fops_(r4, &(0x7f0000000040)=""/47, 0x2f) fsconfig$auto_FSCONFIG_CMD_RECONFIGURE(r3, 0x7, &(0x7f00000000c0)='@#]\x00', &(0x7f00000001c0)="1522209220c15ae821d0a52627b425195633ae1a095bfdbf5cba5245511af6850855f645a519a1e39955440c68ab36c9acc52d62d553ad885387fa4fa5875e0318c70a40af7fa38721038f23e4ef6e065abcef63733475d24b28f29519d2ce622e06bd30e4238dc1d4c62bb6810767a4eab2eaeabf482193e784a75ab6a32dd2cd8bf3745f500aed2d0ae02a8f8740de15f2387c69c33a44ba8b97", 0x0) mmap$auto(0x40000000, 0x2000d, 0x4000000000df, 0xebf, 0x401, 0x7ffe) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20040c04}, 0xc0804) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) open(0x0, 0x591083, 0x408) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) 1.929070599s ago: executing program 2 (id=1859): write$auto(0xffffffffffffffff, &(0x7f0000000280)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x88\xc4\xe9d\x03\rF\xec\xb8\x05Z|\xffGP\xb2)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\x02\xb5\x90\xc0\xbf\xd4m\xbf\xc7\x15\b\x00\x00\x00\x00\x00\x00\x00}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xff\xff\xff\xff\xff\xff\xff\xfbk8\x83\xcf\xc7D\xcc\x00\x00\x00\x00\x00\x90\\7\x83\x81\x8e\xad\x18M\"0\xf7\x03\xba\xffK\x04\xa1w.\x92=\xc2\xb9*P\xe1\x17\rQ\x88M\x88\fR&y\xfe\x8d\xd2?\xb6W\b\x90\xfa\x14\xb6\x83E|\xaa\xbf\xcb\xf4\xea\xcb\xf2o\xd2\x1c\xf8\xa6\x8e\x9cw\x89R\xfd\x069\xaa\xed\xfdT\xb5\xf1\x00YW\xfe\x83^f\xee\x02\f\xa0\xd5\xcd\xde\xde\xf0\xa8\xa8X\x95^\x91B\x97\xce\v\xd0\x1a\xe0Y\x91\n\xd9\xa8\xdfT\xe6\x84\x82\xc0}\x15\x81\xe8', 0x10001) fsconfig$auto_FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, &(0x7f00000001c0)='\xf5\x00', 0x0, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop9\x00', 0x8001, 0x0) ioctl$auto(r1, 0x5393, r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r2, 0xa, 0x1) fcntl$auto(r2, 0x10, 0x2) r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) set_mempolicy$auto(0x1, 0x0, 0x21) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000005c0)={0x1c, r4, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@HWSIM_ATTR_REG_HINT_ALPHA2={0x6, 0xb, ',)'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000060}, 0x0) r6 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/apparmor/prev\x00', 0x1, 0x0) write$auto_proc_pid_attr_operations_base(r6, 0x0, 0x0) unshare$auto(0x40000080) ioctl$auto(r3, 0x4611, r3) acct$auto(&(0x7f00000003c0)='/dev/usbmon38\x00') mmap$auto(0x0, 0x4020007, 0x200000000000db, 0x2000000000eb1, 0x401, 0x8000) r7 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000080)='/dev/usbmon0\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r7, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r7, 0x80089203, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/025/001\x00', 0x20480, 0x0) r8 = socket(0x2, 0x2, 0x10000) recvmmsg$auto(r8, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) socketpair$auto(0x1e, 0x9b, 0x7, 0x0) 317.862541ms ago: executing program 3 (id=1860): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xa0180, 0x0) openat$auto_random_fops_random(0xffffffffffffff9c, 0x0, 0x2002, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000140)="d1807307", 0x4) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, 0x0) 262.057333ms ago: executing program 2 (id=1861): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/cifsFYI\x00', 0x40c01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/net/bond0/queues/tx-6/tx_timeout\x00', 0x2440, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.0/usb1/authorized\x00', 0x0, 0x0) lseek$auto(0x3, 0x908, 0x1) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2d, 0x2, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r0, 0x2, 0x7, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x900, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/current_tracer\x00', 0x40, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000900)='/proc/sys/kernel/pid_max\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0xe0282, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/io\x00', 0x180780, 0x0) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0x3000000000000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r1) 128.022029ms ago: executing program 3 (id=1862): sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) r0 = socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = socket(0x25, 0x1, 0x5) recvfrom$auto(r3, 0x0, 0x0, 0x40, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r5, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0xfffffffffffffeee, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8}]}, 0x34}, 0x1, 0x0, 0x700000000000000, 0x801}, 0x80) 0s ago: executing program 2 (id=1863): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/sockstat\x00', 0xc0000, 0x0) semctl$auto_SEM_INFO(0x5, 0xf9, 0x13, 0x8) ioctl$auto(r0, 0x2, 0x9) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) ioctl$auto(r1, 0x12b2, r1) r2 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0xc00, 0x0) ioctl$auto_TUNGETVNETLE(r2, 0x800454dd, &(0x7f00000000c0)=0x3) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}}, 0xf7374674b920089e) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x2) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5}, 0x3) sysfs$auto(0x2, 0x1, 0x4) fsopen$auto(0x0, 0x1) kernel console output (not intermixed with test programs): [ 356.163252][T11419] acpi_evaluate_integer+0xdf/0x220 [ 356.163267][T11419] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 356.163289][T11419] ? __pfx_status_show+0x10/0x10 [ 356.163306][T11419] status_show+0xa0/0x120 [ 356.163322][T11419] ? __pfx_status_show+0x10/0x10 [ 356.163344][T11419] dev_attr_show+0x52/0xa0 [ 356.163365][T11419] ? __pfx_dev_attr_show+0x10/0x10 [ 356.163384][T11419] sysfs_kf_seq_show+0x217/0x3a0 [ 356.163406][T11419] seq_read_iter+0x32f/0x1270 [ 356.163429][T11419] kernfs_fop_read_iter+0x46c/0x610 [ 356.163444][T11419] ? rw_verify_area+0xce/0x6d0 [ 356.163458][T11419] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 356.163475][T11419] vfs_read+0x825/0xb30 [ 356.163493][T11419] ? __pfx_vfs_read+0x10/0x10 [ 356.163507][T11419] ? find_held_lock+0x2b/0x80 [ 356.163534][T11419] ksys_read+0x12a/0x250 [ 356.163549][T11419] ? __pfx_ksys_read+0x10/0x10 [ 356.163570][T11419] do_syscall_64+0xc9/0xf80 [ 356.163590][T11419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 356.163605][T11419] RIP: 0033:0x7f55e9d9aeb9 [ 356.163618][T11419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 356.163631][T11419] RSP: 002b:00007f55ead18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 356.163647][T11419] RAX: ffffffffffffffda RBX: 00007f55ea015fa0 RCX: 00007f55e9d9aeb9 [ 356.163657][T11419] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000005 [ 356.163671][T11419] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 356.163680][T11419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 356.163689][T11419] R13: 00007f55ea016038 R14: 00007f55ea015fa0 R15: 00007ffc882f9ab8 [ 356.163709][T11419] [ 356.164622][T11419] ACPI Error: [ 356.760234][T11415] zswap: compressor not available [ 357.281326][T11419] Could not allocate an object descriptor (20250807/utobject-180) [ 357.332262][T11419] ACPI Error: ffff888077117000 walk still has a scope list (20250807/dswstate-694) [ 357.997086][T11437] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 358.253673][T11469] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 358.297722][T11469] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 358.362976][T11469] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 358.481711][T11469] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 358.573593][T11469] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 358.610826][ T30] audit: type=1800 audit(4294967348.280:10): pid=11480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1159" name="dbroot" dev="configfs" ino=37172 res=0 errno=0 [ 358.632061][T11476] futex_wake_op: syz.0.1158 tries to shift op by -2048; fix this program [ 358.729973][T11476] futex_wake_op: syz.0.1158 tries to shift op by -2048; fix this program [ 360.302568][ T9248] Bluetooth: hci0: command 0x0c1a tx timeout [ 360.308622][T10555] Bluetooth: hci1: command 0x0c1a tx timeout [ 360.382447][T10555] Bluetooth: hci3: command 0x0c1a tx timeout [ 360.625058][T10555] Bluetooth: hci2: command 0x0c1a tx timeout [ 362.228051][T11589] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 362.269020][T11582] FAULT_INJECTION: forcing a failure. [ 362.269020][T11582] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 362.389269][T11582] CPU: 0 UID: 0 PID: 11582 Comm: syz.3.1178 Tainted: G U L syzkaller #0 PREEMPT(full) [ 362.389299][T11582] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 362.389305][T11582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 362.389315][T11582] Call Trace: [ 362.389320][T11582] [ 362.389326][T11582] dump_stack_lvl+0x100/0x190 [ 362.389349][T11582] should_fail_ex.cold+0x5/0xa [ 362.389371][T11582] ? prepare_alloc_pages+0x16d/0x5f0 [ 362.389394][T11582] should_fail_alloc_page+0xeb/0x140 [ 362.389417][T11582] prepare_alloc_pages+0x1f0/0x5f0 [ 362.389438][T11582] ? rcu_is_watching+0x12/0xc0 [ 362.389454][T11582] __alloc_frozen_pages_noprof+0x193/0x2410 [ 362.389481][T11582] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 362.389506][T11582] ? rcu_is_watching+0x12/0xc0 [ 362.389520][T11582] ? trace_kmalloc+0x83/0xb0 [ 362.389538][T11582] ? __kmalloc_node_track_caller_noprof+0x373/0x9d0 [ 362.389558][T11582] ? rcu_is_watching+0x12/0xc0 [ 362.389571][T11582] ? __alloc_skb+0x186/0x410 [ 362.389591][T11582] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 362.389607][T11582] ? policy_nodemask+0xed/0x4f0 [ 362.389629][T11582] alloc_pages_mpol+0x1fb/0x550 [ 362.389650][T11582] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 362.389671][T11582] ? sched_clock+0x38/0x60 [ 362.389695][T11582] alloc_pages_noprof+0x131/0x390 [ 362.389716][T11582] alloc_skb_with_frags+0x500/0x810 [ 362.389735][T11582] sock_alloc_send_pskb+0x801/0x980 [ 362.389754][T11582] ? __lock_acquire+0x4a5/0x2630 [ 362.389777][T11582] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 362.389800][T11582] ? find_held_lock+0x2b/0x80 [ 362.389814][T11582] ? aa_file_perm+0x268/0x1540 [ 362.389831][T11582] tun_get_user+0x8f7/0x3e10 [ 362.389861][T11582] ? __pfx_tun_get_user+0x10/0x10 [ 362.389884][T11582] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 362.389904][T11582] ? find_held_lock+0x2b/0x80 [ 362.389918][T11582] ? tun_get+0x191/0x370 [ 362.389936][T11582] ? tun_get+0x191/0x370 [ 362.389961][T11582] tun_chr_write_iter+0xdc/0x200 [ 362.389985][T11582] vfs_write+0x6ac/0x1070 [ 362.390002][T11582] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 362.390025][T11582] ? __pfx_vfs_write+0x10/0x10 [ 362.390040][T11582] ? find_held_lock+0x2b/0x80 [ 362.390065][T11582] __x64_sys_pwrite64+0x1eb/0x250 [ 362.390083][T11582] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 362.390105][T11582] do_syscall_64+0xc9/0xf80 [ 362.390125][T11582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.390140][T11582] RIP: 0033:0x7f55e9d9aeb9 [ 362.390153][T11582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 362.390167][T11582] RSP: 002b:00007f55ead18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 362.390183][T11582] RAX: ffffffffffffffda RBX: 00007f55ea015fa0 RCX: 00007f55e9d9aeb9 [ 362.390192][T11582] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 00000000000000c8 [ 362.390202][T11582] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 362.390211][T11582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 362.390220][T11582] R13: 00007f55ea016038 R14: 00007f55ea015fa0 R15: 00007ffc882f9ab8 [ 362.390240][T11582] [ 363.113339][T10555] Bluetooth: hci3: command 0x0c1a tx timeout [ 363.463328][T11601] FAULT_INJECTION: forcing a failure. [ 363.463328][T11601] name failslab, interval 1, probability 0, space 0, times 0 [ 363.527588][T11601] CPU: 0 UID: 0 PID: 11601 Comm: syz.2.1182 Tainted: G U L syzkaller #0 PREEMPT(full) [ 363.527616][T11601] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 363.527622][T11601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 363.527631][T11601] Call Trace: [ 363.527636][T11601] [ 363.527642][T11601] dump_stack_lvl+0x100/0x190 [ 363.527665][T11601] should_fail_ex.cold+0x5/0xa [ 363.527690][T11601] should_failslab+0xc2/0x120 [ 363.527711][T11601] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 363.527729][T11601] ? udpv6_init_sock+0x24e/0x450 [ 363.527747][T11601] ? trace_kmalloc+0x83/0xb0 [ 363.527766][T11601] ? __kmalloc_noprof+0x365/0x9c0 [ 363.527779][T11601] ? __d_alloc+0x34/0xa80 [ 363.527800][T11601] ? __d_alloc+0x34/0xa80 [ 363.527817][T11601] __d_alloc+0x34/0xa80 [ 363.527837][T11601] d_alloc_pseudo+0x1c/0xc0 [ 363.527858][T11601] alloc_file_pseudo+0xcf/0x230 [ 363.527880][T11601] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 363.527901][T11601] ? alloc_fd+0x476/0x790 [ 363.527920][T11601] sock_alloc_file+0x50/0x210 [ 363.527943][T11601] __sys_socket+0x1c0/0x260 [ 363.527959][T11601] ? fput+0x79/0x100 [ 363.527978][T11601] ? __pfx___sys_socket+0x10/0x10 [ 363.527995][T11601] ? xfd_validate_state+0x129/0x190 [ 363.528022][T11601] __x64_sys_socket+0x72/0xb0 [ 363.528038][T11601] ? lockdep_hardirqs_on+0x78/0x100 [ 363.528055][T11601] do_syscall_64+0xc9/0xf80 [ 363.528074][T11601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.528089][T11601] RIP: 0033:0x7ffa60d9aeb9 [ 363.528102][T11601] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 363.528117][T11601] RSP: 002b:00007ffa5eff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 363.528133][T11601] RAX: ffffffffffffffda RBX: 00007ffa61015fa0 RCX: 00007ffa60d9aeb9 [ 363.528143][T11601] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 363.528163][T11601] RBP: 00007ffa60e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 363.528172][T11601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 363.528181][T11601] R13: 00007ffa61016038 R14: 00007ffa61015fa0 R15: 00007ffc06fbfe08 [ 363.528201][T11601] [ 364.046720][T11600] zswap: compressor not available [ 364.580309][T11623] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1186'. [ 365.041079][T11640] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 365.700016][T11633] Process accounting resumed [ 366.769804][T11699] FAULT_INJECTION: forcing a failure. [ 366.769804][T11699] name failslab, interval 1, probability 0, space 0, times 0 [ 366.866019][T11699] CPU: 0 UID: 0 PID: 11699 Comm: syz.1.1199 Tainted: G U L syzkaller #0 PREEMPT(full) [ 366.866048][T11699] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 366.866054][T11699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 366.866064][T11699] Call Trace: [ 366.866070][T11699] [ 366.866076][T11699] dump_stack_lvl+0x100/0x190 [ 366.866098][T11699] should_fail_ex.cold+0x5/0xa [ 366.866124][T11699] should_failslab+0xc2/0x120 [ 366.866144][T11699] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 366.866159][T11699] __kmalloc_noprof+0xf6/0x9c0 [ 366.866174][T11699] ? __pfx_aa_file_perm+0x10/0x10 [ 366.866195][T11699] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 366.866209][T11699] ? __lock_acquire+0x4a5/0x2630 [ 366.866226][T11699] kernfs_fop_write_iter+0x26a/0x5f0 [ 366.866241][T11699] ? copy_iovec_from_user+0x102/0x140 [ 366.866264][T11699] do_iter_readv_writev+0x6ee/0x920 [ 366.866281][T11699] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 366.866304][T11699] vfs_writev+0x360/0xe10 [ 366.866320][T11699] ? trace_contention_end+0xd6/0x110 [ 366.866342][T11699] ? __pfx_vfs_writev+0x10/0x10 [ 366.866356][T11699] ? fdget_pos+0x2aa/0x380 [ 366.866386][T11699] ? __fget_files+0x21f/0x3d0 [ 366.866407][T11699] ? do_writev+0x13e/0x340 [ 366.866420][T11699] do_writev+0x13e/0x340 [ 366.866435][T11699] ? __pfx_do_writev+0x10/0x10 [ 366.866455][T11699] do_syscall_64+0xc9/0xf80 [ 