last executing test programs: 28.982964473s ago: executing program 1 (id=2034): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) remap_file_pages$auto(0x6, 0x19, 0x2fe, 0x5, 0x1) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) pwrite64$auto(r0, 0x0, 0x0, 0x2000000000040007) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) readv$auto(0x3, 0x0, 0x7) 28.019493517s ago: executing program 1 (id=2037): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) sysfs$auto(0x2, 0x41, 0x0) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r2, 0x5, &(0x7f0000000180)='+\x00_\xe8\xdb\xff\x0f\\X\xc9#\xa0\xdc\x04\x0f\x99v\xbc\xc3\xf2\x03\xe2T\b\x9c\xe7J\xcd\x00\x00\x00\x00\x00\x00\x00\x00c\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dvmrp0\x00'}) socket(0xa, 0x2, 0x3a) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/neigh/veth1/locktime\x00', 0x200200, 0x0) io_uring_register$auto(r1, 0x1, &(0x7f00000001c0), 0x1) sendfile$auto(r3, r3, 0x0, 0x7fffe000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) socket(0x11, 0x0, 0x302) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) 27.096375867s ago: executing program 1 (id=2041): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r1 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r1, 0x29, 0x43, &(0x7f0000000040)='\xa1\x00', 0x4) openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x242, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r2, 0x400454a4, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xf8, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram0\x00', 0x67f00, 0x0) preadv2$auto(r3, &(0x7f0000000080)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x400, 0x2f) mmap$auto(0x0, 0x4120008, 0x46, 0xeb1, 0x401, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa40, 0x0) ioctl$auto(r4, 0x5609, r4) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) pread64$auto(r0, &(0x7f0000000200)='/proc/self/net/ip6_tables_targets\x00', 0x34b, 0x10000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2a, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 27.041443741s ago: executing program 0 (id=2042): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) remap_file_pages$auto(0x6, 0x19, 0x2fe, 0x5, 0x1) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) pwrite64$auto(r0, 0x0, 0x0, 0x2000000000040007) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) tgkill$auto(0x0, 0x0, 0x11) readv$auto(0x3, 0x0, 0x7) 25.831955774s ago: executing program 0 (id=2045): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x80000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/bus/pci/drivers/amd5536udc-pci/remove_id\x00', 0x18b941, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/bus/usb-serial/drivers/omninet/new_id\x00', 0x40180, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x240001, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r1) 25.660675056s ago: executing program 0 (id=2046): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mlockall$auto(0x7) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) remap_file_pages$auto(0x6, 0x19, 0x2fe, 0x5, 0x1) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) pwrite64$auto(r0, 0x0, 0x0, 0x2000000000040007) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) tgkill$auto(0x0, 0x0, 0x11) readv$auto(0x3, 0x0, 0x7) 25.046863438s ago: executing program 1 (id=2048): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40, 0x0) readv$auto(r1, &(0x7f0000000180)={&(0x7f0000000140), 0x9}, 0x4) madvise$auto(0x0, 0xffffffffffff0001, 0x15) poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x1000, 0x1c9}, 0x2, 0x7) io_uring_setup$auto(0x6, 0x0) set_mempolicy$auto(0x1, &(0x7f00000000c0)=0x6, 0x21) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) lseek$auto(0x3, 0x2, 0x4) bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@phonet={0x23, 0x5, 0x9, 0x1}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x80000007, 0x20020000) write$auto(0x3, 0x0, 0x7fffffff) setsockopt$auto(0x3, 0x6, 0x13, 0x0, 0xfb1) io_uring_setup$auto(0x1, 0x0) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) 24.322819126s ago: executing program 0 (id=2050): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) sysfs$auto(0x2, 0x41, 0x0) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r2, 0x5, &(0x7f0000000180)='+\x00_\xe8\xdb\xff\x0f\\X\xc9#\xa0\xdc\x04\x0f\x99v\xbc\xc3\xf2\x03\xe2T\b\x9c\xe7J\xcd\x00\x00\x00\x00\x00\x00\x00\x00c\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dvmrp0\x00'}) socket(0xa, 0x2, 0x3a) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/neigh/veth1/locktime\x00', 0x200200, 0x0) io_uring_register$auto(r1, 0x1, &(0x7f00000001c0), 0x1) sendfile$auto(r3, r3, 0x0, 0x7fffe000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) 23.097345384s ago: executing program 0 (id=2053): socket(0x2, 0x80002, 0x73) syz_genetlink_get_family_id$auto_ovs_vport(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) socket(0x29, 0x2, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) getpid() prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) keyctl$auto(0x6, 0x0, 0x0, 0x0, 0x4000002) setfsuid$auto(0xee00) socket(0x2, 0x1, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffa]}, 0x0) write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x2, 0x0) shutdown$auto(0x200000003, 0x2) 22.474143353s ago: executing program 1 (id=2056): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x23, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mlock$auto(0xfff, 0xde7f) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x3, 0xa) getsockopt$auto(r0, 0x0, 0x32, 0x0, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x1ff, 0x20000000) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) rseq$auto(0x0, 0x8000, 0x0, 0x6) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x8000) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x40e00, 0x0) pread64$auto(r2, 0x0, 0x3, 0x5ef6) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000080), 0xffffffffffffffff) 21.439017519s ago: executing program 1 (id=2060): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/firmware/acpi/interrupts/ff_pmtimer\x00', 0xa2100, 0x0) pidfd_open$auto(0x1, 0x0) r1 = openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/netdevsim/netdevsim1/psample/enable\x00', 0x0, 0x0) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r1, 0xfffffff8, &(0x7f0000000440)={@siginfo_0_0={0x90, 0x6, 0x10001, @_sigfault={&(0x7f0000001580)="e2b54e0d8732280a33be47d7a05256892735e7658af02dc35871f963042dec2ed9ad624793aa17a0e3672dbaa809e2cdcaa901cfb358cff29627cfe110aaaede655b4e959aa5083775f4b9a6facc3f7775372da8831bc9241899425b9c71a51f36d94bb5a816e8486bae582b99a1707e5c11177fa22ed4d9daaf0e407871985263be4bc2661f71c293b876cab638e90d6182ee3eed1ac76c73568fe1334e4570ae855a106dd523cc8c5b7a411052fda361fc605e578ee7fde5753c4781c4fd2db87003a3768110654be67d8a8d48a553231a0aef092fbb02575469cb1f6cae45f0e3549d8a0374e1b094623a3629c249acf80431e61f8468f415bac8e862fcf1a5e04cf8df24aef307a4dd6c443e988cfbba98b976ab99a322e314790e67db3c2b769779a87d147510a8878f2fa37900fd28714541313e97ffdfd27d1120909da2cc65e79df4eab9fd80a841670ba735bed8437153de7979ff5dd83fc75f64f024113eab2b56b20eae0bdc37f344ccba51d1fa2f13a7ef6a3fd135dfb20a3ee45fe6c32318e73e9bf115345fe7e1d14ffbef3fe988719341c47d0d2d0e776c45dde5a4ec41385954058d6fa637ee7cce0a8724cd36149984d1190ffa6dbad0329b0c157717016e14e52f93acd66e6e6955fb49ebdf00ae93b155386456605acb7fb782a474ac3dfc8122d9b75f2c2a4ade4337e8a63e8b3367c01940d3760023aae5a697574d279df887dc994c424b349adcc31135c28886e1db9b2937d6b80eaaf4198b5cd89e0397c1e8a8274ecea8be195f6eb281d11004bc51a241a85942f4ab7b72d374cb9b8fcbaa6f9fa5b5d825d5757b87c50fa00005220753311789eb0de5cba47be8ad38473479921ee98c260b76c89b581a0a80a86fe165e072a567b4198dda2b47d2d26d8bdee994d7098d61b5777ce7dad5c2c1f6440996c037ab4985da8e91a808367d2308f94deee27c0a8e27080a5d71ed48e90b18dd0db2a8563dcce31f5d04332944a89cde382d44b28cb8a6ecdb48c3f4700c1e6ec1d127a0beaf0b51c3424c2720ef9c406dbc4d6df66fbe3b19b05310040c06a59cd8cf3954a4bec90a188fe2012992d01a62200b43fd263e4b0d1334cf5e5e496f04a49e7f3a924627d46c5f652972dd2adc29b5e422bb18daf658008c0714d693be8c12b6ea72276381a566f688cb03f2063af8dd619257ddc0b1499392d29c975ab871cd54a036b81644dd716645ecbe124383c75b763e1e0b904cc143e06d5a1402be841e45afcd2ab307379e84dee070ced9f95abf18c247b1a4eb9cfe7a327ad6f248536b66a1d7566b025e50b0cc7f0feebbd8b8080aa8660fbdeb675d3e12f3bab5b97eba190c7dca80dd50e4985f83a2865073d2899cd66808f7b3dbc2981307d6a49fe487cc5df85357edf0bdbcc1678946209e9387bf59542e6609854aa2f15a37a817901f3ec2b73cfa8273a760f3068bb8574ddb319fdd6fe46302b56e35825bff9453313da6e1a5cdccb2c4ffee8a5f3a40d9d829a5c3bc89cda9aa93ab5958cff8155c1831b8ec333e207202c3fa5c29fd5bcb42bea7cafecb269cece18f34afbaf5d5478de3dfb41ed032377c82031628bd99f2e007a93dfefb68075d0f23341541b6cc79f4e891af16182d612c37a017bfd2e604aa7947de21d41b494cccce8ab451125c148a42b352574f4b6dd0187b07a1dc7872568f683ab78cf4b96053a1b543ef9b884f0951e9641e6982501298c599b4ecabe5bdc28aff139c30607cbba55b0a6246f28c8ae550f9c97e528c79ba4a8d543d5deeae276805464118d7c9a7c905e3624e7c54ec02543119624105897d6727cecf1a08351bfe9dc0eaaa155c800576487a4d1c904668faed2947dadd1625adb2ff148e9eda64be9e95b1fe8226004a9460fcf689f618891b1794e9a9686c1c3ebf91d017f0ab5668b8253415eaad44e8399a182e47a72fdfb572fac7080a16eb4129442275d0b7b615493dfd2af958097a8768da241deb80ca3c0f0b99b6598109be256da32be34c9e5f03986439dd8c757c39e55ccdf8aade24ac4b659ba6eee626da0e0bc91da00d07d0914c7f4edfb7424e7b7d3a5350309e72ac4590b0de69bc6465ec22a388c8ffe0c278a1ec8b2fc49e3358d90cf7ef793e035700f5ff456cbe05bb42411ceab82d5110b590b28d0eba2e3657c11ffa20e2710dd8c2cecaacba67dfbc09eb971c5b120647e7051eb3b268b8be84ee34bc33b232e90e6dfb5510b4a44e3e9f8d0dcfa73a0f7904a0f0d24b5f41ee05bf344486427f5478fb6a82412ce872c0c42f2408e82a23583942057778e4b1e120107310478a8bb3cc9c9dcd9c7c2a8bdf4ac62b04aeebbcb80ddc0822635b16f155231627d0bd14924730126dd076444fc3516b23cb6f46b548de976f662540759bbacedb23e0a78a41a3d5d13e5c2d5a98198192f37e85c204f70c45874c21b736c46a842c87f81db53eb682db4a778546e02879be85997018d37d924d4eda28e0bfb2a87d4b65d20ee5734ea125d9c57a2e9016b3148041f8be165507b0123565c0cf2e8927e642f64871ba2b1121729bd52661a86112d81b961f85493f5afe2fe2f4c6f3f3ccc3e13eb27b55eee56bf0628fbc943000fa863b60ae6dcd902b07c819358f4cd6f24f173a50a68306dd88db0e8b26e1a3f44f5684955e01d402cab8a26f10f9f3724177217515a49b8b366cf415bdd20500e82de336976a53d2ba27dc51b261ebd047abb66de002f0c8f0d8491671641e1189d1272af7eb8ed8386db9d840092fd88560cf42c5cede66a9b1a47c1f0b1a41a36fea7c011d12a05560218ba9dfbfaf06266cdcfc3e616af434ef63dc35017f869062d46e5b15b4945179dfd23f8e57958676a8769a7824ec8609c0e20bf34140474c03fd71c6932cbca1faa61b07c9e073a8be1906f70c4f7c69df299071c6ac0e7c42bfe5481ab61286cbcf3d80824128d1085adef15a95b37f22906114968b884cde5faaf3b98fb193756db98bf6a3f08ab7495958d8cec542dae4ac7d4d9212c57d26bffae8e74ef5ac4fafb736419f4999f15ddcbfea571517a725aa30dffa04d958bfe99edd242bce5b119dd1327536f861a26162ebcab602dba2920bf85be6c1240d761bc96be95f8894cafd0f9db7b0befd4155e4fb994271ddfcd8b3f4a7efeed9b9f82f07d2d7b7de710c67a78cfd5c668065d0776597cd8b0f49d0371330b78d0b5bbf21f1c748b098fd334bb2abd805ff75444f18f5d7362cf5ddceb70f88f4fa5447cd2d940286e1c57f9d74a79c16f35887aa4264ff9e274c512d945ff5dd707c38d67586946747f3a1f6860188a00dc1d93babf6e4a2ba12cf9003f9e819919ad7e119523176d56338b06112598d3a096ca331d56e2bcfe1fe5402bf1d09288661f6ab85d02d1e3879a4333819fce65c914860cdc7e5ce3c7f80f947c9d352a3b3dd23d8f8e5d725864ff52d2c9681bfb1cddf6fc9ba4ea5330e24255496714b3fff0662ff29bc97f238a1a951f2dde3b17b62c34a001b0141ab0edeafdf185f5c1171ba7a769fb065ddef0c84e9fe72ee588f33265ace0324869f067e6b554d6965b2b0c1cfb5010dd3c0e5c2a7a3d1fa5fb78443d217326236df78427d2ad328dc2090d721cc243f03501ad7c3f41ed98be445bfd7b64e7ef07a37056ebbacac1db93999767352e86f3771705ec69daf15fcfc387f01666af16a260b0449908ffe5429cdd4596dd8f50d25ca1b62fc0b3a95da19ed9319c9038c6a1963896a7c3d25613d7d20e1a2fc5e25b816ab85b45f841f2167c60e9ed8f175f5b054a7121bc614167703cbd5d51541f3ca47f5e7f31d61179c6e1813300b4767106550885426ba2ee8563200b43a0c7b62aed3ab3f19bc74dd57c78391dee08d143bc9b74fbb58018a5c34128556ce4070f576f9898344e8025036575d8e671559ffa5ab6317563689077af496312e1add6cf231e7f20ff9abf3e1cf69e45db6f41ddac95b0119e62e9cce343ed871843ad910944de996aba08cb684c7971a18e760acce9788259ba3d34f91f0cd770fb962629c9bf77231c87e45299f4da87dd805529a0c7b7d6208f667fe377c7a6fdc3c5dc0478c5f848cf54a3520a5a623fd6614a8e43f954f5e3cac0ea139b85ff631407905311fb5844b4e76a4823fea38b3202c50767877a81108729d7719c247dde80608f936914e4e78526a3c5d3594c1cdf66f932b23f0d7190ff8d3c55a37a0694a706db75506c97085312b0f70b41310e504cc54c6e181899cf2bdaec18c683e89d459e4df638108b9e3b27406ba1428ae128569a0794bb0041e435da494daf9ed743769f9e9662b52ed7b0954a0ab4c62faa240b52dba170624ff56a9f5f4233dc984bdb0d8673d778531b65435b53bd4df4d0498ed4b9b9534a6af7a74f9d266490e28d60081c25c15dacce9fd11f296c2f6c541e7c98b19e984105021aaffb25290be4f7a3b589dddb0bef79aaf6539e0d7638151b0354d863b7d69181b409f8c2aff6d05adbb9c89d83f271ba2de5d323eca9528d633bdad15f39eb0d56335284daef7790f7cf9ddc4821d0cd76de75b31c60beabc266e5f8f06799791cc078c49ad3576e76b6ce356e3251b39c76f6a24edbb8cef1f628e68b25f16337b594fe96f5ce22f56ddcf25a63f4daffb1ccb749c050f925fe11065ab6e0ae5634d132f6551501c67e08dfaf76b0273568b7cb7161e0df43da9e5048d6be5bfab73f92186480d0d7ac3ce54712649abaec457243607e824a3f9249bbc097a19a4357e9f45b2de7b76598d44f4aa55f042da88d2ef7035c999f5fd463b056dfc745bb36b77edeb486f96764f34f9d0ab43b2227783040e0835fce5a15364cac4ead828b2c5a240553eac6a00e8f88a7e3e7a54a57093146e00d30b5693cba303706fb0a5b0b7ede10eb37658345e5a6997b473bab6530135f1471305b203dfac39b14722990c556319425653c2e25a231b23d98e863080c45d0fef23401cd83b6518e5e29c96cd9462bdd9a72af93dfe398352867abeaa5b81c11a2d5b3a001ba66bb0f7978cdd29a157b4d5c0e20e732fd4bacb846b1bc0a1980b9c6aab7f13595b57d17df79f9791306694c619d423497fccdd00eaca15c75d76425b2b3b725ac149c1c4b0529929c13c813f50e47307186ce8982e1909ce63d497989555a2533c7dc9881c2a4dcfbdf453f031", @_addr_pkey={"4bc6f7b3fd0498b6", 0x6}}}}, 0x2) socket(0x22, 0x2, 0x2) bind$auto(0x3, &(0x7f0000000040), 0xb) mq_open$auto(&(0x7f0000000200)='\\\b\x00\x00\x00', 0x7c, 0x9, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = socket(0x15, 0x5, 0x0) setsockopt$auto(r2, 0x114, 0x2, 0x0, 0x4) unshare$auto(0x40000080) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) syslog$auto(0x3, 0x0, 0x5) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) pread64$auto(r3, 0x0, 0xeda5, 0xc86) mq_getsetattr$auto(0x3, 0x0, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x107000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)=""/45, 0x2d) 21.410753594s ago: executing program 0 (id=2061): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), 0xffffffffffffffff) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x1ff, 0x7, 0x3f, 0x7, 0x1ffe0, 0x7, 0x3, 0x2, 0xd, 0x3, 0x6, 0x4, 0x8b4, 0x9, 0x4, 0x10003, 0x7, 0x4, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x7, 0x0, 0x0, 0x0, [0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe]}, 0x8, 0xd) socket(0xa, 0x5, 0x84) r2 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x101b00, 0x0) ioctl$auto_RNDADDTOENTCNT2(r2, 0x40045201, 0x0) unshare$auto(0x40000080) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21002, 0xfffffffffffffffb, 0xfffffffffffffffe, 0xfffffffffffffffd, 0xff) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x23) getpid() r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r3, 0x0, 0x7) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_clone(0x40180311, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_OVS_VPORT_CMD_NEW(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x34, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@OVS_VPORT_ATTR_OPTIONS={0x4}, @OVS_VPORT_ATTR_NAME={0x6, 0x3, '*\x00'}, @OVS_VPORT_ATTR_UPCALL_PID={0x4}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x2}, @OVS_VPORT_ATTR_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040010}, 0x800) madvise$auto(0x0, 0x2000000080000001, 0x3) 14.401011006s ago: executing program 2 (id=2077): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x0, @my=0x1}, 0x55) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/bpq2/statistics/rx_missed_errors\x00', 0x48500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000010c0)=""/4090, 0xffa) socket(0x2, 0x1, 0x106) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x88042, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000200)={0x8, 0x3, [{r5, 0x0, 0x8, 0x6}, {r3, 0x0, 0xf, 0x6}, {r3, 0x0, 0xe87f, 0x80}, {r4, 0x0, 0x6, 0x3}]}) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x4) socket$nl_generic(0x10, 0x3, 0x10) getpid() socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x5, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xf, 0xfffffffffffffffe, 0x948b, 0x3, 0x4, 0x3, 0x1000, 0x200000000000005e, 0x4000008000001f, 0x17, 0x6d3e, 0x0, 0x2, 0x8000000000820]}, 0x0) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\x03\xa1\x19\x9a_\r\x00\x00X\xa6\x89L\x1e\x1b\x16/\xe8\xca\tL\xd9M\xf3_L\x00\x04\x00\x00\xa2\x00\x00', 0x101) select$auto(0xa, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0xffffffffffffffff, 0x948b, 0xffffffffffffffff, 0x200, 0x6, 0x0, 0x61, 0x80000020, 0x1000, 0xb, 0x9, 0x4f4, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x2a, 0x8000f, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xfffffffffffffc00, 0x4]}, 0x0) 14.153915872s ago: executing program 2 (id=2079): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40, 0x0) readv$auto(r1, &(0x7f0000000180)={&(0x7f0000000140), 0x9}, 0x4) madvise$auto(0x0, 0xffffffffffff0001, 0x15) poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x1000, 0x1c9}, 0x2, 0x7) io_uring_setup$auto(0x6, 0x0) set_mempolicy$auto(0x1, &(0x7f00000000c0)=0x6, 0x21) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sr0\x00', 0x60742, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) lseek$auto(0x3, 0x2, 0x4) bind$auto(0xffffffffffffffff, &(0x7f0000000080)=@phonet={0x23, 0x5, 0x9, 0x1}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x80000007, 0x20020000) write$auto(0x3, 0x0, 0x7fffffff) setsockopt$auto(0x3, 0x6, 0x13, 0x0, 0xfb1) io_uring_setup$auto(0x1, 0x0) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) 5.956204486s ago: executing program 32 (id=2061): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000040), 0xffffffffffffffff) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x1ff, 0x7, 0x3f, 0x7, 0x1ffe0, 0x7, 0x3, 0x2, 0xd, 0x3, 0x6, 0x4, 0x8b4, 0x9, 0x4, 0x10003, 0x7, 0x4, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x7, 0x0, 0x0, 0x0, [0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe]}, 0x8, 0xd) socket(0xa, 0x5, 0x84) r2 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x101b00, 0x0) ioctl$auto_RNDADDTOENTCNT2(r2, 0x40045201, 0x0) unshare$auto(0x40000080) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x7, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21002, 0xfffffffffffffffb, 0xfffffffffffffffe, 0xfffffffffffffffd, 0xff) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x23) getpid() r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r3, 0x0, 0x7) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_clone(0x40180311, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_OVS_VPORT_CMD_NEW(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x34, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@OVS_VPORT_ATTR_OPTIONS={0x4}, @OVS_VPORT_ATTR_NAME={0x6, 0x3, '*\x00'}, @OVS_VPORT_ATTR_UPCALL_PID={0x4}, @OVS_VPORT_ATTR_TYPE={0x8, 0x2, 0x2}, @OVS_VPORT_ATTR_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4040010}, 0x800) madvise$auto(0x0, 0x2000000080000001, 0x3) 5.886405866s ago: executing program 33 (id=2060): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/firmware/acpi/interrupts/ff_pmtimer\x00', 0xa2100, 0x0) pidfd_open$auto(0x1, 0x0) r1 = openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/netdevsim/netdevsim1/psample/enable\x00', 0x0, 0x0) pidfd_send_signal$auto_PIDFD_SIGNAL_THREAD_GROUP(r1, 0xfffffff8, &(0x7f0000000440)={@siginfo_0_0={0x90, 0x6, 