366.866475][T11699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.866490][T11699] RIP: 0033:0x7f4e2b39aeb9 [ 366.866502][T11699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 366.866517][T11699] RSP: 002b:00007f4e2c2b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 366.866532][T11699] RAX: ffffffffffffffda RBX: 00007f4e2b615fa0 RCX: 00007f4e2b39aeb9 [ 366.866542][T11699] RDX: 0000000000000005 RSI: 0000200000000100 RDI: 0000000000000003 [ 366.866551][T11699] RBP: 00007f4e2b408c1f R08: 0000000000000000 R09: 0000000000000000 [ 366.866560][T11699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.866569][T11699] R13: 00007f4e2b616038 R14: 00007f4e2b615fa0 R15: 00007ffcd67052e8 [ 366.866589][T11699] [ 367.541412][T11718] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 369.086840][T11760] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1212'. [ 369.158535][T11761] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1212'. [ 369.218142][T11760] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1212'. [ 370.501013][T11796] snd_aloop snd_aloop.0: control 16781581:65539:6:é'x?F¢é/èìzFË·fCªáª:7 is already present [ 370.744231][T11806] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1223'. [ 370.807597][T11809] FAULT_INJECTION: forcing a failure. [ 370.807597][T11809] name fail_futex, interval 1, probability 0, space 0, times 0 [ 370.871433][T11809] CPU: 0 UID: 0 PID: 11809 Comm: syz.1.1223 Tainted: G U L syzkaller #0 PREEMPT(full) [ 370.871461][T11809] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 370.871466][T11809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 370.871475][T11809] Call Trace: [ 370.871480][T11809] [ 370.871485][T11809] dump_stack_lvl+0x100/0x190 [ 370.871508][T11809] should_fail_ex.cold+0x5/0xa [ 370.871529][T11809] ? lock_acquire+0x17c/0x330 [ 370.871550][T11809] get_futex_key+0x1d2/0x1620 [ 370.871570][T11809] ? __pfx_get_futex_key+0x10/0x10 [ 370.871587][T11809] ? __lock_acquire+0x4a5/0x2630 [ 370.871608][T11809] ? __local_bh_enable_ip+0x9e/0x120 [ 370.871629][T11809] futex_wake+0xea/0x530 [ 370.871658][T11809] ? do_raw_spin_lock+0x128/0x260 [ 370.871680][T11809] ? __pfx_futex_wake+0x10/0x10 [ 370.871700][T11809] ? tipc_sk_bind+0x19a/0x380 [ 370.871723][T11809] ? tipc_sk_bind+0x19a/0x380 [ 370.871745][T11809] ? rcu_is_watching+0x12/0xc0 [ 370.871759][T11809] ? __local_bh_enable_ip+0x9e/0x120 [ 370.871776][T11809] ? lockdep_hardirqs_on+0x78/0x100 [ 370.871793][T11809] ? tipc_sk_bind+0x19a/0x380 [ 370.871816][T11809] do_futex+0x32b/0x350 [ 370.871836][T11809] ? __pfx_do_futex+0x10/0x10 [ 370.871855][T11809] ? __sys_bind+0x1c7/0x260 [ 370.871876][T11809] __x64_sys_futex+0x34f/0x4d0 [ 370.871899][T11809] ? __pfx___x64_sys_futex+0x10/0x10 [ 370.871926][T11809] do_syscall_64+0xc9/0xf80 [ 370.871944][T11809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 370.871959][T11809] RIP: 0033:0x7f4e2b39aeb9 [ 370.871971][T11809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 370.871986][T11809] RSP: 002b:00007f4e2c2900e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 370.872001][T11809] RAX: ffffffffffffffda RBX: 00007f4e2b616098 RCX: 00007f4e2b39aeb9 [ 370.872011][T11809] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4e2b61609c [ 370.872020][T11809] RBP: 00007f4e2b616090 R08: 0000000000000000 R09: 0000000000000000 [ 370.872028][T11809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 370.872037][T11809] R13: 00007f4e2b616128 R14: 00007ffcd6705200 R15: 00007ffcd67052e8 [ 370.872056][T11809] [ 371.399615][T11807] zswap: compressor not available [ 371.464902][ T30] audit: type=1806 audit(4294967361.120:11): xattr="." res=0 [ 372.043343][T11837] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 372.112315][T11830] zswap: compressor not available [ 373.187516][T11860] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78004 [ 373.255917][T11860] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 373.342827][T11860] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 373.351453][T11860] raw: ffff888000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 373.367678][T11867] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1232'. [ 373.452162][T11860] page dumped because: unmovable page [ 373.482486][T11860] page_owner tracks the page as allocated [ 373.532438][T11860] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd02(GFP_NOIO|__GFP_HIGHMEM|__GFP_ZERO), pid 6213, tgid 6212 (syz.2.71), ts 106957416782, free_ts 101393486044 [ 373.665048][T11860] post_alloc_hook+0x1e1/0x250 [ 373.712639][T11860] get_page_from_freelist+0xe3d/0x2e10 [ 373.736530][T11860] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 373.768748][T11860] alloc_pages_mpol+0x1fb/0x550 [ 373.804974][T11860] alloc_pages_noprof+0x131/0x390 [ 373.834640][T11860] brd_submit_bio+0x116a/0x20d0 [ 373.861957][T11860] __submit_bio+0x32f/0x6c0 [ 373.903138][T11860] submit_bio_noacct_nocheck+0x6fc/0xbb0 [ 373.908798][T11860] submit_bio_noacct+0xb5c/0x1e80 [ 373.951259][T11860] __block_write_full_folio+0x77f/0xee0 [ 373.982116][T11860] block_write_full_folio+0x3b5/0x4e0 [ 374.002072][T11860] blkdev_writepages+0xc7/0x150 [ 374.022461][T11860] do_writepages+0x278/0x600 [ 374.027065][T11860] filemap_writeback+0x22d/0x2e0 [ 374.065554][T11860] file_write_and_wait_range+0xcd/0x140 [ 374.107196][T11860] blkdev_fsync+0x6c/0xd0 [ 374.111566][T11860] page last free pid 15 tgid 15 stack trace: [ 374.138194][T11879] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 374.149693][T11860] __free_frozen_pages+0x822/0x1130 [ 374.168123][T11860] tlb_remove_table_rcu+0x2b2/0x390 [ 374.189143][T11860] rcu_core+0x7c0/0x15c0 [ 374.206255][T11860] handle_softirqs+0x1ea/0x910 [ 374.221629][T11860] run_ksoftirqd+0x38/0x60 [ 374.236484][T11860] smpboot_thread_fn+0x3d3/0xaa0 [ 374.259343][T11860] kthread+0x3b3/0x730 [ 374.269576][T11860] ret_from_fork+0x754/0xaf0 [ 374.279678][T11860] ret_from_fork_asm+0x1a/0x30 [ 375.070218][T11894] zswap: compressor not available [ 375.110361][T11905] FAULT_INJECTION: forcing a failure. [ 375.110361][T11905] name failslab, interval 1, probability 0, space 0, times 0 [ 375.164820][T11905] CPU: 0 UID: 0 PID: 11905 Comm: syz.0.1243 Tainted: G U L syzkaller #0 PREEMPT(full) [ 375.164848][T11905] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 375.164854][T11905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 375.164864][T11905] Call Trace: [ 375.164870][T11905] [ 375.164876][T11905] dump_stack_lvl+0x100/0x190 [ 375.164899][T11905] should_fail_ex.cold+0x5/0xa [ 375.164924][T11905] should_failslab+0xc2/0x120 [ 375.164944][T11905] ? udpv6_init_sock+0x24e/0x450 [ 375.164961][T11905] __kmalloc_noprof+0xf6/0x9c0 [ 375.164981][T11905] ? udpv6_init_sock+0x24e/0x450 [ 375.164998][T11905] udpv6_init_sock+0x24e/0x450 [ 375.165015][T11905] ? __pfx_udpv6_init_sock+0x10/0x10 [ 375.165034][T11905] inet6_create+0xb2f/0x12c0 [ 375.165056][T11905] ? inet6_create+0x7f/0x12c0 [ 375.165079][T11905] __sock_create+0x339/0x860 [ 375.165099][T11905] __sys_socket+0x14d/0x260 [ 375.165115][T11905] ? fput+0x79/0x100 [ 375.165134][T11905] ? __pfx___sys_socket+0x10/0x10 [ 375.165150][T11905] ? xfd_validate_state+0x129/0x190 [ 375.165177][T11905] __x64_sys_socket+0x72/0xb0 [ 375.165193][T11905] ? lockdep_hardirqs_on+0x78/0x100 [ 375.165210][T11905] do_syscall_64+0xc9/0xf80 [ 375.165228][T11905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 375.165243][T11905] RIP: 0033:0x7ff2c519aeb9 [ 375.165256][T11905] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 375.165270][T11905] RSP: 002b:00007ff2c6131028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 375.165285][T11905] RAX: ffffffffffffffda RBX: 00007ff2c5415fa0 RCX: 00007ff2c519aeb9 [ 375.165295][T11905] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 375.165303][T11905] RBP: 00007ff2c5208c1f R08: 0000000000000000 R09: 0000000000000000 [ 375.165313][T11905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 375.165322][T11905] R13: 00007ff2c5416038 R14: 00007ff2c5415fa0 R15: 00007ffd93dbd358 [ 375.165342][T11905] [ 376.348304][T11922] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 376.642950][T11929] netlink: 78 bytes leftover after parsing attributes in process `syz.0.1249'. [ 376.683394][T11931] netlink: 78 bytes leftover after parsing attributes in process `syz.0.1249'. [ 377.780018][T11942] zswap: compressor not available [ 378.111439][T11951] zswap: compressor û not available [ 378.326423][T11959] FAULT_INJECTION: forcing a failure. [ 378.326423][T11959] name failslab, interval 1, probability 0, space 0, times 0 [ 378.340486][T11961] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 378.386155][T11959] CPU: 0 UID: 0 PID: 11959 Comm: syz.3.1256 Tainted: G U L syzkaller #0 PREEMPT(full) [ 378.386183][T11959] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 378.386189][T11959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 378.386199][T11959] Call Trace: [ 378.386204][T11959] [ 378.386211][T11959] dump_stack_lvl+0x100/0x190 [ 378.386233][T11959] should_fail_ex.cold+0x5/0xa [ 378.386259][T11959] should_failslab+0xc2/0x120 [ 378.386280][T11959] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 378.386300][T11959] ? udpv6_init_sock+0x24e/0x450 [ 378.386317][T11959] ? trace_kmalloc+0x83/0xb0 [ 378.386336][T11959] ? __kmalloc_noprof+0x365/0x9c0 [ 378.386350][T11959] ? __d_alloc+0x34/0xa80 [ 378.386371][T11959] ? __d_alloc+0x34/0xa80 [ 378.386387][T11959] __d_alloc+0x34/0xa80 [ 378.386407][T11959] d_alloc_pseudo+0x1c/0xc0 [ 378.386428][T11959] alloc_file_pseudo+0xcf/0x230 [ 378.386450][T11959] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 378.386471][T11959] ? alloc_fd+0x476/0x790 [ 378.386490][T11959] sock_alloc_file+0x50/0x210 [ 378.386513][T11959] __sys_socket+0x1c0/0x260 [ 378.386530][T11959] ? fput+0x79/0x100 [ 378.386548][T11959] ? __pfx___sys_socket+0x10/0x10 [ 378.386564][T11959] ? xfd_validate_state+0x129/0x190 [ 378.386591][T11959] __x64_sys_socket+0x72/0xb0 [ 378.386607][T11959] ? lockdep_hardirqs_on+0x78/0x100 [ 378.386624][T11959] do_syscall_64+0xc9/0xf80 [ 378.386643][T11959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.386657][T11959] RIP: 0033:0x7f55e9d9aeb9 [ 378.386670][T11959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 378.386684][T11959] RSP: 002b:00007f55ead18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 378.386699][T11959] RAX: ffffffffffffffda RBX: 00007f55ea015fa0 RCX: 00007f55e9d9aeb9 [ 378.386709][T11959] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 378.386718][T11959] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 378.386727][T11959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 378.386735][T11959] R13: 00007f55ea016038 R14: 00007f55ea015fa0 R15: 00007ffc882f9ab8 [ 378.386754][T11959] [ 379.102990][T11974] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 379.877080][T12005] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 379.912874][T12006] bridge0: port 3(hsr0) entered blocking state [ 379.945250][T12006] bridge0: port 3(hsr0) entered disabled state [ 379.978621][T12010] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 379.992319][T12006] hsr0: entered allmulticast mode [ 380.005422][T12006] hsr_slave_0: entered allmulticast mode [ 380.032368][T12006] hsr_slave_1: entered allmulticast mode [ 380.061161][T12006] hsr0: entered promiscuous mode [ 380.068302][T12006] bridge0: port 3(hsr0) entered blocking state [ 380.074538][T12006] bridge0: port 3(hsr0) entered forwarding state [ 381.727290][T12051] FAULT_INJECTION: forcing a failure. [ 381.727290][T12051] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 381.850667][T12057] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 381.904531][T12052] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1277'. [ 381.972265][T12051] CPU: 0 UID: 0 PID: 12051 Comm: syz.0.1277 Tainted: G U L syzkaller #0 PREEMPT(full) [ 381.972293][T12051] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 381.972299][T12051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 381.972308][T12051] Call Trace: [ 381.972314][T12051] [ 381.972319][T12051] dump_stack_lvl+0x100/0x190 [ 381.972342][T12051] should_fail_ex.cold+0x5/0xa [ 381.972367][T12051] _copy_to_user+0x32/0xd0 [ 381.972395][T12051] cpuid_read+0x1d9/0x360 [ 381.972418][T12051] ? __pfx_cpuid_read+0x10/0x10 [ 381.972438][T12051] ? __pfx_cpuid_smp_cpuid+0x10/0x10 [ 381.972458][T12051] ? iovec_from_user+0xbb/0x140 [ 381.972485][T12051] ? bpf_lsm_file_permission+0x9/0x10 [ 381.972506][T12051] ? security_file_permission+0x76/0x210 [ 381.972531][T12051] ? __pfx_cpuid_read+0x10/0x10 [ 381.972550][T12051] vfs_readv+0x5d8/0x8d0 [ 381.972569][T12051] ? __pfx_vfs_readv+0x10/0x10 [ 381.972584][T12051] ? fd_install+0x223/0x580 [ 381.972609][T12051] ? __fget_files+0x21f/0x3d0 [ 381.972628][T12051] ? do_readv+0x13e/0x340 [ 381.972641][T12051] do_readv+0x13e/0x340 [ 381.972656][T12051] ? __pfx_do_readv+0x10/0x10 [ 381.972675][T12051] do_syscall_64+0xc9/0xf80 [ 381.972694][T12051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 381.972709][T12051] RIP: 0033:0x7ff2c519aeb9 [ 381.972722][T12051] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 381.972735][T12051] RSP: 002b:00007ff2c60ef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 381.972750][T12051] RAX: ffffffffffffffda RBX: 00007ff2c5416180 RCX: 00007ff2c519aeb9 [ 381.972760][T12051] RDX: 0000000000000003 RSI: 0000200000000680 RDI: 0000000000000004 [ 381.972769][T12051] RBP: 00007ff2c5208c1f R08: 0000000000000000 R09: 0000000000000000 [ 381.972777][T12051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 381.972786][T12051] R13: 00007ff2c5416218 R14: 00007ff2c5416180 R15: 00007ffd93dbd358 [ 381.972805][T12051] [ 382.500990][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 382.509468][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.876645][T12075] netlink: 'syz.1.1283': attribute type 11 has an invalid length. [ 382.943258][T12075] netlink: 'syz.1.1283': attribute type 11 has an invalid length. [ 383.099187][T12075] netlink: 'syz.1.1283': attribute type 11 has an invalid length. [ 383.184193][T12075] netlink: 'syz.1.1283': attribute type 11 has an invalid length. [ 383.252647][T12080] random: crng reseeded on system resumption [ 384.513262][ T30] audit: type=1804 audit(4294967374.200:12): pid=12119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1290" name="/newroot/sys/kernel/debug/tracing/printk_formats" dev="tracefs" ino=32 res=1 errno=0 [ 384.585613][T12127] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 384.607612][ T30] audit: type=1804 audit(4294967374.300:13): pid=12120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1290" name="/newroot/sys/kernel/debug/tracing/printk_formats" dev="tracefs" ino=32 res=1 errno=0 [ 384.749812][T12111] sp0: Synchronizing with TNC [ 387.971761][T12180] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1305'. [ 388.080361][ T30] audit: type=1800 audit(4294967377.770:14): pid=12180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1305" name="dbroot" dev="configfs" ino=40896 res=0 errno=0 [ 388.242708][T12189] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1306'. [ 389.121709][ T30] audit: type=1800 audit(4294967378.810:15): pid=12198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1308" name="discovery_nqn" dev="configfs" ino=40957 res=0 errno=0 [ 391.215011][T12209] zswap: compressor not available [ 391.653108][T12226] zswap: compressor not available [ 391.834761][T12237] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 394.065916][T12291] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 394.201689][T12293] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1328'. [ 394.356957][T12293] hsr_slave_0: left promiscuous mode [ 394.433161][T12293] hsr_slave_1: left promiscuous mode [ 396.980906][T12303] Process accounting paused [ 399.043267][T12375] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 399.067459][T12374] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1347'. [ 