0x10001, @_sigfault={&(0x7f0000001580)="e2b54e0d8732280a33be47d7a05256892735e7658af02dc35871f963042dec2ed9ad624793aa17a0e3672dbaa809e2cdcaa901cfb358cff29627cfe110aaaede655b4e959aa5083775f4b9a6facc3f7775372da8831bc9241899425b9c71a51f36d94bb5a816e8486bae582b99a1707e5c11177fa22ed4d9daaf0e407871985263be4bc2661f71c293b876cab638e90d6182ee3eed1ac76c73568fe1334e4570ae855a106dd523cc8c5b7a411052fda361fc605e578ee7fde5753c4781c4fd2db87003a3768110654be67d8a8d48a553231a0aef092fbb02575469cb1f6cae45f0e3549d8a0374e1b094623a3629c249acf80431e61f8468f415bac8e862fcf1a5e04cf8df24aef307a4dd6c443e988cfbba98b976ab99a322e314790e67db3c2b769779a87d147510a8878f2fa37900fd28714541313e97ffdfd27d1120909da2cc65e79df4eab9fd80a841670ba735bed8437153de7979ff5dd83fc75f64f024113eab2b56b20eae0bdc37f344ccba51d1fa2f13a7ef6a3fd135dfb20a3ee45fe6c32318e73e9bf115345fe7e1d14ffbef3fe988719341c47d0d2d0e776c45dde5a4ec41385954058d6fa637ee7cce0a8724cd36149984d1190ffa6dbad0329b0c157717016e14e52f93acd66e6e6955fb49ebdf00ae93b155386456605acb7fb782a474ac3dfc8122d9b75f2c2a4ade4337e8a63e8b3367c01940d3760023aae5a697574d279df887dc994c424b349adcc31135c28886e1db9b2937d6b80eaaf4198b5cd89e0397c1e8a8274ecea8be195f6eb281d11004bc51a241a85942f4ab7b72d374cb9b8fcbaa6f9fa5b5d825d5757b87c50fa00005220753311789eb0de5cba47be8ad38473479921ee98c260b76c89b581a0a80a86fe165e072a567b4198dda2b47d2d26d8bdee994d7098d61b5777ce7dad5c2c1f6440996c037ab4985da8e91a808367d2308f94deee27c0a8e27080a5d71ed48e90b18dd0db2a8563dcce31f5d04332944a89cde382d44b28cb8a6ecdb48c3f4700c1e6ec1d127a0beaf0b51c3424c2720ef9c406dbc4d6df66fbe3b19b05310040c06a59cd8cf3954a4bec90a188fe2012992d01a62200b43fd263e4b0d1334cf5e5e496f04a49e7f3a924627d46c5f652972dd2adc29b5e422bb18daf658008c0714d693be8c12b6ea72276381a566f688cb03f2063af8dd619257ddc0b1499392d29c975ab871cd54a036b81644dd716645ecbe124383c75b763e1e0b904cc143e06d5a1402be841e45afcd2ab307379e84dee070ced9f95abf18c247b1a4eb9cfe7a327ad6f248536b66a1d7566b025e50b0cc7f0feebbd8b8080aa8660fbdeb675d3e12f3bab5b97eba190c7dca80dd50e4985f83a2865073d2899cd66808f7b3dbc2981307d6a49fe487cc5df85357edf0bdbcc1678946209e9387bf59542e6609854aa2f15a37a817901f3ec2b73cfa8273a760f3068bb8574ddb319fdd6fe46302b56e35825bff9453313da6e1a5cdccb2c4ffee8a5f3a40d9d829a5c3bc89cda9aa93ab5958cff8155c1831b8ec333e207202c3fa5c29fd5bcb42bea7cafecb269cece18f34afbaf5d5478de3dfb41ed032377c82031628bd99f2e007a93dfefb68075d0f23341541b6cc79f4e891af16182d612c37a017bfd2e604aa7947de21d41b494cccce8ab451125c148a42b352574f4b6dd0187b07a1dc7872568f683ab78cf4b96053a1b543ef9b884f0951e9641e6982501298c599b4ecabe5bdc28aff139c30607cbba55b0a6246f28c8ae550f9c97e528c79ba4a8d543d5deeae276805464118d7c9a7c905e3624e7c54ec02543119624105897d6727cecf1a08351bfe9dc0eaaa155c800576487a4d1c904668faed2947dadd1625adb2ff148e9eda64be9e95b1fe8226004a9460fcf689f618891b1794e9a9686c1c3ebf91d017f0ab5668b8253415eaad44e8399a182e47a72fdfb572fac7080a16eb4129442275d0b7b615493dfd2af958097a8768da241deb80ca3c0f0b99b6598109be256da32be34c9e5f03986439dd8c757c39e55ccdf8aade24ac4b659ba6eee626da0e0bc91da00d07d0914c7f4edfb7424e7b7d3a5350309e72ac4590b0de69bc6465ec22a388c8ffe0c278a1ec8b2fc49e3358d90cf7ef793e035700f5ff456cbe05bb42411ceab82d5110b590b28d0eba2e3657c11ffa20e2710dd8c2cecaacba67dfbc09eb971c5b120647e7051eb3b268b8be84ee34bc33b232e90e6dfb5510b4a44e3e9f8d0dcfa73a0f7904a0f0d24b5f41ee05bf344486427f5478fb6a82412ce872c0c42f2408e82a23583942057778e4b1e120107310478a8bb3cc9c9dcd9c7c2a8bdf4ac62b04aeebbcb80ddc0822635b16f155231627d0bd14924730126dd076444fc3516b23cb6f46b548de976f662540759bbacedb23e0a78a41a3d5d13e5c2d5a98198192f37e85c204f70c45874c21b736c46a842c87f81db53eb682db4a778546e02879be85997018d37d924d4eda28e0bfb2a87d4b65d20ee5734ea125d9c57a2e9016b3148041f8be165507b0123565c0cf2e8927e642f64871ba2b1121729bd52661a86112d81b961f85493f5afe2fe2f4c6f3f3ccc3e13eb27b55eee56bf0628fbc943000fa863b60ae6dcd902b07c819358f4cd6f24f173a50a68306dd88db0e8b26e1a3f44f5684955e01d402cab8a26f10f9f3724177217515a49b8b366cf415bdd20500e82de336976a53d2ba27dc51b261ebd047abb66de002f0c8f0d8491671641e1189d1272af7eb8ed8386db9d840092fd88560cf42c5cede66a9b1a47c1f0b1a41a36fea7c011d12a05560218ba9dfbfaf06266cdcfc3e616af434ef63dc35017f869062d46e5b15b4945179dfd23f8e57958676a8769a7824ec8609c0e20bf34140474c03fd71c6932cbca1faa61b07c9e073a8be1906f70c4f7c69df299071c6ac0e7c42bfe5481ab61286cbcf3d80824128d1085adef15a95b37f22906114968b884cde5faaf3b98fb193756db98bf6a3f08ab7495958d8cec542dae4ac7d4d9212c57d26bffae8e74ef5ac4fafb736419f4999f15ddcbfea571517a725aa30dffa04d958bfe99edd242bce5b119dd1327536f861a26162ebcab602dba2920bf85be6c1240d761bc96be95f8894cafd0f9db7b0befd4155e4fb994271ddfcd8b3f4a7efeed9b9f82f07d2d7b7de710c67a78cfd5c668065d0776597cd8b0f49d0371330b78d0b5bbf21f1c748b098fd334bb2abd805ff75444f18f5d7362cf5ddceb70f88f4fa5447cd2d940286e1c57f9d74a79c16f35887aa4264ff9e274c512d945ff5dd707c38d67586946747f3a1f6860188a00dc1d93babf6e4a2ba12cf9003f9e819919ad7e119523176d56338b06112598d3a096ca331d56e2bcfe1fe5402bf1d09288661f6ab85d02d1e3879a4333819fce65c914860cdc7e5ce3c7f80f947c9d352a3b3dd23d8f8e5d725864ff52d2c9681bfb1cddf6fc9ba4ea5330e24255496714b3fff0662ff29bc97f238a1a951f2dde3b17b62c34a001b0141ab0edeafdf185f5c1171ba7a769fb065ddef0c84e9fe72ee588f33265ace0324869f067e6b554d6965b2b0c1cfb5010dd3c0e5c2a7a3d1fa5fb78443d217326236df78427d2ad328dc2090d721cc243f03501ad7c3f41ed98be445bfd7b64e7ef07a37056ebbacac1db93999767352e86f3771705ec69daf15fcfc387f01666af16a260b0449908ffe5429cdd4596dd8f50d25ca1b62fc0b3a95da19ed9319c9038c6a1963896a7c3d25613d7d20e1a2fc5e25b816ab85b45f841f2167c60e9ed8f175f5b054a7121bc614167703cbd5d51541f3ca47f5e7f31d61179c6e1813300b4767106550885426ba2ee8563200b43a0c7b62aed3ab3f19bc74dd57c78391dee08d143bc9b74fbb58018a5c34128556ce4070f576f9898344e8025036575d8e671559ffa5ab6317563689077af496312e1add6cf231e7f20ff9abf3e1cf69e45db6f41ddac95b0119e62e9cce343ed871843ad910944de996aba08cb684c7971a18e760acce9788259ba3d34f91f0cd770fb962629c9bf77231c87e45299f4da87dd805529a0c7b7d6208f667fe377c7a6fdc3c5dc0478c5f848cf54a3520a5a623fd6614a8e43f954f5e3cac0ea139b85ff631407905311fb5844b4e76a4823fea38b3202c50767877a81108729d7719c247dde80608f936914e4e78526a3c5d3594c1cdf66f932b23f0d7190ff8d3c55a37a0694a706db75506c97085312b0f70b41310e504cc54c6e181899cf2bdaec18c683e89d459e4df638108b9e3b27406ba1428ae128569a0794bb0041e435da494daf9ed743769f9e9662b52ed7b0954a0ab4c62faa240b52dba170624ff56a9f5f4233dc984bdb0d8673d778531b65435b53bd4df4d0498ed4b9b9534a6af7a74f9d266490e28d60081c25c15dacce9fd11f296c2f6c541e7c98b19e984105021aaffb25290be4f7a3b589dddb0bef79aaf6539e0d7638151b0354d863b7d69181b409f8c2aff6d05adbb9c89d83f271ba2de5d323eca9528d633bdad15f39eb0d56335284daef7790f7cf9ddc4821d0cd76de75b31c60beabc266e5f8f06799791cc078c49ad3576e76b6ce356e3251b39c76f6a24edbb8cef1f628e68b25f16337b594fe96f5ce22f56ddcf25a63f4daffb1ccb749c050f925fe11065ab6e0ae5634d132f6551501c67e08dfaf76b0273568b7cb7161e0df43da9e5048d6be5bfab73f92186480d0d7ac3ce54712649abaec457243607e824a3f9249bbc097a19a4357e9f45b2de7b76598d44f4aa55f042da88d2ef7035c999f5fd463b056dfc745bb36b77edeb486f96764f34f9d0ab43b2227783040e0835fce5a15364cac4ead828b2c5a240553eac6a00e8f88a7e3e7a54a57093146e00d30b5693cba303706fb0a5b0b7ede10eb37658345e5a6997b473bab6530135f1471305b203dfac39b14722990c556319425653c2e25a231b23d98e863080c45d0fef23401cd83b6518e5e29c96cd9462bdd9a72af93dfe398352867abeaa5b81c11a2d5b3a001ba66bb0f7978cdd29a157b4d5c0e20e732fd4bacb846b1bc0a1980b9c6aab7f13595b57d17df79f9791306694c619d423497fccdd00eaca15c75d76425b2b3b725ac149c1c4b0529929c13c813f50e47307186ce8982e1909ce63d497989555a2533c7dc9881c2a4dcfbdf453f031", @_addr_pkey={"4bc6f7b3fd0498b6", 0x6}}}}, 0x2) socket(0x22, 0x2, 0x2) bind$auto(0x3, &(0x7f0000000040), 0xb) mq_open$auto(&(0x7f0000000200)='\\\b\x00\x00\x00', 0x7c, 0x9, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = socket(0x15, 0x5, 0x0) setsockopt$auto(r2, 0x114, 0x2, 0x0, 0x4) unshare$auto(0x40000080) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) syslog$auto(0x3, 0x0, 0x5) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) pread64$auto(r3, 0x0, 0xeda5, 0xc86) mq_getsetattr$auto(0x3, 0x0, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x107000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)=""/45, 0x2d) 5.865584989s ago: executing program 2 (id=2084): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, 0x0, 0xc0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x5, 0xfffff05e, 0x0, 0x0, 0x80000001) r1 = gettid() futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) kill$auto(r1, 0x11) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC1\x00', 0x0, 0x0) sendfile$auto(r2, r3, 0x0, 0x1000200) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x8600, 0x0) 4.719397703s ago: executing program 3 (id=2087): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x0, @my=0x1}, 0x55) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/bpq2/statistics/rx_missed_errors\x00', 0x48500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000010c0)=""/4090, 0xffa) socket(0x2, 0x1, 0x106) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/run_estimation\x00', 0x88042, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000200)={0x8, 0x3, [{r5, 0x0, 0x8, 0x6}, {r3, 0x0, 0xf, 0x6}, {r3, 0x0, 0xe87f, 0x80}, {r4, 0x0, 0x6, 0x3}]}) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x4) socket$nl_generic(0x10, 0x3, 0x10) getpid() socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x5, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xf, 0xfffffffffffffffe, 0x948b, 0x3, 0x4, 0x3, 0x1000, 0x200000000000005e, 0x4000008000001f, 0x17, 0x6d3e, 0x0, 0x2, 0x8000000000820]}, 0x0) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\x03\xa1\x19\x9a_\r\x00\x00X\xa6\x89L\x1e\x1b\x16/\xe8\xca\tL\xd9M\xf3_L\x00\x04\x00\x00\xa2\x00\x00', 0x101) select$auto(0xa, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0xffffffffffffffff, 0x948b, 0xffffffffffffffff, 0x200, 0x6, 0x0, 0x61, 0x80000020, 0x1000, 0xb, 0x9, 0x4f4, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x2a, 0x8000f, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xfffffffffffffc00, 0x4]}, 0x0) 3.381802382s ago: executing program 3 (id=2088): sendmsg$auto_ETHTOOL_MSG_TSCONFIG_SET(0xffffffffffffffff, 0x0, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) socket(0x11, 0x3, 0x3a) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x841, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) timer_create$auto(0x3, 0x0, 0x0) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{}, {0x0, 0x83}}, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0xe, 0x0) fsopen$auto(0x0, 0x1) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) 3.380984162s ago: executing program 2 (id=2089): openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x2, 0x0) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000140)={{0x8, 0xffffffffffffffff, 0xee01, 0x2, 0x8, 0x7, 0x9}, &(0x7f00000000c0)=0xc0, &(0x7f0000000100)=0x5, 0xffffffff, 0x6, 0x8000000000000001, 0xb0a2, 0x208, 0x2f, 0x404, 0x4, @raw=0x5, @inferred=0xffffffffffffffff}) keyctl$auto(0x1, 0x1, r0, 0x0, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2c, 0x80003, 0x0) setsockopt$auto(r1, 0x11b, 0x4, 0xffffffffffffffff, 0x9) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0x8208ae63, 0x38) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) 2.312990904s ago: executing program 2 (id=2090): openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x242e40, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r0, 0x540a, 0x0) unshare$auto(0x40000080) unshare$auto(0x6) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/statistics/dot11RTSSuccessCount\x00', 0x800, 0x0) link$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') read$auto_debugfs_full_proxy_file_operations_internal(r1, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket(0xa, 0x5, 0x84) init_module$auto(0x0, 0xffff9, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/tty6\x00', 0x0, 0x0) r3 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) read$auto_rng_chrdev_ops_core(r3, 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r4 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000180), r2) geteuid() sendmsg$auto_NLBL_CIPSOV4_C_LISTALL(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x3b0, r4, 0x100, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_TAG={0x5, 0x3, 0x4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4}, @NLBL_CIPSOV4_A_MLSLVL={0x8, 0x7, 0x0, 0x1, [@nested={0x4, 0xa4}]}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4}, @NLBL_CIPSOV4_A_MLSCAT={0x379, 0xb, 0x0, 0x1, [@nested={0xed, 0x54, 0x0, 0x1, [@generic="c59492b8140338fc96668b8962b60a2c1b2c3915f2819ae1f209e0d34d8087b768d08f3d70681b62f2b182932ee7471b82054d707b2c2e78adb1e1e8b68a4a355bfab256fcda4490437a208de344641d0ae1b8cea697aae2c4093d6645bfd09d3e2ce25452e57ca1e747006b83cddc0d9b8e1d2a899728d870bdecd9d3bb5d1d264687d661550ff383f6481975c28fc1848447cf55d4338c68ece658dcd306d6cb5f4c6caaaf7430fd6ad8e42ec49424417dee25b7cc4b55f94addfa69c3af0e243409d5d44a6eb01c8fce0ff2872a26be0abc61f5cd6647c49ef761617d62c8d1b57234bef0658a7c"]}, @typed={0xc, 0xbd, 0x0, 0x0, @u64=0x5}, @generic="de11a9d8ca9a5b677adeedc536e97b8ff8815c51b22adaf5d838c7d11f1228ac0f203c0aab5130d702e94bef9f5b83f4acf778ba12a143100d1c5bc28178bd349e606afbf84b30a87c0ad677c3c7a8abc0ab982727338195450a68d4cd118500ec1459eb65be3893", @generic="9e43c1f484e62390f6ab6ab5b8515ae566c7", @generic="4bb5d8af2baabd94de14e3384654cb72d10e54934e45e1daffdb45aa10445ab0c4724738889dd76bac362c8287613285ee6a4cdc76614ed74700c0b7c9e6877d8322c3b6ae00213cab74ed806276863fb41f6f3056920719562cffc082f09c32ef68dd962f9b6314cc59d0e49639adac30fae6b87e410d3b29097ef8e566d582026eb4f71b2fa610d8f3d3e8af7ad49902595e1fb7eef233590ed7d19de1e41616df157732ab91774d3c7d41efc76ac10a7b47a955e946a8a2fe9170e50a3f7498c1f1b47996da", @generic="87ac1491d9c012bd7ae0347b637d21d6a3fd5eec369270553d503c2a6b7e2bab96f236841cb11c194e6fdde7581a850dcfe6ecc348abecb7b2ce66148517aa03dc7994aec148495002482b57d935418ff5cceed09f01cecbc0aa8f2889721d79fcd28d55a977baa52b16de1f48ba", @typed={0x4, 0x65}, @generic="8e012c3b96c294191240ee404528f9ad6961c7531ed3a365faa74691aca2fa9c4d75183645805db774b0adeb03ceef7db83f28c16a3f83788f4753632db53e3893e16326a9fbf9c3805dd9afe77afb0922d1cd527329e3bd376333f4025ca34fe9dce7c3240c0bd4219b776dff11d93bec33dfa36c2a3292c0ed7c67454fd1246b1c7ceb5ba4cc63e4febd7ad25c57cbabc2ca991bf9b7d2bc96457b8fe3dd5c0e9bd9e7da7b2e14cda6f07b161f43b7f37db5045f302bd25824f9c00dbe", @typed={0x8, 0x32, 0x0, 0x0, @fd=r1}]}]}, 0x3b0}, 0x1, 0x0, 0x0, 0x4004000}, 0x20000081) setgroups$auto(0xe32, 0x0) get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1) 2.077030998s ago: executing program 3 (id=2091): socket(0xa, 0x3, 0x3b) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) quotactl$auto(0x9, 0x0, 0x62a0, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0xe31, 0x40000000000a5, 0x8000) syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000100), 0xffffffffffffffff) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x800, 0x0) ioctl$auto_SG_NEXT_CMD_LEN(r0, 0x2283, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) epoll_create$auto(0x3ff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) madvise$auto(0x0, 0x2003f0, 0x17) mmap$auto(0x5, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x4000000007ffc) unshare$auto(0x8000000) semget$auto(0x0, 0x2e4a, 0x8000) 915.222769ms ago: executing program 3 (id=2092): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="17000000", @ANYBLOB='U'], 0x1ac}, 0x1, 0x0, 0x0, 0x663e94553c5db1d5}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x6, &(0x7f0000000100)={0x0, 0x1}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x5, 0x4000a98) 771.247116ms ago: executing program 3 (id=2093): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0) close_range$auto(0x2, 0x8000, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x26dc2, 0x84) io_uring_setup$auto(0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_ADD_NAN_FUNCTION(r0, 0x0, 0x4000000) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x4, 0x401, r2, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) bpf$auto(0x4, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x200ffffffff, 0x9, 0x5, 0xf870e9f, 0x3ff, 0x8}, 0x9) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x0, 0x1, 0x42, 0x200000000065f, 0x401ffde, 0x7, 0x3, 0x2, 0x100, 0x3eb, 0x5, 0x2, 0x3000, 0x2, 0x6, 0x10003, 0x82, 0x4, 0x0, 0x5, 0x1ffb, 0x203, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x80000000, 0x4, 0xfffffffffffffffc, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffbfffc, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x51, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x7fff]}, 0x7, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r5 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000040)={0x0, 0x8d}, 0x1, 0x0, 0x7, 0xa505}, 0x800}, 0x400, 0x4004) 368.840643ms ago: executing program 3 (id=2094): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x1, 0x106) setsockopt$auto(r1, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) bind$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/machinecheck/machinecheck0/check_interval\x00', 0x102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3dc) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, 0x0, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) write$auto(0x3, 0x0, 0x1000) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) write$auto(0x3, 0x0, 0xfffffdef) connect$auto(0x3, 0x0, 0x55) 0s ago: executing program 2 (id=2095): unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/write_cache\x00', 0x182b02, 0x0) sendfile$auto(r0, r0, 0x0, 0xea) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/system/node/node1/distance\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) close_range$auto(0x2, 0x8, 0x0) userfaultfd$auto(0x1) epoll_create$auto(0x0) r2 = socket(0x15, 0x5, 0x0) setsockopt$auto(r2, 0x114, 0x1, 0x0, 0x1b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/mm/ksm/max_page_sharing\x00', 0x400, 0x0) kernel console output (not intermixed with test programs): 14][ T7665] syz.3.500: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 217.238974][ T7665] CPU: 1 UID: 0 PID: 7665 Comm: syz.3.500 Not tainted syzkaller #0 PREEMPT(full) [ 217.239011][ T7665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 217.239028][ T7665] Call Trace: [ 217.239037][ T7665] [ 217.239048][ T7665] dump_stack_lvl+0x100/0x190 [ 217.239092][ T7665] warn_alloc.cold+0x95/0x1c1 [ 217.239141][ T7665] ? __pfx_warn_alloc+0x10/0x10 [ 217.239169][ T7665] ? lockdep_hardirqs_on+0x78/0x100 [ 217.239214][ T7665] ? __get_vm_area_node+0x2c5/0x330 [ 217.239260][ T7665] ? __get_vm_area_node+0x208/0x330 [ 217.239304][ T7665] __vmalloc_node_range_noprof+0xbf4/0x1530 [ 217.239347][ T7665] ? local_lock_release+0x99/0x130 [ 217.239395][ T7665] ? kernel_clone+0xfc/0x930 [ 217.239424][ T7665] ? find_held_lock+0x2b/0x80 [ 217.239462][ T7665] ? rcu_read_unlock+0x17/0x60 [ 217.239499][ T7665] ? rcu_read_unlock+0x17/0x60 [ 217.239549][ T7665] ? obj_cgroup_charge_account+0x46d/0x640 [ 217.239592][ T7665] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 217.239639][ T7665] ? __memcg_slab_post_alloc_hook+0x51e/0x9a0 [ 217.239692][ T7665] ? kernel_clone+0xfc/0x930 [ 217.239719][ T7665] __vmalloc_node_noprof+0xad/0xf0 [ 217.239761][ T7665] ? kernel_clone+0xfc/0x930 [ 217.239791][ T7665] copy_process+0x5ec/0x79b0 [ 217.239816][ T7665] ? futex_unqueue+0x133/0x2c0 [ 217.239860][ T7665] ? __pfx_copy_process+0x10/0x10 [ 217.239897][ T7665] ? _copy_from_user+0x59/0xd0 [ 217.239943][ T7665] kernel_clone+0xfc/0x930 [ 217.239973][ T7665] ? __pfx_kernel_clone+0x10/0x10 [ 217.240008][ T7665] ? __pfx_futex_wait+0x10/0x10 [ 217.240052][ T7665] __do_sys_clone3+0x214/0x290 [ 217.240081][ T7665] ? __pfx___do_sys_clone3+0x10/0x10 [ 217.240156][ T7665] do_syscall_64+0x106/0xf80 [ 217.240194][ T7665] ? clear_bhb_loop+0x40/0x90 [ 217.240228][ T7665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.240257][ T7665] RIP: 0033:0x7efea599bf79 [ 217.240281][ T7665] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 217.240307][ T7665] RSP: 002b:00007efea67efef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 217.240333][ T7665] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007efea599bf79 [ 217.240351][ T7665] RDX: 00007efea67eff10 RSI: 0000000000000058 RDI: 00007efea67eff10 [ 217.240368][ T7665] RBP: 00007efea5a327e0 R08: 0000000000000000 R09: 0000000000000058 [ 217.240385][ T7665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.240401][ T7665] R13: 00007efea5c16038 R14: 00007efea5c15fa0 R15: 00007ffc57208628 [ 217.240437][ T7665] [ 217.240448][ T7665] Mem-Info: [ 217.730940][ T7665] active_anon:16503 inactive_anon:0 isolated_anon:21 [ 217.730940][ T7665] active_file:17990 inactive_file:53132 isolated_file:0 [ 217.730940][ T7665] unevictable:768 dirty:442 writeback:0 [ 217.730940][ T7665] slab_reclaimable:13408 slab_unreclaimable:90532 [ 217.730940][ T7665] mapped:32476 shmem:7420 pagetables:1192 [ 217.730940][ T7665] sec_pagetables:0 bounce:0 [ 217.730940][ T7665] kernel_misc_reclaimable:0 [ 217.730940][ T7665] free:1303898 free_pcp:9447 free_cma:0 [ 218.025461][ T7665] Node 0 active_anon:64332kB inactive_anon:0kB active_file:71960kB inactive_file:212324kB unevictable:1536kB isolated(anon):84kB isolated(file):0kB mapped:119056kB dirty:1776kB writeback:0kB shmem:30664kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11540kB