400.250284][T12409] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 400.327538][T12410] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 401.436859][T12437] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 401.644007][T12425] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 401.685861][T12425] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 401.741200][T12425] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 401.783771][T12425] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 401.820634][T12425] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 403.262638][T10555] Bluetooth: hci0: command 0x0c1a tx timeout [ 403.742711][T10555] Bluetooth: hci3: command 0x0c1a tx timeout [ 403.748959][ T9248] Bluetooth: hci1: command 0x0c1a tx timeout [ 403.822828][T10555] Bluetooth: hci2: command 0x0c1a tx timeout [ 405.129929][T12508] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1377'. [ 405.474973][T12513] FAULT_INJECTION: forcing a failure. [ 405.474973][T12513] name failslab, interval 1, probability 0, space 0, times 0 [ 405.608626][T12513] CPU: 0 UID: 0 PID: 12513 Comm: syz.2.1378 Tainted: G U L syzkaller #0 PREEMPT(full) [ 405.608656][T12513] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 405.608662][T12513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 405.608672][T12513] Call Trace: [ 405.608677][T12513] [ 405.608683][T12513] dump_stack_lvl+0x100/0x190 [ 405.608707][T12513] should_fail_ex.cold+0x5/0xa [ 405.608731][T12513] should_failslab+0xc2/0x120 [ 405.608751][T12513] ? udpv6_init_sock+0x24e/0x450 [ 405.608769][T12513] __kmalloc_noprof+0xf6/0x9c0 [ 405.608789][T12513] ? udpv6_init_sock+0x24e/0x450 [ 405.608806][T12513] udpv6_init_sock+0x24e/0x450 [ 405.608823][T12513] ? __pfx_udpv6_init_sock+0x10/0x10 [ 405.608842][T12513] inet6_create+0xb2f/0x12c0 [ 405.608865][T12513] ? inet6_create+0x7f/0x12c0 [ 405.608887][T12513] __sock_create+0x339/0x860 [ 405.608908][T12513] __sys_socket+0x14d/0x260 [ 405.608923][T12513] ? fput+0x79/0x100 [ 405.608942][T12513] ? __pfx___sys_socket+0x10/0x10 [ 405.608958][T12513] ? xfd_validate_state+0x129/0x190 [ 405.608986][T12513] __x64_sys_socket+0x72/0xb0 [ 405.609002][T12513] ? lockdep_hardirqs_on+0x78/0x100 [ 405.609018][T12513] do_syscall_64+0xc9/0xf80 [ 405.609037][T12513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 405.609052][T12513] RIP: 0033:0x7ffa60d9aeb9 [ 405.609065][T12513] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 405.609079][T12513] RSP: 002b:00007ffa5eff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 405.609098][T12513] RAX: ffffffffffffffda RBX: 00007ffa61015fa0 RCX: 00007ffa60d9aeb9 [ 405.609109][T12513] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 405.609118][T12513] RBP: 00007ffa60e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 405.609127][T12513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 405.609137][T12513] R13: 00007ffa61016038 R14: 00007ffa61015fa0 R15: 00007ffc06fbfe08 [ 405.609156][T12513] [ 406.162890][T10555] Bluetooth: hci3: command 0x0c1a tx timeout [ 406.191293][T12516] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 408.389202][T12552] FAULT_INJECTION: forcing a failure. [ 408.389202][T12552] name failslab, interval 1, probability 0, space 0, times 0 [ 408.459791][T12552] CPU: 0 UID: 0 PID: 12552 Comm: syz.0.1388 Tainted: G U L syzkaller #0 PREEMPT(full) [ 408.459819][T12552] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 408.459825][T12552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 408.459834][T12552] Call Trace: [ 408.459838][T12552] [ 408.459844][T12552] dump_stack_lvl+0x100/0x190 [ 408.459866][T12552] should_fail_ex.cold+0x5/0xa [ 408.459890][T12552] should_failslab+0xc2/0x120 [ 408.459911][T12552] __kmalloc_cache_noprof+0x80/0x810 [ 408.459927][T12552] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 408.459948][T12552] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 408.459966][T12552] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 408.459985][T12552] snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 408.460010][T12552] ? snd_pcm_oss_write+0x49a/0xa30 [ 408.460028][T12552] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 408.460049][T12552] ? __pfx___mutex_lock+0x10/0x10 [ 408.460073][T12552] ? get_pid_task+0xfc/0x250 [ 408.460101][T12552] ? get_pid_task+0xfc/0x250 [ 408.460123][T12552] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 408.460142][T12552] snd_pcm_oss_write+0x4bb/0xa30 [ 408.460162][T12552] ? bpf_lsm_file_permission+0x9/0x10 [ 408.460182][T12552] ? security_file_permission+0x76/0x210 [ 408.460210][T12552] vfs_write+0x2aa/0x1070 [ 408.460227][T12552] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 408.460247][T12552] ? __pfx_vfs_write+0x10/0x10 [ 408.460261][T12552] ? find_held_lock+0x2b/0x80 [ 408.460275][T12552] ? __fget_files+0x215/0x3d0 [ 408.460290][T12552] ? __fget_files+0x215/0x3d0 [ 408.460309][T12552] ? __fget_files+0x21f/0x3d0 [ 408.460329][T12552] ksys_write+0x12a/0x250 [ 408.460345][T12552] ? __pfx_ksys_write+0x10/0x10 [ 408.460367][T12552] do_syscall_64+0xc9/0xf80 [ 408.460385][T12552] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 408.460400][T12552] RIP: 0033:0x7ff2c519aeb9 [ 408.460412][T12552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 408.460426][T12552] RSP: 002b:00007ff2c6131028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 408.460442][T12552] RAX: ffffffffffffffda RBX: 00007ff2c5415fa0 RCX: 00007ff2c519aeb9 [ 408.460452][T12552] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 408.460460][T12552] RBP: 00007ff2c6131090 R08: 0000000000000000 R09: 0000000000000000 [ 408.460469][T12552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 408.460478][T12552] R13: 00007ff2c5416038 R14: 00007ff2c5415fa0 R15: 00007ffd93dbd358 [ 408.460497][T12552] [ 409.970862][T12580] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1395'. [ 411.047092][ T9248] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 411.363982][T12615] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 411.659180][T12623] netlink: 82 bytes leftover after parsing attributes in process `syz.2.1405'. [ 411.729829][T12626] netlink: 82 bytes leftover after parsing attributes in process `syz.2.1405'. [ 412.768078][T12646] FAULT_INJECTION: forcing a failure. [ 412.768078][T12646] name failslab, interval 1, probability 0, space 0, times 0 [ 412.964190][T12646] CPU: 0 UID: 0 PID: 12646 Comm: syz.0.1409 Tainted: G U L syzkaller #0 PREEMPT(full) [ 412.964220][T12646] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 412.964226][T12646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 412.964235][T12646] Call Trace: [ 412.964241][T12646] [ 412.964247][T12646] dump_stack_lvl+0x100/0x190 [ 412.964270][T12646] should_fail_ex.cold+0x5/0xa [ 412.964295][T12646] should_failslab+0xc2/0x120 [ 412.964324][T12646] ? udpv6_init_sock+0x24e/0x450 [ 412.964343][T12646] __kmalloc_noprof+0xf6/0x9c0 [ 412.964364][T12646] ? udpv6_init_sock+0x24e/0x450 [ 412.964381][T12646] udpv6_init_sock+0x24e/0x450 [ 412.964398][T12646] ? __pfx_udpv6_init_sock+0x10/0x10 [ 412.964417][T12646] inet6_create+0xb2f/0x12c0 [ 412.964441][T12646] ? inet6_create+0x7f/0x12c0 [ 412.964464][T12646] __sock_create+0x339/0x860 [ 412.964484][T12646] __sys_socket+0x14d/0x260 [ 412.964500][T12646] ? fput+0x79/0x100 [ 412.964518][T12646] ? __pfx___sys_socket+0x10/0x10 [ 412.964533][T12646] ? xfd_validate_state+0x129/0x190 [ 412.964560][T12646] __x64_sys_socket+0x72/0xb0 [ 412.964576][T12646] ? lockdep_hardirqs_on+0x78/0x100 [ 412.964593][T12646] do_syscall_64+0xc9/0xf80 [ 412.964611][T12646] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 412.964626][T12646] RIP: 0033:0x7ff2c519aeb9 [ 412.964639][T12646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 412.964653][T12646] RSP: 002b:00007ff2c6131028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 412.964668][T12646] RAX: ffffffffffffffda RBX: 00007ff2c5415fa0 RCX: 00007ff2c519aeb9 [ 412.964678][T12646] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 412.964687][T12646] RBP: 00007ff2c5208c1f R08: 0000000000000000 R09: 0000000000000000 [ 412.964696][T12646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 412.964705][T12646] R13: 00007ff2c5416038 R14: 00007ff2c5415fa0 R15: 00007ffd93dbd358 [ 412.964725][T12646] [ 413.951826][T12658] FAULT_INJECTION: forcing a failure. [ 413.951826][T12658] name failslab, interval 1, probability 0, space 0, times 0 [ 413.995958][T12658] CPU: 0 UID: 0 PID: 12658 Comm: syz.1.1415 Tainted: G U L syzkaller #0 PREEMPT(full) [ 413.995986][T12658] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 413.995991][T12658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 413.996000][T12658] Call Trace: [ 413.996006][T12658] [ 413.996011][T12658] dump_stack_lvl+0x100/0x190 [ 413.996034][T12658] should_fail_ex.cold+0x5/0xa [ 413.996058][T12658] should_failslab+0xc2/0x120 [ 413.996079][T12658] __kmalloc_cache_noprof+0x80/0x810 [ 413.996094][T12658] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 413.996116][T12658] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 413.996133][T12658] snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 413.996154][T12658] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 413.996173][T12658] ? snd_pcm_oss_change_params_locked+0xa6d/0x39f0 [ 413.996196][T12658] snd_pcm_oss_change_params_locked+0xae1/0x39f0 [ 413.996221][T12658] ? snd_pcm_oss_write+0x49a/0xa30 [ 413.996238][T12658] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 413.996259][T12658] ? __pfx___mutex_lock+0x10/0x10 [ 413.996284][T12658] ? get_pid_task+0xfc/0x250 [ 413.996303][T12658] ? get_pid_task+0xfc/0x250 [ 413.996324][T12658] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 413.996343][T12658] snd_pcm_oss_write+0x4bb/0xa30 [ 413.996362][T12658] ? bpf_lsm_file_permission+0x9/0x10 [ 413.996382][T12658] ? security_file_permission+0x76/0x210 [ 413.996409][T12658] vfs_write+0x2aa/0x1070 [ 413.996426][T12658] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 413.996446][T12658] ? __pfx_vfs_write+0x10/0x10 [ 413.996460][T12658] ? find_held_lock+0x2b/0x80 [ 413.996474][T12658] ? __fget_files+0x215/0x3d0 [ 413.996490][T12658] ? __fget_files+0x215/0x3d0 [ 413.996508][T12658] ? __fget_files+0x21f/0x3d0 [ 413.996528][T12658] ksys_write+0x12a/0x250 [ 413.996544][T12658] ? __pfx_ksys_write+0x10/0x10 [ 413.996566][T12658] do_syscall_64+0xc9/0xf80 [ 413.996584][T12658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.996600][T12658] RIP: 0033:0x7f4e2b39aeb9 [ 413.996612][T12658] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 413.996626][T12658] RSP: 002b:00007f4e2c2b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 413.996641][T12658] RAX: ffffffffffffffda RBX: 00007f4e2b615fa0 RCX: 00007f4e2b39aeb9 [ 413.996651][T12658] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 413.996659][T12658] RBP: 00007f4e2c2b1090 R08: 0000000000000000 R09: 0000000000000000 [ 413.996668][T12658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 413.996676][T12658] R13: 00007f4e2b616038 R14: 00007f4e2b615fa0 R15: 00007ffcd67052e8 [ 413.996695][T12658] [ 415.603439][T12676] openvswitch: netlink: Geneve opt len 1 is not a multiple of 4. [ 416.330656][T12704] zswap: compressor ûW–îë“;Å0못„?u=8å}Öƒ•L­Ö(£E‘¤¤Ö¹‰jj–8+ÕÄxp¥—Èœ‹ŒNkR³¦°¤uoêÇo‹ÿ¬<µSÔH ¾}ïEd }¡ìöP¢…8a [ 425.799743][T12865] dump_stack_lvl+0x100/0x190 [ 425.799767][T12865] should_fail_ex.cold+0x5/0xa [ 425.799791][T12865] should_failslab+0xc2/0x120 [ 425.799811][T12865] __kmalloc_cache_noprof+0x80/0x810 [ 425.799827][T12865] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 425.799845][T12865] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850 [ 425.799865][T12865] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 425.799883][T12865] snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 425.799912][T12865] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 425.799932][T12865] ? calc_src_frames.isra.0+0x17c/0x1c0 [ 425.799951][T12865] ? calc_dst_frames.constprop.0.isra.0+0xed/0x120 [ 425.799974][T12865] snd_pcm_oss_change_params_locked+0x18d9/0x39f0 [ 425.800001][T12865] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 425.800022][T12865] ? __pfx___mutex_lock+0x10/0x10 [ 425.800046][T12865] ? get_pid_task+0xfc/0x250 [ 425.800066][T12865] ? get_pid_task+0xfc/0x250 [ 425.800087][T12865] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 425.800106][T12865] snd_pcm_oss_write+0x4bb/0xa30 [ 425.800125][T12865] ? bpf_lsm_file_permission+0x9/0x10 [ 425.800145][T12865] ? security_file_permission+0x76/0x210 [ 425.800172][T12865] vfs_write+0x2aa/0x1070 [ 425.800189][T12865] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 425.800209][T12865] ? __pfx_vfs_write+0x10/0x10 [ 425.800223][T12865] ? find_held_lock+0x2b/0x80 [ 425.800237][T12865] ? __fget_files+0x215/0x3d0 [ 425.800253][T12865] ? __fget_files+0x215/0x3d0 [ 425.800271][T12865] ? __fget_files+0x21f/0x3d0 [ 425.800291][T12865] ksys_write+0x12a/0x250 [ 425.800308][T12865] ? __pfx_ksys_write+0x10/0x10 [ 425.800330][T12865] do_syscall_64+0xc9/0xf80 [ 425.800348][T12865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.800363][T12865] RIP: 0033:0x7f4e2b39aeb9 [ 425.800376][T12865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 425.800390][T12865] RSP: 002b:00007f4e2c2b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 425.800405][T12865] RAX: ffffffffffffffda RBX: 00007f4e2b615fa0 RCX: 00007f4e2b39aeb9 [ 425.800414][T12865] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 425.800423][T12865] RBP: 00007f4e2c2b1090 R08: 0000000000000000 R09: 0000000000000000 [ 425.800431][T12865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 425.800440][T12865] R13: 00007f4e2b616038 R14: 00007f4e2b615fa0 R15: 00007ffcd67052e8 [ 425.800459][T12865] [ 427.490369][T12877] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 428.336142][T12886] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 429.043355][T12868] Process accounting resumed [ 430.034839][T12921] FAULT_INJECTION: forcing a failure. [ 430.034839][T12921] name failslab, interval 1, probability 0, space 0, times 0 [ 430.052957][T12922] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 430.085744][T12922] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 430.161385][T12921] CPU: 0 UID: 0 PID: 12921 Comm: syz.1.1481 Tainted: G U L syzkaller #0 PREEMPT(full) [ 430.161415][T12921] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 430.161420][T12921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 430.161431][T12921] Call Trace: [ 430.161436][T12921] [ 430.161442][T12921] dump_stack_lvl+0x100/0x190 [ 430.161466][T12921] should_fail_ex.cold+0x5/0xa [ 430.161491][T12921] should_failslab+0xc2/0x120 [ 430.161512][T12921] ? udpv6_init_sock+0x24e/0x450 [ 430.161530][T12921] __kmalloc_noprof+0xf6/0x9c0 [ 430.161550][T12921] ? udpv6_init_sock+0x24e/0x450 [ 430.161568][T12921] udpv6_init_sock+0x24e/0x450 [ 430.161585][T12921] ? __pfx_udpv6_init_sock+0x10/0x10 [ 430.161604][T12921] inet6_create+0xb2f/0x12c0 [ 430.161633][T12921] ? inet6_create+0x7f/0x12c0 [ 430.161655][T12921] __sock_create+0x339/0x860 [ 430.161676][T12921] __sys_socket+0x14d/0x260 [ 430.161692][T12921] ? fput+0x79/0x100 [ 430.161711][T12921] ? __pfx___sys_socket+0x10/0x10 [ 430.161727][T12921] ? xfd_validate_state+0x129/0x190 [ 430.161754][T12921] __x64_sys_socket+0x72/0xb0 [ 430.161770][T12921] ? lockdep_hardirqs_on+0x78/0x100 [ 430.161787][T12921] do_syscall_64+0xc9/0xf80 [ 430.161806][T12921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.161821][T12921] RIP: 0033:0x7f4e2b39aeb9 [ 430.161834][T12921] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 430.161848][T12921] RSP: 002b:00007f4e2c2b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 430.161863][T12921] RAX: ffffffffffffffda RBX: 00007f4e2b615fa0 RCX: 00007f4e2b39aeb9 [ 430.161874][T12921] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 