pagetables:4632kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 218.098545][ T7665] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 218.178460][ T7665] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 218.280335][ T7665] lowmem_reserve[]: 0 2479 2480 2480 2480 [ 218.289974][ T7665] Node 0 DMA32 free:1250740kB boost:0kB min:34316kB low:42892kB high:51468kB reserved_highatomic:0KB free_highatomic:0KB active_anon:58936kB inactive_anon:0kB active_file:71960kB inactive_file:212324kB unevictable:1536kB writepending:1776kB zspages:0kB present:3129332kB managed:2538564kB mlocked:0kB bounce:0kB free_pcp:39492kB local_pcp:8920kB free_cma:0kB [ 218.334870][ T7665] lowmem_reserve[]: 0 0 1 1 1 [ 218.342770][ T7665] Node 0 Normal free:4kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1096kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 218.423579][ T7665] lowmem_reserve[]: 0 0 0 0 0 [ 218.447877][ T7665] Node 1 Normal free:3955136kB boost:0kB min:55572kB low:69464kB high:83356kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 218.611247][ T7665] lowmem_reserve[]: 0 0 0 0 0 [ 218.616025][ T7665] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 218.647933][ T7665] Node 0 DMA32: 61*4kB (UM) 11*8kB (UME) 27*16kB (UME) 932*32kB (UME) 569*64kB (UME) 332*128kB (UME) 120*256kB (UME) 41*512kB (UM) 19*1024kB (UME) 10*2048kB (UME) 255*4096kB (M) = 1245628kB [ 218.676695][ T7665] Node 0 Normal: 1*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB [ 218.691253][ T7665] Node 1 Normal: 6*4kB (UE) 15*8kB (UME) 15*16kB (UME) 14*32kB (UME) 16*64kB (UME) 3*128kB (UM) 3*256kB (ME) 5*512kB (UME) 1*1024kB (M) 6*2048kB (UME) 961*4096kB (M) = 3955136kB [ 218.713383][ T7665] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 218.724672][ T7665] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 218.735669][ T7665] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 218.745895][ T7665] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 218.755674][ T7665] 78936 total pagecache pages [ 218.761866][ T7665] 0 pages in swap cache [ 218.766360][ T7665] Free swap = 124996kB [ 218.771973][ T7665] Total swap = 124996kB [ 218.776144][ T7665] 2097051 pages RAM [ 218.780378][ T7665] 0 pages HighMem/MovableOnly [ 218.785074][ T7665] 430521 pages reserved [ 218.789796][ T7665] 0 pages cma reserved [ 219.667158][ T7691] netlink: 504 bytes leftover after parsing attributes in process `syz.0.507'. [ 219.744140][ T7693] netlink: 350 bytes leftover after parsing attributes in process `syz.0.507'. [ 224.619845][ T7744] netlink: 98 bytes leftover after parsing attributes in process `syz.1.525'. [ 229.235140][ T7787] netlink: 'syz.0.534': attribute type 4 has an invalid length. [ 229.242950][ T7787] netlink: 'syz.0.534': attribute type 5 has an invalid length. [ 229.293185][ T7787] netlink: 10 bytes leftover after parsing attributes in process `syz.0.534'. [ 230.720507][ T7803] GUP no longer grows the stack in syz.0.537 (7803): 14000-18000 (4000) [ 230.795337][ T7803] CPU: 0 UID: 0 PID: 7803 Comm: syz.0.537 Not tainted syzkaller #0 PREEMPT(full) [ 230.795369][ T7803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 230.795378][ T7803] Call Trace: [ 230.795386][ T7803] [ 230.795392][ T7803] dump_stack_lvl+0x100/0x190 [ 230.795428][ T7803] gup_vma_lookup.cold+0x83/0x96 [ 230.795468][ T7803] __get_user_pages+0x241/0x34d0 [ 230.795506][ T7803] ? find_held_lock+0x2b/0x80 [ 230.795525][ T7803] ? mtree_load+0x311/0xa40 [ 230.795557][ T7803] ? __pfx___get_user_pages+0x10/0x10 [ 230.795584][ T7803] get_user_pages_remote+0x3d2/0xb10 [ 230.795610][ T7803] ? __pfx_get_user_pages_remote+0x10/0x10 [ 230.795633][ T7803] ? noop_dirty_folio+0x98/0x160 [ 230.795657][ T7803] __access_remote_vm+0x3ba/0xa70 [ 230.795681][ T7803] ? __pfx___access_remote_vm+0x10/0x10 [ 230.795705][ T7803] mem_rw+0x20a/0x640 [ 230.795726][ T7803] vfs_write+0x2aa/0x1070 [ 230.795744][ T7803] ? __pfx_mem_write+0x10/0x10 [ 230.795762][ T7803] ? __pfx_vfs_write+0x10/0x10 [ 230.795780][ T7803] ? __fget_files+0x215/0x3d0 [ 230.795802][ T7803] ? __fget_files+0x21f/0x3d0 [ 230.795825][ T7803] ksys_write+0x12a/0x250 [ 230.795844][ T7803] ? __pfx_ksys_write+0x10/0x10 [ 230.795863][ T7803] ? trace_irq_enable.constprop.0+0x2d/0x110 [ 230.795888][ T7803] do_syscall_64+0x106/0xf80 [ 230.795908][ T7803] ? clear_bhb_loop+0x40/0x90 [ 230.795926][ T7803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.795940][ T7803] RIP: 0033:0x7f3b7bf9bf79 [ 230.795954][ T7803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 230.795967][ T7803] RSP: 002b:00007f3b7cde1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 230.795981][ T7803] RAX: ffffffffffffffda RBX: 00007f3b7c216090 RCX: 00007f3b7bf9bf79 [ 230.795991][ T7803] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 230.795999][ T7803] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 230.796007][ T7803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.796015][ T7803] R13: 00007f3b7c216128 R14: 00007f3b7c216090 R15: 00007ffdab8340c8 [ 230.796036][ T7803] [ 231.156139][ T7796] HfR: entered promiscuous mode [ 232.949731][ T7830] FAULT_INJECTION: forcing a failure. [ 232.949731][ T7830] name fail_futex, interval 1, probability 0, space 0, times 0 [ 233.012921][ T7830] CPU: 1 UID: 0 PID: 7830 Comm: syz.0.547 Not tainted syzkaller #0 PREEMPT(full) [ 233.012958][ T7830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 233.012974][ T7830] Call Trace: [ 233.012983][ T7830] [ 233.012994][ T7830] dump_stack_lvl+0x100/0x190 [ 233.013039][ T7830] should_fail_ex.cold+0x5/0xa [ 233.013070][ T7830] get_futex_key+0x1d2/0x1620 [ 233.013120][ T7830] ? __pfx_get_futex_key+0x10/0x10 [ 233.013196][ T7830] futex_wait_setup+0x81/0x500 [ 233.013242][ T7830] __futex_wait+0x19f/0x300 [ 233.013279][ T7830] ? __pfx___futex_wait+0x10/0x10 [ 233.013311][ T7830] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 233.013349][ T7830] ? lockdep_hardirqs_on+0x78/0x100 [ 233.013392][ T7830] ? __pfx_futex_wake_mark+0x10/0x10 [ 233.013430][ T7830] ? futex_hash+0x2c5/0x380 [ 233.013484][ T7830] futex_wait+0xed/0x380 [ 233.013519][ T7830] ? __pfx_futex_wait+0x10/0x10 [ 233.013561][ T7830] ? ksys_write+0x190/0x250 [ 233.013598][ T7830] ? ksys_write+0x190/0x250 [ 233.013637][ T7830] do_futex+0x1ef/0x350 [ 233.013666][ T7830] ? __pfx_do_futex+0x10/0x10 [ 233.013697][ T7830] ? cap_task_prctl+0x104/0xa50 [ 233.013731][ T7830] ? __pfx_sched_core_share_pid+0x10/0x10 [ 233.013777][ T7830] __x64_sys_futex+0x34f/0x4d0 [ 233.013810][ T7830] ? __pfx___x64_sys_futex+0x10/0x10 [ 233.013839][ T7830] ? __pfx___do_sys_prctl+0x10/0x10 [ 233.013884][ T7830] do_syscall_64+0x106/0xf80 [ 233.013922][ T7830] ? clear_bhb_loop+0x40/0x90 [ 233.013956][ T7830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.013984][ T7830] RIP: 0033:0x7f3b7bf9bf79 [ 233.014007][ T7830] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 233.014035][ T7830] RSP: 002b:00007f3b7cde10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 233.014063][ T7830] RAX: ffffffffffffffda RBX: 00007f3b7c216098 RCX: 00007f3b7bf9bf79 [ 233.014082][ T7830] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3b7c216098 [ 233.014099][ T7830] RBP: 00007f3b7c216090 R08: 0000000000000000 R09: 0000000000000000 [ 233.014116][ T7830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.014141][ T7830] R13: 00007f3b7c216128 R14: 00007ffdab833fe0 R15: 00007ffdab8340c8 [ 233.014180][ T7830] [ 233.332814][ T7825] WARNING! power/level is deprecated; use power/control instead [ 234.724208][ T7848] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 234.887459][ T7848] File: /dev/nullb0 PID: 7848 Comm: syz.0.552 [ 236.101712][ T29] audit: type=1800 audit(2147483717.480:3): pid=7875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.557" name="dbroot" dev="configfs" ino=91975 res=0 errno=0 [ 236.299286][ T7875] netlink: 'syz.1.557': attribute type 2 has an invalid length. [ 236.306963][ T7875] netlink: 'syz.1.557': attribute type 3 has an invalid length. [ 236.377761][ T7875] netlink: 158 bytes leftover after parsing attributes in process `syz.1.557'. [ 236.438181][ T7875] netlink: 4 bytes leftover after parsing attributes in process `syz.1.557'. [ 239.495649][ T7904] netlink: 'syz.1.562': attribute type 4 has an invalid length. [ 239.527582][ T7904] netlink: 'syz.1.562': attribute type 5 has an invalid length. [ 239.546223][ T7904] netlink: 10 bytes leftover after parsing attributes in process `syz.1.562'. [ 240.829501][ T5833] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 240.829540][ T5833] Bluetooth: hci3: unexpected subevent 0x03 length: 725 > 9 [ 241.115214][ T7926] zswap: compressor not available [ 242.210108][ T7943] netlink: 4 bytes leftover after parsing attributes in process `syz.0.572'. [ 242.329096][ T7943] netlink: 354 bytes leftover after parsing attributes in process `syz.0.572'. [ 242.643072][ T7953] netlink: 330 bytes leftover after parsing attributes in process `syz.2.573'. [ 246.505300][ T7990] netlink: 17 bytes leftover after parsing attributes in process `syz.1.583'. [ 248.775088][ T8014] FAULT_INJECTION: forcing a failure. [ 248.775088][ T8014] name failslab, interval 1, probability 0, space 0, times 0 [ 248.879049][ T8014] CPU: 1 UID: 0 PID: 8014 Comm: syz.0.588 Not tainted syzkaller #0 PREEMPT(full) [ 248.879089][ T8014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 248.879110][ T8014] Call Trace: [ 248.879120][ T8014] [ 248.879130][ T8014] dump_stack_lvl+0x100/0x190 [ 248.879174][ T8014] should_fail_ex.cold+0x5/0xa [ 248.879205][ T8014] ? tomoyo_realpath_from_path+0xb6/0x690 [ 248.879233][ T8014] should_failslab+0xc2/0x120 [ 248.879271][ T8014] __kmalloc_noprof+0xe0/0x850 [ 248.879309][ T8014] tomoyo_realpath_from_path+0xb6/0x690 [ 248.879346][ T8014] tomoyo_check_open_permission+0x2af/0x3c0 [ 248.879388][ T8014] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 248.879461][ T8014] ? do_raw_spin_lock+0x128/0x260 [ 248.879497][ T8014] ? path_get+0x61/0x80 [ 248.879538][ T8014] tomoyo_file_open+0x6b/0x90 [ 248.879572][ T8014] security_file_open+0xb5/0x1e0 [ 248.879614][ T8014] do_dentry_open+0x5aa/0x1660 [ 248.879653][ T8014] ? security_inode_permission+0xbf/0x250 [ 248.879699][ T8014] vfs_open+0x82/0x3f0 [ 248.879746][ T8014] path_openat+0x208c/0x31a0 [ 248.879796][ T8014] ? __pfx_path_openat+0x10/0x10 [ 248.879864][ T8014] do_file_open+0x20e/0x430 [ 248.879904][ T8014] ? __pfx_do_file_open+0x10/0x10 [ 248.879978][ T8014] ? alloc_fd+0x476/0x790 [ 248.880020][ T8014] ? do_getname+0x191/0x390 [ 248.880068][ T8014] do_sys_openat2+0x10d/0x1e0 [ 248.880095][ T8014] ? __pfx_do_sys_openat2+0x10/0x10 [ 248.880155][ T8014] __x64_sys_openat+0x12d/0x210 [ 248.880183][ T8014] ? __pfx___x64_sys_openat+0x10/0x10 [ 248.880209][ T8014] ? xfd_validate_state+0x129/0x190 [ 248.880258][ T8014] do_syscall_64+0x106/0xf80 [ 248.880298][ T8014] ? clear_bhb_loop+0x40/0x90 [ 248.880333][ T8014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.880362][ T8014] RIP: 0033:0x7f3b7bf9bf79 [ 248.880388][ T8014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 248.880422][ T8014] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 248.880457][ T8014] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 248.880477][ T8014] RDX: 0000000000101840 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 248.880496][ T8014] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 248.880513][ T8014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.880530][ T8014] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 248.880570][ T8014] [ 248.880582][ T8014] ERROR: Out of memory at tomoyo_realpath_from_path. [ 254.300254][ T8081] netlink: 2468 bytes leftover after parsing attributes in process `syz.1.605'. [ 257.124062][ T8121] openvswitch: netlink: IP tunnel TTL not specified. [ 257.855913][ T8127] zram0: detected capacity change from 0 to 8 [ 259.497547][ T8136] netlink: 330 bytes leftover after parsing attributes in process `syz.0.617'. [ 259.607530][ T8137] FAULT_INJECTION: forcing a failure. [ 259.607530][ T8137] name fail_futex, interval 1, probability 0, space 0, times 0 [ 259.675695][ T8137] CPU: 0 UID: 0 PID: 8137 Comm: syz.1.616 Not tainted syzkaller #0 PREEMPT(full) [ 259.675735][ T8137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 259.675752][ T8137] Call Trace: [ 259.675761][ T8137] [ 259.675772][ T8137] dump_stack_lvl+0x100/0x190 [ 259.675818][ T8137] should_fail_ex.cold+0x5/0xa [ 259.675850][ T8137] get_futex_key+0x1d2/0x1620 [ 259.675901][ T8137] ? __pfx_get_futex_key+0x10/0x10 [ 259.675942][ T8137] ? futex_hash+0x2c5/0x380 [ 259.676002][ T8137] futex_wake+0xea/0x530 [ 259.676038][ T8137] ? __pfx_futex_wait+0x10/0x10 [ 259.676073][ T8137] ? __pfx_futex_wake+0x10/0x10 [ 259.676111][ T8137] ? ksys_write+0x190/0x250 [ 259.676145][ T8137] ? ksys_write+0x190/0x250 [ 259.676186][ T8137] do_futex+0x32b/0x350 [ 259.676215][ T8137] ? __pfx_do_futex+0x10/0x10 [ 259.676244][ T8137] ? cap_task_prctl+0x104/0xa50 [ 259.676279][ T8137] ? __pfx_sched_core_share_pid+0x10/0x10 [ 259.676327][ T8137] __x64_sys_futex+0x34f/0x4d0 [ 259.676361][ T8137] ? __pfx___x64_sys_futex+0x10/0x10 [ 259.676392][ T8137] ? __pfx___do_sys_prctl+0x10/0x10 [ 259.676431][ T8137] do_syscall_64+0x106/0xf80 [ 259.676467][ T8137] ? clear_bhb_loop+0x40/0x90 [ 259.676512][ T8137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.676541][ T8137] RIP: 0033:0x7efc1979bf79 [ 259.676564][ T8137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 259.676592][ T8137] RSP: 002b:00007efc1a5890e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 259.676619][ T8137] RAX: ffffffffffffffda RBX: 00007efc19a16098 RCX: 00007efc1979bf79 [ 259.676637][ T8137] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007efc19a1609c [ 259.676655][ T8137] RBP: 00007efc19a16090 R08: 0000000000000000 R09: 0000000000000000 [ 259.676672][ T8137] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 259.676689][ T8137] R13: 00007efc19a16128 R14: 00007fff70231b00 R15: 00007fff70231be8 [ 259.676724][ T8137] [ 260.953472][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.017153][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.120645][ T8150] Dead loop on virtual device ip6_vti0, fix it urgently! [ 261.139132][ T8150] Dead loop on virtual device ip6_vti0, fix it urgently! [ 261.146790][ T8150] Dead loop on virtual device ip6_vti0, fix it urgently! [ 261.199707][ T8150] Dead loop on virtual device ip6_vti0, fix it urgently! [ 261.230992][ T8150] Dead loop on virtual device ip6_vti0, fix it urgently! [ 261.258073][ T8150] Dead loop on virtual device ip6_vti0, fix it urgently! [ 261.459719][ T8154] FAULT_INJECTION: forcing a failure. [ 261.459719][ T8154] name failslab, interval 1, probability 0, space 0, times 0 [ 261.525512][ T8154] CPU: 1 UID: 0 PID: 8154 Comm: syz.2.624 Not tainted syzkaller #0 PREEMPT(full) [ 261.525551][ T8154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 261.525568][ T8154] Call Trace: [ 261.525577][ T8154] [ 261.525587][ T8154] dump_stack_lvl+0x100/0x190 [ 261.525633][ T8154] should_fail_ex.cold+0x5/0xa [ 261.525665][ T8154] ? tomoyo_realpath_from_path+0xb6/0x690 [ 261.525695][ T8154] should_failslab+0xc2/0x120 [ 261.525733][ T8154] __kmalloc_noprof+0xe0/0x850 [ 261.525772][ T8154] tomoyo_realpath_from_path+0xb6/0x690 [ 261.525809][ T8154] tomoyo_check_open_permission+0x2af/0x3c0 [ 261.525853][ T8154] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 261.525928][ T8154] ? do_raw_spin_lock+0x128/0x260 [ 261.525965][ T8154] ? path_get+0x61/0x80 [ 261.526008][ T8154] tomoyo_file_open+0x6b/0x90 [ 261.526041][ T8154] security_file_open+0xb5/0x1e0 [ 261.526085][ T8154] do_dentry_open+0x5aa/0x1660 [ 261.526124][ T8154] ? security_inode_permission+0xbf/0x250 [ 261.526170][ T8154] vfs_open+0x82/0x3f0 [ 261.526216][ T8154] path_openat+0x208c/0x31a0 [ 261.526266][ T8154] ? __pfx_path_openat+0x10/0x10 [ 261.526317][ T8154] do_file_open+0x20e/0x430 [ 261.526356][ T8154] ? __pfx_do_file_open+0x10/0x10 [ 261.526430][ T8154] ? alloc_fd+0x476/0x790 [ 261.526471][ T8154] ? do_getname+0x191/0x390 [ 261.526516][ T8154] do_sys_openat2+0x10d/0x1e0 [ 261.526543][ T8154] ? __pfx_do_sys_openat2+0x10/0x10 [ 261.526602][ T8154] __x64_sys_openat+0x12d/0x210 [ 261.526630][ T8154] ? __pfx___x64_sys_openat+0x10/0x10 [ 261.526656][ T8154] ? xfd_validate_state+0x129/0x190 [ 261.526703][ T8154] do_syscall_64+0x106/0xf80 [ 261.526742][ T8154] ? clear_bhb_loop+0x40/0x90 [ 261.526777][ T8154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.526806][ T8154] RIP: 0033:0x7f1910d9bf79 [ 261.526831][ T8154] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 261.526859][ T8154] RSP: 002b:00007f1911ce0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 261.526885][ T8154] RAX: ffffffffffffffda RBX: 00007f1911015fa0 RCX: 00007f1910d9bf79 [ 261.526903][ T8154] RDX: 0000000000101840 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 261.526922][ T8154] RBP: 00007f1910e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 261.526938][ T8154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.526954][ T8154] R13: 00007f1911016038 R14: 00007f1911015fa0 R15: 00007ffcc377f138 [ 261.526992][ T8154] [ 261.527002][ T8154] ERROR: Out of memory at tomoyo_realpath_from_path. [ 266.104052][ T8206] FAULT_INJECTION: forcing a failure. [ 266.104052][ T8206] name fail_futex, interval 1, probability 0, space 0, times 0 [ 266.177765][ T8206] CPU: 0 UID: 0 PID: 8206 Comm: syz.2.634 Not tainted syzkaller #0 PREEMPT(full) [ 266.177805][ T8206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 266.177822][ T8206] Call Trace: [ 266.177831][ T8206] [ 266.177843][ T8206] dump_stack_lvl+0x100/0x190 [ 266.177888][ T8206] should_fail_ex.cold+0x5/0xa [ 266.177919][ T8206] get_futex_key+0x1d2/0x1620 [ 266.177970][ T8206] ? __pfx_get_futex_key+0x10/0x10 [ 266.178009][ T8206] ? futex_hash+0x2c5/0x380 [ 266.178062][ T8206] futex_wake+0xea/0x530 [ 266.178097][ T8206] ? __pfx_futex_wait+0x10/0x10 [ 266.178132][ T8206] ? __pfx_futex_wake+0x10/0x10 [ 266.178171][ T8206] ? ksys_write+0x190/0x250 [ 266.178203][ T8206] ? ksys_write+0x190/0x250 [ 266.178243][ T8206] do_futex+0x32b/0x350 [ 266.178272][ T8206] ? __pfx_do_futex+0x10/0x10 [ 266.178301][ T8206] ? cap_task_prctl+0x104/0xa50 [ 266.178335][ T8206] ? __pfx_sched_core_share_pid+0x10/0x10 [ 266.178386][ T8206] __x64_sys_futex+0x34f/0x4d0 [ 266.178421][ T8206] ? __pfx___x64_sys_futex+0x10/0x10 [ 266.178451][ T8206] ? __pfx___do_sys_prctl+0x10/0x10 [ 266.178498][ T8206] do_syscall_64+0x106/0xf80 [ 266.178536][ T8206] ? clear_bhb_loop+0x40/0x90 [ 266.178572][ T8206] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 266.178623][ T8206] RIP: 0033:0x7f1910d9bf79 [ 266.178646][ T8206] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 266.178675][ T8206] RSP: 002b:00007f1911cbf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 266.178708][ T8206] RAX: ffffffffffffffda RBX: 00007f1911016098 RCX: 00007f1910d9bf79 [ 266.178736][ T8206] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f191101609c [ 266.178754][ T8206] RBP: 00007f1911016090 R08: 0000000000000000 R09: 0000000000000000 [ 266.178772][ T8206] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 266.178789][ T8206] R13: 00007f1911016128 R14: 00007ffcc377f050 R15: 00007ffcc377f138 [ 266.178826][ T8206] [ 268.343837][ T8240] : Can't lookup blockdev [ 268.943614][ T8244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.643'. [ 268.959200][ T8244] netlink: 25 bytes leftover after parsing attributes in process `syz.2.643'. [ 271.210554][ T8267] netlink: 4 bytes leftover after parsing attributes in process `syz.3.651'. [ 271.299180][ T8267] netlink: 'syz.3.651': attribute type 1 has an invalid length. [ 271.398056][ T8267] netlink: 'syz.3.651': attribute type 6 has an invalid length. [ 271.871875][ T13] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.900284][ T8278] FAULT_INJECTION: forcing a failure. [ 272.900284][ T8278] name failslab, interval 1, probability 0, space 0, times 0 [ 272.957955][ T8278] CPU: 0 UID: 0 PID: 8278 Comm: syz.2.655 Not tainted syzkaller #0 PREEMPT(full) [ 272.957994][ T8278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 272.958013][ T8278] Call Trace: [ 272.958022][ T8278] [ 272.958033][ T8278] dump_stack_lvl+0x100/0x190 [ 272.958098][ T8278] should_fail_ex.cold+0x5/0xa [ 272.958131][ T8278] should_failslab+0xc2/0x120 [ 272.958171][ T8278] __kmalloc_cache_noprof+0x7a/0x6f0 [ 272.958199][ T8278] ? alloc_fdtable+0xbd/0x2d0 [ 272.958230][ T8278] ? find_held_lock+0x2b/0x80 [ 272.958266][ T8278] ? dup_fd+0x924/0xd10 [ 272.958305][ T8278] alloc_fdtable+0xbd/0x2d0 [ 272.958339][ T8278] dup_fd+0x995/0xd10 [ 272.958378][ T8278] ? apparmor_task_alloc+0x2c1/0x3b0 [ 272.958418][ T8278] copy_process+0x2631/0x79b0 [ 272.958447][ T8278] ? preempt_schedule_thunk+0x16/0x30 [ 272.958496][ T8278] ? __pfx_copy_process+0x10/0x10 [ 272.958531][ T8278] ? find_held_lock+0x2b/0x80 [ 272.958576][ T8278] ? futex_private_hash_put+0x107/0x1c0 [ 272.958629][ T8278] kernel_clone+0xfc/0x930 [ 272.958661][ T8278] ? __pfx_kernel_clone+0x10/0x10 [ 272.958708][ T8278] __do_sys_clone+0xd9/0x120 [ 272.958736][ T8278] ? __pfx___do_sys_clone+0x10/0x10 [ 272.958764][ T8278] ? __fget_files+0x21f/0x3d0 [ 272.958809][ T8278] ? xfd_validate_state+0x129/0x190 [ 272.958862][ T8278] do_syscall_64+0x106/0xf80 [ 272.958907][ T8278] ? clear_bhb_loop+0x40/0x90 [ 272.958942][ T8278] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.958971][ T8278] RIP: 0033:0x7f1910d9bf79 [ 272.958997][ T8278] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 272.959029][ T8278] RSP: 002b:00007f1911cdffd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 272.959057][ T8278] RAX: ffffffffffffffda RBX: 00007f1911015fa0 RCX: 00007f1910d9bf79 [ 272.959075][ T8278] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 272.959092][ T8278] RBP: 00007f1910e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 272.959108][ T8278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.959124][ T8278] R13: 00007f1911016038 R14: 00007f1911015fa0 R15: 00007ffcc377f138 [ 272.959161][ T8278] [ 273.634547][ T8284] could not allocate digest TFM handle [ 275.783383][ T8301] syz.2.661 (8301) used greatest stack depth: 19672 bytes left [ 275.848277][ T8318] netlink: 330 bytes leftover after parsing attributes in process `syz.1.664'. [ 276.943343][ T8331] netlink: 504 bytes leftover after parsing attributes in process `syz.0.667'. [ 276.967583][ T8328] ======================================================= [ 276.967583][ T8328] WARNING: The mand mount option has been deprecated and [ 276.967583][ T8328] and is ignored by this kernel. Remove the mand [ 276.967583][ T8328] option from the mount to silence this warning. [ 276.967583][ T8328] ======================================================= [ 277.031807][ T8331] netlink: 350 bytes leftover after parsing attributes in process `syz.0.667'. [ 277.368103][ T8335] FAULT_INJECTION: forcing a failure. [ 277.368103][ T8335] name fail_futex, interval 1, probability 0, space 0, times 0 [ 277.537763][ T8335] CPU: 1 UID: 0 PID: 8335 Comm: syz.3.668 Not tainted syzkaller #0 PREEMPT(full) [ 277.537802][ T8335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 277.537820][ T8335] Call Trace: [ 277.537829][ T8335] [ 277.537840][ T8335] dump_stack_lvl+0x100/0x190 [ 277.537886][ T8335] should_fail_ex.cold+0x5/0xa [ 277.537919][ T8335] get_futex_key+0x1d2/0x1620 [ 277.537968][ T8335] ? __pfx_get_futex_key+0x10/0x10 [ 277.538011][ T8335] ? find_held_lock+0x2b/0x80 [ 277.538049][ T8335] ? futex_wake+0x456/0x530 [ 277.538090][ T8335] futex_wake+0xea/0x530 [ 277.538123][ T8335] ? __pfx_futex_wait+0x10/0x10 [ 277.538167][ T8335] ? __pfx_futex_wake+0x10/0x10 [ 277.538204][ T8335] ? ksys_write+0x190/0x250 [ 277.538236][ T8335] ? ksys_write+0x190/0x250 [ 277.538275][ T8335] do_futex+0x32b/0x350 [ 277.538305][ T8335] ? __pfx_do_futex+0x10/0x10 [ 277.538333][ T8335] ? cap_task_prctl+0x104/0xa50 [ 277.538368][ T8335] ? __pfx_sched_core_share_pid+0x10/0x10 [ 277.538416][ T8335] __x64_sys_futex+0x34f/0x4d0 [ 277.538449][ T8335] ? __pfx___x64_sys_futex+0x10/0x10 [ 277.538480][ T8335] ? __pfx___do_sys_prctl+0x10/0x10 [ 277.538526][ T8335] do_syscall_64+0x106/0xf80 [ 277.538565][ T8335] ? clear_bhb_loop+0x40/0x90 [ 277.538601][ T8335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.538629][ T8335] RIP: 0033:0x7efea599bf79 [ 277.538651][ T8335] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.538678][ T8335] RSP: 002b:00007efea67cf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 277.538704][ T8335] RAX: ffffffffffffffda RBX: 00007efea5c16098 RCX: 00007efea599bf79 [ 277.538722][ T8335] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007efea5c1609c [ 277.538740][ T8335] RBP: 00007efea5c16090 R08: 0000000000000000 R09: 0000000000000000 [ 277.538756][ T8335] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 277.538773][ T8335] R13: 00007efea5c16128 R14: 00007ffc57208540 R15: 00007ffc57208628 [ 277.538811][ T8335] [ 278.304399][ T8342] could not allocate digest TFM handle [ 280.787869][ T8367] netlink: 25 bytes leftover after parsing attributes in process `syz.0.675'. [ 282.616050][ T8383] netlink: 330 bytes leftover after parsing attributes in process `syz.0.681'. [ 283.689303][ T8390] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 283.695490][ T8390] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 283.882311][ T8390] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 283.920883][ T8390] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 284.112406][ T8390] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 284.139619][ T8390] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 284.288177][ T8390] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 284.306112][ T8406] FAULT_INJECTION: forcing a failure. [ 284.306112][ T8406] name fail_futex, interval 1, probability 0, space 0, times 0 [ 284.338431][ T8390] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 284.399327][ T8406] CPU: 1 UID: 0 PID: 8406 Comm: syz.1.685 Not tainted syzkaller #0 PREEMPT(full) [ 284.399366][ T8406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 284.399383][ T8406] Call Trace: [ 284.399392][ T8406] [ 284.399403][ T8406] dump_stack_lvl+0x100/0x190 [ 284.399449][ T8406] should_fail_ex.cold+0x5/0xa [ 284.399482][ T8406] get_futex_key+0x1d2/0x1620 [ 284.399532][ T8406] ? __pfx_get_futex_key+0x10/0x10 [ 284.399571][ T8406] ? futex_hash+0x2c5/0x380 [ 284.399624][ T8406] futex_wake+0xea/0x530 [ 284.399659][ T8406] ? __pfx_futex_wait+0x10/0x10 [ 284.399704][ T8406] ? __pfx_futex_wake+0x10/0x10 [ 284.399743][ T8406] ? ksys_write+0x190/0x250 [ 284.399777][ T8406] ? ksys_write+0x190/0x250 [ 284.399815][ T8406] do_futex+0x32b/0x350 [ 284.399845][ T8406] ? __pfx_do_futex+0x10/0x10 [ 284.399874][ T8406] ? cap_task_prctl+0x104/0xa50 [ 284.399908][ T8406] ? __pfx_sched_core_share_pid+0x10/0x10 [ 284.399955][ T8406] __x64_sys_futex+0x34f/0x4d0 [ 284.399988][ T8406] ? __pfx___x64_sys_futex+0x10/0x10 [ 284.400019][ T8406] ? __pfx___do_sys_prctl+0x10/0x10 [ 284.400065][ T8406] do_syscall_64+0x106/0xf80 [ 284.400104][ T8406] ? clear_bhb_loop+0x40/0x90 [ 284.400141][ T8406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.400168][ T8406] RIP: 0033:0x7efc1979bf79 [ 284.400192][ T8406] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 284.400220][ T8406] RSP: 002b:00007efc1a5aa0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 284.400247][ T8406] RAX: ffffffffffffffda RBX: 00007efc19a15fa8 RCX: 00007efc1979bf79 [ 284.400266][ T8406] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007efc19a15fac [ 284.400283][ T8406] RBP: 00007efc19a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 284.400300][ T8406] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 284.400316][ T8406] R13: 00007efc19a16038 R14: 00007fff70231b00 R15: 00007fff70231be8 [ 284.400354][ T8406] [ 285.753687][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 285.907783][ T5833] Bluetooth: hci3: command 0x0406 tx timeout [ 286.161895][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 286.307753][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 287.837913][ T5833] Bluetooth: hci0: command 0x0406 tx timeout [ 287.987810][ T5833] Bluetooth: hci3: command 0x0406 tx timeout [ 288.227909][ T5833] Bluetooth: hci2: command 0x0406 tx timeout [ 288.387754][ T5833] Bluetooth: hci1: command 0x0406 tx timeout [ 290.749830][ C1] sd 0:0:1:0: [sda] tag#297 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 290.760244][ C1] sd 0:0:1:0: [sda] tag#297 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 292.578710][ T8473] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 292.638874][ T8473] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 292.644883][ T8473] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 292.777862][ T8473] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 294.637997][ T5834] Bluetooth: hci0: command 0x0406 tx timeout [ 294.707754][ T5834] Bluetooth: hci2: command 0x0406 tx timeout [ 294.715061][ T5834] Bluetooth: hci3: command 0x0406 tx timeout [ 294.787812][ T5834] Bluetooth: hci1: command 0x0406 tx timeout [ 300.345987][ T8537] netlink: 28 bytes leftover after parsing attributes in process `syz.0.712'. [ 300.600514][ T8537] veth1_macvtap: entered allmulticast mode [ 300.828717][ T8544] futex_wake_op: syz.0.716 tries to shift op by -2048; fix this program [ 300.867962][ T8544] futex_wake_op: syz.0.716 tries to shift op by -2048; fix this program [ 302.942370][ T8555] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 303.454170][ T8566] vivid-009: ================= START STATUS ================= [ 303.483250][ T8566] vivid-009: Radio HW Seek Mode: Bounded [ 303.494096][ T8566] vivid-009: Radio Programmable HW Seek: false [ 303.570544][ T8566] vivid-009: RDS Rx I/O Mode: Block I/O [ 303.650732][ T8566] vivid-009: Generate RBDS Instead of RDS: false [ 303.657132][ T8566] vivid-009: RDS Reception: true [ 303.680217][ T8566] vivid-009: RDS Program Type: 0 inactive [ 303.685965][ T8566] vivid-009: RDS PS Name: inactive [ 303.738651][ T8566] vivid-009: RDS Radio Text: inactive [ 303.744198][ T8566] vivid-009: RDS Traffic Announcement: false inactive [ 303.885185][ T8566] vivid-009: RDS Traffic Program: false inactive [ 303.949264][ T8566] vivid-009: RDS Music: false inactive [ 303.954863][ T8566] vivid-009: ================== END STATUS ================== [ 306.862409][ T8604] : Can't lookup blockdev [ 309.592363][ T8618] FAULT_INJECTION: forcing a failure. [ 309.592363][ T8618] name failslab, interval 1, probability 0, space 0, times 0 [ 309.761380][ T8618] CPU: 1 UID: 0 PID: 8618 Comm: syz.0.734 Not tainted syzkaller #0 PREEMPT(full) [ 309.761420][ T8618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 309.761437][ T8618] Call Trace: [ 309.761447][ T8618] [ 309.761458][ T8618] dump_stack_lvl+0x100/0x190 [ 309.761504][ T8618] should_fail_ex.cold+0x5/0xa [ 309.761535][ T8618] should_failslab+0xc2/0x120 [ 309.761572][ T8618] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 309.761604][ T8618] ? alloc_empty_file+0x55/0x1c0 [ 309.761654][ T8618] alloc_empty_file+0x55/0x1c0 [ 309.761699][ T8618] alloc_file_pseudo+0x13a/0x230 [ 309.761744][ T8618] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 309.761796][ T8618] ? alloc_fd+0x476/0x790 [ 309.761840][ T8618] sock_alloc_file+0x50/0x210 [ 309.761883][ T8618] __sys_socket+0x1c0/0x260 [ 309.761912][ T8618] ? fput+0x79/0x100 [ 309.761949][ T8618] ? __pfx___sys_socket+0x10/0x10 [ 309.761978][ T8618] ? xfd_validate_state+0x129/0x190 [ 309.762023][ T8618] __x64_sys_socket+0x72/0xb0 [ 309.762053][ T8618] ? lockdep_hardirqs_on+0x78/0x100 [ 309.762093][ T8618] do_syscall_64+0x106/0xf80 [ 309.762131][ T8618] ? clear_bhb_loop+0x40/0x90 [ 309.762165][ T8618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.762194][ T8618] RIP: 0033:0x7f3b7bf9bf79 [ 309.762218][ T8618] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 309.762245][ T8618] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 309.762272][ T8618] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 309.762291][ T8618] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 309.762307][ T8618] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 309.762324][ T8618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.762341][ T8618] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 309.762378][ T8618] [ 316.205281][ T8676] netlink: 12 bytes leftover after parsing attributes in process `syz.3.750'. [ 316.339328][ T8676] i: entered promiscuous mode [ 316.450309][ T8679] openvswitch: HfR: Dropping previously announced user features [ 320.993643][ T8733] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0 [ 322.392237][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.408271][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.652363][ T8756] netlink: 12 bytes leftover after parsing attributes in process `syz.0.771'. [ 322.722619][ T8756] i: entered promiscuous mode [ 322.755289][ T8762] openvswitch: HfR: Dropping previously announced user features [ 328.963344][ T8850] capability: warning: `syz.0.797' uses 32-bit capabilities (legacy support in use) [ 330.663828][ T8873] netlink: 186 bytes leftover after parsing attributes in process `syz.3.805'. [ 330.832447][ T8875] netlink: 'syz.2.806': attribute type 12 has an invalid length. [ 332.891140][ T8901] futex_wake_op: syz.1.812 tries to shift op by -2048; fix this program [ 333.337342][ T8905] netlink: 330 bytes leftover after parsing attributes in process `syz.3.814'. [ 334.734302][ T8918] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0 [ 334.873650][ T8924] netlink: 'syz.2.818': attribute type 3 has an invalid length. [ 334.891771][ T8924] netlink: 306 bytes leftover after parsing attributes in process `syz.2.818'. [ 338.306886][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 338.313725][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 354.174677][ T9115] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 356.853296][ T29] audit: type=1326 audit(2147483838.100:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9126 comm="syz.0.870" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3b7bf9bf79 code=0x0 [ 358.457782][ T9143] netlink: 62 bytes leftover after parsing attributes in process `syz.0.872'. [ 360.911437][ T9165] FAULT_INJECTION: forcing a failure. [ 360.911437][ T9165] name failslab, interval 1, probability 0, space 0, times 0 [ 360.924470][ T9165] CPU: 1 UID: 0 PID: 9165 Comm: syz.3.880 Tainted: G L syzkaller #0 PREEMPT(full) [ 360.924508][ T9165] Tainted: [L]=SOFTLOCKUP [ 360.924517][ T9165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 360.924532][ T9165] Call Trace: [ 360.924541][ T9165] [ 360.924551][ T9165] dump_stack_lvl+0x100/0x190 [ 360.924593][ T9165] should_fail_ex.cold+0x5/0xa [ 360.924622][ T9165] should_failslab+0xc2/0x120 [ 360.924655][ T9165] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 360.924684][ T9165] ? __send_signal_locked+0x155/0x12d0 [ 360.924726][ T9165] __send_signal_locked+0x155/0x12d0 [ 360.924766][ T9165] do_notify_parent+0xd73/0xf90 [ 360.924809][ T9165] ? __pfx_do_notify_parent+0x10/0x10 [ 360.924843][ T9165] ? do_raw_spin_lock+0x128/0x260 [ 360.924880][ T9165] ? __wake_up+0x3f/0x60 [ 360.924922][ T9165] ? release_task+0xc29/0x1ab0 [ 360.924958][ T9165] release_task+0x1560/0x1ab0 [ 360.924998][ T9165] ? __pfx_release_task+0x10/0x10 [ 360.925026][ T9165] ? do_raw_spin_lock+0x128/0x260 [ 360.925058][ T9165] ? find_held_lock+0x2b/0x80 [ 360.925092][ T9165] ? __wake_up+0x3f/0x60 [ 360.925126][ T9165] ? __wake_up+0x3f/0x60 [ 360.925165][ T9165] ? do_exit+0x113f/0x2a30 [ 360.925192][ T9165] ? rcu_is_watching+0x12/0xc0 [ 360.925231][ T9165] do_exit+0x1251/0x2a30 [ 360.925264][ T9165] ? __pfx_do_exit+0x10/0x10 [ 360.925291][ T9165] ? do_raw_spin_lock+0x128/0x260 [ 360.925320][ T9165] ? find_held_lock+0x2b/0x80 [ 360.925352][ T9165] ? get_signal+0x7e0/0x21e0 [ 360.925392][ T9165] do_group_exit+0xd5/0x2a0 [ 360.925424][ T9165] get_signal+0x1ec7/0x21e0 [ 360.925467][ T9165] ? rcu_is_watching+0x12/0xc0 [ 360.925503][ T9165] ? __pfx_get_signal+0x10/0x10 [ 360.925542][ T9165] ? do_futex+0x192/0x350 [ 360.925574][ T9165] arch_do_signal_or_restart+0x91/0x770 [ 360.925604][ T9165] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 360.925640][ T9165] ? __pfx___x64_sys_futex+0x10/0x10 [ 360.925665][ T9165] ? xfd_validate_state+0x129/0x190 [ 360.925704][ T9165] exit_to_user_mode_loop+0x86/0x4a0 [ 360.925732][ T9165] ? rcu_is_watching+0x12/0xc0 [ 360.925767][ T9165] do_syscall_64+0x668/0xf80 [ 360.925808][ T9165] ? clear_bhb_loop+0x40/0x90 [ 360.925840][ T9165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.925866][ T9165] RIP: 0033:0x7efea599bf79 [ 360.925887][ T9165] Code: Unable to access opcode bytes at 0x7efea599bf4f. [ 360.925898][ T9165] RSP: 002b:00007efea67f00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 360.925923][ T9165] RAX: fffffffffffffe00 RBX: 00007efea5c15fa8 RCX: 00007efea599bf79 [ 360.925939][ T9165] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efea5c15fa8 [ 360.925955][ T9165] RBP: 00007efea5c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 360.925970][ T9165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 360.925984][ T9165] R13: 00007efea5c16038 R14: 00007ffc57208540 R15: 00007ffc57208628 [ 360.926021][ T9165] [ 362.215355][ T5834] Bluetooth: hci0: Malformed Event: 0x13 [ 362.944045][ T9183] HSR: entered promiscuous mode [ 363.059843][ T9193] Invalid ELF header magic: != ELF [ 364.278932][ T9205] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 364.323671][ T9206] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 367.069904][ T9241] netlink: 13 bytes leftover after parsing attributes in process `syz.2.899'. [ 368.313234][ T9252] HSR: entered promiscuous mode [ 370.983400][ T9289] netlink: 'syz.0.913': attribute type 4 has an invalid length. [ 370.991225][ T9289] netlink: 314 bytes leftover after parsing attributes in process `syz.0.913'. [ 371.143601][ T9293] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 371.345956][ T9296] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 373.558509][ T9315] netlink: 25 bytes leftover after parsing attributes in process `syz.3.918'. [ 374.372996][ T9331] netlink: 16 bytes leftover after parsing attributes in process `syz.3.924'. [ 374.573020][ T9331] bond0: entered promiscuous mode [ 374.604041][ T9331] bond_slave_0: entered promiscuous mode [ 374.634878][ T9331] bond_slave_1: entered promiscuous mode [ 374.649889][ T9339] netlink: 8 bytes leftover after parsing attributes in process `syz.2.926'. [ 374.662478][ T9331] bond0: entered allmulticast mode [ 374.675988][ T9331] bond_slave_0: entered allmulticast mode [ 374.692229][ T9331] bond_slave_1: entered allmulticast mode [ 375.969548][ T9348] netlink: 186 bytes leftover after parsing attributes in process `syz.2.928'. [ 379.729028][ T9395] netlink: 4 bytes leftover after parsing attributes in process `syz.1.936'. [ 379.827989][ T9395] netlink: 354 bytes leftover after parsing attributes in process `syz.1.936'. [ 380.696728][ T9406] netlink: 50 bytes leftover after parsing attributes in process `syz.2.940'. [ 380.699207][ T9402] FAULT_INJECTION: forcing a failure. [ 380.699207][ T9402] name failslab, interval 1, probability 0, space 0, times 0 [ 380.805594][ T9402] CPU: 0 UID: 0 PID: 9402 Comm: syz.0.939 Tainted: G L syzkaller #0 PREEMPT(full) [ 380.805639][ T9402] Tainted: [L]=SOFTLOCKUP [ 380.805648][ T9402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 380.805678][ T9402] Call Trace: [ 380.805688][ T9402] [ 380.805699][ T9402] dump_stack_lvl+0x100/0x190 [ 380.805747][ T9402] should_fail_ex.cold+0x5/0xa [ 380.805780][ T9402] ? process_preds+0x49c/0x1e10 [ 380.805811][ T9402] should_failslab+0xc2/0x120 [ 380.805851][ T9402] __kmalloc_noprof+0xe0/0x850 [ 380.805889][ T9402] process_preds+0x49c/0x1e10 [ 380.805931][ T9402] ? create_filter_start.constprop.0+0x134/0x310 [ 380.805971][ T9402] create_filter+0x140/0x210 [ 380.806008][ T9402] ? __pfx_create_filter+0x10/0x10 [ 380.806045][ T9402] ? find_held_lock+0x2b/0x80 [ 380.806088][ T9402] apply_event_filter+0x220/0x500 [ 380.806125][ T9402] ? __pfx_apply_event_filter+0x10/0x10 [ 380.806170][ T9402] event_filter_write+0x16d/0x290 [ 380.806216][ T9402] vfs_write+0x2aa/0x1070 [ 380.806252][ T9402] ? __pfx_event_filter_write+0x10/0x10 [ 380.806298][ T9402] ? __pfx_vfs_write+0x10/0x10 [ 380.806332][ T9402] ? __fget_files+0x215/0x3d0 [ 380.806374][ T9402] ? __fget_files+0x21f/0x3d0 [ 380.806417][ T9402] ksys_write+0x12a/0x250 [ 380.806451][ T9402] ? __pfx_ksys_write+0x10/0x10 [ 380.806495][ T9402] do_syscall_64+0x106/0xf80 [ 380.806532][ T9402] ? clear_bhb_loop+0x40/0x90 [ 380.806567][ T9402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.806596][ T9402] RIP: 0033:0x7f3b7bf9bf79 [ 380.806620][ T9402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 380.806649][ T9402] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 380.806686][ T9402] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 380.806706][ T9402] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 380.806722][ T9402] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 380.806739][ T9402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 380.806755][ T9402] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 380.806791][ T9402] [ 381.829998][ T9417] ecryptfs_miscdev_write: Invalid packet size [192] [ 383.041728][ T9419] netlink: 28 bytes leftover after parsing attributes in process `syz.0.943'. [ 383.137755][ T9419] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 383.307369][ T9419] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 383.832665][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.840118][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.143676][ T9431] FAULT_INJECTION: forcing a failure. [ 384.143676][ T9431] name failslab, interval 1, probability 0, space 0, times 0 [ 384.235109][ T9431] CPU: 0 UID: 0 PID: 9431 Comm: syz.3.945 Tainted: G L syzkaller #0 PREEMPT(full) [ 384.235155][ T9431] Tainted: [L]=SOFTLOCKUP [ 384.235166][ T9431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 384.235182][ T9431] Call Trace: [ 384.235191][ T9431] [ 384.235201][ T9431] dump_stack_lvl+0x100/0x190 [ 384.235249][ T9431] should_fail_ex.cold+0x5/0xa [ 384.235283][ T9431] should_failslab+0xc2/0x120 [ 384.235322][ T9431] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 384.235354][ T9431] ? acpi_ut_create_generic_state+0x61/0xc0 [ 384.235404][ T9431] ? __pfx_acpi_ut_trace+0x10/0x10 [ 384.235453][ T9431] acpi_ut_create_generic_state+0x61/0xc0 [ 384.235495][ T9431] acpi_ps_init_scope+0x3a/0x240 [ 384.235539][ T9431] acpi_ds_init_aml_walk+0x1f6/0x680 [ 384.235587][ T9431] acpi_ds_call_control_method+0x3a2/0xab0 [ 384.235631][ T9431] acpi_ps_parse_aml+0xacd/0x1120 [ 384.235680][ T9431] acpi_ps_execute_method+0x5c4/0xe90 [ 384.235733][ T9431] acpi_ns_evaluate+0x640/0x1670 [ 384.235771][ T9431] acpi_evaluate_object+0x420/0xe00 [ 384.235807][ T9431] ? kasan_save_stack+0x30/0x50 [ 384.235839][ T9431] ? kasan_save_track+0x14/0x30 [ 384.235878][ T9431] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 384.235919][ T9431] ? __pfx___might_resched+0x10/0x10 [ 384.235961][ T9431] acpi_evaluate_integer+0xdf/0x220 [ 384.235994][ T9431] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 384.236043][ T9431] ? __pfx_status_show+0x10/0x10 [ 384.236079][ T9431] status_show+0xa0/0x120 [ 384.236115][ T9431] ? __pfx_status_show+0x10/0x10 [ 384.236159][ T9431] dev_attr_show+0x52/0xa0 [ 384.236198][ T9431] ? __pfx_dev_attr_show+0x10/0x10 [ 384.236235][ T9431] sysfs_kf_seq_show+0x217/0x3a0 [ 384.236281][ T9431] seq_read_iter+0x32f/0x1270 [ 384.236329][ T9431] kernfs_fop_read_iter+0x46c/0x610 [ 384.236363][ T9431] ? rw_verify_area+0xce/0x6d0 [ 384.236401][ T9431] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 384.236439][ T9431] vfs_read+0x825/0xb30 [ 384.236478][ T9431] ? __pfx_vfs_read+0x10/0x10 [ 384.236536][ T9431] ksys_read+0x12a/0x250 [ 384.236569][ T9431] ? __pfx_ksys_read+0x10/0x10 [ 384.236614][ T9431] do_syscall_64+0x106/0xf80 [ 384.236653][ T9431] ? clear_bhb_loop+0x40/0x90 [ 384.236689][ T9431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.236717][ T9431] RIP: 0033:0x7efea599bf79 [ 384.236740][ T9431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 384.236768][ T9431] RSP: 002b:00007efea67f0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 384.236794][ T9431] RAX: ffffffffffffffda RBX: 00007efea5c15fa0 RCX: 00007efea599bf79 [ 384.236813][ T9431] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000006 [ 384.236831][ T9431] RBP: 00007efea5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 384.236849][ T9431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 384.236866][ T9431] R13: 00007efea5c16038 R14: 00007efea5c15fa0 R15: 00007ffc57208628 [ 384.236906][ T9431] [ 384.237229][ T9431] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 385.308168][ T9438] delete_channel: no stack [ 390.742939][ T9524] bond0: option slaves: interface - does not exist! [ 396.669365][ T9581] netlink: 186 bytes leftover after parsing attributes in process `syz.3.982'. [ 397.597694][ T9609] netlink: 17 bytes leftover after parsing attributes in process `syz.2.990'. [ 401.818456][ T9648] netlink: 186 bytes leftover after parsing attributes in process `syz.1.998'. [ 402.394682][ T9658] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1001'. [ 402.413908][ T9661] kAFS: Invalid Command on /proc/fs/afs/cells file [ 404.448025][ T9689] netlink: 306 bytes leftover after parsing attributes in process `syz.1.1008'. [ 404.879951][ T9703] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1012'. [ 408.411668][ T9734] Invalid ELF header magic: != ELF [ 408.447078][ T9733] delete_channel: no stack [ 412.794023][ T29] audit: type=1800 audit(2147483894.170:5): pid=9768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1028" name="features" dev="configfs" ino=255734 res=0 errno=0 [ 414.650840][ T9799] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1033'. [ 415.806406][ T9819] random: crng reseeded on system resumption [ 416.216919][ T9822] hub 1-0:1.0: USB hub found [ 416.254895][ T9822] hub 1-0:1.0: 1 port detected [ 419.545782][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805b04a800: rx timeout, send abort [ 419.557804][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805b04a800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 421.283698][ C1] vcan0: j1939_xtp_rx_dat: no tx connection found [ 421.859366][ T9864] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1050'. [ 421.957729][ T9867] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1050'. [ 422.040309][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805a9fe000: rx timeout, send abort [ 422.207792][ T9852] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1046'. [ 422.491361][ T9852] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1046'. [ 422.548563][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805a9fe000: abort rx timeout. Force session deactivation [ 424.224187][ T9892] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1056'. [ 424.986485][ T9899] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1060'. [ 425.530032][ T9904] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1061'. [ 426.260463][ T9912] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1063'. [ 427.270568][ T9928] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1067'. [ 429.228087][ T9949] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 430.051613][ T9957] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 430.279342][ T9959] netlink: 334 bytes leftover after parsing attributes in process `syz.2.1076'. [ 430.386081][ T9960] FAULT_INJECTION: forcing a failure. [ 430.386081][ T9960] name fail_futex, interval 1, probability 0, space 0, times 0 [ 430.699731][ T9960] CPU: 0 UID: 0 PID: 9960 Comm: syz.0.1064 Tainted: G L syzkaller #0 PREEMPT(full) [ 430.699780][ T9960] Tainted: [L]=SOFTLOCKUP [ 430.699800][ T9960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 430.699817][ T9960] Call Trace: [ 430.699826][ T9960] [ 430.699836][ T9960] dump_stack_lvl+0x100/0x190 [ 430.699883][ T9960] should_fail_ex.cold+0x5/0xa [ 430.699916][ T9960] get_futex_key+0x1d2/0x1620 [ 430.699965][ T9960] ? __pfx_get_futex_key+0x10/0x10 [ 430.700010][ T9960] ? do_mremap+0xa96/0x2130 [ 430.700049][ T9960] futex_wake+0xea/0x530 [ 430.700087][ T9960] ? __pfx_futex_wake+0x10/0x10 [ 430.700127][ T9960] ? ksys_write+0x190/0x250 [ 430.700168][ T9960] do_futex+0x32b/0x350 [ 430.700197][ T9960] ? __pfx_do_futex+0x10/0x10 [ 430.700223][ T9960] ? __pfx___do_sys_mremap+0x10/0x10 [ 430.700263][ T9960] __x64_sys_futex+0x34f/0x4d0 [ 430.700297][ T9960] ? __pfx___x64_sys_futex+0x10/0x10 [ 430.700341][ T9960] do_syscall_64+0x106/0xf80 [ 430.700379][ T9960] ? clear_bhb_loop+0x40/0x90 [ 430.700413][ T9960] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.700441][ T9960] RIP: 0033:0x7f3b7bf9bf79 [ 430.700464][ T9960] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 430.700491][ T9960] RSP: 002b:00007f3b7cd7e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 430.700518][ T9960] RAX: ffffffffffffffda RBX: 00007f3b7c216368 RCX: 00007f3b7bf9bf79 [ 430.700536][ T9960] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3b7c21636c [ 430.700554][ T9960] RBP: 00007f3b7c216360 R08: 0000000000000000 R09: 0000000000000000 [ 430.700571][ T9960] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000000 [ 430.700588][ T9960] R13: 00007f3b7c2163f8 R14: 00007ffdab833fe0 R15: 00007ffdab8340c8 [ 430.700625][ T9960] [ 440.251403][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805abf1c00: rx timeout, send abort [ 440.281500][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805abf1c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 441.915225][ C1] vcan0: j1939_xtp_rx_dpo: no connection found [ 442.030709][T10041] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1096'. [ 442.671524][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807b9e3c00: rx timeout, send abort [ 443.033054][T10053] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1098'. [ 443.179790][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807b9e3c00: abort rx timeout. Force session deactivation [ 445.290297][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.296607][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.743249][T10084] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1107'. [ 445.830888][T10084] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1107'. [ 447.829431][ T29] audit: type=1800 audit(4294967309.920:6): pid=10106 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1109" name="features" dev="configfs" ino=285276 res=0 errno=0 [ 450.773869][T10129] input: jJǸ-9%vJ86 as /devices/virtual/input/input10 [ 451.400585][T10135] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1118'. [ 451.618775][T10134] netlink: 30 bytes leftover after parsing attributes in process `syz.2.1119'. [ 451.934197][T10135] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 452.098255][T10135] bond_slave_0: left promiscuous mode [ 452.140884][T10135] bond_slave_0: left allmulticast mode [ 452.229047][T10135] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 452.382210][T10135] bond_slave_1: left promiscuous mode [ 452.442948][T10135] bond_slave_1: left allmulticast mode [ 452.463664][T10135] bond0 (unregistering): Released all slaves [ 454.830230][T10138] kexec: Could not allocate control_code_buffer [ 456.198821][T10170] netlink: 'syz.2.1129': attribute type 64 has an invalid length. [ 456.206824][T10170] netlink: 74 bytes leftover after parsing attributes in process `syz.2.1129'. [ 456.730977][T10174] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1130'. [ 457.007830][T10174] bridge0: port 2(bridge_slave_1) entered disabled state [ 457.141188][T10174] bridge_slave_1 (unregistering): left allmulticast mode [ 457.174841][T10174] bridge_slave_1 (unregistering): left promiscuous mode [ 457.258195][T10174] bridge0: port 2(bridge_slave_1) entered disabled state [ 457.494157][T10183] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1131'. [ 457.932775][T10183] macvlan1: entered promiscuous mode [ 457.998229][T10183] macvlan1: entered allmulticast mode [ 458.003728][T10183] veth1_vlan: entered allmulticast mode [ 462.536299][T10226] Invalid ELF header magic: != ELF [ 464.183964][T10246] Invalid ELF header magic: != ELF [ 465.579838][T10262] hub 1-0:1.0: USB hub found [ 465.590158][T10262] hub 1-0:1.0: 1 port detected [ 469.625344][T10319] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1165'. [ 470.576712][T10327] netlink: 206 bytes leftover after parsing attributes in process `syz.1.1166'. [ 471.856269][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805ad46400: rx timeout, send abort [ 471.969582][T10348] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1171'. [ 472.064121][T10348] vlan1: entered promiscuous mode [ 472.087911][T10348] vlan1: entered allmulticast mode [ 472.109277][T10348] veth0_vlan: entered allmulticast mode [ 472.279855][T10351] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1173'. [ 472.303181][T10351] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1173'. [ 472.364571][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805ad46400: abort rx timeout. Force session deactivation [ 472.599400][T10358] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 473.222341][T10366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1178'. [ 473.326492][T10366] netlink: 'syz.2.1178': attribute type 3 has an invalid length. [ 477.043962][T10412] hub 1-0:1.0: USB hub found [ 477.113175][T10412] hub 1-0:1.0: 1 port detected [ 477.812869][T10427] input: jJǸ-9%vJ86 as /devices/virtual/input/input11 [ 478.231318][T10433] FAULT_INJECTION: forcing a failure. [ 478.231318][T10433] name failslab, interval 1, probability 0, space 0, times 0 [ 478.252657][T10433] CPU: 1 UID: 0 PID: 10433 Comm: syz.0.1191 Tainted: G L syzkaller #0 PREEMPT(full) [ 478.252702][T10433] Tainted: [L]=SOFTLOCKUP [ 478.252711][T10433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 478.252727][T10433] Call Trace: [ 478.252736][T10433] [ 478.252746][T10433] dump_stack_lvl+0x100/0x190 [ 478.252792][T10433] should_fail_ex.cold+0x5/0xa [ 478.252824][T10433] should_failslab+0xc2/0x120 [ 478.252862][T10433] __kmalloc_cache_noprof+0x7a/0x6f0 [ 478.252888][T10433] ? ip6addrlbl_add+0xe0/0xdb0 [ 478.252925][T10433] ip6addrlbl_add+0xe0/0xdb0 [ 478.252965][T10433] ip6addrlbl_net_init+0x10a/0x330 [ 478.252998][T10433] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 478.253031][T10433] ops_init+0x1e2/0x5f0 [ 478.253074][T10433] setup_net+0x118/0x3a0 [ 478.253117][T10433] ? __pfx_setup_net+0x10/0x10 [ 478.253154][T10433] ? lockdep_init_map_type+0x5c/0x250 [ 478.253186][T10433] ? mutex_init_lockep+0x110/0x150 [ 478.253224][T10433] copy_net_ns+0x46f/0x7c0 [ 478.253270][T10433] create_new_namespaces+0x3ea/0xac0 [ 478.253319][T10433] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 478.253376][T10433] ksys_unshare+0x455/0xab0 [ 478.253409][T10433] ? __pfx_ksys_unshare+0x10/0x10 [ 478.253440][T10433] ? xfd_validate_state+0x129/0x190 [ 478.253487][T10433] __x64_sys_unshare+0x31/0x40 [ 478.253517][T10433] do_syscall_64+0x106/0xf80 [ 478.253555][T10433] ? clear_bhb_loop+0x40/0x90 [ 478.253589][T10433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.253617][T10433] RIP: 0033:0x7f3b7bf9bf79 [ 478.253640][T10433] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 478.253667][T10433] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 478.253698][T10433] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 478.253717][T10433] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 478.253734][T10433] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 478.253752][T10433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 478.253767][T10433] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 478.253804][T10433] [ 481.006151][T10459] can0: slcan on ptm0. [ 481.394698][T10458] kexec: Could not allocate control_code_buffer [ 481.644950][T10456] can0 (unregistered): slcan off ptm0. [ 485.688737][T10543] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1212'. [ 487.872798][ C1] vcan0: j1939_tp_rxtimer: 0xffff888034f16800: rx timeout, send abort [ 487.887010][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888034f16800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 489.586360][ C1] vcan0: j1939_tp_rxtimer: 0xffff888034f16c00: rx timeout, send abort [ 489.594683][ C1] vcan0: j1939_tp_rxtimer: 0xffff888034f15800: rx timeout, send abort [ 489.603709][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888034f16c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 489.618082][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888034f15800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 489.817260][T10571] futex_wake_op: syz.1.1219 tries to shift op by -2048; fix this program [ 489.830608][T10565] input: jJǸ-9%vJ86 as /devices/virtual/input/input12 [ 489.844022][T10571] futex_wake_op: syz.1.1219 tries to shift op by -2048; fix this program [ 489.919367][T10571] 0x000000000001-0x000000020000 : "" [ 490.250513][T10571] ftl_cs: FTL header corrupt! [ 497.289956][T10615] kexec: Could not allocate control_code_buffer [ 498.991648][T10644] netlink: zone id is out of range [ 499.015037][T10637] netlink: set zone limit has 8 unknown bytes [ 499.087646][T10644] netlink: zone id is out of range [ 499.092792][T10644] netlink: zone id is out of range [ 499.192019][T10644] netlink: zone id is out of range [ 499.318828][T10644] netlink: zone id is out of range [ 499.550855][T10644] netlink: zone id is out of range [ 499.592864][T10644] netlink: zone id is out of range [ 499.634744][T10644] netlink: zone id is out of range [ 499.673522][T10644] netlink: zone id is out of range [ 502.271281][T10674] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1240'. [ 502.826087][ T29] audit: type=1800 audit(4294967364.871:7): pid=10678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1241" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 505.769672][T10708] ptrace attach of "./syz-executor exec"[5821] was attempted by "\x0dO](PìV#C@쿂>sGa.Ƽ!Zx<9[y,^}0|!hv&17kbD\x1b{W(CnlSXAR`mBh,\x0dD`8_KΦV@Q?\x0a'<~)[t`B|ʍEwjBɊ_޸-\x0bx=5jSf_]˞c։cV\x0au\x07xjehhD#a}\x0aB2\x22ދ@Wz^`F'\x5cW/o\x0dl\x22D\x079sF]:;\x07S[wrQ~GToxTεl\x0au&d+E$Xg¾X$\x07~,HڢQygk\x07J2\x07@y: y1!/.\x1bSuN1=BDn-]I׵J\x5cs\x0d`Psd]\x1btōsFkA_;'̴^՝h<{'hu_omuIR!yf\x09h\x0cATf x#\x22\x0aȽ¨g>Z4ɲ5٭o:O[\x0c\x0d\x0ciҜ-rm>r-\x0cA3urmdr~U`Vs&'4˔\x22'X<Ef\x0d[ [ 506.714380][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.729201][T10718] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1253'. [ 506.806455][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.128390][T10718] macsec0: entered promiscuous mode [ 507.173878][T10718] macsec0: entered allmulticast mode [ 507.195038][T10718] veth1_macvtap: entered allmulticast mode [ 510.923942][T10774] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1266'. [ 514.710664][T10826] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1282'. [ 517.302792][T10857] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1285'. [ 517.907725][ T5834] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 519.160314][ T29] audit: type=1800 audit(4294967381.251:8): pid=10879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1291" name="dbroot" dev="configfs" ino=350208 res=0 errno=0 [ 519.895656][T10882] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1292'. [ 520.248955][T10885] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1293'. [ 521.896610][T10902] misc userio: Invalid payload size [ 522.982393][T10925] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 525.015464][T10943] input: jJǸ-9%vJ86 as /devices/virtual/input/input14 [ 527.013260][T10969] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1310'. [ 530.258927][T11007] can0: slcan on ttyS2. [ 530.337777][ T29] audit: type=1800 audit(4294967392.441:9): pid=11016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1320" name="lu_gp_id" dev="configfs" ino=360777 res=0 errno=0 [ 530.538461][T11011] can0 (unregistered): slcan off ttyS2. [ 530.804168][T11013] zswap: compressor not available [ 532.894707][T11017] kexec: Could not allocate control_code_buffer [ 534.926698][T11093] futex_wake_op: syz.0.1331 tries to shift op by -2048; fix this program [ 534.977251][T11093] futex_wake_op: syz.0.1331 tries to shift op by -2048; fix this program [ 539.002802][T11146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1343'. [ 539.014144][T11146] netlink: 'syz.1.1343': attribute type 1 has an invalid length. [ 539.022324][T11146] netlink: 'syz.1.1343': attribute type 6 has an invalid length. [ 540.370260][T11167] input: jJǸ-9%vJ86 as /devices/virtual/input/input15 [ 543.846246][T11205] FAULT_INJECTION: forcing a failure. [ 543.846246][T11205] name failslab, interval 1, probability 0, space 0, times 0 [ 543.860573][T11205] CPU: 1 UID: 0 PID: 11205 Comm: syz.0.1355 Tainted: G L syzkaller #0 PREEMPT(full) [ 543.860619][T11205] Tainted: [L]=SOFTLOCKUP [ 543.860630][T11205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 543.860647][T11205] Call Trace: [ 543.860655][T11205] [ 543.860665][T11205] dump_stack_lvl+0x100/0x190 [ 543.860709][T11205] should_fail_ex.cold+0x5/0xa [ 543.860741][T11205] should_failslab+0xc2/0x120 [ 543.860794][T11205] __kmalloc_cache_noprof+0x7a/0x6f0 [ 543.860817][T11205] ? snd_seq_timer_new+0x44/0x1b0 [ 543.860864][T11205] snd_seq_timer_new+0x44/0x1b0 [ 543.860903][T11205] snd_seq_queue_alloc+0x177/0x590 [ 543.860941][T11205] snd_seq_ioctl_create_queue+0xa9/0x370 [ 543.860987][T11205] call_seq_client_ctl+0xa3/0x130 [ 543.861028][T11205] snd_seq_kernel_client_ctl+0x77/0xd0 [ 543.861069][T11205] alloc_seq_queue+0xdb/0x180 [ 543.861096][T11205] ? __pfx_alloc_seq_queue+0x10/0x10 [ 543.861141][T11205] ? mark_held_locks+0x40/0x70 [ 543.861169][T11205] ? _raw_spin_unlock_irq+0x23/0x50 [ 543.861207][T11205] ? lockdep_hardirqs_on+0x78/0x100 [ 543.861251][T11205] snd_seq_oss_open+0x2b2/0xa10 [ 543.861284][T11205] odev_open+0x79/0xc0 [ 543.861336][T11205] ? __pfx_odev_open+0x10/0x10 [ 543.861362][T11205] soundcore_open+0x2e3/0x5a0 [ 543.861394][T11205] ? __pfx_soundcore_open+0x10/0x10 [ 543.861420][T11205] chrdev_open+0x234/0x6a0 [ 543.861454][T11205] ? __pfx_apparmor_file_open+0x10/0x10 [ 543.861491][T11205] ? __pfx_chrdev_open+0x10/0x10 [ 543.861526][T11205] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 543.861567][T11205] do_dentry_open+0x6d8/0x1660 [ 543.861598][T11205] ? __pfx_chrdev_open+0x10/0x10 [ 543.861639][T11205] vfs_open+0x82/0x3f0 [ 543.861682][T11205] path_openat+0x208c/0x31a0 [ 543.861728][T11205] ? __pfx_path_openat+0x10/0x10 [ 543.861785][T11205] do_file_open+0x20e/0x430 [ 543.861824][T11205] ? __pfx_do_file_open+0x10/0x10 [ 543.861889][T11205] ? alloc_fd+0x476/0x790 [ 543.861924][T11205] ? do_getname+0x191/0x390 [ 543.861967][T11205] do_sys_openat2+0x10d/0x1e0 [ 543.861992][T11205] ? __pfx_do_sys_openat2+0x10/0x10 [ 543.862048][T11205] __x64_sys_openat+0x12d/0x210 [ 543.862076][T11205] ? __pfx___x64_sys_openat+0x10/0x10 [ 543.862101][T11205] ? xfd_validate_state+0x129/0x190 [ 543.862149][T11205] do_syscall_64+0x106/0xf80 [ 543.862188][T11205] ? clear_bhb_loop+0x40/0x90 [ 543.862222][T11205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 543.862249][T11205] RIP: 0033:0x7f3b7bf9bf79 [ 543.862273][T11205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 543.862299][T11205] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 543.862325][T11205] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 543.862344][T11205] RDX: 0000000000000801 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 543.862360][T11205] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 543.862376][T11205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 543.862392][T11205] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 543.862428][T11205] [ 544.932768][T11218] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1358'. [ 544.982750][T11218] netlink: 'syz.1.1358': attribute type 1 has an invalid length. [ 545.038558][T11218] netlink: 51505 bytes leftover after parsing attributes in process `syz.1.1358'. [ 548.927670][T11270] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1371'. [ 548.988076][T11270] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1371'. [ 550.236673][ T29] audit: type=1326 audit(4294967412.341:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11280 comm="syz.1.1374" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efc1979bf79 code=0x0 [ 551.810483][ T29] audit: type=1800 audit(4294967413.921:11): pid=11303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1379" name="features" dev="configfs" ino=377787 res=0 errno=0 [ 553.695484][T11327] FAULT_INJECTION: forcing a failure. [ 553.695484][T11327] name failslab, interval 1, probability 0, space 0, times 0 [ 553.735973][T11327] CPU: 1 UID: 0 PID: 11327 Comm: syz.0.1384 Tainted: G L syzkaller #0 PREEMPT(full) [ 553.736019][T11327] Tainted: [L]=SOFTLOCKUP [ 553.736029][T11327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 553.736043][T11327] Call Trace: [ 553.736051][T11327] [ 553.736062][T11327] dump_stack_lvl+0x100/0x190 [ 553.736108][T11327] should_fail_ex.cold+0x5/0xa [ 553.736140][T11327] should_failslab+0xc2/0x120 [ 553.736179][T11327] __kvmalloc_node_noprof+0xfa/0xa00 [ 553.736213][T11327] ? alloc_fdtable+0x17f/0x2d0 [ 553.736255][T11327] alloc_fdtable+0x17f/0x2d0 [ 553.736290][T11327] dup_fd+0x995/0xd10 [ 553.736330][T11327] ? apparmor_task_alloc+0x2c1/0x3b0 [ 553.736369][T11327] copy_process+0x2631/0x79b0 [ 553.736416][T11327] ? __pfx_copy_process+0x10/0x10 [ 553.736461][T11327] kernel_clone+0xfc/0x930 [ 553.736486][T11327] ? __pfx_futex_wait+0x10/0x10 [ 553.736521][T11327] ? madvise_unlock+0x172/0x220 [ 553.736562][T11327] ? __pfx_kernel_clone+0x10/0x10 [ 553.736610][T11327] __do_sys_clone+0xd9/0x120 [ 553.736638][T11327] ? __pfx___do_sys_clone+0x10/0x10 [ 553.736665][T11327] ? find_held_lock+0x2b/0x80 [ 553.736717][T11327] ? xfd_validate_state+0x129/0x190 [ 553.736765][T11327] do_syscall_64+0x106/0xf80 [ 553.736815][T11327] ? clear_bhb_loop+0x40/0x90 [ 553.736851][T11327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 553.736880][T11327] RIP: 0033:0x7f3b7bf9bf79 [ 553.736903][T11327] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 553.736930][T11327] RSP: 002b:00007f3b7ce01fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 553.736956][T11327] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 553.736976][T11327] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000004001000 [ 553.736993][T11327] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 553.737009][T11327] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 553.737026][T11327] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 553.737062][T11327] [ 554.002140][T11330] Console: switching to colour VGA+ 80x25 [ 555.101189][T11343] random: crng reseeded on system resumption [ 557.000436][T11347] kexec: Could not allocate control_code_buffer [ 558.532818][ T5834] Bluetooth: hci0: ACL packet too small [ 558.582458][T11374] zswap: compressor not available [ 568.153343][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.160104][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.448268][T11479] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1417'. [ 568.514028][T11479] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1417'. [ 569.673237][T11508] FAULT_INJECTION: forcing a failure. [ 569.673237][T11508] name failslab, interval 1, probability 0, space 0, times 0 [ 569.687607][T11508] CPU: 0 UID: 0 PID: 11508 Comm: syz.3.1421 Tainted: G L syzkaller #0 PREEMPT(full) [ 569.687655][T11508] Tainted: [L]=SOFTLOCKUP [ 569.687666][T11508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 569.687682][T11508] Call Trace: [ 569.687691][T11508] [ 569.687701][T11508] dump_stack_lvl+0x100/0x190 [ 569.687745][T11508] should_fail_ex.cold+0x5/0xa [ 569.687778][T11508] should_failslab+0xc2/0x120 [ 569.687818][T11508] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 569.687853][T11508] ? snd_timer_instance_new+0x65/0x2e0 [ 569.687890][T11508] kstrdup+0x51/0xe0 [ 569.687925][T11508] snd_timer_instance_new+0x65/0x2e0 [ 569.687957][T11508] snd_seq_timer_open+0x1d4/0x600 [ 569.687998][T11508] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 569.688049][T11508] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 569.688084][T11508] ? lockdep_hardirqs_on+0x78/0x100 [ 569.688123][T11508] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 569.688162][T11508] queue_use+0xdc/0x1f0 [ 569.688193][T11508] snd_seq_queue_alloc+0x2e5/0x590 [ 569.688232][T11508] snd_seq_ioctl_create_queue+0xa9/0x370 [ 569.688276][T11508] call_seq_client_ctl+0xa3/0x130 [ 569.688321][T11508] snd_seq_kernel_client_ctl+0x77/0xd0 [ 569.688367][T11508] alloc_seq_queue+0xdb/0x180 [ 569.688394][T11508] ? __pfx_alloc_seq_queue+0x10/0x10 [ 569.688441][T11508] ? mark_held_locks+0x40/0x70 [ 569.688470][T11508] ? _raw_spin_unlock_irq+0x23/0x50 [ 569.688503][T11508] ? lockdep_hardirqs_on+0x78/0x100 [ 569.688546][T11508] snd_seq_oss_open+0x2b2/0xa10 [ 569.688582][T11508] odev_open+0x79/0xc0 [ 569.688603][T11508] ? __pfx_odev_open+0x10/0x10 [ 569.688626][T11508] soundcore_open+0x2e3/0x5a0 [ 569.688665][T11508] ? __pfx_soundcore_open+0x10/0x10 [ 569.688692][T11508] chrdev_open+0x234/0x6a0 [ 569.688728][T11508] ? __pfx_apparmor_file_open+0x10/0x10 [ 569.688763][T11508] ? __pfx_chrdev_open+0x10/0x10 [ 569.688802][T11508] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 569.688846][T11508] do_dentry_open+0x6d8/0x1660 [ 569.688881][T11508] ? __pfx_chrdev_open+0x10/0x10 [ 569.688926][T11508] vfs_open+0x82/0x3f0 [ 569.688972][T11508] path_openat+0x208c/0x31a0 [ 569.689020][T11508] ? __pfx_path_openat+0x10/0x10 [ 569.689070][T11508] do_file_open+0x20e/0x430 [ 569.689109][T11508] ? __pfx_do_file_open+0x10/0x10 [ 569.689170][T11508] ? alloc_fd+0x476/0x790 [ 569.689209][T11508] ? do_getname+0x191/0x390 [ 569.689255][T11508] do_sys_openat2+0x10d/0x1e0 [ 569.689282][T11508] ? __pfx_do_sys_openat2+0x10/0x10 [ 569.689339][T11508] __x64_sys_openat+0x12d/0x210 [ 569.689366][T11508] ? __pfx___x64_sys_openat+0x10/0x10 [ 569.689391][T11508] ? xfd_validate_state+0x129/0x190 [ 569.689439][T11508] do_syscall_64+0x106/0xf80 [ 569.689477][T11508] ? clear_bhb_loop+0x40/0x90 [ 569.689511][T11508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 569.689539][T11508] RIP: 0033:0x7efea599bf79 [ 569.689562][T11508] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 569.689589][T11508] RSP: 002b:00007efea67f0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 569.689616][T11508] RAX: ffffffffffffffda RBX: 00007efea5c15fa0 RCX: 00007efea599bf79 [ 569.689635][T11508] RDX: 0000000000000801 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 569.689663][T11508] RBP: 00007efea5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 569.689681][T11508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 569.689697][T11508] R13: 00007efea5c16038 R14: 00007efea5c15fa0 R15: 00007ffc57208628 [ 569.689736][T11508] [ 573.062354][T11542] FAULT_INJECTION: forcing a failure. [ 573.062354][T11542] name failslab, interval 1, probability 0, space 0, times 0 [ 573.136289][T11542] CPU: 1 UID: 0 PID: 11542 Comm: syz.3.1430 Tainted: G L syzkaller #0 PREEMPT(full) [ 573.136335][T11542] Tainted: [L]=SOFTLOCKUP [ 573.136345][T11542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 573.136363][T11542] Call Trace: [ 573.136372][T11542] [ 573.136381][T11542] dump_stack_lvl+0x100/0x190 [ 573.136425][T11542] should_fail_ex.cold+0x5/0xa [ 573.136458][T11542] should_failslab+0xc2/0x120 [ 573.136498][T11542] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 573.136535][T11542] ? __kthread_create_on_node+0x186/0x3f0 [ 573.136571][T11542] kvasprintf+0xbc/0x150 [ 573.136614][T11542] ? __pfx_kvasprintf+0x10/0x10 [ 573.136677][T11542] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 573.136705][T11542] __kthread_create_on_node+0x186/0x3f0 [ 573.136736][T11542] ? __pfx___kthread_create_on_node+0x10/0x10 [ 573.136791][T11542] ? dvb_frontend_open+0x5b8/0x16d0 [ 573.136835][T11542] ? __lock_acquire+0x4a5/0x2630 [ 573.136867][T11542] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 573.136895][T11542] kthread_create_on_node+0xc7/0x100 [ 573.136922][T11542] ? __pfx_kthread_create_on_node+0x10/0x10 [ 573.136957][T11542] ? mark_held_locks+0x40/0x70 [ 573.136984][T11542] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 573.137020][T11542] ? lockdep_hardirqs_on+0x78/0x100 [ 573.137067][T11542] dvb_frontend_open+0x10a4/0x16d0 [ 573.137116][T11542] ? kobject_get_unless_zero+0x156/0x200 [ 573.137165][T11542] ? __pfx_dvb_frontend_open+0x10/0x10 [ 573.137213][T11542] dvb_device_open+0x270/0x3b0 [ 573.137243][T11542] ? __pfx_dvb_device_open+0x10/0x10 [ 573.137270][T11542] chrdev_open+0x234/0x6a0 [ 573.137306][T11542] ? __pfx_apparmor_file_open+0x10/0x10 [ 573.137343][T11542] ? __pfx_chrdev_open+0x10/0x10 [ 573.137380][T11542] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 573.137424][T11542] do_dentry_open+0x6d8/0x1660 [ 573.137460][T11542] ? __pfx_chrdev_open+0x10/0x10 [ 573.137507][T11542] vfs_open+0x82/0x3f0 [ 573.137553][T11542] path_openat+0x208c/0x31a0 [ 573.137602][T11542] ? __pfx_path_openat+0x10/0x10 [ 573.137653][T11542] do_file_open+0x20e/0x430 [ 573.137699][T11542] ? __pfx_do_file_open+0x10/0x10 [ 573.137763][T11542] ? alloc_fd+0x476/0x790 [ 573.137802][T11542] ? do_getname+0x191/0x390 [ 573.137848][T11542] do_sys_openat2+0x10d/0x1e0 [ 573.137876][T11542] ? __pfx_do_sys_openat2+0x10/0x10 [ 573.137920][T11542] ? __sys_connect+0xe4/0x170 [ 573.137964][T11542] __x64_sys_openat+0x12d/0x210 [ 573.137992][T11542] ? __pfx___x64_sys_openat+0x10/0x10 [ 573.138018][T11542] ? xfd_validate_state+0x129/0x190 [ 573.138066][T11542] do_syscall_64+0x106/0xf80 [ 573.138106][T11542] ? clear_bhb_loop+0x40/0x90 [ 573.138142][T11542] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.138169][T11542] RIP: 0033:0x7efea599bf79 [ 573.138191][T11542] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 573.138218][T11542] RSP: 002b:00007efea67f0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 573.138246][T11542] RAX: ffffffffffffffda RBX: 00007efea5c15fa0 RCX: 00007efea599bf79 [ 573.138266][T11542] RDX: 0000000000000001 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 573.138285][T11542] RBP: 00007efea5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 573.138302][T11542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.138316][T11542] R13: 00007efea5c16038 R14: 00007efea5c15fa0 R15: 00007ffc57208628 [ 573.138352][T11542] [ 574.180800][T11542] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12) [ 574.422811][ T29] audit: type=1800 audit(4294967436.491:12): pid=11551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1432" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 575.792793][T11565] binder: 11563:11565 ioctl c018620c 0 returned -1 [ 575.899643][T11565] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1444'. [ 577.198916][T11584] netlink: 'syz.1.1438': attribute type 1 has an invalid length. [ 581.262200][ T5834] Bluetooth: hci3: ACL packet too small [ 584.197716][T11644] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1453'. [ 588.811736][T11682] Invalid ELF header magic: != ELF [ 588.979056][T11669] kexec: Could not allocate control_code_buffer [ 590.788299][ T5834] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 593.177123][T11727] FAULT_INJECTION: forcing a failure. [ 593.177123][T11727] name failslab, interval 1, probability 0, space 0, times 0 [ 593.227721][T11727] CPU: 0 UID: 0 PID: 11727 Comm: syz.0.1467 Tainted: G L syzkaller #0 PREEMPT(full) [ 593.227766][T11727] Tainted: [L]=SOFTLOCKUP [ 593.227776][T11727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 593.227792][T11727] Call Trace: [ 593.227801][T11727] [ 593.227811][T11727] dump_stack_lvl+0x100/0x190 [ 593.227858][T11727] should_fail_ex.cold+0x5/0xa [ 593.227898][T11727] should_failslab+0xc2/0x120 [ 593.227939][T11727] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 593.227976][T11727] ? debugfs_create_symlink+0x29/0x220 [ 593.228009][T11727] kstrdup+0x51/0xe0 [ 593.228046][T11727] debugfs_create_symlink+0x29/0x220 [ 593.228075][T11727] ref_tracker_dir_symlink+0x257/0x3b0 [ 593.228122][T11727] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 593.228174][T11727] ? __lock_acquire+0x4a5/0x2630 [ 593.228233][T11727] ? lockdep_hardirqs_on+0x78/0x100 [ 593.228275][T11727] ? crng_make_state+0x2b0/0x6c0 [ 593.228321][T11727] ? __pfx_net_ns_net_init+0x10/0x10 [ 593.228364][T11727] net_ns_net_init+0x7e/0x120 [ 593.228404][T11727] ops_init+0x1e2/0x5f0 [ 593.228447][T11727] setup_net+0x118/0x3a0 [ 593.228486][T11727] ? __pfx_setup_net+0x10/0x10 [ 593.228524][T11727] ? lockdep_init_map_type+0x5c/0x250 [ 593.228555][T11727] ? mutex_init_lockep+0x110/0x150 [ 593.228593][T11727] copy_net_ns+0x46f/0x7c0 [ 593.228639][T11727] create_new_namespaces+0x3ea/0xac0 [ 593.228689][T11727] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 593.228733][T11727] ksys_unshare+0x455/0xab0 [ 593.228766][T11727] ? __pfx_ksys_unshare+0x10/0x10 [ 593.228796][T11727] ? xfd_validate_state+0x129/0x190 [ 593.228839][T11727] __x64_sys_unshare+0x31/0x40 [ 593.228868][T11727] do_syscall_64+0x106/0xf80 [ 593.228915][T11727] ? clear_bhb_loop+0x40/0x90 [ 593.228950][T11727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.228978][T11727] RIP: 0033:0x7f3b7bf9bf79 [ 593.229001][T11727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 593.229028][T11727] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 593.229055][T11727] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 593.229074][T11727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 593.229090][T11727] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 593.229107][T11727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 593.229123][T11727] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 593.229160][T11727] [ 595.121218][T11745] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1471'. [ 599.362844][T11783] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1480'. [ 600.578272][T11785] FAULT_INJECTION: forcing a failure. [ 600.578272][T11785] name failslab, interval 1, probability 0, space 0, times 0 [ 600.716640][T11785] CPU: 0 UID: 0 PID: 11785 Comm: syz.3.1481 Tainted: G L syzkaller #0 PREEMPT(full) [ 600.716670][T11785] Tainted: [L]=SOFTLOCKUP [ 600.716676][T11785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 600.716686][T11785] Call Trace: [ 600.716691][T11785] [ 600.716697][T11785] dump_stack_lvl+0x100/0x190 [ 600.716723][T11785] should_fail_ex.cold+0x5/0xa [ 600.716741][T11785] ? cache_create_net+0x9b/0x220 [ 600.716761][T11785] should_failslab+0xc2/0x120 [ 600.716781][T11785] __kmalloc_noprof+0xe0/0x850 [ 600.716802][T11785] cache_create_net+0x9b/0x220 [ 600.716824][T11785] gss_svc_init_net+0x11f/0x640 [ 600.716842][T11785] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 600.716865][T11785] ? __pfx_rpcsec_gss_init_net+0x10/0x10 [ 600.716886][T11785] ops_init+0x1e2/0x5f0 [ 600.716911][T11785] setup_net+0x118/0x3a0 [ 600.716932][T11785] ? __pfx_setup_net+0x10/0x10 [ 600.716952][T11785] ? lockdep_init_map_type+0x5c/0x250 [ 600.716969][T11785] ? mutex_init_lockep+0x110/0x150 [ 600.716989][T11785] copy_net_ns+0x46f/0x7c0 [ 600.717013][T11785] create_new_namespaces+0x3ea/0xac0 [ 600.717039][T11785] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 600.717063][T11785] ksys_unshare+0x455/0xab0 [ 600.717083][T11785] ? __pfx_ksys_unshare+0x10/0x10 [ 600.717098][T11785] ? xfd_validate_state+0x129/0x190 [ 600.717122][T11785] __x64_sys_unshare+0x31/0x40 [ 600.717138][T11785] do_syscall_64+0x106/0xf80 [ 600.717157][T11785] ? clear_bhb_loop+0x40/0x90 [ 600.717175][T11785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.717190][T11785] RIP: 0033:0x7efea599bf79 [ 600.717204][T11785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 600.717219][T11785] RSP: 002b:00007efea67f0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 600.717233][T11785] RAX: ffffffffffffffda RBX: 00007efea5c15fa0 RCX: 00007efea599bf79 [ 600.717243][T11785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 600.717252][T11785] RBP: 00007efea5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 600.717261][T11785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 600.717270][T11785] R13: 00007efea5c16038 R14: 00007efea5c15fa0 R15: 00007ffc57208628 [ 600.717290][T11785] [ 602.461003][T11806] zram0: detected capacity change from 8 to 0 [ 610.978554][ T29] audit: type=1800 audit(4294967473.091:13): pid=11886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1511" name="dbroot" dev="configfs" ino=434676 res=0 errno=0 [ 619.687942][T11944] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1514'. [ 620.237392][T11958] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1515'. [ 621.863539][T11969] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1518'. [ 622.470723][T11982] misc userio: Invalid payload size [ 627.110103][T12024] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1530'. [ 629.614782][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.627452][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 630.377771][T12069] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1538'. [ 630.869986][T12071] FAULT_INJECTION: forcing a failure. [ 630.869986][T12071] name failslab, interval 1, probability 0, space 0, times 0 [ 630.977723][T12071] CPU: 1 UID: 0 PID: 12071 Comm: syz.0.1539 Tainted: G L syzkaller #0 PREEMPT(full) [ 630.977769][T12071] Tainted: [L]=SOFTLOCKUP [ 630.977779][T12071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 630.977797][T12071] Call Trace: [ 630.977806][T12071] [ 630.977817][T12071] dump_stack_lvl+0x100/0x190 [ 630.977864][T12071] should_fail_ex.cold+0x5/0xa [ 630.977896][T12071] should_failslab+0xc2/0x120 [ 630.977940][T12071] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 630.977971][T12071] ? __proc_create+0x2cb/0x8c0 [ 630.978005][T12071] __proc_create+0x2cb/0x8c0 [ 630.978032][T12071] ? __pfx___proc_create+0x10/0x10 [ 630.978072][T12071] proc_create_reg+0x75/0x170 [ 630.978105][T12071] proc_create_net_data+0x8e/0x1c0 [ 630.978136][T12071] ? __pfx_proc_create_net_data+0x10/0x10 [ 630.978179][T12071] ? net_generic+0xea/0x2a0 [ 630.978231][T12071] ? __pfx_pfkey_net_init+0x10/0x10 [ 630.978267][T12071] pfkey_net_init+0xc4/0x100 [ 630.978304][T12071] ops_init+0x1e2/0x5f0 [ 630.978346][T12071] setup_net+0x118/0x3a0 [ 630.978387][T12071] ? __pfx_setup_net+0x10/0x10 [ 630.978425][T12071] ? lockdep_init_map_type+0x5c/0x250 [ 630.978462][T12071] ? mutex_init_lockep+0x110/0x150 [ 630.978497][T12071] copy_net_ns+0x46f/0x7c0 [ 630.978544][T12071] create_new_namespaces+0x3ea/0xac0 [ 630.978593][T12071] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 630.978639][T12071] ksys_unshare+0x455/0xab0 [ 630.978671][T12071] ? __pfx_ksys_unshare+0x10/0x10 [ 630.978699][T12071] ? xfd_validate_state+0x129/0x190 [ 630.978744][T12071] __x64_sys_unshare+0x31/0x40 [ 630.978773][T12071] do_syscall_64+0x106/0xf80 [ 630.978811][T12071] ? clear_bhb_loop+0x40/0x90 [ 630.978847][T12071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 630.978874][T12071] RIP: 0033:0x7f3b7bf9bf79 [ 630.978898][T12071] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 630.978927][T12071] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 630.978953][T12071] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 630.978974][T12071] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 630.978991][T12071] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 630.979008][T12071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 630.979025][T12071] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 630.979063][T12071] [ 634.754579][T12117] input: jJǸ-9%vJ86 as /devices/virtual/input/input16 [ 635.404744][T12114] zswap: compressor not available [ 644.955601][T12207] FAULT_INJECTION: forcing a failure. [ 644.955601][T12207] name failslab, interval 1, probability 0, space 0, times 0 [ 644.995232][T12205] can0: slcan on ttyS2. [ 645.086370][T12207] CPU: 1 UID: 0 PID: 12207 Comm: syz.3.1566 Tainted: G L syzkaller #0 PREEMPT(full) [ 645.086417][T12207] Tainted: [L]=SOFTLOCKUP [ 645.086428][T12207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 645.086446][T12207] Call Trace: [ 645.086455][T12207] [ 645.086467][T12207] dump_stack_lvl+0x100/0x190 [ 645.086512][T12207] should_fail_ex.cold+0x5/0xa [ 645.086544][T12207] should_failslab+0xc2/0x120 [ 645.086584][T12207] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 645.086615][T12207] ? do_getname+0x35/0x390 [ 645.086658][T12207] do_getname+0x35/0x390 [ 645.086706][T12207] do_sys_openat2+0xc5/0x1e0 [ 645.086732][T12207] ? __pfx_do_sys_openat2+0x10/0x10 [ 645.086787][T12207] __x64_sys_openat+0x12d/0x210 [ 645.086815][T12207] ? __pfx___x64_sys_openat+0x10/0x10 [ 645.086844][T12207] ? xfd_validate_state+0x129/0x190 [ 645.086894][T12207] do_syscall_64+0x106/0xf80 [ 645.086934][T12207] ? clear_bhb_loop+0x40/0x90 [ 645.086969][T12207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 645.086999][T12207] RIP: 0033:0x7efea599bf79 [ 645.087021][T12207] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 645.087047][T12207] RSP: 002b:00007efea67f0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 645.087073][T12207] RAX: ffffffffffffffda RBX: 00007efea5c15fa0 RCX: 00007efea599bf79 [ 645.087092][T12207] RDX: 0000000000080080 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 645.087110][T12207] RBP: 00007efea5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 645.087127][T12207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 645.087143][T12207] R13: 00007efea5c16038 R14: 00007efea5c15fa0 R15: 00007ffc57208628 [ 645.087180][T12207] [ 645.699750][T12211] can0 (unregistered): slcan off ttyS2. [ 645.939381][T12217] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1568'. [ 654.477989][T12306] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1582'. [ 659.100080][T12359] misc userio: Invalid payload size [ 663.497253][ T5834] Bluetooth: hci0: Malformed Event: 0x02 [ 664.215075][T12412] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 664.278929][T12412] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 664.355037][T12412] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 664.688081][T12412] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 666.228708][ T5834] Bluetooth: hci0: command 0x0406 tx timeout [ 666.312303][ T5834] Bluetooth: hci3: command 0x0406 tx timeout [ 666.395739][ T5834] Bluetooth: hci2: command 0x0406 tx timeout [ 666.707574][ T5834] Bluetooth: hci1: command 0x0406 tx timeout [ 667.645876][T12461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 667.706410][T12461] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 667.801953][T12461] memcg:ffff888078007f81 [ 667.917689][T12461] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 668.009432][T12461] page_type: f5(slab) [ 668.013482][T12461] raw: 00fff00000000040 ffff888140abfa00 dead000000000100 dead000000000122 [ 668.058685][T12461] raw: 0000000000000000 00000008000a000a 00000000f5000000 ffff888078007f81 [ 668.202751][T12461] head: 00fff00000000040 ffff888140abfa00 dead000000000100 dead000000000122 [ 668.328617][T12461] head: 0000000000000000 00000008000a000a 00000000f5000000 ffff888078007f81 [ 668.337755][T12461] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 668.348644][T12461] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 668.357653][T12461] page dumped because: unmovable page [ 668.363929][T12461] page_owner tracks the page as allocated [ 668.398577][T12461] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3500, tgid 3500 (kworker/u8:9), ts 469494979935, free_ts 469488507334 [ 668.467954][T10847] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 668.514631][T12461] post_alloc_hook+0x153/0x170 [ 668.577676][T12461] get_page_from_freelist+0x111d/0x3140 [ 668.593208][T12461] __alloc_frozen_pages_noprof+0x27d/0x2ae0 [ 668.607718][T12461] new_slab+0xa6/0x6e0 [ 668.632971][T12461] refill_objects+0x26b/0x400 [ 668.702620][T12461] __pcs_replace_empty_main+0x19f/0x600 [ 668.717584][T12461] kmem_cache_alloc_noprof+0x480/0x6e0 [ 668.777566][T12461] sk_prot_alloc+0x60/0x2a0 [ 668.808071][T12461] sk_alloc+0x36/0xe80 [ 668.855739][T12461] inet_create+0x3a0/0x1060 [ 668.882605][T12461] __sock_create+0x339/0x860 [ 668.887267][T12461] rds_tcp_conn_path_connect+0x304/0xaa0 [ 668.968735][T12461] rds_connect_worker+0x1b4/0x2d0 [ 668.973953][T12461] process_one_work+0x9c2/0x1840 [ 669.084604][T12461] worker_thread+0x5da/0xe40 [ 669.127771][T12461] kthread+0x370/0x450 [ 669.131920][T12461] page last free pid 5808 tgid 5808 stack trace: [ 669.180916][T12461] __free_frozen_pages+0x7bb/0x1090 [ 669.186207][T12461] __folio_put+0x3b4/0x540 [ 669.282325][T12461] skb_release_data+0x667/0x9d0 [ 669.287258][T12461] __kfree_skb+0x4f/0x70 [ 669.324464][T12479] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1617'. [ 669.338020][T12461] tcp_ack+0x2072/0x74f0 [ 669.342333][T12461] tcp_rcv_established+0x10d7/0x38c0 [ 669.378803][T12461] tcp_v4_do_rcv+0xc64/0x10a0 [ 669.427983][T12461] __release_sock+0x35a/0x440 [ 669.432739][T12461] release_sock+0x5a/0x220 [ 669.457927][T12461] tcp_sendmsg+0x38/0x50 [ 669.462239][T12461] inet_sendmsg+0xb9/0x140 [ 669.466693][T12461] sock_write_iter+0x509/0x610 [ 669.495333][T12461] vfs_write+0x6ac/0x1070 [ 669.515403][T12461] ksys_write+0x1f8/0x250 [ 669.623055][T12461] do_syscall_64+0x106/0xf80 [ 669.637536][T12461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.126728][T12532] hub 1-0:1.0: USB hub found [ 674.141403][T12532] hub 1-0:1.0: 1 port detected [ 675.079180][T12560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1635'. [ 675.100500][T12560] netlink: 'syz.3.1635': attribute type 1 has an invalid length. [ 675.109047][T12560] netlink: 51505 bytes leftover after parsing attributes in process `syz.3.1635'. [ 675.898002][T12567] zswap: compressor not available [ 677.933160][T12537] Bluetooth: hci3: Malformed Event: 0x02 [ 679.933054][T12654] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1656'. [ 679.947014][T12654] netlink: 13 bytes leftover after parsing attributes in process `syz.1.1656'. [ 686.227618][T12537] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 690.225505][T12797] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1686'. [ 691.046644][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.053059][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.526135][T12812] zswap: compressor not available [ 694.200700][T12872] Invalid ELF header magic: != ELF [ 697.067038][T12941] random: crng reseeded on system resumption [ 700.947616][T12537] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 702.215363][T13033] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1729'. [ 702.225389][T13033] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1729'. [ 702.708792][T12719] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 703.938503][T13061] input: jJǸ-9%vJ86 as /devices/virtual/input/input17 [ 709.273961][T13149] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1755'. [ 709.574032][T13145] bond0: invalid ARP target specified [ 714.838384][T13224] netlink: 'syz.3.1772': attribute type 33 has an invalid length. [ 714.853709][T13224] netlink: 322 bytes leftover after parsing attributes in process `syz.3.1772'. [ 716.165517][T13249] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1776'. [ 716.189893][T13249] netlink: 'syz.1.1776': attribute type 1 has an invalid length. [ 716.197814][T13249] netlink: 'syz.1.1776': attribute type 6 has an invalid length. [ 716.262170][T13251] vhci_hcd vhci_hcd.2: invalid port number 16 [ 716.268809][T13251] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 717.148693][T13261] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 717.580405][T13277] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1790'. [ 719.022992][T13303] binder: BINDER_SET_CONTEXT_MGR already set [ 719.029606][T13303] binder: 13295:13303 ioctl 4018620d 9 returned -16 [ 721.551393][T13352] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 722.669599][T13373] bond0: invalid ARP target specified [ 722.881985][T13378] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1803'. [ 722.893240][T13378] netlink: 'syz.1.1803': attribute type 1 has an invalid length. [ 722.921559][T13378] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1803'. [ 730.469591][T12719] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 732.313208][T13535] Invalid ELF header magic: != ELF [ 733.268056][T13556] input: jJǸ-9%vJ86 as /devices/virtual/input/input21 [ 734.367411][T13568] netlink: 504 bytes leftover after parsing attributes in process `syz.2.1839'. [ 734.709976][T13582] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1841'. [ 734.789953][T13583] serio: Serial port pty6 [ 734.797355][T13578] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1841'. [ 734.852915][T13584] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1841'. [ 735.997492][T13605] can0: slcan on ttyS2. [ 736.098874][T13605] can0 (unregistered): slcan off ttyS2. [ 736.140841][T13614] Invalid ELF header magic: != ELF [ 736.980705][T13645] tipc: Started in network mode [ 737.019538][T13645] tipc: Node identity ee00, cluster identity 4711 [ 737.059909][T13645] tipc: Node number set to 60928 [ 738.034673][T13663] zswap: compressor not available [ 738.389055][T13673] FAULT_INJECTION: forcing a failure. [ 738.389055][T13673] name failslab, interval 1, probability 0, space 0, times 0 [ 738.488380][T13673] CPU: 0 UID: 0 PID: 13673 Comm: syz.3.1856 Tainted: G L syzkaller #0 PREEMPT(full) [ 738.488422][T13673] Tainted: [L]=SOFTLOCKUP [ 738.488428][T13673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 738.488438][T13673] Call Trace: [ 738.488444][T13673] [ 738.488451][T13673] dump_stack_lvl+0x100/0x190 [ 738.488479][T13673] should_fail_ex.cold+0x5/0xa [ 738.488497][T13673] should_failslab+0xc2/0x120 [ 738.488517][T13673] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 738.488535][T13673] ? security_inode_alloc+0x3b/0x2c0 [ 738.488555][T13673] ? lockdep_init_map_type+0x5c/0x250 [ 738.488574][T13673] security_inode_alloc+0x3b/0x2c0 [ 738.488595][T13673] inode_init_always_gfp+0xced/0x1040 [ 738.488618][T13673] alloc_inode+0x8e/0x250 [ 738.488632][T13673] new_inode+0x22/0x1c0 [ 738.488655][T13673] debugfs_create_dir+0xc4/0x440 [ 738.488672][T13673] kvm_dev_ioctl+0x11e0/0x1a80 [ 738.488696][T13673] ? find_held_lock+0x2b/0x80 [ 738.488717][T13673] ? __fget_files+0x215/0x3d0 [ 738.488734][T13673] ? hook_file_ioctl_common+0x146/0x410 [ 738.488755][T13673] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 738.488778][T13673] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 738.488795][T13673] __x64_sys_ioctl+0x18e/0x210 [ 738.488812][T13673] do_syscall_64+0x106/0xf80 [ 738.488832][T13673] ? clear_bhb_loop+0x40/0x90 [ 738.488852][T13673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 738.488868][T13673] RIP: 0033:0x7efea599bf79 [ 738.488882][T13673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 738.488897][T13673] RSP: 002b:00007efea67f0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 738.488912][T13673] RAX: ffffffffffffffda RBX: 00007efea5c15fa0 RCX: 00007efea599bf79 [ 738.488922][T13673] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000003 [ 738.488931][T13673] RBP: 00007efea5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 738.488940][T13673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 738.488949][T13673] R13: 00007efea5c16038 R14: 00007efea5c15fa0 R15: 00007ffc57208628 [ 738.488969][T13673] [ 738.489041][T13673] debugfs: out of free dentries, can not create directory '13673-4' [ 739.061373][T13680] Invalid ELF header magic: != ELF [ 742.485650][T13723] kexec: Could not allocate control_code_buffer [ 742.636582][T13756] FAULT_INJECTION: forcing a failure. [ 742.636582][T13756] name failslab, interval 1, probability 0, space 0, times 0 [ 742.666989][T13756] CPU: 1 UID: 0 PID: 13756 Comm: syz.0.1876 Tainted: G L syzkaller #0 PREEMPT(full) [ 742.667046][T13756] Tainted: [L]=SOFTLOCKUP [ 742.667055][T13756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 742.667071][T13756] Call Trace: [ 742.667080][T13756] [ 742.667090][T13756] dump_stack_lvl+0x100/0x190 [ 742.667135][T13756] should_fail_ex.cold+0x5/0xa [ 742.667167][T13756] should_failslab+0xc2/0x120 [ 742.667203][T13756] __kmalloc_cache_noprof+0x7a/0x6f0 [ 742.667229][T13756] ? apply_subsystem_event_filter+0x565/0x17d0 [ 742.667266][T13756] ? append_filter_err+0x43a/0x620 [ 742.667305][T13756] apply_subsystem_event_filter+0x565/0x17d0 [ 742.667352][T13756] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 742.667394][T13756] ? _copy_from_user+0x59/0xd0 [ 742.667441][T13756] ? __pfx_subsystem_filter_write+0x10/0x10 [ 742.667476][T13756] subsystem_filter_write+0x95/0x120 [ 742.667516][T13756] vfs_writev+0x5ea/0xe10 [ 742.667558][T13756] ? __pfx_vfs_writev+0x10/0x10 [ 742.667588][T13756] ? fdget_pos+0x2aa/0x380 [ 742.667651][T13756] ? __fget_files+0x21f/0x3d0 [ 742.667693][T13756] ? do_writev+0x13e/0x340 [ 742.667722][T13756] do_writev+0x13e/0x340 [ 742.667756][T13756] ? __pfx_do_writev+0x10/0x10 [ 742.667798][T13756] do_syscall_64+0x106/0xf80 [ 742.667838][T13756] ? clear_bhb_loop+0x40/0x90 [ 742.667873][T13756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 742.667901][T13756] RIP: 0033:0x7f3b7bf9bf79 [ 742.667924][T13756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 742.667951][T13756] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 742.667978][T13756] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 742.667997][T13756] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000006 [ 742.668014][T13756] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 742.668040][T13756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 742.668057][T13756] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 742.668096][T13756] [ 743.735273][T13772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1879'. [ 743.778610][T13772] netlink: 'syz.1.1879': attribute type 1 has an invalid length. [ 743.786371][T13772] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1879'. [ 743.948900][T13784] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1888'. [ 747.293528][T13810] kexec: Could not allocate control_code_buffer [ 748.774410][T13859] bond0: invalid ARP target specified [ 751.467116][T13915] netlink: 'syz.2.1916': attribute type 1 has an invalid length. [ 752.472909][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.479343][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 754.308375][T12719] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 755.027747][T13971] serio: Serial port pty6 [ 755.484400][T13975] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1928'. [ 755.748669][T12537] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 759.094200][T14052] tipc: Started in network mode [ 759.107674][T14052] tipc: Node identity ee00, cluster identity 4711 [ 759.125520][T14052] tipc: Node number set to 60928 [ 761.188758][T12537] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 762.082243][T14110] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 762.979629][T14122] Invalid ELF header magic: != ELF [ 763.073049][T14131] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1959'. [ 764.798506][T14152] binder: BINDER_SET_CONTEXT_MGR already set [ 764.817526][T14152] binder: 14151:14152 ioctl 4018620d 9 returned -16 [ 768.529194][T14220] kexec: Could not allocate control_code_buffer [ 771.666683][T14280] kexec: Could not allocate control_code_buffer [ 771.773582][T14286] FAULT_INJECTION: forcing a failure. [ 771.773582][T14286] name failslab, interval 1, probability 0, space 0, times 0 [ 771.799139][T14286] CPU: 0 UID: 0 PID: 14286 Comm: syz.0.1991 Tainted: G L syzkaller #0 PREEMPT(full) [ 771.799275][T14286] Tainted: [L]=SOFTLOCKUP [ 771.799288][T14286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 771.799306][T14286] Call Trace: [ 771.799316][T14286] [ 771.799346][T14286] dump_stack_lvl+0x100/0x190 [ 771.799398][T14286] should_fail_ex.cold+0x5/0xa [ 771.799430][T14286] ? ima_write_template_field_data+0x59/0x1d0 [ 771.799500][T14286] should_failslab+0xc2/0x120 [ 771.799553][T14286] __kmalloc_noprof+0xe0/0x850 [ 771.799598][T14286] ima_write_template_field_data+0x59/0x1d0 [ 771.799672][T14286] ima_eventname_init_common+0x1c6/0x2a0 [ 771.799735][T14286] ? __pfx_ima_eventname_init_common+0x10/0x10 [ 771.799791][T14286] ? rcu_is_watching+0x12/0xc0 [ 771.799845][T14286] ? trace_kmalloc+0x83/0xb0 [ 771.799884][T14286] ? __kmalloc_noprof+0x320/0x850 [ 771.799925][T14286] ima_alloc_init_template+0x399/0x6d0 [ 771.800002][T14286] ima_add_violation+0x128/0x3c0 [ 771.800064][T14286] ? __pfx_ima_add_violation+0x10/0x10 [ 771.800102][T14286] ? ima_d_path+0x137/0x260 [ 771.800141][T14286] ? __pfx_ima_d_path+0x10/0x10 [ 771.800198][T14286] ? __pfx_down_write+0x10/0x10 [ 771.800259][T14286] process_measurement+0x148f/0x2350 [ 771.800308][T14286] ? lock_acquire+0x17c/0x330 [ 771.800339][T14286] ? __pfx_process_measurement+0x10/0x10 [ 771.800407][T14286] ? rcu_is_watching+0x12/0xc0 [ 771.800455][T14286] ? tracing_check_open_get_tr.part.0+0x101/0x170 [ 771.800533][T14286] ? tracing_check_open_get_tr.part.0+0x106/0x170 [ 771.800571][T14286] ? inode_to_bdi+0x9e/0x160 [ 771.800612][T14286] ima_file_check+0xcc/0x120 [ 771.800649][T14286] ? __pfx_ima_file_check+0x10/0x10 [ 771.800701][T14286] security_file_post_open+0xc4/0x210 [ 771.800749][T14286] path_openat+0x1418/0x31a0 [ 771.800804][T14286] ? __pfx_path_openat+0x10/0x10 [ 771.800855][T14286] do_file_open+0x20e/0x430 [ 771.800896][T14286] ? __pfx_do_file_open+0x10/0x10 [ 771.801000][T14286] ? alloc_fd+0x476/0x790 [ 771.801053][T14286] ? do_getname+0x191/0x390 [ 771.801105][T14286] do_sys_openat2+0x10d/0x1e0 [ 771.801133][T14286] ? __pfx_do_sys_openat2+0x10/0x10 [ 771.801201][T14286] ? __fget_files+0x21f/0x3d0 [ 771.801247][T14286] __x64_sys_openat+0x12d/0x210 [ 771.801288][T14286] ? __pfx___x64_sys_openat+0x10/0x10 [ 771.801318][T14286] ? xfd_validate_state+0x129/0x190 [ 771.801372][T14286] do_syscall_64+0x106/0xf80 [ 771.801421][T14286] ? clear_bhb_loop+0x40/0x90 [ 771.801457][T14286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.801489][T14286] RIP: 0033:0x7f3b7bf9bf79 [ 771.801513][T14286] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 771.801541][T14286] RSP: 002b:00007f3b7ce02028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 771.801569][T14286] RAX: ffffffffffffffda RBX: 00007f3b7c215fa0 RCX: 00007f3b7bf9bf79 [ 771.801588][T14286] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 771.801606][T14286] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 771.801623][T14286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 771.801640][T14286] R13: 00007f3b7c216038 