430.161882][T12921] RBP: 00007f4e2b408c1f R08: 0000000000000000 R09: 0000000000000000 [ 430.161891][T12921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 430.161900][T12921] R13: 00007f4e2b616038 R14: 00007f4e2b615fa0 R15: 00007ffcd67052e8 [ 430.161920][T12921] [ 431.143405][T12944] warning: `syz.2.1486' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 433.468383][ T30] audit: type=1800 audit(4294967423.149:16): pid=12989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1497" name="dbroot" dev="configfs" ino=45351 res=0 errno=0 [ 434.296136][T13004] FAULT_INJECTION: forcing a failure. [ 434.296136][T13004] name fail_futex, interval 1, probability 0, space 0, times 0 [ 434.335912][T13004] CPU: 0 UID: 0 PID: 13004 Comm: syz.2.1502 Tainted: G U L syzkaller #0 PREEMPT(full) [ 434.335940][T13004] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 434.335946][T13004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 434.335956][T13004] Call Trace: [ 434.335961][T13004] [ 434.335967][T13004] dump_stack_lvl+0x100/0x190 [ 434.335990][T13004] should_fail_ex.cold+0x5/0xa [ 434.336015][T13004] get_futex_key+0x1d2/0x1620 [ 434.336037][T13004] ? __pfx_get_futex_key+0x10/0x10 [ 434.336057][T13004] ? __lock_acquire+0x4a5/0x2630 [ 434.336080][T13004] futex_wake+0xea/0x530 [ 434.336106][T13004] ? __pfx_futex_wake+0x10/0x10 [ 434.336127][T13004] ? find_held_lock+0x2b/0x80 [ 434.336148][T13004] do_futex+0x32b/0x350 [ 434.336168][T13004] ? __pfx_do_futex+0x10/0x10 [ 434.336188][T13004] ? __sys_connect+0xe4/0x170 [ 434.336209][T13004] __x64_sys_futex+0x34f/0x4d0 [ 434.336231][T13004] ? __pfx___x64_sys_futex+0x10/0x10 [ 434.336258][T13004] do_syscall_64+0xc9/0xf80 [ 434.336276][T13004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 434.336292][T13004] RIP: 0033:0x7ffa60d9aeb9 [ 434.336305][T13004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 434.336319][T13004] RSP: 002b:00007ffa5eff60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 434.336342][T13004] RAX: ffffffffffffffda RBX: 00007ffa61015fa8 RCX: 00007ffa60d9aeb9 [ 434.336353][T13004] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ffa61015fac [ 434.336362][T13004] RBP: 00007ffa61015fa0 R08: 0000000000000000 R09: 0000000000000000 [ 434.336371][T13004] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 434.336381][T13004] R13: 00007ffa61016038 R14: 00007ffc06fbfd20 R15: 00007ffc06fbfe08 [ 434.336400][T13004] [ 434.999666][T13014] FAULT_INJECTION: forcing a failure. [ 434.999666][T13014] name failslab, interval 1, probability 0, space 0, times 0 [ 435.112521][T13014] CPU: 0 UID: 0 PID: 13014 Comm: syz.3.1504 Tainted: G U L syzkaller #0 PREEMPT(full) [ 435.112550][T13014] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 435.112556][T13014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 435.112566][T13014] Call Trace: [ 435.112571][T13014] [ 435.112577][T13014] dump_stack_lvl+0x100/0x190 [ 435.112600][T13014] should_fail_ex.cold+0x5/0xa [ 435.112624][T13014] should_failslab+0xc2/0x120 [ 435.112646][T13014] kmem_cache_alloc_noprof+0x83/0x780 [ 435.112665][T13014] ? getname_flags.part.0+0x4c/0x540 [ 435.112691][T13014] ? getname_flags.part.0+0x4c/0x540 [ 435.112711][T13014] getname_flags.part.0+0x4c/0x540 [ 435.112733][T13014] getname_flags+0x93/0xf0 [ 435.112748][T13014] path_listxattrat+0x2e7/0x370 [ 435.112764][T13014] ? xfd_validate_state+0x129/0x190 [ 435.112786][T13014] ? __pfx_path_listxattrat+0x10/0x10 [ 435.112807][T13014] do_syscall_64+0xc9/0xf80 [ 435.112826][T13014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.112841][T13014] RIP: 0033:0x7f55e9d9aeb9 [ 435.112854][T13014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 435.112868][T13014] RSP: 002b:00007f55eacf7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3 [ 435.112884][T13014] RAX: ffffffffffffffda RBX: 00007f55ea016090 RCX: 00007f55e9d9aeb9 [ 435.112894][T13014] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000200000000040 [ 435.112903][T13014] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 435.112911][T13014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 435.112920][T13014] R13: 00007f55ea016128 R14: 00007f55ea016090 R15: 00007ffc882f9ab8 [ 435.112939][T13014] [ 435.926512][T13028] hub 3-0:1.0: USB hub found [ 436.063691][T13028] hub 3-0:1.0: 1 port detected [ 436.269789][T13028] usb usb3: authorized to connect [ 437.563698][T13079] FAULT_INJECTION: forcing a failure. [ 437.563698][T13079] name fail_futex, interval 1, probability 0, space 0, times 0 [ 437.700158][T13079] CPU: 0 UID: 0 PID: 13079 Comm: syz.3.1519 Tainted: G U L syzkaller #0 PREEMPT(full) [ 437.700187][T13079] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 437.700194][T13079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 437.700203][T13079] Call Trace: [ 437.700208][T13079] [ 437.700214][T13079] dump_stack_lvl+0x100/0x190 [ 437.700237][T13079] should_fail_ex.cold+0x5/0xa [ 437.700261][T13079] get_futex_key+0x1d2/0x1620 [ 437.700283][T13079] ? __pfx_get_futex_key+0x10/0x10 [ 437.700301][T13079] ? kasan_save_stack+0x3f/0x50 [ 437.700319][T13079] ? kasan_save_stack+0x30/0x50 [ 437.700335][T13079] ? kasan_save_track+0x14/0x30 [ 437.700352][T13079] ? kasan_save_free_info+0x3b/0x70 [ 437.700365][T13079] ? __kasan_slab_free+0x5f/0x80 [ 437.700382][T13079] ? kfree+0x1c7/0x690 [ 437.700394][T13079] ? __x64_sys_fsopen+0xd5/0x220 [ 437.700414][T13079] ? do_syscall_64+0xc9/0xf80 [ 437.700433][T13079] futex_wake+0xea/0x530 [ 437.700458][T13079] ? __pfx_futex_wake+0x10/0x10 [ 437.700488][T13079] do_futex+0x32b/0x350 [ 437.700508][T13079] ? __pfx_do_futex+0x10/0x10 [ 437.700533][T13079] __x64_sys_futex+0x34f/0x4d0 [ 437.700556][T13079] ? __pfx___x64_sys_futex+0x10/0x10 [ 437.700575][T13079] ? xfd_validate_state+0x129/0x190 [ 437.700604][T13079] do_syscall_64+0xc9/0xf80 [ 437.700622][T13079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.700637][T13079] RIP: 0033:0x7f55e9d9aeb9 [ 437.700649][T13079] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 437.700664][T13079] RSP: 002b:00007f55eacf70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 437.700679][T13079] RAX: ffffffffffffffda RBX: 00007f55ea016098 RCX: 00007f55e9d9aeb9 [ 437.700689][T13079] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f55ea01609c [ 437.700698][T13079] RBP: 00007f55ea016090 R08: 0000000000000000 R09: 0000000000000000 [ 437.700707][T13079] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 437.700717][T13079] R13: 00007f55ea016128 R14: 00007ffc882f99d0 R15: 00007ffc882f9ab8 [ 437.700737][T13079] [ 439.438268][T13073] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 439.449086][T13073] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 439.458101][T13073] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 439.528469][T13073] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 439.612592][T13073] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 440.321154][T13110] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 440.391829][ T9248] Bluetooth: hci0: command 0x0c1a tx timeout [ 441.504807][ T9248] Bluetooth: hci3: command 0x0c1a tx timeout [ 441.510838][T10555] Bluetooth: hci1: command 0x0c1a tx timeout [ 441.662497][ T9268] Bluetooth: hci2: command 0x0c1a tx timeout [ 443.583192][ T9248] Bluetooth: hci3: command 0x0c1a tx timeout [ 444.547433][ T9268] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 445.106335][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.112667][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 449.424653][T13222] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1547'. [ 452.419950][T13260] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 452.453861][T13260] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 452.461353][T13260] vhci_hcd vhci_hcd.1: invalid port number 50 [ 452.497952][T13260] vhci_hcd vhci_hcd.1: default hub control req: 0400 v0000 i0032 l0 [ 454.548897][T13304] FAULT_INJECTION: forcing a failure. [ 454.548897][T13304] name failslab, interval 1, probability 0, space 0, times 0 [ 454.602485][T13304] CPU: 0 UID: 0 PID: 13304 Comm: syz.2.1562 Tainted: G U L syzkaller #0 PREEMPT(full) [ 454.602513][T13304] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 454.602518][T13304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 454.602527][T13304] Call Trace: [ 454.602532][T13304] [ 454.602538][T13304] dump_stack_lvl+0x100/0x190 [ 454.602560][T13304] should_fail_ex.cold+0x5/0xa [ 454.602585][T13304] should_failslab+0xc2/0x120 [ 454.602605][T13304] ? snd_pcm_plugin_build+0x434/0x650 [ 454.602624][T13304] __kmalloc_noprof+0xf6/0x9c0 [ 454.602640][T13304] ? __mutex_unlock_slowpath+0x15c/0x790 [ 454.602662][T13304] ? snd_pcm_plugin_build+0x434/0x650 [ 454.602680][T13304] snd_pcm_plugin_build+0x434/0x650 [ 454.602701][T13304] snd_pcm_plugin_build_mulaw+0x280/0x760 [ 454.602723][T13304] ? __pfx_mulaw_decode+0x10/0x10 [ 454.602743][T13304] ? __pfx_snd_pcm_plugin_build_mulaw+0x10/0x10 [ 454.602766][T13304] ? snd_pcm_hw_params+0x262/0x1cb0 [ 454.602791][T13304] snd_pcm_plug_format_plugins+0xbdd/0x1430 [ 454.602813][T13304] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 454.602836][T13304] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 454.602860][T13304] snd_pcm_oss_change_params_locked+0x2e3c/0x39f0 [ 454.602887][T13304] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 454.602908][T13304] ? __pfx___mutex_lock+0x10/0x10 [ 454.602931][T13304] ? get_pid_task+0xfc/0x250 [ 454.602950][T13304] ? get_pid_task+0xfc/0x250 [ 454.602978][T13304] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 454.602998][T13304] snd_pcm_oss_write+0x4bb/0xa30 [ 454.603017][T13304] ? bpf_lsm_file_permission+0x9/0x10 [ 454.603038][T13304] ? security_file_permission+0x76/0x210 [ 454.603065][T13304] vfs_write+0x2aa/0x1070 [ 454.603082][T13304] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 454.603102][T13304] ? __pfx_vfs_write+0x10/0x10 [ 454.603117][T13304] ? find_held_lock+0x2b/0x80 [ 454.603131][T13304] ? __fget_files+0x215/0x3d0 [ 454.603146][T13304] ? __fget_files+0x215/0x3d0 [ 454.603164][T13304] ? __fget_files+0x21f/0x3d0 [ 454.603185][T13304] ksys_write+0x12a/0x250 [ 454.603201][T13304] ? __pfx_ksys_write+0x10/0x10 [ 454.603223][T13304] do_syscall_64+0xc9/0xf80 [ 454.603241][T13304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 454.603256][T13304] RIP: 0033:0x7ffa60d9aeb9 [ 454.603272][T13304] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 454.603286][T13304] RSP: 002b:00007ffa5eff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 454.603301][T13304] RAX: ffffffffffffffda RBX: 00007ffa61015fa0 RCX: 00007ffa60d9aeb9 [ 454.603311][T13304] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 454.603320][T13304] RBP: 00007ffa5eff6090 R08: 0000000000000000 R09: 0000000000000000 [ 454.603328][T13304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 454.603337][T13304] R13: 00007ffa61016038 R14: 00007ffa61015fa0 R15: 00007ffc06fbfe08 [ 454.603356][T13304] [ 455.913909][T13320] FAULT_INJECTION: forcing a failure. [ 455.913909][T13320] name failslab, interval 1, probability 0, space 0, times 0 [ 456.018052][T13320] CPU: 0 UID: 0 PID: 13320 Comm: syz.2.1563 Tainted: G U L syzkaller #0 PREEMPT(full) [ 456.018083][T13320] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 456.018088][T13320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 456.018098][T13320] Call Trace: [ 456.018103][T13320] [ 456.018110][T13320] dump_stack_lvl+0x100/0x190 [ 456.018132][T13320] should_fail_ex.cold+0x5/0xa [ 456.018157][T13320] should_failslab+0xc2/0x120 [ 456.018177][T13320] ? handler_new_ref+0x1ab/0xc60 [ 456.018195][T13320] __kmalloc_noprof+0xf6/0x9c0 [ 456.018215][T13320] ? handler_new_ref+0x1ab/0xc60 [ 456.018233][T13320] ? handler_new_ref+0x82f/0xc60 [ 456.018250][T13320] handler_new_ref+0x1ab/0xc60 [ 456.018273][T13320] v4l2_ctrl_new+0xe67/0x2340 [ 456.018298][T13320] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 456.018325][T13320] v4l2_ctrl_new_std+0x1bb/0x290 [ 456.018349][T13320] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 456.018373][T13320] ? rcu_is_watching+0x12/0xc0 [ 456.018387][T13320] ? trace_kmalloc+0x83/0xb0 [ 456.018406][T13320] ? __kvmalloc_node_noprof+0x36a/0xac0 [ 456.018426][T13320] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 456.018447][T13320] ? media_request_object_init+0x100/0x180 [ 456.018468][T13320] vicodec_open+0x1b2/0xf70 [ 456.018488][T13320] ? kobject_get_unless_zero+0x156/0x200 [ 456.018512][T13320] v4l2_open+0x1d2/0x490 [ 456.018531][T13320] ? __pfx_v4l2_open+0x10/0x10 [ 456.018549][T13320] chrdev_open+0x234/0x6a0 [ 456.018567][T13320] ? __pfx_apparmor_file_open+0x10/0x10 [ 456.018586][T13320] ? __pfx_chrdev_open+0x10/0x10 [ 456.018605][T13320] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 456.018626][T13320] do_dentry_open+0x73e/0x1570 [ 456.018643][T13320] ? __pfx_chrdev_open+0x10/0x10 [ 456.018661][T13320] ? security_inode_permission+0xbf/0x250 [ 456.018686][T13320] vfs_open+0x82/0x3f0 [ 456.018708][T13320] path_openat+0x21dc/0x3120 [ 456.018732][T13320] ? __pfx_path_openat+0x10/0x10 [ 456.018755][T13320] do_filp_open+0x1f7/0x420 [ 456.018774][T13320] ? __pfx_do_filp_open+0x10/0x10 [ 456.018804][T13320] ? _raw_spin_unlock+0x28/0x50 [ 456.018818][T13320] ? alloc_fd+0x476/0x790 [ 456.018839][T13320] do_sys_openat2+0x12e/0x220 [ 456.018867][T13320] ? __pfx_do_sys_openat2+0x10/0x10 [ 456.018891][T13320] ? __fget_files+0x21f/0x3d0 [ 456.018911][T13320] __x64_sys_openat+0x12d/0x210 [ 456.018933][T13320] ? __pfx___x64_sys_openat+0x10/0x10 [ 456.018964][T13320] do_syscall_64+0xc9/0xf80 [ 456.018982][T13320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 456.018998][T13320] RIP: 0033:0x7ffa60d9aeb9 [ 456.019011][T13320] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 456.019027][T13320] RSP: 002b:00007ffa5eb91028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 456.019045][T13320] RAX: ffffffffffffffda RBX: 00007ffa61016270 RCX: 00007ffa60d9aeb9 [ 456.019054][T13320] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 456.019064][T13320] RBP: 00007ffa60e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 456.019072][T13320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 456.019081][T13320] R13: 00007ffa61016308 R14: 00007ffa61016270 R15: 00007ffc06fbfe08 [ 456.019100][T13320] [ 458.790834][T13344] FAULT_INJECTION: forcing a failure. [ 458.790834][T13344] name failslab, interval 1, probability 0, space 0, times 0 [ 458.899653][T13344] CPU: 0 UID: 0 PID: 13344 Comm: syz.3.1571 Tainted: G U L syzkaller #0 PREEMPT(full) [ 458.899685][T13344] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 458.899691][T13344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 458.899700][T13344] Call Trace: [ 458.899705][T13344] [ 458.899711][T13344] dump_stack_lvl+0x100/0x190 [ 458.899733][T13344] should_fail_ex.cold+0x5/0xa [ 458.899758][T13344] should_failslab+0xc2/0x120 [ 458.899778][T13344] ? snd_pcm_plugin_build+0x64/0x650 [ 458.899797][T13344] __kmalloc_noprof+0xf6/0x9c0 [ 458.899811][T13344] ? __pfx_snd_pcm_plugin_build_mulaw+0x10/0x10 [ 458.899838][T13344] ? snd_pcm_plugin_build+0x64/0x650 [ 458.899856][T13344] snd_pcm_plugin_build+0x64/0x650 [ 458.899878][T13344] snd_pcm_plugin_build_io+0x207/0x5f0 [ 458.899899][T13344] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 458.899920][T13344] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 458.899944][T13344] snd_pcm_oss_change_params_locked+0x2eb3/0x39f0 [ 458.899971][T13344] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 458.899992][T13344] ? __pfx___mutex_lock+0x10/0x10 [ 458.900017][T13344] ? get_pid_task+0xfc/0x250 [ 458.900037][T13344] ? get_pid_task+0xfc/0x250 [ 458.900058][T13344] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 458.900078][T13344] snd_pcm_oss_write+0x4bb/0xa30 [ 458.900096][T13344] ? bpf_lsm_file_permission+0x9/0x10 [ 458.900116][T13344] ? security_file_permission+0x76/0x210 [ 458.900143][T13344] vfs_write+0x2aa/0x1070 [ 458.900160][T13344] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 458.900180][T13344] ? __pfx_vfs_write+0x10/0x10 [ 458.900195][T13344] ? find_held_lock+0x2b/0x80 [ 458.900208][T13344] ? __fget_files+0x215/0x3d0 [ 458.900227][T13344] ? __fget_files+0x215/0x3d0 [ 458.900245][T13344] ? __fget_files+0x21f/0x3d0 [ 458.900265][T13344] ksys_write+0x12a/0x250 [ 458.900281][T13344] ? __pfx_ksys_write+0x10/0x10 [ 458.900303][T13344] do_syscall_64+0xc9/0xf80 [ 458.900322][T13344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.900337][T13344] RIP: 0033:0x7f55e9d9aeb9 [ 458.900349][T13344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 458.900363][T13344] RSP: 002b:00007f55ead18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 458.900378][T13344] RAX: ffffffffffffffda RBX: 00007f55ea015fa0 RCX: 00007f55e9d9aeb9 [ 458.900388][T13344] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 458.900397][T13344] RBP: 00007f55ead18090 R08: 0000000000000000 R09: 0000000000000000 [ 458.900405][T13344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 458.900414][T13344] R13: 00007f55ea016038 R14: 00007f55ea015fa0 R15: 00007ffc882f9ab8 [ 458.900433][T13344] [ 459.647641][T13319] Process accounting paused [ 460.692321][T13375] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 460.913470][T13377] FAULT_INJECTION: forcing a failure. [ 460.913470][T13377] name failslab, interval 1, probability 0, space 0, times 0 [ 460.974808][T13377] CPU: 0 UID: 0 PID: 13377 Comm: syz.2.1580 Tainted: G U L syzkaller #0 PREEMPT(full) [ 460.974835][T13377] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 460.974841][T13377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 460.974850][T13377] Call Trace: [ 460.974854][T13377] [ 460.974860][T13377] dump_stack_lvl+0x100/0x190 [ 460.974882][T13377] should_fail_ex.cold+0x5/0xa [ 460.974907][T13377] should_failslab+0xc2/0x120 [ 460.974927][T13377] ? snd_pcm_plugin_build+0x434/0x650 [ 460.974947][T13377] __kmalloc_noprof+0xf6/0x9c0 [ 460.974961][T13377] ? __pfx_snd_pcm_plugin_build_mulaw+0x10/0x10 [ 460.974987][T13377] ? snd_pcm_plugin_build+0x434/0x650 [ 460.975009][T13377] snd_pcm_plugin_build+0x434/0x650 [ 460.975031][T13377] snd_pcm_plugin_build_io+0x207/0x5f0 [ 460.975052][T13377] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 460.975073][T13377] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 460.975097][T13377] snd_pcm_oss_change_params_locked+0x2eb3/0x39f0 [ 460.975124][T13377] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 460.975145][T13377] ? __pfx___mutex_lock+0x10/0x10 [ 460.975170][T13377] ? get_pid_task+0xfc/0x250 [ 460.975189][T13377] ? get_pid_task+0xfc/0x250 [ 460.975210][T13377] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 460.975230][T13377] snd_pcm_oss_write+0x4bb/0xa30 [ 460.975248][T13377] ? bpf_lsm_file_permission+0x9/0x10 [ 460.975268][T13377] ? security_file_permission+0x76/0x210 [ 460.975296][T13377] vfs_write+0x2aa/0x1070 [ 460.975312][T13377] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 460.975332][T13377] ? __pfx_vfs_write+0x10/0x10 [ 460.975347][T13377] ? find_held_lock+0x2b/0x80 [ 460.975361][T13377] ? __fget_files+0x215/0x3d0 [ 460.975376][T13377] ? __fget_files+0x215/0x3d0 [ 460.975394][T13377] ? __fget_files+0x21f/0x3d0 [ 460.975414][T13377] ksys_write+0x12a/0x250 [ 460.975431][T13377] ? __pfx_ksys_write+0x10/0x10 [ 460.975452][T13377] do_syscall_64+0xc9/0xf80 [ 460.975471][T13377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.975486][T13377] RIP: 0033:0x7ffa60d9aeb9 [ 460.975498][T13377] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 460.975512][T13377] RSP: 002b:00007ffa5eff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 460.975535][T13377] RAX: ffffffffffffffda RBX: 00007ffa61015fa0 RCX: 00007ffa60d9aeb9 [ 460.975544][T13377] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 460.975553][T13377] RBP: 00007ffa5eff6090 R08: 0000000000000000 R09: 0000000000000000 [ 460.975562][T13377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 460.975571][T13377] R13: 00007ffa61016038 R14: 00007ffa61015fa0 R15: 00007ffc06fbfe08 [ 460.975590][T13377] [ 461.792293][T13395] FAULT_INJECTION: forcing a failure. [ 461.792293][T13395] name failslab, interval 1, probability 0, space 0, times 0 [ 461.838085][T13395] CPU: 0 UID: 0 PID: 13395 Comm: syz.1.1587 Tainted: G U L syzkaller #0 PREEMPT(full) [ 461.838115][T13395] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 461.838121][T13395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 461.838131][T13395] Call Trace: [ 461.838136][T13395] [ 461.838142][T13395] dump_stack_lvl+0x100/0x190 [ 461.838165][T13395] should_fail_ex.cold+0x5/0xa [ 461.838189][T13395] should_failslab+0xc2/0x120 [ 461.838210][T13395] __kmalloc_cache_noprof+0x80/0x810 [ 461.838225][T13395] ? lockdep_hardirqs_on+0x78/0x100 [ 461.838242][T13395] ? sctp_endpoint_new+0xfc/0xb20 [ 461.838266][T13395] ? sctp_endpoint_new+0xfc/0xb20 [ 461.838284][T13395] ? __pfx___debug_object_init+0x10/0x10 [ 461.838303][T13395] sctp_endpoint_new+0xfc/0xb20 [ 461.838325][T13395] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 461.838346][T13395] ? lockdep_init_map_type+0x5c/0x250 [ 461.838375][T13395] ? lockdep_init_map_type+0x5c/0x250 [ 461.838398][T13395] sctp_init_sock+0xe2b/0x1300 [ 461.838418][T13395] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 461.838439][T13395] sctp_v6_init_sock+0x16/0x70 [ 461.838458][T13395] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 461.838482][T13395] inet6_create+0xb2f/0x12c0 [ 461.838506][T13395] ? inet6_create+0x7f/0x12c0 [ 461.838529][T13395] __sock_create+0x339/0x860 [ 461.838549][T13395] __sys_socket+0x14d/0x260 [ 461.838565][T13395] ? fput+0x79/0x100 [ 461.838584][T13395] ? __pfx___sys_socket+0x10/0x10 [ 461.838601][T13395] ? xfd_validate_state+0x129/0x190 [ 461.838628][T13395] __x64_sys_socket+0x72/0xb0 [ 461.838644][T13395] ? lockdep_hardirqs_on+0x78/0x100 [ 461.838660][T13395] do_syscall_64+0xc9/0xf80 [ 461.838678][T13395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.838694][T13395] RIP: 0033:0x7f4e2b39aeb9 [ 461.838707][T13395] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 461.838722][T13395] RSP: 002b:00007f4e2c2b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 461.838737][T13395] RAX: ffffffffffffffda RBX: 00007f4e2b615fa0 RCX: 00007f4e2b39aeb9 [ 461.838747][T13395] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a [ 461.838756][T13395] RBP: 00007f4e2b408c1f R08: 0000000000000000 R09: 0000000000000000 [ 461.838765][T13395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 461.838774][T13395] R13: 00007f4e2b616038 R14: 00007f4e2b615fa0 R15: 00007ffcd67052e8 [ 461.838794][T13395] [ 462.541747][T13404] FAULT_INJECTION: forcing a failure. [ 462.541747][T13404] name failslab, interval 1, probability 0, space 0, times 0 [ 462.594962][T13404] CPU: 0 UID: 0 PID: 13404 Comm: syz.0.1591 Tainted: G U L syzkaller #0 PREEMPT(full) [ 462.594991][T13404] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 462.594997][T13404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 462.595005][T13404] Call Trace: [ 462.595011][T13404] [ 462.595017][T13404] dump_stack_lvl+0x100/0x190 [ 462.595039][T13404] should_fail_ex.cold+0x5/0xa [ 462.595064][T13404] should_failslab+0xc2/0x120 [ 462.595089][T13404] __kvmalloc_node_noprof+0x101/0xac0 [ 462.595106][T13404] ? rcu_is_watching+0x12/0xc0 [ 462.595121][T13404] ? kfree+0x2a9/0x690 [ 462.595133][T13404] ? snd_pcm_plugin_alloc+0x5ed/0x7e0 [ 462.595157][T13404] ? snd_pcm_plugin_alloc+0x5ed/0x7e0 [ 462.595175][T13404] snd_pcm_plugin_alloc+0x5ed/0x7e0 [ 462.595198][T13404] snd_pcm_plug_alloc+0x214/0x320 [ 462.595218][T13404] snd_pcm_oss_change_params_locked+0x1fb3/0x39f0 [ 462.595246][T13404] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 462.595267][T13404] ? __pfx___mutex_lock+0x10/0x10 [ 462.595292][T13404] ? get_pid_task+0xfc/0x250 [ 462.595310][T13404] ? get_pid_task+0xfc/0x250 [ 462.595332][T13404] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 462.595351][T13404] snd_pcm_oss_write+0x4bb/0xa30 [ 462.595370][T13404] ? bpf_lsm_file_permission+0x9/0x10 [ 462.595390][T13404] ? security_file_permission+0x76/0x210 [ 462.595423][T13404] vfs_write+0x2aa/0x1070 [ 462.595440][T13404] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 462.595460][T13404] ? __pfx_vfs_write+0x10/0x10 [ 462.595475][T13404] ? find_held_lock+0x2b/0x80 [ 462.595489][T13404] ? __fget_files+0x215/0x3d0 [ 462.595504][T13404] ? __fget_files+0x215/0x3d0 [ 462.595522][T13404] ? __fget_files+0x21f/0x3d0 [ 462.595542][T13404] ksys_write+0x12a/0x250 [ 462.595559][T13404] ? __pfx_ksys_write+0x10/0x10 [ 462.595580][T13404] do_syscall_64+0xc9/0xf80 [ 462.595599][T13404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 462.595614][T13404] RIP: 0033:0x7ff2c519aeb9 [ 462.595627][T13404] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 462.595641][T13404] RSP: 002b:00007ff2c6131028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 462.595656][T13404] RAX: ffffffffffffffda RBX: 00007ff2c5415fa0 RCX: 00007ff2c519aeb9 [ 462.595666][T13404] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 462.595675][T13404] RBP: 00007ff2c6131090 R08: 0000000000000000 R09: 0000000000000000 [ 462.595684][T13404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 462.595692][T13404] R13: 00007ff2c5416038 R14: 00007ff2c5415fa0 R15: 00007ffd93dbd358 [ 462.595712][T13404] [ 463.221192][T13406] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1592'. [ 463.560307][T13409] Invalid ELF header magic: != ELF [ 463.906952][T13432] binder: BINDER_SET_CONTEXT_MGR already set [ 463.933467][T13432] binder: 13431:13432 ioctl 4018620d 9 returned -16 [ 465.194693][T13457] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1603'. [ 465.347913][T13463] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 465.356023][T13457] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1603'. [ 465.492861][T13457] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1603'. [ 465.501972][T13457] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1603'. [ 466.436003][T13481] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 467.035686][T13494] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 469.094479][T13524] netlink: Unknown conntrack attr (type=257, max=9) [ 469.597025][T13529] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 472.005678][T13555] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 473.721027][T13587] FAULT_INJECTION: forcing a failure. [ 473.721027][T13587] name failslab, interval 1, probability 0, space 0, times 0 [ 473.877132][T13587] CPU: 0 UID: 0 PID: 13587 Comm: syz.0.1634 Tainted: G U L syzkaller #0 PREEMPT(full) [ 473.877162][T13587] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 473.877168][T13587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 473.877178][T13587] Call Trace: [ 473.877184][T13587] [ 473.877190][T13587] dump_stack_lvl+0x100/0x190 [ 473.877214][T13587] should_fail_ex.cold+0x5/0xa [ 473.877239][T13587] should_failslab+0xc2/0x120 [ 473.877260][T13587] __kmalloc_cache_noprof+0x80/0x810 [ 473.877276][T13587] ? open_substream+0xec/0x9e0 [ 473.877298][T13587] ? open_substream+0xec/0x9e0 [ 473.877315][T13587] open_substream+0xec/0x9e0 [ 473.877335][T13587] rawmidi_open_priv+0x595/0x6f0 [ 473.877358][T13587] snd_rawmidi_open+0x4c9/0xba0 [ 473.877381][T13587] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 473.877402][T13587] ? __pfx_default_wake_function+0x10/0x10 [ 473.877420][T13587] ? kobject_get_unless_zero+0x156/0x200 [ 473.877443][T13587] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 473.877462][T13587] snd_open+0x22d/0x4c0 [ 473.877480][T13587] ? __pfx_snd_open+0x10/0x10 [ 473.877495][T13587] chrdev_open+0x234/0x6a0 [ 473.877513][T13587] ? __pfx_apparmor_file_open+0x10/0x10 [ 473.877531][T13587] ? __pfx_chrdev_open+0x10/0x10 [ 473.877550][T13587] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 473.877571][T13587] do_dentry_open+0x73e/0x1570 [ 473.877589][T13587] ? __pfx_chrdev_open+0x10/0x10 [ 473.877607][T13587] ? security_inode_permission+0xbf/0x250 [ 473.877639][T13587] vfs_open+0x82/0x3f0 [ 473.877663][T13587] path_openat+0x21dc/0x3120 [ 473.877688][T13587] ? __pfx_path_openat+0x10/0x10 [ 473.877712][T13587] do_filp_open+0x1f7/0x420 [ 473.877731][T13587] ? __pfx_do_filp_open+0x10/0x10 [ 473.877761][T13587] ? _raw_spin_unlock+0x28/0x50 [ 473.877775][T13587] ? alloc_fd+0x476/0x790 [ 473.877797][T13587] do_sys_openat2+0x12e/0x220 [ 473.877818][T13587] ? __pfx_do_sys_openat2+0x10/0x10 [ 473.877841][T13587] ? __fget_files+0x21f/0x3d0 [ 473.877860][T13587] __x64_sys_openat+0x12d/0x210 [ 473.877882][T13587] ? __pfx___x64_sys_openat+0x10/0x10 [ 473.877903][T13587] ? xfd_validate_state+0x129/0x190 [ 473.877932][T13587] do_syscall_64+0xc9/0xf80 [ 473.877951][T13587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 473.877966][T13587] RIP: 0033:0x7ff2c519aeb9 [ 473.877979][T13587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 473.877993][T13587] RSP: 002b:00007ff2c6131028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 473.878009][T13587] RAX: ffffffffffffffda RBX: 00007ff2c5415fa0 RCX: 00007ff2c519aeb9 [ 473.878019][T13587] RDX: 0000000000080102 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 473.878029][T13587] RBP: 00007ff2c5208c1f R08: 0000000000000000 R09: 0000000000000000 [ 473.878038][T13587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 473.878047][T13587] R13: 00007ff2c5416038 R14: 00007ff2c5415fa0 R15: 00007ffd93dbd358 [ 473.878068][T13587] [ 474.503519][T13594] program syz.3.1638 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 474.546453][T13594] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1638'. [ 476.685513][T13636] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1647'. [ 476.737038][T13636] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1647'. [ 476.805969][T13641] netlink: 290 bytes leftover after parsing attributes in process `syz.3.1647'. [ 477.225799][T13647] FAULT_INJECTION: forcing a failure. [ 477.225799][T13647] name failslab, interval 1, probability 0, space 0, times 0 [ 477.302773][T13647] CPU: 0 UID: 0 PID: 13647 Comm: syz.3.1650 Tainted: G U L syzkaller #0 PREEMPT(full) [ 477.302801][T13647] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 477.302807][T13647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 477.302817][T13647] Call Trace: [ 477.302823][T13647] [ 477.302829][T13647] dump_stack_lvl+0x100/0x190 [ 477.302852][T13647] should_fail_ex.cold+0x5/0xa [ 477.302877][T13647] should_failslab+0xc2/0x120 [ 477.302897][T13647] ? udpv6_init_sock+0x24e/0x450 [ 477.302915][T13647] __kmalloc_noprof+0xf6/0x9c0 [ 477.302934][T13647] ? udpv6_init_sock+0x24e/0x450 [ 477.302952][T13647] udpv6_init_sock+0x24e/0x450 [ 477.302969][T13647] ? __pfx_udpv6_init_sock+0x10/0x10 [ 477.302989][T13647] inet6_create+0xb2f/0x12c0 [ 477.303015][T13647] ? inet6_create+0x7f/0x12c0 [ 477.303037][T13647] __sock_create+0x339/0x860 [ 477.303058][T13647] __sys_socket+0x14d/0x260 [ 477.303073][T13647] ? fput+0x79/0x100 [ 477.303092][T13647] ? __pfx___sys_socket+0x10/0x10 [ 477.303109][T13647] ? xfd_validate_state+0x129/0x190 [ 477.303136][T13647] __x64_sys_socket+0x72/0xb0 [ 477.303151][T13647] ? lockdep_hardirqs_on+0x78/0x100 [ 477.303169][T13647] do_syscall_64+0xc9/0xf80 [ 477.303187][T13647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 477.303202][T13647] RIP: 0033:0x7f55e9d9aeb9 [ 477.303214][T13647] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 477.303228][T13647] RSP: 002b:00007f55ead18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 477.303243][T13647] RAX: ffffffffffffffda RBX: 00007f55ea015fa0 RCX: 00007f55e9d9aeb9 [ 477.303253][T13647] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 477.303261][T13647] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 