R14: 00007f3b7c215fa0 R15: 00007ffdab8340c8 [ 771.801678][T14286] [ 771.803785][ T29] audit: type=1804 audit(4294985977.912:14): pid=14286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1991" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=26 res=0 errno=0 [ 772.270110][T14291] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 772.322054][T14287] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 772.389320][T14285] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 772.402364][T14285] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 774.302154][T14329] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 774.355050][T14329] serio: Serial port pty6 [ 781.745354][T14410] Invalid ELF header magic: != ELF [ 782.799976][T14419] kexec: Could not allocate control_code_buffer [ 784.794216][T14438] binder: BINDER_SET_CONTEXT_MGR already set [ 784.821585][T14438] binder: 14437:14438 ioctl 4018620d 9 returned -16 [ 786.461128][T14473] Invalid ELF header magic: != ELF [ 787.320728][T14476] kexec: Could not allocate control_code_buffer [ 791.242357][T14544] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2039'. [ 796.511820][T14634] FAULT_INJECTION: forcing a failure. [ 796.511820][T14634] name failslab, interval 1, probability 0, space 0, times 0 [ 796.543847][T14634] CPU: 1 UID: 0 PID: 14634 Comm: syz.0.2061 Tainted: G L syzkaller #0 PREEMPT(full) [ 796.544027][T14634] Tainted: [L]=SOFTLOCKUP [ 796.544045][T14634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 796.544078][T14634] Call Trace: [ 796.544142][T14634] [ 796.544172][T14634] dump_stack_lvl+0x100/0x190 [ 796.544329][T14634] should_fail_ex.cold+0x5/0xa [ 796.544414][T14634] should_failslab+0xc2/0x120 [ 796.544537][T14634] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 796.544632][T14634] ? __proc_create+0x2cb/0x8c0 [ 796.544719][T14634] __proc_create+0x2cb/0x8c0 [ 796.544776][T14634] ? __pfx___proc_create+0x10/0x10 [ 796.544835][T14634] ? _raw_write_unlock+0x28/0x50 [ 796.544927][T14634] proc_create_reg+0x75/0x170 [ 796.544995][T14634] proc_create_data+0x86/0x110 [ 796.545068][T14634] ? __pfx_proc_create_data+0x10/0x10 [ 796.545147][T14634] ? cache_register_net+0x137/0x5e0 [ 796.545240][T14634] ? cache_register_net+0x137/0x5e0 [ 796.545319][T14634] cache_register_net+0x1e0/0x5e0 [ 796.545390][T14634] nfsd_export_init+0x16e/0x250 [ 796.545440][T14634] ? __pfx_nfsd_net_init+0x10/0x10 [ 796.545471][T14634] nfsd_net_init+0x33/0x3d0 [ 796.545524][T14634] ? __pfx_nfsd_net_init+0x10/0x10 [ 796.545561][T14634] ops_init+0x1e2/0x5f0 [ 796.545674][T14634] setup_net+0x118/0x3a0 [ 796.545753][T14634] ? __pfx_setup_net+0x10/0x10 [ 796.545825][T14634] ? lockdep_init_map_type+0x5c/0x250 [ 796.545903][T14634] ? mutex_init_lockep+0x110/0x150 [ 796.545982][T14634] copy_net_ns+0x46f/0x7c0 [ 796.546045][T14634] create_new_namespaces+0x3ea/0xac0 [ 796.546173][T14634] copy_namespaces+0x468/0x5e0 [ 796.546270][T14634] copy_process+0x3226/0x79b0 [ 796.546357][T14634] ? __pfx_copy_process+0x10/0x10 [ 796.546419][T14634] kernel_clone+0xfc/0x930 [ 796.546453][T14634] ? __pfx_futex_wait+0x10/0x10 [ 796.546524][T14634] ? __pfx_kernel_clone+0x10/0x10 [ 796.546593][T14634] __do_sys_clone+0xd9/0x120 [ 796.546637][T14634] ? __pfx___do_sys_clone+0x10/0x10 [ 796.546676][T14634] ? __fget_files+0x21f/0x3d0 [ 796.546767][T14634] ? xfd_validate_state+0x129/0x190 [ 796.546847][T14634] do_syscall_64+0x106/0xf80 [ 796.546945][T14634] ? clear_bhb_loop+0x40/0x90 [ 796.547049][T14634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 796.547147][T14634] RIP: 0033:0x7f3b7bf9bf79 [ 796.547203][T14634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 796.547277][T14634] RSP: 002b:00007f3b7cde0fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 796.547346][T14634] RAX: ffffffffffffffda RBX: 00007f3b7c216090 RCX: 00007f3b7bf9bf79 [ 796.547379][T14634] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 796.547401][T14634] RBP: 00007f3b7c0327e0 R08: 0000000000000000 R09: 0000000000000000 [ 796.547439][T14634] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 796.547471][T14634] R13: 00007f3b7c216128 R14: 00007f3b7c216090 R15: 00007ffdab8340c8 [ 796.547533][T14634] [ 799.396661][T14661] KVM: debugfs: duplicate directory 14661-3 [ 800.018123][T14670] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 802.017798][T14696] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2072'. [ 803.221903][T12537] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9 [ 811.629044][T14727] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 811.733476][T14727] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 811.793407][T14727] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 811.869775][T14728] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 1: bad block bitmap checksum [ 812.694071][T12719] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 812.732855][T12719] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 812.743349][T12719] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 812.797887][T12719] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 812.816423][T12719] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 812.860023][T12497] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 812.881783][T12497] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 812.900746][T12497] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 812.918610][T12497] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 812.934363][T12497] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 813.077203][T12497] Bluetooth: hci1: unexpected subevent 0x03 length: 253 > 9 [ 813.610412][T14747] chnl_net:caif_netlink_parms(): no params data found [ 813.659242][T14744] chnl_net:caif_netlink_parms(): no params data found [ 813.914607][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.921712][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.195621][T14747] bridge0: port 1(bridge_slave_0) entered blocking state [ 814.205588][T14747] bridge0: port 1(bridge_slave_0) entered disabled state [ 814.214676][T14747] bridge_slave_0: entered allmulticast mode [ 814.222612][T14747] bridge_slave_0: entered promiscuous mode [ 814.232292][T14747] bridge0: port 2(bridge_slave_1) entered blocking state [ 814.242502][T14747] bridge0: port 2(bridge_slave_1) entered disabled state [ 814.275803][T14747] bridge_slave_1: entered allmulticast mode [ 814.299643][T14747] bridge_slave_1: entered promiscuous mode [ 814.339342][T14744] bridge0: port 1(bridge_slave_0) entered blocking state [ 814.347745][T14744] bridge0: port 1(bridge_slave_0) entered disabled state [ 814.357073][T14744] bridge_slave_0: entered allmulticast mode [ 814.372982][T14744] bridge_slave_0: entered promiscuous mode [ 814.449456][T14744] bridge0: port 2(bridge_slave_1) entered blocking state [ 814.461249][T14744] bridge0: port 2(bridge_slave_1) entered disabled state [ 814.469784][T14744] bridge_slave_1: entered allmulticast mode [ 814.481828][T14744] bridge_slave_1: entered promiscuous mode [ 814.633701][T14747] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 814.711370][T14747] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 814.782008][T14744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 814.865041][T14744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 814.950036][T12497] Bluetooth: hci4: command tx timeout [ 815.033721][T12497] Bluetooth: hci5: command tx timeout [ 815.054471][T14747] team0: Port device team_slave_0 added [ 815.205402][T14744] team0: Port device team_slave_0 added [ 815.223290][T14747] team0: Port device team_slave_1 added [ 815.306484][T14744] team0: Port device team_slave_1 added [ 815.508748][T14747] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 815.517136][T14747] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 815.554210][T14747] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 815.603493][T14744] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 815.615481][T14744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 815.659599][T14744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 815.660328][T14778] Invalid ELF header magic: != ELF [ 815.680582][T14744] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 815.691413][T14744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 816.008503][T14744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 816.044376][T14747] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 816.053784][T14747] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 816.092036][T14747] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 816.620595][T14744] hsr_slave_0: entered promiscuous mode [ 816.647182][T14744] hsr_slave_1: entered promiscuous mode [ 816.660368][T14744] debugfs: 'hsr0' already exists in 'hsr' [ 816.676552][T14744] Cannot create hsr debugfs directory [ 816.884311][T14747] hsr_slave_0: entered promiscuous mode [ 816.885978][T14787] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2093'. [ 816.894211][T14747] hsr_slave_1: entered promiscuous mode [ 816.915092][T14747] debugfs: 'hsr0' already exists in 'hsr' [ 816.924216][T14747] Cannot create hsr debugfs directory [ 817.033764][T12497] Bluetooth: hci4: command tx timeout [ 817.113436][T12497] Bluetooth: hci5: command tx timeout [ 817.751104][ T30] INFO: task kworker/u8:9:3500 blocked for more than 143 seconds. [ 817.778448][ T30] Tainted: G L syzkaller #0 [ 817.788104][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 817.803578][ T30] task:kworker/u8:9 state:D stack:23792 pid:3500 tgid:3500 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 817.823881][ T30] Workqueue: netns cleanup_net [ 817.830312][ T30] Call Trace: [ 817.833879][ T30] [ 817.838577][ T30] __schedule+0xfee/0x6020 [ 817.844513][ T30] ? __lock_acquire+0x4a5/0x2630 [ 817.850511][ T30] ? __pfx___schedule+0x10/0x10 [ 817.856973][ T30] ? find_held_lock+0x2b/0x80 [ 817.863359][ T30] ? schedule+0x2bf/0x390 [ 817.870507][ T30] schedule+0xdd/0x390 [ 817.880054][ T30] schedule_timeout+0x1b2/0x280 [ 817.886732][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 817.895050][ T30] ? mark_held_locks+0x40/0x70 [ 817.901331][ T30] __wait_for_common+0x2e7/0x4c0 [ 817.906652][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 817.928179][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 817.934379][ T30] ? _raw_spin_unlock_irq+0x23/0x50 [ 817.942339][ T30] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 817.960719][ T30] __flush_workqueue+0x3f7/0x1200 [ 817.966323][ T30] ? __lock_acquire+0x4a5/0x2630 [ 817.982663][ T30] ? __pfx___flush_workqueue+0x10/0x10 [ 817.996533][ T30] ? reacquire_held_locks+0xce/0x1e0 [ 818.011177][ T30] ? release_sock+0x21/0x220 [ 818.044199][ T30] ? __pfx_sock_def_readable+0x10/0x10 [ 818.056840][ T30] ? __local_bh_enable_ip+0x9e/0x120 [ 818.065921][ T30] ? __pfx_sock_def_readable+0x10/0x10 [ 818.090755][ T30] rds_tcp_listen_stop+0x104/0x160 [ 818.109649][ T30] rds_tcp_exit_net+0xe0/0x870 [ 818.120699][ T30] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 818.131362][ T30] ? __pfx___might_resched+0x10/0x10 [ 818.160359][ T30] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 818.175258][ T30] ops_undo_list+0x2ee/0xab0 [ 818.186243][ T30] ? __pfx_ops_undo_list+0x10/0x10 [ 818.203726][ T30] ? cleanup_net+0x332/0x920 [ 818.221518][ T30] ? idr_destroy+0x62/0x2e0 [ 818.240702][ T30] cleanup_net+0x499/0x920 [ 818.246433][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 818.272032][ T30] ? rcu_is_watching+0x12/0xc0 [ 818.279828][ T30] process_one_work+0x9c2/0x1840 [ 818.293923][ T30] ? __pfx_process_one_work+0x10/0x10 [ 818.304492][ T30] ? __pfx_cleanup_net+0x10/0x10 [ 818.325186][ T30] worker_thread+0x5da/0xe40 [ 818.333276][ T30] ? kthread+0x13a/0x450 [ 818.340236][ T30] ? __pfx_worker_thread+0x10/0x10 [ 818.351495][ T30] kthread+0x370/0x450 [ 818.360853][ T30] ? __pfx_kthread+0x10/0x10 [ 818.376451][ T30] ret_from_fork+0x754/0xd80 [ 818.388873][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 818.395539][ T30] ? __switch_to+0x7b4/0x10c0 [ 818.413589][ T30] ? __pfx_kthread+0x10/0x10 [ 818.542883][ T30] ret_from_fork_asm+0x1a/0x30 [ 818.558697][ T30] [ 818.578110][ T30] [ 818.578110][ T30] Showing all locks held in the system: [ 818.598058][ T30] 1 lock held by khungtaskd/30: [ 818.603519][ T30] #0: ffffffff8e7e7460 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 818.643547][ T30] 3 locks held by kworker/1:2/948: [ 818.650522][ T30] #0: ffff88813fe5b548 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x11ae/0x1840 [ 818.671132][ T30] #1: ffffc90003697d08 ((fqdir_free_work).work){+.+.}-{0:0}, at: process_one_work+0x927/0x1840 [ 818.704479][ T30] #2: ffffffff8e7f2f40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6d0 [ 818.729523][ T30] 3 locks held by kworker/u8:9/3500: [ 818.736029][ T30] #0: ffff88801c6a6948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x11ae/0x1840 [ 818.771978][ T30] #1: ffffc9000c1ffd08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x927/0x1840 [ 818.808034][ T30] #2: ffffffff905f10f0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 [ 818.821994][ T30] 1 lock held by syslogd/5171: [ 818.831189][ T30] #0: ffff8880b843b0e0 (&rq->__lock){-.-.}-{2:2}, at: __unix_dgram_recvmsg+0x255/0xc30 [ 818.848029][ T30] 2 locks held by getty/5580: [ 818.854223][ T30] #0: ffff888033c850a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 818.888824][ T30] #1: ffffc900036bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 818.937750][ T30] 4 locks held by kworker/u10:5/12748: [ 818.944873][ T30] #0: ffff88813fe9c148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x11ae/0x1840 [ 818.963431][ T30] #1: ffffc9000b187d08 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x927/0x1840 [ 818.986071][ T30] #2: ffffffff906099e8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0 [ 819.001130][ T30] #3: ffffffff8e7f3078 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0 [ 819.015977][ T30] 2 locks held by kworker/u10:6/14340: [ 819.031047][ T30] #0: ffff8880b843b0e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 819.042237][ T30] #1: ffff8880b8424648 (psi_seq){-.-.}-{0:0}, at: __schedule+0x2b5d/0x6020 [ 819.052911][ T30] 1 lock held by syz.1.2060/14635: [ 819.060630][ T30] #0: ffffffff905f10f0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 819.073593][ T30] 1 lock held by syz.0.2061/14631: [ 819.084524][ T30] #0: ffffffff905f10f0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 819.104316][ T30] 7 locks held by syz-executor/14744: [ 819.116378][T12497] Bluetooth: hci4: command tx timeout [ 819.126125][ T30] #0: ffff888035b8e420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 819.137313][ T30] #1: ffff8880564eb888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 819.151202][ T30] #2: ffff888029916e18 (kn->active#53){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 819.169930][ T30] #3: ffffffff8fb625c8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: new_device_store+0xfe/0x700 [ 819.186902][ T30] #4: ffff88804987c0e8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4d0 [ 819.198131][T12497] Bluetooth: hci5: command tx timeout [ 819.211794][ T30] #5: ffff88804987b250 (&devlink->lock_key#6){+.+.}-{4:4}, at: nsim_drv_probe+0xd4/0x14b0 [ 819.231205][ T30] #6: ffffffff906099e8 (rtnl_mutex){+.+.}-{4:4}, at: register_netdevice_notifier_net+0x23/0xb0 [ 819.248352][ T30] 2 locks held by syz-executor/14747: [ 819.253813][ T30] #0: ffffffff90d937e8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x113/0x2c0 [ 819.271386][ T30] #1: ffffffff906099e8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8bb/0x2380 [ 819.287026][ T30] 1 lock held by syz.3.2094/14794: [ 819.294027][ T30] #0: ffffffff8e7f3078 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 819.306681][ T30] 2 locks held by syz.2.2095/14792: [ 819.317126][ T30] #0: ffffffff905f10f0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x451/0x7c0 [ 819.331873][ T30] #1: ffffffff906099e8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x21e/0x780 [ 819.348360][ T30] [ 819.353151][ T30] ============================================= [ 819.353151][ T30] [ 819.383971][ T30] NMI backtrace for cpu 0 [ 819.384001][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 819.384038][ T30] Tainted: [L]=SOFTLOCKUP [ 819.384047][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 819.384060][ T30] Call Trace: [ 819.384069][ T30] [ 819.384079][ T30] dump_stack_lvl+0x100/0x190 [ 819.384116][ T30] nmi_cpu_backtrace.cold+0x12d/0x151 [ 819.384154][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 819.384188][ T30] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 819.384223][ T30] sys_info+0x141/0x190 [ 819.384246][ T30] watchdog+0xcc3/0xfe0 [ 819.384285][ T30] ? __pfx_watchdog+0x10/0x10 [ 819.384317][ T30] ? __kthread_parkme+0x18c/0x230 [ 819.384363][ T30] ? kthread+0x13a/0x450 [ 819.384389][ T30] ? __pfx_watchdog+0x10/0x10 [ 819.386792][ T30] kthread+0x370/0x450 [ 819.386823][ T30] ? __pfx_kthread+0x10/0x10 [ 819.386852][ T30] ret_from_fork+0x754/0xd80 [ 819.386888][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 819.386923][ T30] ? __switch_to+0x7b4/0x10c0 [ 819.386948][ T30] ? __pfx_kthread+0x10/0x10 [ 819.386977][ T30] ret_from_fork_asm+0x1a/0x30 [ 819.387021][ T30] [ 819.387033][ T30] Sending NMI from CPU 0 to CPUs 1: [ 819.578585][ C1] NMI backtrace for cpu 1 [ 819.578614][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G L syzkaller #0 PREEMPT(full) [ 819.578648][ C1] Tainted: [L]=SOFTLOCKUP [ 819.578656][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 819.578672][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 819.578716][ C1] Code: 1e 94 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 23 ac 2d 00 fb f4 3c 34 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 819.578739][ C1] RSP: 0018:ffffc90000197df0 EFLAGS: 00000246 [ 819.578763][ C1] RAX: 00000000003944a5 RBX: ffff88801e6d8000 RCX: ffffffff8b7dec75 [ 819.578778][ C1] RDX: 0000000000000000 RSI: ffffffff8de73d75 RDI: ffffffff8c1ad620 [ 819.578793][ C1] RBP: 0000000000000001 R08: 0000000000000001 R09: ffffed10170a6755 [ 819.578806][ C1] R10: ffff8880b8533aab R11: 0000000000000000 R12: ffffed1003cdb000 [ 819.578821][ C1] R13: 0000000000000001 R14: ffffffff90d8f5d0 R15: 0000000000000000 [ 819.580603][ C1] FS: 0000000000000000(0000) GS:ffff888124492000(0000) knlGS:0000000000000000 [ 819.580625][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 819.580641][ C1] CR2: 000020000016e000 CR3: 0000000028ad2000 CR4: 00000000003526f0 [ 819.580656][ C1] Call Trace: [ 819.580669][ C1] [ 819.580677][ C1] default_idle+0x9/0x10 [ 819.580703][ C1] default_idle_call+0x6c/0xb0 [ 819.580723][ C1] do_idle+0x35b/0x4b0 [ 819.580758][ C1] ? __pfx_do_idle+0x10/0x10 [ 819.580788][ C1] ? do_idle+0x2b8/0x4b0 [ 819.580819][ C1] cpu_startup_entry+0x4f/0x60 [ 819.580851][ C1] start_secondary+0x21d/0x2d0 [ 819.580878][ C1] ? __pfx_start_secondary+0x10/0x10 [ 819.580907][ C1] common_startup_64+0x13e/0x148 [ 819.580951][ C1] [ 819.918044][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 819.937008][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 819.956387][ T30] Tainted: [L]=SOFTLOCKUP [ 819.968554][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 819.988778][ T30] Call Trace: [ 819.993278][ T30] [ 819.997123][ T30] dump_stack_lvl+0x100/0x190 [ 820.003288][ T30] vpanic+0x552/0x970 [ 820.010065][ T30] ? __pfx_vpanic+0x10/0x10 [ 820.015826][ T30] ? do_raw_spin_unlock+0x145/0x1e0 [ 820.024390][ T30] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 820.035042][ T30] panic+0xd1/0xe0 [ 820.041554][ T30] ? __pfx_panic+0x10/0x10 [ 820.049485][ T30] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 820.056575][ T30] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 820.069392][ T30] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 820.077472][ T30] ? watchdog.cold+0x198/0x1ca [ 820.090183][ T30] ? watchdog+0xcd3/0xfe0 [ 820.095174][ T30] watchdog.cold+0x1a9/0x1ca [ 820.108790][ T30] ? __pfx_watchdog+0x10/0x10 [ 820.114948][ T30] ? __kthread_parkme+0x18c/0x230 [ 820.128775][ T30] ? kthread+0x13a/0x450 [ 820.134181][ T30] ? __pfx_watchdog+0x10/0x10 [ 820.138863][ T30] kthread+0x370/0x450 [ 820.147214][ T30] ? __pfx_kthread+0x10/0x10 [ 820.153851][ T30] ret_from_fork+0x754/0xd80 [ 820.167601][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 820.174943][ T30] ? __switch_to+0x7b4/0x10c0 [ 820.181202][ T30] ? __pfx_kthread+0x10/0x10 [ 820.189219][ T30] ret_from_fork_asm+0x1a/0x30 [ 820.194903][ T30] [ 820.200112][ T30] Kernel Offset: disabled [ 820.204895][ T30] Rebooting in 86400 seconds..