477.303270][T13647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 477.303278][T13647] R13: 00007f55ea016038 R14: 00007f55ea015fa0 R15: 00007ffc882f9ab8 [ 477.303298][T13647] [ 478.060785][T13653] FAULT_INJECTION: forcing a failure. [ 478.060785][T13653] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 478.172480][T13653] CPU: 0 UID: 0 PID: 13653 Comm: syz.1.1651 Tainted: G U L syzkaller #0 PREEMPT(full) [ 478.172510][T13653] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 478.172517][T13653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 478.172526][T13653] Call Trace: [ 478.172531][T13653] [ 478.172538][T13653] dump_stack_lvl+0x100/0x190 [ 478.172561][T13653] should_fail_ex.cold+0x5/0xa [ 478.172583][T13653] ? prepare_alloc_pages+0x16d/0x5f0 [ 478.172607][T13653] should_fail_alloc_page+0xeb/0x140 [ 478.172628][T13653] prepare_alloc_pages+0x1f0/0x5f0 [ 478.172650][T13653] ? validate_mm+0x261/0x4e0 [ 478.172667][T13653] __alloc_frozen_pages_noprof+0x193/0x2410 [ 478.172686][T13653] ? validate_mm+0x392/0x4e0 [ 478.172704][T13653] ? __pfx_validate_mm+0x10/0x10 [ 478.172722][T13653] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 478.172741][T13653] ? vma_wants_writenotify+0x10b/0x390 [ 478.172759][T13653] ? __pfx_vma_wants_writenotify+0x10/0x10 [ 478.172782][T13653] ? mas_ascend+0x53d/0xb30 [ 478.172799][T13653] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 478.172816][T13653] ? policy_nodemask+0xed/0x4f0 [ 478.172839][T13653] alloc_pages_mpol+0x1fb/0x550 [ 478.172860][T13653] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 478.172886][T13653] alloc_pages_noprof+0x131/0x390 [ 478.172907][T13653] __pmd_alloc+0x3b/0x9c0 [ 478.172931][T13653] __handle_mm_fault+0xa99/0x2b50 [ 478.172950][T13653] ? mt_find+0x45e/0x8e0 [ 478.172969][T13653] ? __pfx___handle_mm_fault+0x10/0x10 [ 478.172983][T13653] ? __pfx_mt_find+0x10/0x10 [ 478.173016][T13653] handle_mm_fault+0x36d/0xa20 [ 478.173035][T13653] __get_user_pages+0xf9c/0x34d0 [ 478.173064][T13653] ? __pfx___get_user_pages+0x10/0x10 [ 478.173090][T13653] populate_vma_page_range+0x267/0x3f0 [ 478.173114][T13653] ? __pfx_populate_vma_page_range+0x10/0x10 [ 478.173136][T13653] ? __pfx_find_vma_intersection+0x10/0x10 [ 478.173158][T13653] ? do_mmap+0x93f/0x12f0 [ 478.173180][T13653] __mm_populate+0x107/0x3a0 [ 478.173203][T13653] ? __pfx___mm_populate+0x10/0x10 [ 478.173227][T13653] ? up_write+0x290/0x4f0 [ 478.173251][T13653] vm_mmap_pgoff+0x37f/0x470 [ 478.173284][T13653] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 478.173310][T13653] ? __x64_sys_futex+0x34f/0x4d0 [ 478.173334][T13653] ? __x64_sys_futex+0x358/0x4d0 [ 478.173363][T13653] ksys_mmap_pgoff+0x7d/0x5b0 [ 478.173387][T13653] __x64_sys_mmap+0x125/0x190 [ 478.173404][T13653] do_syscall_64+0xc9/0xf80 [ 478.173424][T13653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.173439][T13653] RIP: 0033:0x7f4e2b39aeb9 [ 478.173453][T13653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 478.173466][T13653] RSP: 002b:00007f4e2c290028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 478.173483][T13653] RAX: ffffffffffffffda RBX: 00007f4e2b616090 RCX: 00007f4e2b39aeb9 [ 478.173494][T13653] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 478.173503][T13653] RBP: 00007f4e2b408c1f R08: ffffffffffffffff R09: 0000000000008000 [ 478.173512][T13653] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 478.173521][T13653] R13: 00007f4e2b616128 R14: 00007f4e2b616090 R15: 00007ffcd67052e8 [ 478.173541][T13653] [ 479.374345][T13673] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 479.869952][ T30] audit: type=1800 audit(4295004157.559:17): pid=13684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1659" name="lu_gp_id" dev="configfs" ino=48938 res=0 errno=0 [ 480.339001][T13687] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 480.469976][T13693] FAULT_INJECTION: forcing a failure. [ 480.469976][T13693] name failslab, interval 1, probability 0, space 0, times 0 [ 480.532530][T13693] CPU: 0 UID: 0 PID: 13693 Comm: syz.3.1661 Tainted: G U L syzkaller #0 PREEMPT(full) [ 480.532559][T13693] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 480.532565][T13693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 480.532574][T13693] Call Trace: [ 480.532580][T13693] [ 480.532586][T13693] dump_stack_lvl+0x100/0x190 [ 480.532609][T13693] should_fail_ex.cold+0x5/0xa [ 480.532633][T13693] should_failslab+0xc2/0x120 [ 480.532654][T13693] __kmalloc_cache_noprof+0x80/0x810 [ 480.532670][T13693] ? snd_pcm_oss_change_params_locked+0x1db/0x39f0 [ 480.532692][T13693] ? lock_acquire+0x17c/0x330 [ 480.532714][T13693] ? snd_pcm_oss_change_params_locked+0x1db/0x39f0 [ 480.532733][T13693] snd_pcm_oss_change_params_locked+0x1db/0x39f0 [ 480.532755][T13693] ? __mutex_lock+0x26a/0x1b90 [ 480.532774][T13693] ? snd_pcm_oss_make_ready+0xcb/0x1b0 [ 480.532795][T13693] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 480.532814][T13693] ? __pfx___mutex_lock+0x10/0x10 [ 480.532839][T13693] ? __fsnotify_parent+0x2b4/0xca0 [ 480.532861][T13693] snd_pcm_oss_make_ready+0xeb/0x1b0 [ 480.532882][T13693] snd_pcm_oss_sync+0x1de/0x840 [ 480.532903][T13693] snd_pcm_oss_release+0x238/0x300 [ 480.532921][T13693] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 480.532939][T13693] __fput+0x3ff/0xb40 [ 480.532963][T13693] task_work_run+0x150/0x240 [ 480.532985][T13693] ? __pfx_task_work_run+0x10/0x10 [ 480.533012][T13693] exit_to_user_mode_loop+0x100/0x4b0 [ 480.533032][T13693] ? rcu_is_watching+0x12/0xc0 [ 480.533048][T13693] do_syscall_64+0x4ea/0xf80 [ 480.533066][T13693] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 480.533081][T13693] RIP: 0033:0x7f55e9d9aeb9 [ 480.533094][T13693] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 480.533108][T13693] RSP: 002b:00007f55ead18028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 480.533123][T13693] RAX: 0000000000000000 RBX: 00007f55ea015fa0 RCX: 00007f55e9d9aeb9 [ 480.533132][T13693] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 480.533141][T13693] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 480.533149][T13693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 480.533158][T13693] R13: 00007f55ea016038 R14: 00007f55ea015fa0 R15: 00007ffc882f9ab8 [ 480.533185][T13693] [ 482.032096][T13702] FAULT_INJECTION: forcing a failure. [ 482.032096][T13702] name fail_futex, interval 1, probability 0, space 0, times 0 [ 482.073173][T13702] CPU: 0 UID: 0 PID: 13702 Comm: syz.3.1663 Tainted: G U L syzkaller #0 PREEMPT(full) [ 482.073202][T13702] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 482.073209][T13702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 482.073218][T13702] Call Trace: [ 482.073223][T13702] [ 482.073229][T13702] dump_stack_lvl+0x100/0x190 [ 482.073253][T13702] should_fail_ex.cold+0x5/0xa [ 482.073278][T13702] get_futex_key+0x1d2/0x1620 [ 482.073300][T13702] ? __pfx_get_futex_key+0x10/0x10 [ 482.073318][T13702] ? find_held_lock+0x2b/0x80 [ 482.073333][T13702] ? is_bpf_text_address+0x8a/0x1a0 [ 482.073355][T13702] ? is_bpf_text_address+0x8a/0x1a0 [ 482.073377][T13702] ? bpf_ksym_find+0x124/0x1c0 [ 482.073397][T13702] futex_wait_setup+0x81/0x500 [ 482.073416][T13702] __futex_wait+0x19f/0x300 [ 482.073431][T13702] ? __pfx___futex_wait+0x10/0x10 [ 482.073448][T13702] ? __pfx_futex_wake_mark+0x10/0x10 [ 482.073472][T13702] ? futex_hash+0x2c5/0x380 [ 482.073495][T13702] futex_wait+0xed/0x380 [ 482.073509][T13702] ? __pfx_futex_wait+0x10/0x10 [ 482.073533][T13702] do_futex+0x1ef/0x350 [ 482.073552][T13702] ? __pfx_do_futex+0x10/0x10 [ 482.073576][T13702] __x64_sys_futex+0x34f/0x4d0 [ 482.073598][T13702] ? __pfx___x64_sys_futex+0x10/0x10 [ 482.073617][T13702] ? xfd_validate_state+0x129/0x190 [ 482.073646][T13702] do_syscall_64+0xc9/0xf80 [ 482.073665][T13702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.073680][T13702] RIP: 0033:0x7f55e9d9aeb9 [ 482.073693][T13702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 482.073708][T13702] RSP: 002b:00007f55eacf70e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 482.073723][T13702] RAX: ffffffffffffffda RBX: 00007f55ea016098 RCX: 00007f55e9d9aeb9 [ 482.073733][T13702] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f55ea016098 [ 482.073742][T13702] RBP: 00007f55ea016090 R08: 0000000000000000 R09: 0000000000000000 [ 482.073751][T13702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 482.073759][T13702] R13: 00007f55ea016128 R14: 00007ffc882f99d0 R15: 00007ffc882f9ab8 [ 482.073778][T13702] [ 483.524773][T13701] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 483.531196][T13701] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 483.585850][T13701] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 483.622601][T13701] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 483.647241][T13701] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 483.985896][ T9268] Bluetooth: hci0: command 0x0c1a tx timeout [ 484.047138][T13740] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1668'. [ 484.220849][T13742] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1670'. [ 484.295509][T13742] mac80211_hwsim hwsim6 ›: renamed from wlan0 (while UP) [ 484.751123][T13753] FAULT_INJECTION: forcing a failure. [ 484.751123][T13753] name failslab, interval 1, probability 0, space 0, times 0 [ 484.788415][T13753] CPU: 0 UID: 0 PID: 13753 Comm: syz.1.1674 Tainted: G U L syzkaller #0 PREEMPT(full) [ 484.788443][T13753] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 484.788449][T13753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 484.788458][T13753] Call Trace: [ 484.788464][T13753] [ 484.788470][T13753] dump_stack_lvl+0x100/0x190 [ 484.788494][T13753] should_fail_ex.cold+0x5/0xa [ 484.788519][T13753] should_failslab+0xc2/0x120 [ 484.788539][T13753] ? udpv6_init_sock+0x24e/0x450 [ 484.788556][T13753] __kmalloc_noprof+0xf6/0x9c0 [ 484.788576][T13753] ? udpv6_init_sock+0x24e/0x450 [ 484.788593][T13753] udpv6_init_sock+0x24e/0x450 [ 484.788610][T13753] ? __pfx_udpv6_init_sock+0x10/0x10 [ 484.788629][T13753] inet6_create+0xb2f/0x12c0 [ 484.788651][T13753] ? inet6_create+0x7f/0x12c0 [ 484.788673][T13753] __sock_create+0x339/0x860 [ 484.788694][T13753] __sys_socket+0x14d/0x260 [ 484.788709][T13753] ? fput+0x79/0x100 [ 484.788728][T13753] ? __pfx___sys_socket+0x10/0x10 [ 484.788745][T13753] ? xfd_validate_state+0x129/0x190 [ 484.788772][T13753] __x64_sys_socket+0x72/0xb0 [ 484.788789][T13753] ? lockdep_hardirqs_on+0x78/0x100 [ 484.788805][T13753] do_syscall_64+0xc9/0xf80 [ 484.788824][T13753] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.788839][T13753] RIP: 0033:0x7f4e2b39aeb9 [ 484.788851][T13753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 484.788866][T13753] RSP: 002b:00007f4e2c2b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 484.788881][T13753] RAX: ffffffffffffffda RBX: 00007f4e2b615fa0 RCX: 00007f4e2b39aeb9 [ 484.788891][T13753] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 484.788900][T13753] RBP: 00007f4e2b408c1f R08: 0000000000000000 R09: 0000000000000000 [ 484.788915][T13753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 484.788924][T13753] R13: 00007f4e2b616038 R14: 00007f4e2b615fa0 R15: 00007ffcd67052e8 [ 484.788943][T13753] [ 485.582914][ T9268] Bluetooth: hci1: command 0x0c1a tx timeout [ 485.665290][ T9268] Bluetooth: hci2: command 0x0c1a tx timeout [ 485.671377][ T9248] Bluetooth: hci3: command 0x0c1a tx timeout [ 486.181505][T13761] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 486.188112][T13761] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 486.197724][T13761] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 486.212375][T13774] FAULT_INJECTION: forcing a failure. [ 486.212375][T13774] name failslab, interval 1, probability 0, space 0, times 0 [ 486.232530][T13761] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 486.238648][T13761] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 486.255760][T13768] FAULT_INJECTION: forcing a failure. [ 486.255760][T13768] name failslab, interval 1, probability 0, space 0, times 0 [ 486.283434][T13768] CPU: 0 UID: 0 PID: 13768 Comm: syz.3.1678 Tainted: G U L syzkaller #0 PREEMPT(full) [ 486.283460][T13768] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 486.283466][T13768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 486.283475][T13768] Call Trace: [ 486.283480][T13768] [ 486.283486][T13768] dump_stack_lvl+0x100/0x190 [ 486.283507][T13768] should_fail_ex.cold+0x5/0xa [ 486.283532][T13768] should_failslab+0xc2/0x120 [ 486.283552][T13768] __kmalloc_cache_noprof+0x80/0x810 [ 486.283568][T13768] ? fuse_dev_alloc+0x8e/0x280 [ 486.283589][T13768] ? fuse_dev_alloc+0x8e/0x280 [ 486.283606][T13768] fuse_dev_alloc+0x8e/0x280 [ 486.283624][T13768] fuse_dev_alloc_install+0x13/0x40 [ 486.283643][T13768] cuse_channel_open+0x100/0x7f0 [ 486.283661][T13768] ? __pfx_cuse_channel_open+0x10/0x10 [ 486.283679][T13768] misc_open+0x26d/0x450 [ 486.283696][T13768] ? __pfx_misc_open+0x10/0x10 [ 486.283712][T13768] chrdev_open+0x234/0x6a0 [ 486.283729][T13768] ? __pfx_apparmor_file_open+0x10/0x10 [ 486.283749][T13768] ? __pfx_chrdev_open+0x10/0x10 [ 486.283767][T13768] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 486.283789][T13768] do_dentry_open+0x73e/0x1570 [ 486.283813][T13768] ? __pfx_chrdev_open+0x10/0x10 [ 486.283831][T13768] ? security_inode_permission+0xbf/0x250 [ 486.283856][T13768] vfs_open+0x82/0x3f0 [ 486.283879][T13768] path_openat+0x21dc/0x3120 [ 486.283902][T13768] ? __pfx_path_openat+0x10/0x10 [ 486.283926][T13768] do_filp_open+0x1f7/0x420 [ 486.283944][T13768] ? __pfx_do_filp_open+0x10/0x10 [ 486.283973][T13768] ? _raw_spin_unlock+0x28/0x50 [ 486.283987][T13768] ? alloc_fd+0x476/0x790 [ 486.284009][T13768] do_sys_openat2+0x12e/0x220 [ 486.284030][T13768] ? __pfx_do_sys_openat2+0x10/0x10 [ 486.284053][T13768] ? find_held_lock+0x2b/0x80 [ 486.284073][T13768] __x64_sys_openat+0x12d/0x210 [ 486.284095][T13768] ? __pfx___x64_sys_openat+0x10/0x10 [ 486.284115][T13768] ? xfd_validate_state+0x129/0x190 [ 486.284148][T13768] do_syscall_64+0xc9/0xf80 [ 486.284166][T13768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.284181][T13768] RIP: 0033:0x7f55e9d9aeb9 [ 486.284195][T13768] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 486.284209][T13768] RSP: 002b:00007f55eacf7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 486.284224][T13768] RAX: ffffffffffffffda RBX: 00007f55ea016090 RCX: 00007f55e9d9aeb9 [ 486.284234][T13768] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 486.284243][T13768] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 486.284252][T13768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.284262][T13768] R13: 00007f55ea016128 R14: 00007f55ea016090 R15: 00007ffc882f9ab8 [ 486.284282][T13768] [ 487.170625][T13793] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 487.491997][T13774] CPU: 0 UID: 0 PID: 13774 Comm: syz.0.1679 Tainted: G U L syzkaller #0 PREEMPT(full) [ 487.492027][T13774] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 487.492033][T13774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 487.492042][T13774] Call Trace: [ 487.492048][T13774] [ 487.492054][T13774] dump_stack_lvl+0x100/0x190 [ 487.492077][T13774] should_fail_ex.cold+0x5/0xa [ 487.492102][T13774] should_failslab+0xc2/0x120 [ 487.492122][T13774] ? tomoyo_realpath_from_path+0xb6/0x690 [ 487.492138][T13774] __kmalloc_noprof+0xf6/0x9c0 [ 487.492152][T13774] ? kfree+0x2a9/0x690 [ 487.492171][T13774] ? tomoyo_realpath_from_path+0xb6/0x690 [ 487.492186][T13774] tomoyo_realpath_from_path+0xb6/0x690 [ 487.492205][T13774] tomoyo_check_open_permission+0x2af/0x3c0 [ 487.492227][T13774] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 487.492267][T13774] ? do_raw_spin_lock+0x128/0x260 [ 487.492290][T13774] ? path_get+0x61/0x80 [ 487.492310][T13774] tomoyo_file_open+0x6b/0x90 [ 487.492328][T13774] security_file_open+0xb5/0x1e0 [ 487.492342][T13774] do_dentry_open+0x58c/0x1570 [ 487.492360][T13774] ? security_inode_permission+0xbf/0x250 [ 487.492387][T13774] vfs_open+0x82/0x3f0 [ 487.492409][T13774] path_openat+0x21dc/0x3120 [ 487.492432][T13774] ? __pfx_path_openat+0x10/0x10 [ 487.492456][T13774] do_filp_open+0x1f7/0x420 [ 487.492474][T13774] ? __pfx_do_filp_open+0x10/0x10 [ 487.492504][T13774] ? _raw_spin_unlock+0x28/0x50 [ 487.492518][T13774] ? alloc_fd+0x476/0x790 [ 487.492539][T13774] do_sys_openat2+0x12e/0x220 [ 487.492561][T13774] ? __pfx_do_sys_openat2+0x10/0x10 [ 487.492589][T13774] __x64_sys_openat+0x12d/0x210 [ 487.492612][T13774] ? __pfx___x64_sys_openat+0x10/0x10 [ 487.492633][T13774] ? xfd_validate_state+0x129/0x190 [ 487.492662][T13774] do_syscall_64+0xc9/0xf80 [ 487.492681][T13774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 487.492696][T13774] RIP: 0033:0x7ff2c519aeb9 [ 487.492709][T13774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 487.492733][T13774] RSP: 002b:00007ff2c6131028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 487.492748][T13774] RAX: ffffffffffffffda RBX: 00007ff2c5415fa0 RCX: 00007ff2c519aeb9 [ 487.492758][T13774] RDX: 000000000014be02 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 487.492768][T13774] RBP: 00007ff2c5208c1f R08: 0000000000000000 R09: 0000000000000000 [ 487.492777][T13774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 487.492786][T13774] R13: 00007ff2c5416038 R14: 00007ff2c5415fa0 R15: 00007ffd93dbd358 [ 487.492807][T13774] [ 488.124683][T13771] Bluetooth: hci0: command 0x0c1a tx timeout [ 488.265552][T10555] Bluetooth: hci3: command 0x0c1a tx timeout [ 488.271760][T10555] Bluetooth: hci1: command 0x0c1a tx timeout [ 488.332627][T13771] Bluetooth: hci2: command 0x0c1a tx timeout [ 489.598374][T13774] ERROR: Out of memory at tomoyo_realpath_from_path. [ 489.643307][T13774] Process accounting resumed [ 489.725428][T13810] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 489.731985][T13810] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 489.739090][T13810] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 489.752162][T13810] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 489.764433][T13810] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 489.780502][T13819] FAULT_INJECTION: forcing a failure. [ 489.780502][T13819] name failslab, interval 1, probability 0, space 0, times 0 [ 489.812504][T13819] CPU: 0 UID: 0 PID: 13819 Comm: syz.3.1691 Tainted: G U L syzkaller #0 PREEMPT(full) [ 489.812532][T13819] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 489.812538][T13819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 489.812548][T13819] Call Trace: [ 489.812559][T13819] [ 489.812565][T13819] dump_stack_lvl+0x100/0x190 [ 489.812588][T13819] should_fail_ex.cold+0x5/0xa [ 489.812613][T13819] should_failslab+0xc2/0x120 [ 489.812634][T13819] __kmalloc_cache_noprof+0x80/0x810 [ 489.812650][T13819] ? fuse_dev_alloc+0x8e/0x280 [ 489.812672][T13819] ? fuse_dev_alloc+0x8e/0x280 [ 489.812688][T13819] fuse_dev_alloc+0x8e/0x280 [ 489.812707][T13819] fuse_dev_alloc_install+0x13/0x40 [ 489.812726][T13819] cuse_channel_open+0x100/0x7f0 [ 489.812743][T13819] ? __pfx_cuse_channel_open+0x10/0x10 [ 489.812761][T13819] misc_open+0x26d/0x450 [ 489.812779][T13819] ? __pfx_misc_open+0x10/0x10 [ 489.812795][T13819] chrdev_open+0x234/0x6a0 [ 489.812812][T13819] ? __pfx_apparmor_file_open+0x10/0x10 [ 489.812831][T13819] ? __pfx_chrdev_open+0x10/0x10 [ 489.812849][T13819] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 489.812870][T13819] do_dentry_open+0x73e/0x1570 [ 489.812887][T13819] ? __pfx_chrdev_open+0x10/0x10 [ 489.812905][T13819] ? security_inode_permission+0xbf/0x250 [ 489.812929][T13819] vfs_open+0x82/0x3f0 [ 489.812952][T13819] path_openat+0x21dc/0x3120 [ 489.812975][T13819] ? __pfx_path_openat+0x10/0x10 [ 489.812999][T13819] do_filp_open+0x1f7/0x420 [ 489.813017][T13819] ? __pfx_do_filp_open+0x10/0x10 [ 489.813047][T13819] ? _raw_spin_unlock+0x28/0x50 [ 489.813062][T13819] ? alloc_fd+0x476/0x790 [ 489.813084][T13819] do_sys_openat2+0x12e/0x220 [ 489.813105][T13819] ? __pfx_do_sys_openat2+0x10/0x10 [ 489.813128][T13819] ? find_held_lock+0x2b/0x80 [ 489.813148][T13819] __x64_sys_openat+0x12d/0x210 [ 489.813170][T13819] ? __pfx___x64_sys_openat+0x10/0x10 [ 489.813190][T13819] ? xfd_validate_state+0x129/0x190 [ 489.813220][T13819] do_syscall_64+0xc9/0xf80 [ 489.813239][T13819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 489.813254][T13819] RIP: 0033:0x7f55e9d9aeb9 [ 489.813267][T13819] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 489.813281][T13819] RSP: 002b:00007f55ead18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 489.813296][T13819] RAX: ffffffffffffffda RBX: 00007f55ea015fa0 RCX: 00007f55e9d9aeb9 [ 489.813306][T13819] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 489.813316][T13819] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 489.813325][T13819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 489.813334][T13819] R13: 00007f55ea016038 R14: 00007f55ea015fa0 R15: 00007ffc882f9ab8 [ 489.813354][T13819] [ 491.025123][T13771] Bluetooth: hci0: command 0x0c1a tx timeout [ 491.347799][T13860] FAULT_INJECTION: forcing a failure. [ 491.347799][T13860] name failslab, interval 1, probability 0, space 0, times 0 [ 491.512303][T13860] CPU: 0 UID: 0 PID: 13860 Comm: syz.1.1700 Tainted: G U L syzkaller #0 PREEMPT(full) [ 491.512332][T13860] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 491.512337][T13860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 491.512346][T13860] Call Trace: [ 491.512351][T13860] [ 491.512357][T13860] dump_stack_lvl+0x100/0x190 [ 491.512379][T13860] should_fail_ex.cold+0x5/0xa [ 491.512406][T13860] should_failslab+0xc2/0x120 [ 491.512427][T13860] ? tomoyo_realpath_from_path+0xb6/0x690 [ 491.512449][T13860] __kmalloc_noprof+0xf6/0x9c0 [ 491.512470][T13860] ? tomoyo_realpath_from_path+0xb6/0x690 [ 491.512484][T13860] tomoyo_realpath_from_path+0xb6/0x690 [ 491.512503][T13860] tomoyo_path_number_perm+0x23c/0x580 [ 491.512523][T13860] ? tomoyo_path_number_perm+0x22e/0x580 [ 491.512545][T13860] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 491.512584][T13860] ? find_held_lock+0x2b/0x80 [ 491.512598][T13860] ? hook_file_ioctl_common+0x146/0x410 [ 491.512620][T13860] ? __fget_files+0x215/0x3d0 [ 491.512639][T13860] ? __fget_files+0x21f/0x3d0 [ 491.512657][T13860] security_file_ioctl+0xd3/0x230 [ 491.512679][T13860] __x64_sys_ioctl+0xb7/0x210 [ 491.512704][T13860] do_syscall_64+0xc9/0xf80 [ 491.512723][T13860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 491.512738][T13860] RIP: 0033:0x7f4e2b39aeb9 [ 491.512751][T13860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 491.512765][T13860] RSP: 002b:00007f4e2c26f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 491.512780][T13860] RAX: ffffffffffffffda RBX: 00007f4e2b616180 RCX: 00007f4e2b39aeb9 [ 491.512789][T13860] RDX: 0000200000000240 RSI: 0000000000005001 RDI: 0000000000000003 [ 491.512798][T13860] RBP: 00007f4e2c26f090 R08: 0000000000000000 R09: 0000000000000000 [ 491.512807][T13860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 491.512815][T13860] R13: 00007f4e2b616218 R14: 00007f4e2b616180 R15: 00007ffcd67052e8 [ 491.512834][T13860] [ 492.039146][T13856] zswap: compressor not available [ 492.047789][T13771] Bluetooth: hci3: command 0x0c1a tx timeout [ 492.054421][T13771] Bluetooth: hci1: command 0x0c1a tx timeout [ 492.063198][T13771] Bluetooth: hci2: command 0x0c1a tx timeout [ 492.225281][T13873] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1703'. [ 492.308806][T13872] FAULT_INJECTION: forcing a failure. [ 492.308806][T13872] name failslab, interval 1, probability 0, space 0, times 0 [ 492.352098][T13872] CPU: 0 UID: 0 PID: 13872 Comm: syz.3.1703 Tainted: G U L syzkaller #0 PREEMPT(full) [ 492.352127][T13872] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 492.352133][T13872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 492.352144][T13872] Call Trace: [ 492.352149][T13872] [ 492.352155][T13872] dump_stack_lvl+0x100/0x190 [ 492.352177][T13872] should_fail_ex.cold+0x5/0xa [ 492.352202][T13872] should_failslab+0xc2/0x120 [ 492.352223][T13872] ? copy_splice_read+0x1a3/0xb90 [ 492.352237][T13872] __kmalloc_noprof+0xf6/0x9c0 [ 492.352251][T13872] ? splice_from_pipe_next+0x1ec/0x5a0 [ 492.352272][T13872] ? copy_splice_read+0x1a3/0xb90 [ 492.352287][T13872] copy_splice_read+0x1a3/0xb90 [ 492.352301][T13872] ? __pfx_pipe_to_null+0x10/0x10 [ 492.352327][T13872] ? __pfx_copy_splice_read+0x10/0x10 [ 492.352345][T13872] ? __pfx_splice_from_pipe+0x10/0x10 [ 492.352364][T13872] ? aa_file_perm+0x268/0x1540 [ 492.352389][T13872] ? aa_file_perm+0x268/0x1540 [ 492.352405][T13872] ? __pfx_copy_splice_read+0x10/0x10 [ 492.352421][T13872] do_splice_read+0x285/0x370 [ 492.352439][T13872] splice_direct_to_actor+0x2a1/0xa30 [ 492.352457][T13872] ? __pfx_direct_splice_actor+0x10/0x10 [ 492.352477][T13872] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 492.352499][T13872] do_splice_direct+0x174/0x240 [ 492.352516][T13872] ? __pfx_do_splice_direct+0x10/0x10 [ 492.352540][T13872] ? common_file_perm+0x1ab/0x4f0 [ 492.352562][T13872] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 492.352580][T13872] ? bpf_lsm_file_permission+0x9/0x10 [ 492.352600][T13872] ? security_file_permission+0x76/0x210 [ 492.352623][T13872] ? rw_verify_area+0xce/0x6d0 [ 492.352639][T13872] do_sendfile+0xadc/0xe20 [ 492.352658][T13872] ? __pfx_do_sendfile+0x10/0x10 [ 492.352677][T13872] ? __x64_sys_futex+0x34f/0x4d0 [ 492.352696][T13872] ? __x64_sys_futex+0x358/0x4d0 [ 492.352717][T13872] __x64_sys_sendfile64+0x1d8/0x220 [ 492.352737][T13872] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 492.352762][T13872] do_syscall_64+0xc9/0xf80 [ 492.352781][T13872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 492.352796][T13872] RIP: 0033:0x7f55e9d9aeb9 [ 492.352809][T13872] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 492.352824][T13872] RSP: 002b:00007f55eacf7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 492.352839][T13872] RAX: ffffffffffffffda RBX: 00007f55ea016090 RCX: 00007f55e9d9aeb9 [ 492.352849][T13872] RDX: 0000000000000000 RSI: 000000000000000a RDI: 000000000000000a [ 492.352858][T13872] RBP: 00007f55e9e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 492.352867][T13872] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 492.352876][T13872] R13: 00007f55ea016128 R14: 00007f55ea016090 R15: 00007ffc882f9ab8 [ 492.352895][T13872] [ 493.547112][T13860] ERROR: Out of memory at tomoyo_realpath_from_path. [ 493.676453][T13888] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 493.701595][T13886] FAULT_INJECTION: forcing a failure. [ 493.701595][T13886] name failslab, interval 1, probability 0, space 0, times 0 [ 493.848847][T13886] CPU: 0 UID: 0 PID: 13886 Comm: syz.2.1706 Tainted: G U L syzkaller #0 PREEMPT(full) [ 493.848876][T13886] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 493.848883][T13886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 493.848892][T13886] Call Trace: [ 493.848897][T13886] [ 493.848903][T13886] dump_stack_lvl+0x100/0x190 [ 493.848926][T13886] should_fail_ex.cold+0x5/0xa [ 493.848950][T13886] should_failslab+0xc2/0x120 [ 493.848971][T13886] __kmalloc_cache_noprof+0x80/0x810 [ 493.848986][T13886] ? lockdep_hardirqs_on+0x78/0x100 [ 493.849003][T13886] ? sctp_endpoint_new+0xfc/0xb20 [ 493.849028][T13886] ? sctp_endpoint_new+0xfc/0xb20 [ 493.849048][T13886] ? __pfx___debug_object_init+0x10/0x10 [ 493.849066][T13886] sctp_endpoint_new+0xfc/0xb20 [ 493.849088][T13886] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 493.849109][T13886] ? lockdep_init_map_type+0x5c/0x250 [ 493.849130][T13886] ? lockdep_init_map_type+0x5c/0x250 [ 493.849152][T13886] sctp_init_sock+0xe2b/0x1300 [ 493.849172][T13886] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 493.849192][T13886] sctp_v6_init_sock+0x16/0x70 [ 493.849211][T13886] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 493.849230][T13886] inet6_create+0xb2f/0x12c0 [ 493.849253][T13886] ? inet6_create+0x7f/0x12c0 [ 493.849275][T13886] __sock_create+0x339/0x860 [ 493.849302][T13886] __sys_socket+0x14d/0x260 [ 493.849320][T13886] ? __pfx___sys_socket+0x10/0x10 [ 493.849336][T13886] ? xfd_validate_state+0x129/0x190 [ 493.849368][T13886] __x64_sys_socket+0x72/0xb0 [ 493.849385][T13886] ? lockdep_hardirqs_on+0x78/0x100 [ 493.849402][T13886] do_syscall_64+0xc9/0xf80 [ 493.849420][T13886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.849436][T13886] RIP: 0033:0x7ffa60d9aeb9 [ 493.849448][T13886] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 493.849463][T13886] RSP: 002b:00007ffa5eff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 493.849478][T13886] RAX: ffffffffffffffda RBX: 00007ffa61015fa0 RCX: 00007ffa60d9aeb9 [ 493.849489][T13886] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 493.849498][T13886] RBP: 00007ffa60e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 493.849507][T13886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 493.849516][T13886] R13: 00007ffa61016038 R14: 00007ffa61015fa0 R15: 00007ffc06fbfe08 [ 493.849536][T13886] [ 494.422908][T13901] futex_wake_op: syz.3.1708 tries to shift op by -2048; fix this program [ 494.454378][T13901] futex_wake_op: syz.3.1708 tries to shift op by -2048; fix this program [ 494.472525][T10555] Bluetooth: hci3: command 0x0c1a tx timeout [ 494.503022][T13905] 0x000000000001-0x000000020000 : "" [ 494.572825][T13905] ftl_cs: FTL header corrupt! [ 495.907288][T13945] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 496.222241][T13932] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 496.232962][T13932] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 496.253570][T13932] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 496.277463][T13932] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 496.307259][T13932] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 496.369367][T13954] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1722'. [ 497.423662][T13771] Bluetooth: hci0: command 0x0c1a tx timeout [ 498.086174][T13988] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 498.303404][T13771] Bluetooth: hci3: command 0x0c1a tx timeout [ 498.309767][T10555] Bluetooth: hci1: command 0x0c1a tx timeout [ 498.383352][T13771] Bluetooth: hci2: command 0x0c1a tx timeout [ 500.385336][T13771] Bluetooth: hci3: command 0x0c1a tx timeout [ 500.512378][T14041] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1745'. [ 502.093339][T14052] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 502.102908][T14052] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 502.145225][T14052] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 502.188058][T14052] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 502.212648][T14052] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 503.350090][T13771] Bluetooth: hci0: command 0x0c1a tx timeout [ 503.453860][T14101] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 503.623404][T14104] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1756'. [ 503.980171][T14117] FAULT_INJECTION: forcing a failure. [ 503.980171][T14117] name failslab, interval 1, probability 0, space 0, times 0 [ 504.052641][T14117] CPU: 0 UID: 0 PID: 14117 Comm: syz.1.1759 Tainted: G U L syzkaller #0 PREEMPT(full) [ 504.052671][T14117] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 504.052677][T14117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 504.052686][T14117] Call Trace: [ 504.052691][T14117] [ 504.052698][T14117] dump_stack_lvl+0x100/0x190 [ 504.052721][T14117] should_fail_ex.cold+0x5/0xa [ 504.052746][T14117] should_failslab+0xc2/0x120 [ 504.052767][T14117] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 504.052786][T14117] ? udpv6_init_sock+0x24e/0x450 [ 504.052804][T14117] ? trace_kmalloc+0x83/0xb0 [ 504.052822][T14117] ? __kmalloc_noprof+0x365/0x9c0 [ 504.052836][T14117] ? __d_alloc+0x34/0xa80 [ 504.052856][T14117] ? __d_alloc+0x34/0xa80 [ 504.052872][T14117] __d_alloc+0x34/0xa80 [ 504.052891][T14117] d_alloc_pseudo+0x1c/0xc0 [ 504.052913][T14117] alloc_file_pseudo+0xcf/0x230 [ 504.052935][T14117] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 504.052956][T14117] ? alloc_fd+0x476/0x790 [ 504.052975][T14117] sock_alloc_file+0x50/0x210 [ 504.052998][T14117] __sys_socket+0x1c0/0x260 [ 504.053013][T14117] ? fput+0x79/0x100 [ 504.053032][T14117] ? __pfx___sys_socket+0x10/0x10 [ 504.053048][T14117] ? xfd_validate_state+0x129/0x190 [ 504.053075][T14117] __x64_sys_socket+0x72/0xb0 [ 504.053091][T14117] ? lockdep_hardirqs_on+0x78/0x100 [ 504.053107][T14117] do_syscall_64+0xc9/0xf80 [ 504.053126][T14117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.053141][T14117] RIP: 0033:0x7f4e2b39aeb9 [ 504.053154][T14117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 504.053167][T14117] RSP: 002b:00007f4e2c2b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 504.053182][T14117] RAX: ffffffffffffffda RBX: 00007f4e2b615fa0 RCX: 00007f4e2b39aeb9 [ 504.053192][T14117] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000000000000a [ 504.053202][T14117] RBP: 00007f4e2b408c1f R08: 0000000000000000 R09: 0000000000000000 [ 504.053211][T14117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 504.053220][T14117] R13: 00007f4e2b616038 R14: 00007f4e2b615fa0 R15: 00007ffcd67052e8 [ 504.053240][T14117] [ 504.603002][T13771] Bluetooth: hci3: command 0x0c1a tx timeout [ 504.609119][T13771] Bluetooth: hci1: command 0x0c1a tx timeout [ 504.617243][T13771] Bluetooth: hci2: command 0x0c1a tx timeout [ 506.549649][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.556013][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.706168][T13771] Bluetooth: hci3: command 0x0c1a tx timeout [ 507.025895][T10555] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 508.658125][T14189] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 508.803989][T14193] netlink: 'syz.1.1772': attribute type 4 has an invalid length. [ 509.163366][T14199] binder: 14196:14199 ioctl c018620c 0 returned -1 [ 511.177319][T14249] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 511.570519][T14259] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 512.522858][T14275] zswap: compressor not available [ 512.533900][T14264] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 512.603785][T14264] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 512.693428][T14264] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 512.806904][T14264] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 512.912671][T14264] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 513.984847][T10555] Bluetooth: hci0: command 0x0c1a tx timeout [ 514.544667][T10555] Bluetooth: hci1: command 0x0c1a tx timeout [ 514.702505][T10555] Bluetooth: hci3: command 0x0c1a tx timeout [ 514.942556][T10555] Bluetooth: hci2: command 0x0c1a tx timeout [ 515.058294][T14320] blktrace: Concurrent blktraces are not allowed on loop11 [ 516.786230][T10555] Bluetooth: hci3: command 0x0c1a tx timeout [ 517.478890][T14353] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 518.093737][T14364] futex_wake_op: syz.1.1809 tries to shift op by -2048; fix this program [ 518.251437][T14364] futex_wake_op: syz.1.1809 tries to shift op by -2048; fix this program [ 518.809218][T14370] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 519.902132][T14386] forcing mempool usage for bvec_alloc+0x197/0x210 [ 526.054289][T14447] Console: switching to colour frame buffer device 128x48 [ 526.112858][T14459] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 527.047707][T14066] Process accounting paused [ 528.334821][T14497] netlink: 'syz.3.1841': attribute type 1 has an invalid length. [ 528.805182][T14508] FAULT_INJECTION: forcing a failure. [ 528.805182][T14508] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 529.057994][T14508] CPU: 0 UID: 0 PID: 14508 Comm: syz.1.1843 Tainted: G U L syzkaller #0 PREEMPT(full) [ 529.058021][T14508] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 529.058027][T14508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 529.058037][T14508] Call Trace: [ 529.058042][T14508] [ 529.058048][T14508] dump_stack_lvl+0x100/0x190 [ 529.058071][T14508] should_fail_ex.cold+0x5/0xa [ 529.058092][T14508] ? prepare_alloc_pages+0x16d/0x5f0 [ 529.058119][T14508] should_fail_alloc_page+0xeb/0x140 [ 529.058142][T14508] prepare_alloc_pages+0x1f0/0x5f0 [ 529.058167][T14508] __alloc_frozen_pages_noprof+0x193/0x2410 [ 529.058197][T14508] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 529.058218][T14508] ? __lock_acquire+0x4a5/0x2630 [ 529.058240][T14508] ? is_bpf_text_address+0x94/0x1a0 [ 529.058263][T14508] ? kernel_text_address+0x8d/0x100 [ 529.058289][T14508] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 529.058306][T14508] ? policy_nodemask+0xed/0x4f0 [ 529.058329][T14508] alloc_pages_mpol+0x1fb/0x550 [ 529.058351][T14508] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 529.058370][T14508] ? __mutex_lock+0x26a/0x1b90 [ 529.058390][T14508] ? vb2_core_reqbufs+0x37a/0xf30 [ 529.058414][T14508] ___kmalloc_large_node+0x104/0x150 [ 529.058439][T14508] __kmalloc_large_node_noprof+0x1c/0x70 [ 529.058461][T14508] ? vb2_fop_read+0x211/0x520 [ 529.058479][T14508] ? vb2_core_allocated_buffers_storage+0x184/0x220 [ 529.058501][T14508] __kmalloc_noprof+0x6b1/0x9c0 [ 529.058522][T14508] ? vb2_core_allocated_buffers_storage+0x184/0x220 [ 529.058543][T14508] vb2_core_allocated_buffers_storage+0x184/0x220 [ 529.058566][T14508] vb2_core_reqbufs+0x382/0xf30 [ 529.058592][T14508] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 529.058624][T14508] __vb2_init_fileio+0x32d/0xff0 [ 529.058645][T14508] ? vb2_fop_read+0xe5/0x520 [ 529.058669][T14508] __vb2_perform_fileio+0x918/0x1360 [ 529.058696][T14508] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 529.058718][T14508] ? get_pid_task+0xfc/0x250 [ 529.058742][T14508] vb2_fop_read+0x211/0x520 [ 529.058765][T14508] v4l2_read+0x229/0x2c0 [ 529.058783][T14508] ? __pfx_v4l2_read+0x10/0x10 [ 529.058802][T14508] vfs_read+0x1e4/0xb30 [ 529.058821][T14508] ? __pfx_vfs_read+0x10/0x10 [ 529.058835][T14508] ? find_held_lock+0x2b/0x80 [ 529.058849][T14508] ? __fget_files+0x215/0x3d0 [ 529.058865][T14508] ? __fget_files+0x215/0x3d0 [ 529.058888][T14508] ? __fget_files+0x21f/0x3d0 [ 529.058909][T14508] ksys_read+0x12a/0x250 [ 529.058925][T14508] ? __pfx_ksys_read+0x10/0x10 [ 529.058947][T14508] do_syscall_64+0xc9/0xf80 [ 529.058966][T14508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 529.058981][T14508] RIP: 0033:0x7f4e2b39aeb9 [ 529.058994][T14508] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 529.059008][T14508] RSP: 002b:00007f4e2c2b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 529.059023][T14508] RAX: ffffffffffffffda RBX: 00007f4e2b615fa0 RCX: 00007f4e2b39aeb9 [ 529.059033][T14508] RDX: 000000000000008d RSI: 0000200000000000 RDI: 0000000000000003 [ 529.059043][T14508] RBP: 00007f4e2c2b1090 R08: 0000000000000000 R09: 0000000000000000 [ 529.059052][T14508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 529.059061][T14508] R13: 00007f4e2b616038 R14: 00007f4e2b615fa0 R15: 00007ffcd67052e8 [ 529.059081][T14508] [ 531.108022][T10555] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 531.123650][T10555] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 531.131252][T10555] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 531.139184][T10555] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 531.146978][T10555] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 532.112742][T14545] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 532.226674][T14531] chnl_net:caif_netlink_parms(): no params data found [ 532.852731][T14531] bridge0: port 1(bridge_slave_0) entered blocking state [ 532.891170][T14531] bridge0: port 1(bridge_slave_0) entered disabled state [ 532.920144][T14531] bridge_slave_0: entered allmulticast mode [ 532.952175][T14531] bridge_slave_0: entered promiscuous mode [ 533.017640][T14531] bridge0: port 2(bridge_slave_1) entered blocking state [ 533.052626][T14531] bridge0: port 2(bridge_slave_1) entered disabled state [ 533.087255][T14531] bridge_slave_1: entered allmulticast mode [ 533.128099][T14531] bridge_slave_1: entered promiscuous mode [ 533.184893][T10555] Bluetooth: hci4: command tx timeout [ 533.257202][T14531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 533.272819][T14552] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 533.293860][T14552] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 533.311948][T14531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 533.324295][T14552] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 533.330453][T14552] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 533.364880][T14552] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 533.504776][T14552] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 533.841893][ T9704] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 533.989382][T14531] team0: Port device team_slave_0 added [ 534.036944][T14531] team0: Port device team_slave_1 added [ 534.219851][ T9704] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 534.590791][T14531] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 534.603731][T14531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 534.664554][T14531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 534.794244][ T9704] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 534.828950][T14531] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 534.856617][T14531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 534.895989][T13771] Bluetooth: hci0: command 0x0c1a tx timeout [ 534.939967][T14531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 535.054731][T14531] hsr_slave_0: entered promiscuous mode [ 535.073617][T14531] hsr_slave_1: entered promiscuous mode [ 535.079830][T14531] debugfs: 'hsr0' already exists in 'hsr' [ 535.093008][T14531] Cannot create hsr debugfs directory [ 535.344855][T13771] Bluetooth: hci4: command 0x040f tx timeout [ 535.350876][T13771] Bluetooth: hci2: command 0x0c1a tx timeout [ 535.358741][T10555] Bluetooth: hci1: command 0x0c1a tx timeout [ 535.725469][T14599] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 535.806388][ T9704] hsr0: left allmulticast mode [ 535.811323][ T9704] hsr_slave_0: left allmulticast mode [ 535.844776][ T9704] hsr_slave_1: left allmulticast mode [ 535.882546][ T9704] hsr0: left promiscuous mode [ 535.899400][ T9704] bridge0: port 3(hsr0) entered disabled state [ 535.948105][ T9704] bridge_slave_1: left allmulticast mode [ 535.967601][ T9704] bridge_slave_1: left promiscuous mode [ 535.989439][ T9704] bridge0: port 2(bridge_slave_1) entered disabled state [ 536.027832][ T9704] bridge_slave_0: left allmulticast mode [ 536.051913][ T9704] bridge_slave_0: left promiscuous mode [ 536.079675][ T9704] bridge0: port 1(bridge_slave_0) entered disabled state [ 536.736092][ T9704] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 536.763386][ T9704] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 536.786277][ T9704] bond0 (unregistering): Released all slaves [ 536.934257][T14610] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 536.940689][T14610] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 536.954043][ T9704] HfR: left promiscuous mode [ 536.961704][T14610] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 536.987750][T14610] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 537.038246][ T9704] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] SMP KASAN PTI [ 537.050156][ T9704] KASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f] [ 537.058548][ T9704] CPU: 0 UID: 0 PID: 9704 Comm: kworker/u10:6 Tainted: G U L syzkaller #0 PREEMPT(full) [ 537.069639][ T9704] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 537.074810][ T9704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 537.084853][ T9704] Workqueue: netns cleanup_net [ 537.089604][ T9704] RIP: 0010:tipc_conn_close+0x48/0x1d0 [ 537.095046][ T9704] Code: fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 6a 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 6b 08 48 8d 7d 18 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 54 01 00 00 4c 8b 6d 18 49 8d ad f0 03 00 00 48 [ 537.114633][ T9704] RSP: 0018:ffffc9000aff79d0 EFLAGS: 00010206 [ 537.120677][ T9704] RAX: dffffc0000000000 RBX: ffff88805a4d6000 RCX: 0000000000000080 [ 537.128630][ T9704] RDX: 0000000000000003 RSI: ffffffff8b16cdf4 RDI: 0000000000000018 [ 537.136577][ T9704] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 537.144526][ T9704] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888032841800 [ 537.152474][ T9704] R13: 0000000000000000 R14: ffff88805a4d6008 R15: ffffed1006508313 [ 537.160421][ T9704] FS: 0000000000000000(0000) GS:ffff8881245e3000(0000) knlGS:0000000000000000 [ 537.169331][ T9704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 537.175893][ T9704] CR2: 00005572a7a29000 CR3: 0000000025e22000 CR4: 00000000003526f0 [ 537.183843][ T9704] Call Trace: [ 537.187105][ T9704] [ 537.190017][ T9704] tipc_topsrv_exit_net+0x211/0x4b0 [ 537.195200][ T9704] ? __pfx_tipc_topsrv_exit_net+0x10/0x10 [ 537.200903][ T9704] ops_undo_list+0x2ee/0xab0 [ 537.205481][ T9704] ? __pfx_ops_undo_list+0x10/0x10 [ 537.210577][ T9704] ? cleanup_net+0x345/0x830 [ 537.215144][ T9704] ? idr_destroy+0x62/0x2e0 [ 537.219635][ T9704] cleanup_net+0x419/0x830 [ 537.224029][ T9704] ? __pfx_cleanup_net+0x10/0x10 [ 537.228947][ T9704] ? rcu_is_watching+0x12/0xc0 [ 537.233692][ T9704] process_one_work+0x9c2/0x1840 [ 537.238619][ T9704] ? __pfx_process_one_work+0x10/0x10 [ 537.243979][ T9704] ? assign_work+0x19c/0x250 [ 537.248554][ T9704] worker_thread+0x5da/0xe40 [ 537.253132][ T9704] ? __pfx_worker_thread+0x10/0x10 [ 537.258229][ T9704] ? kthread+0x17d/0x730 [ 537.262457][ T9704] ? __pfx_worker_thread+0x10/0x10 [ 537.267552][ T9704] kthread+0x3b3/0x730 [ 537.271604][ T9704] ? __pfx_kthread+0x10/0x10 [ 537.276175][ T9704] ? ret_from_fork+0x79/0xaf0 [ 537.280830][ T9704] ? ret_from_fork+0x79/0xaf0 [ 537.285481][ T9704] ? rcu_is_watching+0x12/0xc0 [ 537.290221][ T9704] ? __pfx_kthread+0x10/0x10 [ 537.294793][ T9704] ret_from_fork+0x754/0xaf0 [ 537.299361][ T9704] ? __pfx_ret_from_fork+0x10/0x10 [ 537.304451][ T9704] ? __switch_to+0x7b9/0x10c0 [ 537.309110][ T9704] ? __pfx_kthread+0x10/0x10 [ 537.313686][ T9704] ret_from_fork_asm+0x1a/0x30 [ 537.318460][ T9704] [ 537.321458][ T9704] Modules linked in: [ 537.326325][ T9704] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 537.813431][ T9704] RIP: 0010:tipc_conn_close+0x48/0x1d0 [ 537.818926][ T9704] Code: fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 6a 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 8b 6b 08 48 8d 7d 18 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 54 01 00 00 4c 8b 6d 18 49 8d ad f0 03 00 00 48 [ 537.952649][ T9704] RSP: 0018:ffffc9000aff79d0 EFLAGS: 00010206 [ 537.958742][ T9704] RAX: dffffc0000000000 RBX: ffff88805a4d6000 RCX: 0000000000000080 [ 538.035602][ T9704] RDX: 0000000000000003 RSI: ffffffff8b16cdf4 RDI: 0000000000000018 [ 538.074521][ T9704] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 538.105154][ T9704] R10: 0000000000000001 R11: 0000000000000000 R12: ffff888032841800 [ 538.127346][ T9704] R13: 0000000000000000 R14: ffff88805a4d6008 R15: ffffed1006508313 [ 538.176896][ T9704] FS: 0000000000000000(0000) GS:ffff8881245e3000(0000) knlGS:0000000000000000 [ 538.242445][ T9704] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 538.249054][ T9704] CR2: 00007faef06cea10 CR3: 000000003afba000 CR4: 00000000003526f0 [ 538.286622][ T9704] Kernel panic - not syncing: Fatal exception [ 538.292754][ T9704] Kernel Offset: disabled [ 538.297062][ T9704] Rebooting in 86400 seconds..